From 31b36f23e7de9565d3c7ab81b76768b54b97ccdc Mon Sep 17 00:00:00 2001 From: Daniel Horrigan Date: Fri, 28 Dec 2012 15:12:16 -0500 Subject: [PATCH 1/5] Starting the reorganization --- src/Oauth2/MissingAccessTokenException.php | 8 + src/Oauth2/Request.php | 94 +++++++ src/Oauth2/RequestInterface.php | 24 ++ src/Oauth2/Resource.php | 110 ++++++++ src/Oauth2/Resource/Database.php | 59 ---- src/Oauth2/Resource/Server.php | 253 ------------------ .../Storage/ClientEndpointInterface.php | 8 + src/Oauth2/Storage/ClientInterface.php | 8 + src/Oauth2/Storage/ScopeInterface.php | 8 + src/Oauth2/Storage/SessionInterface.php | 8 + src/Oauth2/Storage/SessionScopeInterface.php | 8 + 11 files changed, 276 insertions(+), 312 deletions(-) create mode 100644 src/Oauth2/MissingAccessTokenException.php create mode 100644 src/Oauth2/Request.php create mode 100644 src/Oauth2/RequestInterface.php create mode 100644 src/Oauth2/Resource.php delete mode 100644 src/Oauth2/Resource/Database.php delete mode 100644 src/Oauth2/Resource/Server.php create mode 100644 src/Oauth2/Storage/ClientEndpointInterface.php create mode 100644 src/Oauth2/Storage/ClientInterface.php create mode 100644 src/Oauth2/Storage/ScopeInterface.php create mode 100644 src/Oauth2/Storage/SessionInterface.php create mode 100644 src/Oauth2/Storage/SessionScopeInterface.php diff --git a/src/Oauth2/MissingAccessTokenException.php b/src/Oauth2/MissingAccessTokenException.php new file mode 100644 index 00000000..0eb4ff0c --- /dev/null +++ b/src/Oauth2/MissingAccessTokenException.php @@ -0,0 +1,8 @@ +get = $get; + $this->post = $post; + $this->cookies = $cookies; + $this->files = $files; + $this->server = $server; + + if (empty($headers)) { + $this->headers = $this->readHeaders(); + } + } + + public function get($index = null, $default = null) + { + return $this->getPropertyValue('get', $index, $default); + } + + public function post($index = null, $default = null) + { + return $this->getPropertyValue('post', $index, $default); + } + + public function file($index = null, $default = null) + { + return $this->getPropertyValue('files', $index, $default); + } + + public function cookie($index = null, $default = null) + { + return $this->getPropertyValue('cookies', $index, $default); + } + + public function server($index = null, $default = null) + { + return $this->getPropertyValue('server', $index, $default); + } + + public function header($index = null, $default = null) + { + return $this->getPropertyValue('headers', $index, $default); + } + + protected function readHeaders() + { + $headers = array(); + foreach ($this->server() as $name => $value) { + if (substr($name, 0, 5) == 'HTTP_') { + $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5))))); + $headers[$name] = $value; + } + } + + return $headers; + } + + protected function getPropertyValue($property, $index = null, $default = null) + { + if ( ! isset($this->{$property})) { + throw new InvalidArgumentException("Property '$property' does not exist."); + } + if (is_null($index)) { + return $this->{$property}; + } + + if ( ! array_key_exists($index, $this->{$property})) { + return $default; + } + + return $this->{$property}[$index]; + } +} diff --git a/src/Oauth2/RequestInterface.php b/src/Oauth2/RequestInterface.php new file mode 100644 index 00000000..458711ba --- /dev/null +++ b/src/Oauth2/RequestInterface.php @@ -0,0 +1,24 @@ +storages['session'] = $session; + $this->storages['session_scope'] = $session_scope; + + if (is_null($request)) { + $request = Request::buildFromGlobals(); + } + $this->request = $request; + } + + /** + * Checks if