diff --git a/composer.json b/composer.json
index 6e033adb..1205c757 100644
--- a/composer.json
+++ b/composer.json
@@ -29,7 +29,7 @@
{
"name": "Alex Bilbie",
"email": "hello@alexbilbie.com",
- "homepage": "http://www.httpster.org",
+ "homepage": "http://www.alexbilbie.com",
"role": "Developer"
}
],
diff --git a/sql/database.sql b/sql/database.sql
index 0c218795..8c01870c 100644
--- a/sql/database.sql
+++ b/sql/database.sql
@@ -20,7 +20,7 @@ CREATE TABLE `client_endpoints` (
-- Create syntax for TABLE 'oauth_sessions'
CREATE TABLE `oauth_sessions` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
- `client_id` varchar(32) NOT NULL DEFAULT '',
+ `client_id` varchar(40) NOT NULL DEFAULT '',
`redirect_uri` varchar(250) NOT NULL DEFAULT '',
`owner_type` enum('user','client') NOT NULL DEFAULT 'user',
`owner_id` varchar(255) DEFAULT NULL,
diff --git a/src/Oauth2/Authentication/Database.php b/src/Oauth2/Authentication/Database.php
index ed526f89..b46a05ec 100644
--- a/src/Oauth2/Authentication/Database.php
+++ b/src/Oauth2/Authentication/Database.php
@@ -6,30 +6,42 @@ interface Database
{
/**
* Validate a client
- *
+ *
* Database query:
- *
+ *
*
* # Client ID + redirect URI
* SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
* client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
* client_endpoints.redirect_uri = $redirectUri
- *
+ *
* # Client ID + client secret
* SELECT clients.id FROM clients WHERE clients.id = $clientId AND
* clients.secret = $clientSecret
- *
+ *
* # Client ID + client secret + redirect URI
* SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
* client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
* clients.secret = $clientSecret AND client_endpoints.redirect_uri =
* $redirectUri
*
- *
- * @param string $clientId The client's ID
+ *
+ * Response:
+ *
+ *
+ * Array
+ * (
+ * [client_id] => (string) The client ID
+ * [client secret] => (string) The client secret
+ * [redirect_uri] => (string) The redirect URI used in this request
+ * [name] => (string) The name of the client
+ * )
+ *
+ *
+ * @param string $clientId The client's ID
* @param string $clientSecret The client's secret (default = "null")
- * @param string $redirectUri The client's redirect URI (default = "null")
- * @return [type] [description]
+ * @param string $redirectUri The client's redirect URI (default = "null")
+ * @return bool|array Returns false if the validation fails, array on success
*/
public function validateClient(
$clientId,
@@ -39,16 +51,16 @@ interface Database
/**
* Create a new OAuth session
- *
+ *
* Database query:
- *
+ *
*
* INSERT INTO oauth_sessions (client_id, redirect_uri, owner_type,
* owner_id, auth_code, access_token, stage, first_requested, last_updated)
* VALUES ($clientId, $redirectUri, $type, $typeId, $authCode,
* $accessToken, $stage, UNIX_TIMESTAMP(NOW()), UNIX_TIMESTAMP(NOW()))
*
- *
+ *
* @param string $clientId The client ID
* @param string $redirectUri The redirect URI
* @param string $type The session owner's type (default = "user")
@@ -56,7 +68,7 @@ interface Database
* @param string $authCode The authorisation code (default = "null")
* @param string $accessToken The access token (default = "null")
* @param string $stage The stage of the session (default ="request")
- * @return [type] [description]
+ * @return int The session ID
*/
public function newSession(
$clientId,
@@ -71,20 +83,20 @@ interface Database
/**
* Update an OAuth session
- *
+ *
* Database query:
- *
+ *
*
* UPDATE oauth_sessions SET auth_code = $authCode, access_token =
* $accessToken, stage = $stage, last_updated = UNIX_TIMESTAMP(NOW()) WHERE
* id = $sessionId
*
- *
+ *
* @param string $sessionId The session ID
* @param string $authCode The authorisation code (default = "null")
* @param string $accessToken The access token (default = "null")
* @param string $stage The stage of the session (default ="request")
- * @return void
+ * @return void
*/
public function updateSession(
$sessionId,
@@ -96,16 +108,16 @@ interface Database
/**
* Delete an OAuth session
- *
+ *
*
* DELETE FROM oauth_sessions WHERE client_id = $clientId AND owner_type =
* $type AND owner_id = $typeId
*
- *
+ *
* @param string $clientId The client ID
- * @param string $type The session owner's type
+ * @param string $type The session owner's type
* @param string $typeId The session owner's ID
- * @return [type] [description]
+ * @return void
*/
public function deleteSession(
$clientId,
@@ -115,16 +127,16 @@ interface Database
/**
* Validate that an authorisation code is valid
- *
+ *
* Database query:
- *
+ *
*
* SELECT id FROM oauth_sessions WHERE client_id = $clientID AND
