ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-03-02 14:42:43 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #425 from juliangut/scopes_extraction

Browse Source 
V5 - normalize validatescopes
This commit is contained in:
Alex Bilbie 2016-01-17 14:59:37 +00:00
commit 5fcb47d66a
4 changed files with 53 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
src/Grant/AbstractGrant.php
View File

@ -120,6 +120,14 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->pathToPublicKey = $pathToPublicKey; $this->pathToPublicKey = $pathToPublicKey;
} }
/**
* @inheritdoc
*/
public function setEmitter(EmitterInterface $emitter)
{
$this->emitter = $emitter;
}
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
@ -179,6 +187,46 @@ abstract class AbstractGrant implements GrantTypeInterface
return $client; return $client;
} }
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
* @param string $redirectUri
*
* @return \League\OAuth2\Server\Entities\ScopeEntity[]
*
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
public function validateScopes(
ServerRequestInterface $request,
ClientEntityInterface $client,
$redirectUri = null
) {
$requestedScopes = $this->getRequestParameter('scope', $request);
$scopesList = array_filter(
explode(self::SCOPE_DELIMITER_STRING, trim($requestedScopes)),
function ($scope) {
return !empty($scope);
}
);
$scopes = [];
foreach ($scopesList as $scopeItem) {
$scope = $this->scopeRepository->getScopeEntityByIdentifier(
$scopeItem,
$this->getIdentifier(),
$client->getIdentifier()
);
if (($scope instanceof ScopeEntity) === false) {
throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
}
$scopes[] = $scope;
}
return $scopes;
}
/** /**
* Retrieve request parameter. * Retrieve request parameter.
* *
@ -207,52 +255,6 @@ abstract class AbstractGrant implements GrantTypeInterface
return (isset($request->getServerParams()[$parameter])) ? $request->getServerParams()[$parameter] : $default; return (isset($request->getServerParams()[$parameter])) ? $request->getServerParams()[$parameter] : $default;
} }
/**
* @param string $scopeParamValue A string containing a delimited set of scope identifiers
* @param ClientEntityInterface $client
* @param string $redirectUri
*
* @return \League\OAuth2\Server\Entities\ScopeEntity[]
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
public function validateScopes(
$scopeParamValue,
ClientEntityInterface $client,
$redirectUri = null
) {
$scopesList = array_filter(
explode(self::SCOPE_DELIMITER_STRING, trim($scopeParamValue)),
function ($scope) {
return !empty($scope);
}
);
$scopes = [];
foreach ($scopesList as $scopeItem) {
$scope = $this->scopeRepository->getScopeEntityByIdentifier(
$scopeItem,
$this->getIdentifier(),
$client->getIdentifier()
);
if (($scope instanceof ScopeEntity) === false) {
throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
}
$scopes[] = $scope;
}
return $scopes;
}
/**
* @inheritdoc
*/
public function setEmitter(EmitterInterface $emitter)
{
$this->emitter = $emitter;
}
/** /**
* @param \DateInterval $tokenTTL * @param \DateInterval $tokenTTL
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client

2
src/Grant/ClientCredentialsGrant.php
View File

@ -36,7 +36,7 @@ class ClientCredentialsGrant extends AbstractGrant
) { ) {
// Validate request // Validate request
$client = $this->validateClient($request); $client = $this->validateClient($request);
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client); $scopes = $this->validateScopes($request, $scopeDelimiter, $client);
// Issue and persist access token // Issue and persist access token
$accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes); $accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes);

2
src/Grant/PasswordGrant.php
View File

@ -64,7 +64,7 @@ class PasswordGrant extends AbstractGrant
// Validate request // Validate request
$client = $this->validateClient($request); $client = $this->validateClient($request);
$user = $this->validateUser($request); $user = $this->validateUser($request);
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client); $scopes = $this->validateScopes($request, $scopeDelimiter, $client);
// Issue and persist new tokens // Issue and persist new tokens
$accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes); $accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes);

2
src/Grant/RefreshTokenGrant.php
View File

@ -54,7 +54,7 @@ class RefreshTokenGrant extends AbstractGrant
) { ) {
$client = $this->validateClient($request); $client = $this->validateClient($request);
$oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier()); $oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client); $scopes = $this->validateScopes($request, $scopeDelimiter, $client);
// If no new scopes are requested then give the access token the original session scopes // If no new scopes are requested then give the access token the original session scopes
if (count($scopes) === 0) { if (count($scopes) === 0) {