the Access Token is valid or not. + * + * @return bool + */ + public function isValid() + { + $access_token = $this->determineAccessToken(); + + $result = $this->storages['session']->validateAccessToken($access_token); + + if ( ! $result) { + return false; + } + + $this->accessToken = $access_token; + $this->sessionId = $result['id']; + $this->ownerType = $result['owner_type']; + $this->ownerId = $result['owner_id']; + + $this->sessionScopes = $this->storages['session_scope']->getScopes($this->sessionId); + + return true; + } + + /** + * Checks if the current session has the given scope(s). + * + * @param array + */ + public function hasScope($scopes) + { + if (is_string($scopes)) { + if (in_array($scopes, $this->sessionScopes)) { + return true; + } + return false; + } elseif (is_array($scopes)) { + foreach ($scopes as $scope) { + if ( ! in_array($scope, $this->sessionScopes)) { + return false; + } + } + return true; + } + + return false; + } + + protected function determineAccessToken() + { + if ($header = $this->request->header('Authorization')) { + $access_token = trim(str_replace('Bearer', '', $header)); + } else { + $method = $this->request->server('REQUEST_METHOD'); + $access_token = $this->request->{$method}($this->tokenKey); + } + + if (empty($access_token)) { + throw new MissingAccessTokenException('Access Token is Missing'); + } + + return $access_token; + } + +} diff --git a/src/Oauth2/Resource/Database.php b/src/Oauth2/Resource/Database.php deleted file mode 100644 index 8408df3a..00000000 --- a/src/Oauth2/Resource/Database.php +++ /dev/null @@ -1,59 +0,0 @@ - - * SELECT id, owner_type, owner_id FROM oauth_sessions WHERE access_token = - * $accessToken AND stage = 'granted' AND - * access_token_expires > UNIX_TIMESTAMP(now()) - * - * - * Response: - * - * - * Array - * ( - * [id] => (int) The session ID - * [owner_type] => (string) The session owner type - * [owner_id] => (string) The session owner's ID - * ) - * - * - * @param string $accessToken The access token - * @return array|bool Return an array on success or false on failure - */ - public function validateAccessToken($accessToken); - - /** - * Returns the scopes that the session is authorised with. - * - * Database query: - * - * - * SELECT scope FROM oauth_session_scopes WHERE session_id = - * $sessionId - * - * - * Response: - * - * - * Array - * ( - * [0] => (string) A scope - * [1] => (string) Another scope - * ... - * ) - * - * - * @param int $sessionId The session ID - * @return array A list of scopes - */ - public function sessionScopes($sessionId); -} \ No newline at end of file diff --git a/src/Oauth2/Resource/Server.php b/src/Oauth2/Resource/Server.php deleted file mode 100644 index 64a29d6e..00000000 --- a/src/Oauth2/Resource/Server.php +++ /dev/null @@ -1,253 +0,0 @@ - 'oauth_token' - ); - - /** - * Error codes. - * - * To provide i8ln errors just overwrite the keys - * - * @var array - */ - public $errors = array( - 'missing_access_token' => 'An access token was not presented with the request', - 'invalid_access_token' => 'The access token is not registered with the resource server', - 'missing_access_token_details' => 'The registered database abstractor did not return a valid access token details response', - 'invalid_access_token_scopes' => 'The registered database abstractor did not return a valid access token scopes response', - ); - - /** - * Constructor - * - * @access public - * @return void - */ - public function __construct($options = null) - { - if ($options !