* redirect_uri = $redirectUri AND auth_code = $authCode
*
- *
+ *
* Response:
- *
+ *
*
* Array
* (
@@ -141,12 +153,12 @@ interface Database
* last updated
* )
*
- *
+ *
* @param string $clientId The client ID
* @param string $redirectUri The redirect URI
* @param string $authCode The authorisation code
- * @return int|bool Returns the session ID if the auth code
- * is valid otherwise returns false
+ * @return int|bool Returns the session ID if the auth code
+ * is valid otherwise returns false
*/
public function validateAuthCode(
$clientId,
@@ -156,18 +168,18 @@ interface Database
/**
* Return the session ID for a given session owner and client combination
- *
+ *
* Database query:
- *
+ *
*
* SELECT id FROM oauth_sessions WHERE client_id = $clientId
* AND owner_type = $type AND owner_id = $typeId
*
- *
- * @param string $type The session owner's type
+ *
+ * @param string $type The session owner's type
* @param string $typeId The session owner's ID
* @param string $clientId The client ID
- * @return string|null Return the session ID as an integer if
+ * @return string|null Return the session ID as an integer if
* found otherwise returns false
*/
public function hasSession(
@@ -178,13 +190,13 @@ interface Database
/**
* Return the access token for a given session
- *
+ *
* Database query:
- *
+ *
*
* SELECT access_token FROM oauth_sessions WHERE id = $sessionId
*
- *
+ *
* @param int $sessionId The OAuth session ID
* @return string|null Returns the access token as a string if
* found otherwise returns null
@@ -193,13 +205,13 @@ interface Database
/**
* Removes an authorisation code associated with a session
- *
+ *
* Database query:
- *
+ *
*
* UPDATE oauth_sessions SET auth_code = NULL WHERE id = $sessionId
*
- *
+ *
* @param int $sessionId The OAuth session ID
* @return void
*/
@@ -207,14 +219,14 @@ interface Database
/**
* Sets a sessions access token
- *
+ *
* Database query:
- *
+ *
*
- * UPDATE oauth_sessions SET access_token = $accessToken WHERE id =
+ * UPDATE oauth_sessions SET access_token = $accessToken WHERE id =
* $sessionId
*
- *
+ *
* @param int $sessionId The OAuth session ID
* @param string $accessToken The access token
* @return void
@@ -226,14 +238,14 @@ interface Database
/**
* Associates a session with a scope
- *
+ *
* Database query:
- *
+ *
*
- * INSERT INTO oauth_session_scopes (session_id, scope) VALUE ($sessionId,
+ * INSERT INTO oauth_session_scopes (session_id, scope) VALUE ($sessionId,
* $scope)
*
- *
+ *
* @param int $sessionId The session ID
* @param string $scope The scope
* @return void
@@ -245,15 +257,15 @@ interface Database
/**
* Return information about a scope
- *
+ *
* Database query:
- *
+ *
*
* SELECT * FROM scopes WHERE scope = $scope
*
- *
+ *
* Response:
- *
+ *
*
* Array
* (
@@ -263,22 +275,22 @@ interface Database
* [description] => (string) The scope's description
* )
*
- *
+ *
* @param string $scope The scope
- * @return array
+ * @return array
*/
public function getScope($scope);
/**
* Associate a session's scopes with an access token
- *
+ *
* Database query:
- *
+ *
*
- * UPDATE oauth_session_scopes SET access_token = $accessToken WHERE
+ * UPDATE oauth_session_scopes SET access_token = $accessToken WHERE
* session_id = $sessionId
*
- *
+ *
* @param int $sessionId The session ID
* @param string $accessToken The access token
* @return void
@@ -290,17 +302,17 @@ interface Database
/**
* Return the scopes associated with an access token
- *
+ *
* Database query:
- *
+ *
*
- * SELECT scopes.scope, scopes.name, scopes.description FROM
- * oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope =
+ * SELECT scopes.scope, scopes.name, scopes.description FROM
+ * oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope =
* scopes.scope WHERE access_token = $accessToken
*
- *
+ *
* Response:
- *
+ *
*
* Array
* (
@@ -312,7 +324,7 @@ interface Database
* )
* )
*
- *
+ *
* @param string $accessToken The access token
* @return array
*/
diff --git a/src/Oauth2/Client/Provider.php b/src/Oauth2/Client/Provider.php
new file mode 100755
index 00000000..0762d57e
--- /dev/null
+++ b/src/Oauth2/Client/Provider.php
@@ -0,0 +1,19 @@
+
* SELECT id, owner_type, owner_id FROM oauth_sessions WHERE access_token =
* $accessToken AND stage = 'granted' AND
* access_token_expires > UNIX_TIMESTAMP(now())
*
- *
+ *
* Response:
- *
+ *
*
* Array
* (
@@ -25,7 +25,7 @@ interface Database
* [owner_id] => (string) The session owner's ID
* )
*
- *
+ *
* @param string $accessToken The access token
* @return array|bool Return an array on success or false on failure
*/
@@ -33,16 +33,16 @@ interface Database
/**
* Returns the scopes that the session is authorised with.
