From 99f54d1a02b4186053cf02f16e047cf65d011214 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 14 Oct 2012 17:33:22 +0100 Subject: [PATCH 1/9] Missing provider class Signed-off-by: Alex Bilbie --- src/Oauth2/Client/Provider.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100755 src/Oauth2/Client/Provider.php diff --git a/src/Oauth2/Client/Provider.php b/src/Oauth2/Client/Provider.php new file mode 100755 index 00000000..0762d57e --- /dev/null +++ b/src/Oauth2/Client/Provider.php @@ -0,0 +1,19 @@ + Date: Sun, 14 Oct 2012 17:33:46 +0100 Subject: [PATCH 2/9] Version bump Signed-off-by: Alex Bilbie --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 2ba0a2f1..a2ce1d17 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "lncd/oauth2", "description": "OAuth 2.0 Framework", - "version": "0.3", + "version": "0.3.1", "homepage": "https://github.com/lncd/OAuth2", "license": "MIT", "require": { From ac990b609a0f698ca2602c5e7718dc3c5196c5bb Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 16 Nov 2012 16:40:01 +0000 Subject: [PATCH 3/9] Fixed client_id column length --- sql/database.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql/database.sql b/sql/database.sql index 0c218795..8c01870c 100644 --- a/sql/database.sql +++ b/sql/database.sql @@ -20,7 +20,7 @@ CREATE TABLE `client_endpoints` ( -- Create syntax for TABLE 'oauth_sessions' CREATE TABLE `oauth_sessions` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, - `client_id` varchar(32) NOT NULL DEFAULT '', + `client_id` varchar(40) NOT NULL DEFAULT '', `redirect_uri` varchar(250) NOT NULL DEFAULT '', `owner_type` enum('user','client') NOT NULL DEFAULT 'user', `owner_id` varchar(255) DEFAULT NULL, From 21f48c04912ff16fa659e0f8d608e9b6a1b28447 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 20 Nov 2012 15:26:04 +0000 Subject: [PATCH 4/9] Spacing updates --- tests/authentication/database_mock.php | 245 +++++++++++-------------- 1 file changed, 104 insertions(+), 141 deletions(-) diff --git a/tests/authentication/database_mock.php b/tests/authentication/database_mock.php index 955035ed..f13c1537 100644 --- a/tests/authentication/database_mock.php +++ b/tests/authentication/database_mock.php @@ -23,169 +23,132 @@ class OAuthdb implements Database 'description' => 'test' )); - public function validateClient( - $clientId, - $clientSecret = null, - $redirectUri = null - ) - { - if ($clientId !== $this->clients[0]['client_id']) - { - return false; - } + public function validateClient($clientId, $clientSecret = null, $redirectUri = null) + { + if ($clientId !== $this->clients[0]['client_id']) + { + return false; + } - if ($clientSecret !== null && $clientSecret !== $this->clients[0]['client_secret']) - { - return false; - } + if ($clientSecret !== null && $clientSecret !== $this->clients[0]['client_secret']) + { + return false; + } - if ($redirectUri !== null && $redirectUri !== $this->clients[0]['redirect_uri']) - { - return false; - } + if ($redirectUri !== null && $redirectUri !== $this->clients[0]['redirect_uri']) + { + return false; + } - return $this->clients[0]; - } + return $this->clients[0]; + } - public function newSession( - $clientId, - $redirectUri, - $type = 'user', - $typeId = null, - $authCode = null, - $accessToken = null, - $accessTokenExpire = null, - $stage = 'requested' - ) - { - $id = count($this->sessions); + public function newSession($clientId, $redirectUri, $type = 'user', $typeId = null, $authCode = null, $accessToken = null, $accessTokenExpire = null, $stage = 'requested') + { + $id = count($this->sessions); - $this->sessions[$id] = array( - 'id' => $id, - 'client_id' => $clientId, - 'redirect_uri' => $redirectUri, - 'owner_type' => $type, - 'owner_id' => $typeId, - 'auth_code' => $authCode, - 'access_token' => $accessToken, - 'access_token_expire' => $accessTokenExpire, - 'stage' => $stage - ); + $this->sessions[$id] = array( + 'id' => $id, + 'client_id' => $clientId, + 