== null) { - $this->_config = array_merge($this->_config, $options); - } - } - - /** - * Magic method to test if access token represents a particular owner type - * @param string $method The method name - * @param mixed $arguements The method arguements - * @return bool If method is valid, and access token is owned by the requested party then true, - */ - public function __call($method, $arguements = null) - { - if (substr($method, 0, 2) === 'is') { - - if ($this->_type === strtolower(substr($method, 2))) { - return $this->_typeId; - } - - return false; - } - - trigger_error('Call to undefined function ' . $method . '()'); - } - - /** - * Register a database abstrator class - * - * @access public - * @param object $db A class that implements OAuth2ServerDatabase - * @return void - */ - public function registerDbAbstractor($db) - { - $this->_db = $db; - } - - /** - * Init function - * - * @access public - * @return void - */ - public function init() - { - $accessToken = null; - - $_SERVER['REQUEST_METHOD'] = isset($_SERVER['REQUEST_METHOD']) ? - $_SERVER['REQUEST_METHOD'] : - null; - - // Try and get the access token via an access_token or oauth_token parameter - switch ($_SERVER['REQUEST_METHOD']) - { - case 'POST': - $accessToken = isset($_POST[$this->_config['token_key']]) ? - $_POST[$this->_config['token_key']] : - null; - break; - - default: - $accessToken = isset($_GET[$this->_config['token_key']]) ? - $_GET[$this->_config['token_key']] : - null; - break; - } - - // Try and get an access token from the auth header - if (function_exists('getallheaders')) { - - $headers = getallheaders(); - - if (isset($headers['Authorization'])) { - - $rawToken = trim(str_replace('Bearer', '', $headers['Authorization'])); - - if ( ! empty($rawToken)) { - $accessToken = $rawToken; - } - } - } - - if ($accessToken) { - - $result = $this->_dbCall('validateAccessToken', $accessToken); - - if ($result === false) { - - throw new ClientException($this->errors['invalid_access_token']); - - } else { - - if ( ! array_key_exists('id', $result) || - ! array_key_exists('owner_id', $result) || - ! array_key_exists('owner_type', $result)) { - throw new ServerException($this->errors['missing_access_token_details']); - } - - $this->_accessToken = $accessToken; - $this->_type = $result['owner_type']; - $this->_typeId = $result['owner_id']; - - // Get the scopes - $scopes = $this->_dbCall('sessionScopes', $result['id']); - - if ( ! is_array($scopes)) - { - throw new ServerException($this->errors['invalid_access_token_scopes']); - } - - $this->_scopes = $scopes; - } - - } else { - - throw new ClientException($this->errors['missing_access_token']); - - } - } - - /** - * Test if the access token has a specific scope - * - * @param mixed $scopes Scope(s) to check - * - * @access public - * @return string|bool - */ - public function hasScope($scopes) - { - if (is_string($scopes)) { - - if (in_array($scopes, $this->_scopes)) { - return true; - } - - return false; - - } elseif (is_array($scopes)) { - - foreach ($scopes as $scope) { - - if ( ! in_array($scope, $this->_scopes)) { - return false; - } - - } - - return true; - } - - return false; - } - - /** - * Call database methods from the abstractor - * - * @return mixed The query result - */ - private function _dbCall() - { - if ($this->_db === null) { - throw new ServerException('No registered database abstractor'); - } - - if ( ! $this->_db instanceof Database) { - throw new ServerException('The registered database abstractor is not an instance of Oauth2\Resource\Database'); - } - - $args = func_get_args(); - $method = $args[0]; - unset($args[0]); - $params = array_values($args); - - return