- *
+ *
* Database query:
- *
+ *
*
- * SELECT scope FROM oauth_session_scopes WHERE access_token =
- * '291dca1c74900f5f252de351e0105aa3fc91b90b'
+ * SELECT scope FROM oauth_session_scopes WHERE session_id =
+ * $sessionId
*
- *
+ *
* Response:
- *
+ *
*
* Array
* (
@@ -51,7 +51,7 @@ interface Database
* ...
* )
*
- *
+ *
* @param int $sessionId The session ID
* @return array A list of scopes
*/
diff --git a/src/Oauth2/Resource/Server.php b/src/Oauth2/Resource/Server.php
index 9aa8781b..64a29d6e 100644
--- a/src/Oauth2/Resource/Server.php
+++ b/src/Oauth2/Resource/Server.php
@@ -75,7 +75,7 @@ class Server
public function __construct($options = null)
{
if ($options !== null) {
- $this->config = array_merge($this->config, $options);
+ $this->_config = array_merge($this->_config, $options);
}
}
diff --git a/tests/authentication/database_mock.php b/tests/authentication/database_mock.php
index 955035ed..f13c1537 100644
--- a/tests/authentication/database_mock.php
+++ b/tests/authentication/database_mock.php
@@ -23,169 +23,132 @@ class OAuthdb implements Database
'description' => 'test'
));
- public function validateClient(
- $clientId,
- $clientSecret = null,
- $redirectUri = null
- )
- {
- if ($clientId !== $this->clients[0]['client_id'])
- {
- return false;
- }
+ public function validateClient($clientId, $clientSecret = null, $redirectUri = null)
+ {
+ if ($clientId !== $this->clients[0]['client_id'])
+ {
+ return false;
+ }
- if ($clientSecret !== null && $clientSecret !== $this->clients[0]['client_secret'])
- {
- return false;
- }
+ if ($clientSecret !== null && $clientSecret !== $this->clients[0]['client_secret'])
+ {
+ return false;
+ }
- if ($redirectUri !== null && $redirectUri !== $this->clients[0]['redirect_uri'])
- {
- return false;
- }
+ if ($redirectUri !== null && $redirectUri !== $this->clients[0]['redirect_uri'])
+ {
+ return false;
+ }
- return $this->clients[0];
- }
+ return $this->clients[0];
+ }
- public function newSession(
- $clientId,
- $redirectUri,
- $type = 'user',
- $typeId = null,
- $authCode = null,
- $accessToken = null,
- $accessTokenExpire = null,
- $stage = 'requested'
- )
- {
- $id = count($this->sessions);
+ public function newSession($clientId, $redirectUri, $type = 'user', $typeId = null, $authCode = null, $accessToken = null, $accessTokenExpire = null, $stage = 'requested')
+ {
+ $id = count($this->sessions);
- $this->sessions[$id] = array(
- 'id' => $id,
- 'client_id' => $clientId,
- 'redirect_uri' => $redirectUri,
- 'owner_type' => $type,
- 'owner_id' => $typeId,
- 'auth_code' => $authCode,
- 'access_token' => $accessToken,
- 'access_token_expire' => $accessTokenExpire,
- 'stage' => $stage
- );
+ $this->sessions[$id] = array(
+ 'id' => $id,
+ 'client_id' => $clientId,
+ 'redirect_uri' => $redirectUri,
+ 'owner_type' => $type,
+ 'owner_id' => $typeId,
+ 'auth_code' => $authCode,
+ 'access_token' => $accessToken,
+ 'access_token_expire' => $accessTokenExpire,
+ 'stage' => $stage
+ );
- $this->sessions_client_type_id[$clientId . ':' . $type . ':' . $typeId] = $id;
- $this->sessions_code[$clientId . ':' . $redirectUri . ':' . $authCode] = $id;
+ $this->sessions_client_type_id[$clientId . ':' . $type . ':' . $typeId] = $id;
+ $this->sessions_code[$clientId . ':' . $redirectUri . ':' . $authCode] = $id;
- return true;
- }
+ return $id;
+ }
- public function updateSession(
- $sessionId,
- $authCode = null,
- $accessToken = null,
- $accessTokenExpire = null,
- $stage = 'requested'
- )
- {
- $this->sessions[$sessionId]['auth_code'] = $authCode;
- $this->sessions[$sessionId]['access_token'] = $accessToken;