'redirect_uri' => $redirectUri, + 'owner_type' => $type, + 'owner_id' => $typeId, + 'auth_code' => $authCode, + 'access_token' => $accessToken, + 'access_token_expire' => $accessTokenExpire, + 'stage' => $stage + ); - $this->sessions_client_type_id[$clientId . ':' . $type . ':' . $typeId] = $id; - $this->sessions_code[$clientId . ':' . $redirectUri . ':' . $authCode] = $id; + $this->sessions_client_type_id[$clientId . ':' . $type . ':' . $typeId] = $id; + $this->sessions_code[$clientId . ':' . $redirectUri . ':' . $authCode] = $id; - return true; - } + return $id; + } - public function updateSession( - $sessionId, - $authCode = null, - $accessToken = null, - $accessTokenExpire = null, - $stage = 'requested' - ) - { - $this->sessions[$sessionId]['auth_code'] = $authCode; - $this->sessions[$sessionId]['access_token'] = $accessToken; - $this->sessions[$sessionId]['access_token_expire'] = $accessTokenExpire; - $this->sessions[$sessionId]['stage'] = $stage; + public function updateSession($sessionId, $authCode = null, $accessToken = null, $accessTokenExpire = null, $stage = 'requested') + { + $this->sessions[$sessionId]['auth_code'] = $authCode; + $this->sessions[$sessionId]['access_token'] = $accessToken; + $this->sessions[$sessionId]['access_token_expire'] = $accessTokenExpire; + $this->sessions[$sessionId]['stage'] = $stage; - return true; - } + return true; + } - public function deleteSession( - $clientId, - $type, - $typeId - ) - { - $key = $clientId . ':' . $type . ':' . $typeId; - if (isset($this->sessions_client_type_id[$key])) - { - unset($this->sessions[$this->sessions_client_type_id[$key]]); - } - return true; - } + public function deleteSession($clientId, $type, $typeId) + { + $key = $clientId . ':' . $type . ':' . $typeId; + if (isset($this->sessions_client_type_id[$key])) + { + unset($this->sessions[$this->sessions_client_type_id[$key]]); + } + return true; + } - public function validateAuthCode( - $clientId, - $redirectUri, - $authCode - ) - { - $key = $clientId . ':' . $redirectUri . ':' . $authCode; + public function validateAuthCode($clientId, $redirectUri, $authCode) + { + $key = $clientId . ':' . $redirectUri . ':' . $authCode; - if (isset($this->sessions_code[$key])) - { - return $this->sessions[$this->sessions_code[$key]]; - } + if (isset($this->sessions_code[$key])) + { + return $this->sessions[$this->sessions_code[$key]]; + } - return false; - } + return false; + } - public function hasSession( - $type, - $typeId, - $clientId - ) - { - die('not implemented hasSession'); - } + public function hasSession($type, $typeId, $clientId) + { + die('not implemented hasSession'); + } - public function getAccessToken($sessionId) - { - die('not implemented getAccessToken'); - } + public function getAccessToken($sessionId) + { + die('not implemented getAccessToken'); + } - public function removeAuthCode($sessionId) - { - die('not implemented removeAuthCode'); - } + public function removeAuthCode($sessionId) + { + die('not implemented removeAuthCode'); + } - public function setAccessToken( - $sessionId, - $accessToken - ) - { - die('not implemented setAccessToken'); - } + public function setAccessToken( + $sessionId, + $accessToken + ) + { + die('not implemented setAccessToken'); + } - public function addSessionScope( - $sessionId, - $scope - ) - { - if ( ! isset($this->session_scopes[$sessionId])) - { - $this->session_scopes[$sessionId] = array(); - } + public function addSessionScope($sessionId, $scope) + { + if ( ! isset($this->session_scopes[$sessionId])) + { + $this->session_scopes[$sessionId] = array(); + } - $this->session_scopes[$sessionId][] = $scope; + $this->session_scopes[$sessionId][] = $scope; - return true; - } + return true; + } - public function getScope($scope) - { - if ( ! isset($this->scopes[$scope])) - { - return false; - } + public function getScope($scope) + { + if ( ! isset($this->scopes[$scope])) + { + return false; + } - return $this->scopes[$scope]; - } + return $this->scopes[$scope]; + } - public function updateSessionScopeAccessToken( - $sessionId, - $accessToken - ) - { - return true; - } + public function updateSessionScopeAccessToken($sessionId, $accessToken) + { + return true; + } - public function accessTokenScopes($accessToken) - { - die('not implemented accessTokenScopes'); - } + public function accessTokenScopes($accessToken) + { + die('not implemented accessTokenScopes'); + } } \ No newline at end of file From fead0448303b82c9a436d201bb02ae48c735409c Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 20 Nov 2012 15:27:15 +0000 Subject: [PATCH 5/9] Spacing fixes and fixed sessionScopes() example query --- src/Oauth2/Resource/Database.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/Oauth2/Resource/Database.php b/src/Oauth2/Resource/Database.php index 9c5d1b44..8408df3a 100644 --- a/src/Oauth2/Resource/Database.php +++ b/src/Oauth2/Resource/Database.php @@ -6,17 +6,17 @@ interface Database { /** * Validate an access token and return the session details. - * + * * Database query: - * + * * * SELECT id, owner_type, owner_id FROM oauth_sessions WHERE access_token = * $accessToken AND stage = 'granted' AND * access_token_expires > UNIX_TIMESTAMP(now()) * - * + * * Response: - * + * * * Array * ( @@ -25,7 +25,7 @@ interface Database * [owner_id] => (string) The session owner's ID * ) * - * + * * @param string $accessToken The access token * @return array|bool Return an array on success or false on failure */ @@ -33,16 +33,16 @@ interface Database /** * Returns the scopes that the session is authorised with. - * + * * Database query: - * + * * - * SELECT scope FROM oauth_session_scopes WHERE access_token = - * '291dca1c74900f5f252de351e0105aa3fc91b90b' + * SELECT scope FROM oauth_session_scopes WHERE session_id = + * $sessionId * - * + * * Response: - * + * * * Array * ( @@ -51,7 +51,7 @@ interface Database * ... * ) * - * + * * @param int $sessionId The session ID * @return array A list of scopes */ From 958eab33a711cb453198726ac58d082bb9c1926f Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 20 Nov 2012 15:27:33 +0000 Subject: [PATCH 6/9] Lots of small documentation updates and clarifications --- src/Oauth2/Authentication/Database.php | 138 ++++++++++++++----------- 1 file changed, 75 insertions(+), 63 deletions(-) diff --git a/src/Oauth2/Authentication/Database.php b/src/Oauth2/Authentication/Database.php index ed526f89..b46a05ec 100644 --- a/src/Oauth2/Authentication/Database.php +++ b/src/Oauth2/Authentication/Database.php @@ -6,30 +6,42 @@ interface Database { /** * Validate a client - * + * * Database query: - * + * * * # Client ID + redirect URI * SELECT clients.id FROM clients LEFT JOIN client_endpoints ON * client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND * client_endpoints.redirect_uri = $redirectUri - * + * * # Client ID + client secret * SELECT clients.id FROM clients WHERE clients.id = $clientId AND * clients.secret = $clientSecret - * + * * # Client ID + client secret + redirect URI * SELECT clients.id FROM clients LEFT JOIN client_endpoints ON * client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND * clients.secret = $clientSecret AND client_endpoints.redirect_uri = * $redirectUri * - * - * @param string $clientId The client's ID + * + * Response: + * + * + * Array + * ( + * [client_id] => (string) The client ID + * [client secret] => (string) The client secret + * [redirect_uri] => (string) The redirect URI used in this request + * [name] => (string) The name of the client + * ) + * + * + * @param string $clientId The client's ID * @param string $clientSecret The client's secret (default = "null") - * @param string $redirectUri The client's redirect URI (default = "null") - * @return [type] [description] + * @param string $redirectUri The client's redirect URI (default = "null") + * @return bool|array Returns false if the validation fails, array on success */ public function