call_user_func_array(array($this->_db, $method), $params); - } -} \ No newline at end of file diff --git a/src/Oauth2/Storage/ClientEndpointInterface.php b/src/Oauth2/Storage/ClientEndpointInterface.php new file mode 100644 index 00000000..ae83eb93 --- /dev/null +++ b/src/Oauth2/Storage/ClientEndpointInterface.php @@ -0,0 +1,8 @@ + Date: Fri, 4 Jan 2013 14:44:02 -0500 Subject: [PATCH 2/5] Changing Case --- .../Authentication/Database.php | 0 .../Authentication/Server.php | 0 src/{Oauth2 => OAuth2}/Client/IDP.php | 0 src/{Oauth2 => OAuth2}/Client/Provider.php | 0 .../Client/Provider/Blooie.php | 0 .../Client/Provider/Facebook.php | 0 .../Client/Provider/Foursquare.php | 0 .../Client/Provider/Github.php | 0 .../Client/Provider/Google.php | 0 .../Client/Provider/Instagram.php | 0 .../Client/Provider/Mailchimp.php | 0 .../Client/Provider/Mailru.php | 0 .../Client/Provider/Paypal.php | 0 .../Client/Provider/Soundcloud.php | 0 .../Client/Provider/Vkontakte.php | 0 .../Client/Provider/Windowslive.php | 0 .../Client/Provider/Yandex.php | 0 src/{Oauth2 => OAuth2}/Client/Token.php | 0 .../Client/Token/Access.php | 0 .../Client/Token/Authorize.php | 0 src/OAuth2/GrantTypeInterface.php | 8 ++++ .../MissingAccessTokenException.php | 0 src/{Oauth2 => OAuth2}/Request.php | 0 src/{Oauth2 => OAuth2}/RequestInterface.php | 0 src/{Oauth2 => OAuth2}/Resource.php | 0 src/OAuth2/Server.php | 42 +++++++++++++++++++ .../Storage/ClientEndpointInterface.php | 0 .../Storage/ClientInterface.php | 0 .../Storage/ScopeInterface.php | 0 .../Storage/SessionInterface.php | 0 .../Storage/SessionScopeInterface.php | 0 31 files changed, 50 insertions(+) rename src/{Oauth2 => OAuth2}/Authentication/Database.php (100%) rename src/{Oauth2 => OAuth2}/Authentication/Server.php (100%) rename src/{Oauth2 => OAuth2}/Client/IDP.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Blooie.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Facebook.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Foursquare.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Github.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Google.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Instagram.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Mailchimp.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Mailru.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Paypal.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Soundcloud.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Vkontakte.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Windowslive.php (100%) rename src/{Oauth2 => OAuth2}/Client/Provider/Yandex.php (100%) rename src/{Oauth2 => OAuth2}/Client/Token.php (100%) rename src/{Oauth2 => OAuth2}/Client/Token/Access.php (100%) rename src/{Oauth2 => OAuth2}/Client/Token/Authorize.php (100%) create mode 100644 src/OAuth2/GrantTypeInterface.php rename src/{Oauth2 => OAuth2}/MissingAccessTokenException.php (100%) rename src/{Oauth2 => OAuth2}/Request.php (100%) rename src/{Oauth2 => OAuth2}/RequestInterface.php (100%) rename src/{Oauth2 => OAuth2}/Resource.php (100%) create mode 100644 src/OAuth2/Server.php rename src/{Oauth2 => OAuth2}/Storage/ClientEndpointInterface.php (100%) rename src/{Oauth2 => OAuth2}/Storage/ClientInterface.php (100%) rename src/{Oauth2 => OAuth2}/Storage/ScopeInterface.php (100%) rename src/{Oauth2 => OAuth2}/Storage/SessionInterface.php (100%) rename src/{Oauth2 => OAuth2}/Storage/SessionScopeInterface.php (100%) diff --git a/src/Oauth2/Authentication/Database.php b/src/OAuth2/Authentication/Database.php similarity index 100% rename from