- $this->sessions[$sessionId]['access_token_expire'] = $accessTokenExpire;
- $this->sessions[$sessionId]['stage'] = $stage;
+ public function updateSession($sessionId, $authCode = null, $accessToken = null, $accessTokenExpire = null, $stage = 'requested')
+ {
+ $this->sessions[$sessionId]['auth_code'] = $authCode;
+ $this->sessions[$sessionId]['access_token'] = $accessToken;
+ $this->sessions[$sessionId]['access_token_expire'] = $accessTokenExpire;
+ $this->sessions[$sessionId]['stage'] = $stage;
- return true;
- }
+ return true;
+ }
- public function deleteSession(
- $clientId,
- $type,
- $typeId
- )
- {
- $key = $clientId . ':' . $type . ':' . $typeId;
- if (isset($this->sessions_client_type_id[$key]))
- {
- unset($this->sessions[$this->sessions_client_type_id[$key]]);
- }
- return true;
- }
+ public function deleteSession($clientId, $type, $typeId)
+ {
+ $key = $clientId . ':' . $type . ':' . $typeId;
+ if (isset($this->sessions_client_type_id[$key]))
+ {
+ unset($this->sessions[$this->sessions_client_type_id[$key]]);
+ }
+ return true;
+ }
- public function validateAuthCode(
- $clientId,
- $redirectUri,
- $authCode
- )
- {
- $key = $clientId . ':' . $redirectUri . ':' . $authCode;
+ public function validateAuthCode($clientId, $redirectUri, $authCode)
+ {
+ $key = $clientId . ':' . $redirectUri . ':' . $authCode;
- if (isset($this->sessions_code[$key]))
- {
- return $this->sessions[$this->sessions_code[$key]];
- }
+ if (isset($this->sessions_code[$key]))
+ {
+ return $this->sessions[$this->sessions_code[$key]];
+ }
- return false;
- }
+ return false;
+ }
- public function hasSession(
- $type,
- $typeId,
- $clientId
- )
- {
- die('not implemented hasSession');
- }
+ public function hasSession($type, $typeId, $clientId)
+ {
+ die('not implemented hasSession');
+ }
- public function getAccessToken($sessionId)
- {
- die('not implemented getAccessToken');
- }
+ public function getAccessToken($sessionId)
+ {
+ die('not implemented getAccessToken');
+ }
- public function removeAuthCode($sessionId)
- {
- die('not implemented removeAuthCode');
- }
+ public function removeAuthCode($sessionId)
+ {
+ die('not implemented removeAuthCode');
+ }
- public function setAccessToken(
- $sessionId,
- $accessToken
- )
- {
- die('not implemented setAccessToken');
- }
+ public function setAccessToken(
+ $sessionId,
+ $accessToken
+ )
+ {
+ die('not implemented setAccessToken');
+ }
- public function addSessionScope(
- $sessionId,
- $scope
- )
- {
- if ( ! isset($this->session_scopes[$sessionId]))
- {
- $this->session_scopes[$sessionId] = array();
- }
+ public function addSessionScope($sessionId, $scope)
+ {
+ if ( ! isset($this->session_scopes[$sessionId]))
+ {
+ $this->session_scopes[$sessionId] = array();
+ }
- $this->session_scopes[$sessionId][] = $scope;
+ $this->session_scopes[$sessionId][] = $scope;
- return true;
- }
+ return true;
+ }
- public function getScope($scope)
- {
- if ( ! isset($this->scopes[$scope]))
- {
- return false;
- }
+ public function getScope($scope)
+ {
+ if ( ! isset($this->scopes[$scope]))
+ {
+ return false;
+ }
- return $this->scopes[$scope];
- }
+ return $this->scopes[$scope];
+ }
- public function updateSessionScopeAccessToken(
- $sessionId,
- $accessToken
- )
- {
- return true;
- }
+ public function updateSessionScopeAccessToken($sessionId, $accessToken)
+ {
+ return true;
+ }
- public function accessTokenScopes($accessToken)
- {
- die('not implemented accessTokenScopes');
- }
+ public function accessTokenScopes($accessToken)
+ {
+ die('not implemented accessTokenScopes');
+ }
}
\ No newline at end of file