validateClient( $clientId, @@ -39,16 +51,16 @@ interface Database /** * Create a new OAuth session - * + * * Database query: - * + * * * INSERT INTO oauth_sessions (client_id, redirect_uri, owner_type, * owner_id, auth_code, access_token, stage, first_requested, last_updated) * VALUES ($clientId, $redirectUri, $type, $typeId, $authCode, * $accessToken, $stage, UNIX_TIMESTAMP(NOW()), UNIX_TIMESTAMP(NOW())) * - * + * * @param string $clientId The client ID * @param string $redirectUri The redirect URI * @param string $type The session owner's type (default = "user") @@ -56,7 +68,7 @@ interface Database * @param string $authCode The authorisation code (default = "null") * @param string $accessToken The access token (default = "null") * @param string $stage The stage of the session (default ="request") - * @return [type] [description] + * @return int The session ID */ public function newSession( $clientId, @@ -71,20 +83,20 @@ interface Database /** * Update an OAuth session - * + * * Database query: - * + * * * UPDATE oauth_sessions SET auth_code = $authCode, access_token = * $accessToken, stage = $stage, last_updated = UNIX_TIMESTAMP(NOW()) WHERE * id = $sessionId * - * + * * @param string $sessionId The session ID * @param string $authCode The authorisation code (default = "null") * @param string $accessToken The access token (default = "null") * @param string $stage The stage of the session (default ="request") - * @return void + * @return void */ public function updateSession( $sessionId, @@ -96,16 +108,16 @@ interface Database /** * Delete an OAuth session - * + * * * DELETE FROM oauth_sessions WHERE client_id = $clientId AND owner_type = * $type AND owner_id = $typeId * - * + * * @param string $clientId The client ID - * @param string $type The session owner's type + * @param string $type The session owner's type * @param string $typeId The session owner's ID - * @return [type] [description] + * @return void */ public function deleteSession( $clientId, @@ -115,16 +127,16 @@ interface Database /** * Validate that an authorisation code is valid - * + * * Database query: - * + * * * SELECT id FROM oauth_sessions WHERE client_id = $clientID AND * redirect_uri = $redirectUri AND auth_code = $authCode * - * + * * Response: - * + * * * Array * ( @@ -141,12 +153,12 @@ interface Database * last updated * ) * - * + * * @param string $clientId The client ID * @param string $redirectUri The redirect URI * @param string $authCode The authorisation code - * @return int|bool Returns the session ID if the auth code - * is valid otherwise returns false + * @return int|bool Returns the session ID if the auth code + * is valid otherwise returns false */ public function validateAuthCode( $clientId, @@ -156,18 +168,18 @@ interface Database /** * Return the session ID for a given session owner and client combination - * + * * Database query: - * + * * * SELECT id FROM oauth_sessions WHERE client_id = $clientId * AND owner_type = $type AND owner_id = $typeId * - * - * @param string $type The session owner's type + * + * @param string $type The session owner's type * @param string $typeId The session owner's ID * @param string $clientId The client ID - * @return string|null Return the session ID as an integer if + * @return string|null Return the session ID as an integer if * found otherwise returns false */ public function hasSession( @@ -178,13 +190,13 @@ interface Database /** * Return the access token for a given session - * + * * Database query: - * + * * * SELECT access_token FROM oauth_sessions WHERE id = $sessionId * - * + * * @param int $sessionId The OAuth session ID * @return string|null Returns the access token as a string if * found otherwise returns null @@ -193,13 +205,13 @@ interface Database /** * Removes an authorisation code associated with a session - * + * * Database query: - * + * * * UPDATE oauth_sessions SET auth_code = NULL WHERE id = $sessionId * - * + * * @param int $sessionId