src/Oauth2/Authentication/Database.php rename to src/OAuth2/Authentication/Database.php diff --git a/src/Oauth2/Authentication/Server.php b/src/OAuth2/Authentication/Server.php similarity index 100% rename from src/Oauth2/Authentication/Server.php rename to src/OAuth2/Authentication/Server.php diff --git a/src/Oauth2/Client/IDP.php b/src/OAuth2/Client/IDP.php similarity index 100% rename from src/Oauth2/Client/IDP.php rename to src/OAuth2/Client/IDP.php diff --git a/src/Oauth2/Client/Provider.php b/src/OAuth2/Client/Provider.php similarity index 100% rename from src/Oauth2/Client/Provider.php rename to src/OAuth2/Client/Provider.php diff --git a/src/Oauth2/Client/Provider/Blooie.php b/src/OAuth2/Client/Provider/Blooie.php similarity index 100% rename from src/Oauth2/Client/Provider/Blooie.php rename to src/OAuth2/Client/Provider/Blooie.php diff --git a/src/Oauth2/Client/Provider/Facebook.php b/src/OAuth2/Client/Provider/Facebook.php similarity index 100% rename from src/Oauth2/Client/Provider/Facebook.php rename to src/OAuth2/Client/Provider/Facebook.php diff --git a/src/Oauth2/Client/Provider/Foursquare.php b/src/OAuth2/Client/Provider/Foursquare.php similarity index 100% rename from src/Oauth2/Client/Provider/Foursquare.php rename to src/OAuth2/Client/Provider/Foursquare.php diff --git a/src/Oauth2/Client/Provider/Github.php b/src/OAuth2/Client/Provider/Github.php similarity index 100% rename from src/Oauth2/Client/Provider/Github.php rename to src/OAuth2/Client/Provider/Github.php diff --git a/src/Oauth2/Client/Provider/Google.php b/src/OAuth2/Client/Provider/Google.php similarity index 100% rename from src/Oauth2/Client/Provider/Google.php rename to src/OAuth2/Client/Provider/Google.php diff --git a/src/Oauth2/Client/Provider/Instagram.php b/src/OAuth2/Client/Provider/Instagram.php similarity index 100% rename from src/Oauth2/Client/Provider/Instagram.php rename to src/OAuth2/Client/Provider/Instagram.php diff --git a/src/Oauth2/Client/Provider/Mailchimp.php b/src/OAuth2/Client/Provider/Mailchimp.php similarity index 100% rename from src/Oauth2/Client/Provider/Mailchimp.php rename to src/OAuth2/Client/Provider/Mailchimp.php diff --git a/src/Oauth2/Client/Provider/Mailru.php b/src/OAuth2/Client/Provider/Mailru.php similarity index 100% rename from src/Oauth2/Client/Provider/Mailru.php rename to src/OAuth2/Client/Provider/Mailru.php diff --git a/src/Oauth2/Client/Provider/Paypal.php b/src/OAuth2/Client/Provider/Paypal.php similarity index 100% rename from src/Oauth2/Client/Provider/Paypal.php rename to src/OAuth2/Client/Provider/Paypal.php diff --git a/src/Oauth2/Client/Provider/Soundcloud.php b/src/OAuth2/Client/Provider/Soundcloud.php similarity index 100% rename from src/Oauth2/Client/Provider/Soundcloud.php rename to src/OAuth2/Client/Provider/Soundcloud.php diff --git a/src/Oauth2/Client/Provider/Vkontakte.php b/src/OAuth2/Client/Provider/Vkontakte.php similarity index 100% rename from src/Oauth2/Client/Provider/Vkontakte.php rename to src/OAuth2/Client/Provider/Vkontakte.php diff --git a/src/Oauth2/Client/Provider/Windowslive.php b/src/OAuth2/Client/Provider/Windowslive.php similarity index 100% rename from src/Oauth2/Client/Provider/Windowslive.php rename to src/OAuth2/Client/Provider/Windowslive.php diff --git a/src/Oauth2/Client/Provider/Yandex.php b/src/OAuth2/Client/Provider/Yandex.php similarity index 100% rename from src/Oauth2/Client/Provider/Yandex.php rename to src/OAuth2/Client/Provider/Yandex.php diff --git a/src/Oauth2/Client/Token.php b/src/OAuth2/Client/Token.php similarity index 100% rename from src/Oauth2/Client/Token.php