ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-27 09:12:13 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #656 from thephpleague/issue-650-fix

Browse Source 
Fix for #650
This commit is contained in:
Alex Bilbie 2016-09-19 10:19:05 +01:00 committed by GitHub
commit a798cfdc5d
12 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
examples/public/api.php
View File

@ -31,7 +31,6 @@ $app->add(
$app->get( $app->get(
'/users', '/users',
function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
$users = [ $users = [
[ [
'id' => 123, 'id' => 123,
@ -70,4 +69,4 @@ $app->get(
} }
); );
$app->run(); $app->run();

4
examples/public/client_credentials.php
View File

@ -30,9 +30,9 @@ $app = new App([
$accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface
// Path to public and private keys // Path to public and private keys
$privateKey = 'file://'.__DIR__.'/../private.key'; $privateKey = 'file://' . __DIR__ . '/../private.key';
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase //$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
$publicKey = 'file://'.__DIR__.'/../public.key'; $publicKey = 'file://' . __DIR__ . '/../public.key';
// Setup the authorization server // Setup the authorization server
$server = new AuthorizationServer( $server = new AuthorizationServer(

8
examples/public/password.php
View File

@ -23,8 +23,8 @@ $app = new App([
new ClientRepository(), // instance of ClientRepositoryInterface new ClientRepository(), // instance of ClientRepositoryInterface
new AccessTokenRepository(), // instance of AccessTokenRepositoryInterface new AccessTokenRepository(), // instance of AccessTokenRepositoryInterface
new ScopeRepository(), // instance of ScopeRepositoryInterface new ScopeRepository(), // instance of ScopeRepositoryInterface
'file://'.__DIR__.'/../private.key', // path to private key 'file://' . __DIR__ . '/../private.key', // path to private key
'file://'.__DIR__.'/../public.key' // path to public key 'file://' . __DIR__ . '/../public.key' // path to public key
); );
$grant = new PasswordGrant( $grant = new PasswordGrant(
@ -54,19 +54,17 @@ $app->post(
// Try to respond to the access token request // Try to respond to the access token request
return $server->respondToAccessTokenRequest($request, $response); return $server->respondToAccessTokenRequest($request, $response);
} catch (OAuthServerException $exception) { } catch (OAuthServerException $exception) {
// All instances of OAuthServerException can be converted to a PSR-7 response // All instances of OAuthServerException can be converted to a PSR-7 response
return $exception->generateHttpResponse($response); return $exception->generateHttpResponse($response);
} catch (\Exception $exception) { } catch (\Exception $exception) {
// Catch unexpected exceptions // Catch unexpected exceptions
$body = $response->getBody(); $body = $response->getBody();
$body->write($exception->getMessage()); $body->write($exception->getMessage());
return $response->withStatus(500)->withBody($body);
return $response->withStatus(500)->withBody($body);
} }
} }
); );

2
examples/src/Repositories/ScopeRepository.php
View File

@ -54,7 +54,7 @@ class ScopeRepository implements ScopeRepositoryInterface
$scope->setIdentifier('email'); $scope->setIdentifier('email');
$scopes[] = $scope; $scopes[] = $scope;
} }
return $scopes; return $scopes;
} }
} }

2
src/AuthorizationValidators/BearerTokenValidator.php
View File

@ -75,7 +75,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
} catch (\InvalidArgumentException $exception) { } catch (\InvalidArgumentException $exception) {
// JWT couldn't be parsed so return the request as is // JWT couldn't be parsed so return the request as is
throw OAuthServerException::accessDenied($exception->getMessage()); throw OAuthServerException::accessDenied($exception->getMessage());
} catch(\RuntimeException $exception){ } catch (\RuntimeException $exception) {
//JWR couldn't be parsed so return the request as is //JWR couldn't be parsed so return the request as is
throw OAuthServerException::accessDenied('Error while decoding to JSON'); throw OAuthServerException::accessDenied('Error while decoding to JSON');
} }

1
src/Exception/UniqueTokenIdentifierConstraintViolationException.php
View File

@ -9,7 +9,6 @@
namespace League\OAuth2\Server\Exception; namespace League\OAuth2\Server\Exception;
class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException
{ {
public static function create() public static function create()