The OAuth session ID * @return void */ @@ -207,14 +219,14 @@ interface Database /** * Sets a sessions access token - * + * * Database query: - * + * * - * UPDATE oauth_sessions SET access_token = $accessToken WHERE id = + * UPDATE oauth_sessions SET access_token = $accessToken WHERE id = * $sessionId * - * + * * @param int $sessionId The OAuth session ID * @param string $accessToken The access token * @return void @@ -226,14 +238,14 @@ interface Database /** * Associates a session with a scope - * + * * Database query: - * + * * - * INSERT INTO oauth_session_scopes (session_id, scope) VALUE ($sessionId, + * INSERT INTO oauth_session_scopes (session_id, scope) VALUE ($sessionId, * $scope) * - * + * * @param int $sessionId The session ID * @param string $scope The scope * @return void @@ -245,15 +257,15 @@ interface Database /** * Return information about a scope - * + * * Database query: - * + * * * SELECT * FROM scopes WHERE scope = $scope * - * + * * Response: - * + * * * Array * ( @@ -263,22 +275,22 @@ interface Database * [description] => (string) The scope's description * ) * - * + * * @param string $scope The scope - * @return array + * @return array */ public function getScope($scope); /** * Associate a session's scopes with an access token - * + * * Database query: - * + * * - * UPDATE oauth_session_scopes SET access_token = $accessToken WHERE + * UPDATE oauth_session_scopes SET access_token = $accessToken WHERE * session_id = $sessionId * - * + * * @param int $sessionId The session ID * @param string $accessToken The access token * @return void @@ -290,17 +302,17 @@ interface Database /** * Return the scopes associated with an access token - * + * * Database query: - * + * * - * SELECT scopes.scope, scopes.name, scopes.description FROM - * oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope = + * SELECT scopes.scope, scopes.name, scopes.description FROM + * oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope = * scopes.scope WHERE access_token = $accessToken * - * + * * Response: - * + * * * Array * ( @@ -312,7 +324,7 @@ interface Database * ) * ) * - * + * * @param string $accessToken The access token * @return array */ From 129c9a7b7a444301750f71efc8e710ecaf113ee3 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 20 Nov 2012 15:28:48 +0000 Subject: [PATCH 7/9] Version bump --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 0257cf95..b52a7a2a 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "lncd/Oauth2", "description": "OAuth 2.0 Framework", - "version": "0.2.3", + "version": "0.3.2", "homepage": "https://github.com/lncd/OAuth2", "license": "MIT", "require": { From 0ed6674ceb5e1f790a68ee1c3d8386fdd8594c14 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 10 Dec 2012 21:31:08 +0000 Subject: [PATCH 8/9] Version bump. Fixed website --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 2ba0a2f1..93e4d626 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "lncd/oauth2", "description": "OAuth 2.0 Framework", - "version": "0.3", + "version": "0.3.3", "homepage": "https://github.com/lncd/OAuth2", "license": "MIT", "require": { @@ -29,7 +29,7 @@ { "name": "Alex Bilbie", "email": "hello@alexbilbie.com", - "homepage": "http://www.httpster.org", + "homepage": "http://www.alexbilbie.com", "role": "Developer" } ], From aa978d358119b751b0f5b755847ccfca7c43ada8 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Wed, 12 Dec 2012 11:43:01 +0000 Subject: [PATCH 9/9] Fix variable name --- src/Oauth2/Resource/Server.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Oauth2/Resource/Server.php b/src/Oauth2/Resource/Server.php index 9aa8781b..64a29d6e 100644 --- a/src/Oauth2/Resource/Server.php +++ b/src/Oauth2/Resource/Server.php @@ -75,7 +75,7 @@ class Server public function __construct($options = null) { if ($options !== null) { - $this->config = array_merge($this->config, $options); + $this->_config = array_merge($this->_config, $options); } }