rename to src/OAuth2/Client/Token.php diff --git a/src/Oauth2/Client/Token/Access.php b/src/OAuth2/Client/Token/Access.php similarity index 100% rename from src/Oauth2/Client/Token/Access.php rename to src/OAuth2/Client/Token/Access.php diff --git a/src/Oauth2/Client/Token/Authorize.php b/src/OAuth2/Client/Token/Authorize.php similarity index 100% rename from src/Oauth2/Client/Token/Authorize.php rename to src/OAuth2/Client/Token/Authorize.php diff --git a/src/OAuth2/GrantTypeInterface.php b/src/OAuth2/GrantTypeInterface.php new file mode 100644 index 00000000..c8eb83c8 --- /dev/null +++ b/src/OAuth2/GrantTypeInterface.php @@ -0,0 +1,8 @@ +getIdentifier(); + } + $this->grantTypes[$identifier] = $grant_type; + } + + public function setScopeDelimeter($scope_delimeter) + { + $this->scopeDelimeter = $scope_delimeter; + } + + public function setExpiresIn($expires_in) + { + $this->expiresIn = $expires_in; + } + +} diff --git a/src/Oauth2/Storage/ClientEndpointInterface.php b/src/OAuth2/Storage/ClientEndpointInterface.php similarity index 100% rename from src/Oauth2/Storage/ClientEndpointInterface.php rename to src/OAuth2/Storage/ClientEndpointInterface.php diff --git a/src/Oauth2/Storage/ClientInterface.php b/src/OAuth2/Storage/ClientInterface.php similarity index 100% rename from src/Oauth2/Storage/ClientInterface.php rename to src/OAuth2/Storage/ClientInterface.php diff --git a/src/Oauth2/Storage/ScopeInterface.php b/src/OAuth2/Storage/ScopeInterface.php similarity index 100% rename from src/Oauth2/Storage/ScopeInterface.php rename to src/OAuth2/Storage/ScopeInterface.php diff --git a/src/Oauth2/Storage/SessionInterface.php b/src/OAuth2/Storage/SessionInterface.php similarity index 100% rename from src/Oauth2/Storage/SessionInterface.php rename to src/OAuth2/Storage/SessionInterface.php diff --git a/src/Oauth2/Storage/SessionScopeInterface.php b/src/OAuth2/Storage/SessionScopeInterface.php similarity index 100% rename from src/Oauth2/Storage/SessionScopeInterface.php rename to src/OAuth2/Storage/SessionScopeInterface.php From 373ddf9f343f6672dd20ecdadb7924236fbd44a2 Mon Sep 17 00:00:00 2001 From: Daniel Horrigan Date: Fri, 4 Jan 2013 14:55:13 -0500 Subject: [PATCH 3/5] Changing Case in namespaces --- composer.json | 4 ++-- src/OAuth2/Authentication/Database.php | 2 +- src/OAuth2/Authentication/Server.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/composer.json b/composer.json index f2a89158..bebe9423 100644 --- a/composer.json +++ b/composer.json @@ -35,10 +35,10 @@ ], "autoload": { "psr-0": { - "Oauth2": "src/" + "OAuth2": "src/" } }, "suggest": { "lncd/oauth2-facebook": "Adds support for Facebook as an IDP" } -} \ No newline at end of file +} diff --git a/src/OAuth2/Authentication/Database.php b/src/OAuth2/Authentication/Database.php index d4ef203f..7a1398e4 100644 --- a/src/OAuth2/Authentication/Database.php +++ b/src/OAuth2/Authentication/Database.php @@ -1,6 +1,6 @@ Date: Fri, 4 Jan 2013 17:21:24 -0500 Subject: [PATCH 4/5] Fixing Resource bugs and moving the Request dep to a setter. --- src/OAuth2/MissingAccessTokenException.php | 4 +- src/OAuth2/Resource.php | 44 +++++++++++++++++----- 2 files changed, 36 insertions(+), 12 deletions(-) diff --git a/src/OAuth2/MissingAccessTokenException.php b/src/OAuth2/MissingAccessTokenException.php index 0eb4ff0c..d9d605ad 100644 --- a/src/OAuth2/MissingAccessTokenException.php +++ b/src/OAuth2/MissingAccessTokenException.php @@ -2,7 +2,7 @@ namespace OAuth2; -class MissingAccessTokenException +class MissingAccessTokenException extends \Exception { - + } diff --git a/src/OAuth2/Resource.php