ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-27 09:12:13 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #656 from thephpleague/issue-650-fix

Browse Source 
Fix for #650
This commit is contained in:
Alex Bilbie 2016-09-19 10:19:05 +01:00 committed by GitHub
commit a798cfdc5d
12 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/public/api.php
View File

@ -31,7 +31,6 @@ $app->add(
$app->get( $app->get(
'/users', '/users',
function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
$users = [ $users = [
[ [
'id' => 123, 'id' => 123,

4
examples/public/password.php
View File

@ -54,19 +54,17 @@ $app->post(
// Try to respond to the access token request // Try to respond to the access token request
return $server->respondToAccessTokenRequest($request, $response); return $server->respondToAccessTokenRequest($request, $response);
} catch (OAuthServerException $exception) { } catch (OAuthServerException $exception) {
// All instances of OAuthServerException can be converted to a PSR-7 response // All instances of OAuthServerException can be converted to a PSR-7 response
return $exception->generateHttpResponse($response); return $exception->generateHttpResponse($response);
} catch (\Exception $exception) { } catch (\Exception $exception) {
// Catch unexpected exceptions // Catch unexpected exceptions
$body = $response->getBody(); $body = $response->getBody();
$body->write($exception->getMessage()); $body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
return $response->withStatus(500)->withBody($body);
} }
} }
); );

1
src/Exception/UniqueTokenIdentifierConstraintViolationException.php
View File

@ -9,7 +9,6 @@
namespace League\OAuth2\Server\Exception; namespace League\OAuth2\Server\Exception;
class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException
{ {
public static function create() public static function create()

3
src/Grant/AbstractGrant.php
View File

@ -345,6 +345,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$accessToken->setIdentifier($this->generateUniqueIdentifier()); $accessToken->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->accessTokenRepository->persistNewAccessToken($accessToken); $this->accessTokenRepository->persistNewAccessToken($accessToken);
return $accessToken; return $accessToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {
@ -391,6 +392,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$authCode->setIdentifier($this->generateUniqueIdentifier()); $authCode->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->authCodeRepository->persistNewAuthCode($authCode); $this->authCodeRepository->persistNewAuthCode($authCode);
return $authCode; return $authCode;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {
@ -420,6 +422,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$refreshToken->setIdentifier($this->generateUniqueIdentifier()); $refreshToken->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken); $this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
return $refreshToken; return $refreshToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {

7
src/Grant/ImplicitGrant.php
View File

@ -151,6 +151,13 @@ class ImplicitGrant extends AbstractAuthorizeGrant
: $client->getRedirectUri() : $client->getRedirectUri()
); );
// Finalize the requested scopes
$scopes = $this->scopeRepository->finalizeScopes(
$scopes,
$this->getIdentifier(),
$client
);
$stateParameter = $this->getQueryStringParameter('state', $request); $stateParameter = $this->getQueryStringParameter('state', $request);
$authorizationRequest = new AuthorizationRequest(); $authorizationRequest = new AuthorizationRequest();

2
src/RequestTypes/AuthorizationRequest.php
View File

@ -66,12 +66,14 @@ class AuthorizationRequest
/** /**
* The code challenge (if provided) * The code challenge (if provided)
*
* @var string * @var string
*/ */
protected $codeChallenge; protected $codeChallenge;
/** /**
* The code challenge method (if provided) * The code challenge method (if provided)
*
* @var string * @var string
*/ */
protected $codeChallengeMethod; protected $codeChallengeMethod;

1
src/ResponseTypes/BearerTokenResponse.php
View File

@ -68,6 +68,7 @@ class BearerTokenResponse extends AbstractResponseType
* this class rather than the default. * this class rather than the default.
* *
* @param AccessTokenEntityInterface $accessToken * @param AccessTokenEntityInterface $accessToken
*
* @return array * @return array
*/ */
protected function getExtraParams(AccessTokenEntityInterface $accessToken) protected function getExtraParams(AccessTokenEntityInterface $accessToken)

1
tests/Grant/AuthCodeGrantTest.php
View File

@ -137,7 +137,6 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest); $this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest);
} }
public function testValidateAuthorizationRequestCodeChallenge() public function testValidateAuthorizationRequestCodeChallenge()
{ {
$client = new ClientEntity(); $client = new ClientEntity();

14
tests/Grant/ImplicitGrantTest.php
View File

@ -9,11 +9,13 @@ use League\OAuth2\Server\Grant\ImplicitGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest; use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\RedirectResponse; use League\OAuth2\Server\ResponseTypes\RedirectResponse;
use LeagueTests\Stubs\AccessTokenEntity; use LeagueTests\Stubs\AccessTokenEntity;
use LeagueTests\Stubs\ClientEntity; use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\CryptTraitStub; use LeagueTests\Stubs\CryptTraitStub;
use LeagueTests\Stubs\ScopeEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity; use LeagueTests\Stubs\UserEntity;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;
@ -86,8 +88,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client); $clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
$grant = new ImplicitGrant(new \DateInterval('PT10M')); $grant = new ImplicitGrant(new \DateInterval('PT10M'));
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -114,8 +122,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client); $clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
$grant = new ImplicitGrant(new \DateInterval('PT10M')); $grant = new ImplicitGrant(new \DateInterval('PT10M'));
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$request = new ServerRequest( $request = new ServerRequest(
[], [],