3
src/Grant/AbstractGrant.php
View File

@ -345,6 +345,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$accessToken->setIdentifier($this->generateUniqueIdentifier()); $accessToken->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->accessTokenRepository->persistNewAccessToken($accessToken); $this->accessTokenRepository->persistNewAccessToken($accessToken);
return $accessToken; return $accessToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {
@ -391,6 +392,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$authCode->setIdentifier($this->generateUniqueIdentifier()); $authCode->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->authCodeRepository->persistNewAuthCode($authCode); $this->authCodeRepository->persistNewAuthCode($authCode);
return $authCode; return $authCode;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {
@ -420,6 +422,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$refreshToken->setIdentifier($this->generateUniqueIdentifier()); $refreshToken->setIdentifier($this->generateUniqueIdentifier());
try { try {
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken); $this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
return $refreshToken; return $refreshToken;
} catch (UniqueTokenIdentifierConstraintViolationException $e) { } catch (UniqueTokenIdentifierConstraintViolationException $e) {
if ($maxGenerationAttempts === 0) { if ($maxGenerationAttempts === 0) {

7
src/Grant/ImplicitGrant.php
View File

@ -151,6 +151,13 @@ class ImplicitGrant extends AbstractAuthorizeGrant
: $client->getRedirectUri() : $client->getRedirectUri()
); );
// Finalize the requested scopes
$scopes = $this->scopeRepository->finalizeScopes(
$scopes,
$this->getIdentifier(),
$client
);
$stateParameter = $this->getQueryStringParameter('state', $request); $stateParameter = $this->getQueryStringParameter('state', $request);
$authorizationRequest = new AuthorizationRequest(); $authorizationRequest = new AuthorizationRequest();

2
src/RequestTypes/AuthorizationRequest.php
View File

@ -66,12 +66,14 @@ class AuthorizationRequest
/** /**
* The code challenge (if provided) * The code challenge (if provided)
*
* @var string * @var string
*/ */
protected $codeChallenge; protected $codeChallenge;
/** /**
* The code challenge method (if provided) * The code challenge method (if provided)
*
* @var string * @var string
*/ */
protected $codeChallengeMethod; protected $codeChallengeMethod;

1
src/ResponseTypes/BearerTokenResponse.php
View File

@ -68,6 +68,7 @@ class BearerTokenResponse extends AbstractResponseType
* this class rather than the default. * this class rather than the default.
* *
* @param AccessTokenEntityInterface $accessToken * @param AccessTokenEntityInterface $accessToken
*
* @return array * @return array
*/ */
protected function getExtraParams(AccessTokenEntityInterface $accessToken) protected function getExtraParams(AccessTokenEntityInterface $accessToken)

1
tests/Grant/AuthCodeGrantTest.php
View File

@ -137,7 +137,6 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest); $this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest);
} }
public function testValidateAuthorizationRequestCodeChallenge() public function testValidateAuthorizationRequestCodeChallenge()
{ {
$client = new ClientEntity(); $client = new ClientEntity();

14
tests/Grant/ImplicitGrantTest.php
View File

@ -9,11 +9,13 @@ use League\OAuth2\Server\Grant\ImplicitGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest; use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\RedirectResponse; use League\OAuth2\Server\ResponseTypes\RedirectResponse;
use LeagueTests\Stubs\AccessTokenEntity; use LeagueTests\Stubs\AccessTokenEntity;
use LeagueTests\Stubs\ClientEntity; use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\CryptTraitStub; use LeagueTests\Stubs\CryptTraitStub;
use LeagueTests\Stubs\ScopeEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity; use LeagueTests\Stubs\UserEntity;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;
@ -86,8 +88,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client); $clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
$grant = new ImplicitGrant(new \DateInterval('PT10M')); $grant = new ImplicitGrant(new \DateInterval('PT10M'));
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -114,8 +122,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client); $clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
$grant = new ImplicitGrant(new \DateInterval('PT10M')); $grant = new ImplicitGrant(new \DateInterval('PT10M'));
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$request = new ServerRequest( $request = new ServerRequest(
[], [],