b/src/OAuth2/Resource.php index 285b4cb4..44b7436f 100644 --- a/src/OAuth2/Resource.php +++ b/src/OAuth2/Resource.php @@ -3,8 +3,8 @@ namespace OAuth2; use OutOfBoundsException; -use Storage\SessionInterface; -use Storage\SessionScopeInterface; +use OAuth2\Storage\SessionInterface; +use OAuth2\Storage\SessionScopeInterface; class Resource { @@ -29,19 +29,37 @@ class Resource * * @param SessionInterface The Session Storage Object * @param SessionScopeInterface The Session Scope Storage Object - * @param RequestInterface The Request Object */ - public function __construct(SessionInterface $session, SessionScopeInterface $session_scope, RequestInterface $request = null) + public function __construct(SessionInterface $session, SessionScopeInterface $session_scope) { $this->storages['session'] = $session; $this->storages['session_scope'] = $session_scope; + } - if (is_null($request)) { - $request = Request::buildFromGlobals(); - } + /** + * Sets the Request Object + * + * @param RequestInterface The Request Object + */ + public function setRequest(RequestInterface $request) + { $this->request = $request; } + /** + * Gets the Request object. It will create one from the globals if one is not set. + * + * @return RequestInterface + */ + public function getRequest() + { + if ($this->request === null) { + $this->request = Request::buildFromGlobals(); + } + + return $this->request; + } + /** * Checks if the Access Token is valid or not. * @@ -91,13 +109,19 @@ class Resource return false; } + /** + * Reads in the Access Token from the headers. + * + * @return string + * @throws MissingAccessTokenException + */ protected function determineAccessToken() { - if ($header = $this->request->header('Authorization')) { + if ($header = $this->getRequest()->header('Authorization')) { $access_token = trim(str_replace('Bearer', '', $header)); } else { - $method = $this->request->server('REQUEST_METHOD'); - $access_token = $this->request->{$method}($this->tokenKey); + $method = $this->getRequest()->server('REQUEST_METHOD'); + $access_token = $this->getRequest()->{$method}($this->tokenKey); } if (empty($access_token)) { From 89e89a73dc174d43f0118e2ab59ddab33f4f4275 Mon Sep 17 00:00:00 2001 From: Daniel Horrigan Date: Mon, 7 Jan 2013 10:31:28 -0500 Subject: [PATCH 5/5] Changing 'user_credentials' to password --- src/OAuth2/Authentication/Server.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/OAuth2/Authentication/Server.php b/src/OAuth2/Authentication/Server.php index 61306c5d..6f5f3f4e 100644 --- a/src/OAuth2/Authentication/Server.php +++ b/src/OAuth2/Authentication/Server.php @@ -48,7 +48,7 @@ class Server */ private $_grantTypes = array( 'authorization_code', - 'user_credentials', + 'password', 'refresh_token', ); @@ -379,7 +379,7 @@ class Server return $this->completeAuthCodeGrant($authParams, $params); break; - case 'user_credentials': + case 'password': return $this->completeUserCredentialsGrant($authParams, $params); break; @@ -542,7 +542,7 @@ class Server $params = array(); if ( ! isset($authParams['user_auth_callback'])) { - throw new \InvalidArgumentException('You must set a user_auth_callback when using the user_credentials grant type.'); + throw new \InvalidArgumentException('You must set a user_auth_callback when using the password grant type.'); } // Client ID @@ -582,7 +582,7 @@ class Server $params['grant_type'] = $_POST['grant_type']; } - if ($params['grant_type'] == 'user_credentials') + if ($params['grant_type'] == 'password') { // Check if user's u+p are correct $userId = call_user_func($authParams['user_auth_callback']);