mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-27 22:13:37 +05:30
Added finalizeScopes method to ScopeRepositoryInterface
This commit is contained in:
parent
a698a4da7e
commit
b5b5d9f347
@ -190,6 +190,10 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
|||||||
|
|
||||||
// THe user approved the client, redirect them back with an auth code
|
// THe user approved the client, redirect them back with an auth code
|
||||||
if ($userHasApprovedClient === true) {
|
if ($userHasApprovedClient === true) {
|
||||||
|
|
||||||
|
// Finalize the requested scopes
|
||||||
|
$scopes = $this->scopeRepository->finalizeScopes($scopes, $client, $userId);
|
||||||
|
|
||||||
$authCode = $this->issueAuthCode(
|
$authCode = $this->issueAuthCode(
|
||||||
$this->authCodeTTL,
|
$this->authCodeTTL,
|
||||||
$client,
|
$client,
|
||||||
|
@ -30,6 +30,9 @@ class ClientCredentialsGrant extends AbstractGrant
|
|||||||
$client = $this->validateClient($request);
|
$client = $this->validateClient($request);
|
||||||
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
|
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
|
||||||
|
|
||||||
|
// Finalize the requested scopes
|
||||||
|
$scopes = $this->scopeRepository->finalizeScopes($scopes, $client);
|
||||||
|
|
||||||
// Issue and persist access token
|
// Issue and persist access token
|
||||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);
|
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);
|
||||||
|
|
||||||
|
@ -189,6 +189,10 @@ class ImplicitGrant extends AbstractAuthorizeGrant
|
|||||||
|
|
||||||
// THe user approved the client, redirect them back with an access token
|
// THe user approved the client, redirect them back with an access token
|
||||||
if ($userHasApprovedClient === true) {
|
if ($userHasApprovedClient === true) {
|
||||||
|
|
||||||
|
// Finalize the requested scopes
|
||||||
|
$scopes = $this->scopeRepository->finalizeScopes($scopes, $client, $userId);
|
||||||
|
|
||||||
$accessToken = $this->issueAccessToken(
|
$accessToken = $this->issueAccessToken(
|
||||||
$accessTokenTTL,
|
$accessTokenTTL,
|
||||||
$client,
|
$client,
|
||||||
|
@ -51,7 +51,10 @@ class PasswordGrant extends AbstractGrant
|
|||||||
// Validate request
|
// Validate request
|
||||||
$client = $this->validateClient($request);
|
$client = $this->validateClient($request);
|
||||||
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
|
$scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
|
||||||
$user = $this->validateUser($request, $client, $scopes);
|
$user = $this->validateUser($request, $client);
|
||||||
|
|
||||||
|
// Finalize the requested scopes
|
||||||
|
$scopes = $this->scopeRepository->finalizeScopes($scopes, $client, $user->getIdentifier());
|
||||||
|
|
||||||
// Issue and persist new tokens
|
// Issue and persist new tokens
|
||||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
|
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
|
||||||
@ -67,13 +70,12 @@ class PasswordGrant extends AbstractGrant
|
|||||||
/**
|
/**
|
||||||
* @param \Psr\Http\Message\ServerRequestInterface $request
|
* @param \Psr\Http\Message\ServerRequestInterface $request
|
||||||
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
|
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
|
||||||
* @param ScopeEntityInterface[] $scopes
|
|
||||||
*
|
*
|
||||||
* @throws \League\OAuth2\Server\Exception\OAuthServerException
|
* @throws \League\OAuth2\Server\Exception\OAuthServerException
|
||||||
*
|
*
|
||||||
* @return \League\OAuth2\Server\Entities\Interfaces\UserEntityInterface
|
* @return \League\OAuth2\Server\Entities\Interfaces\UserEntityInterface
|
||||||
*/
|
*/
|
||||||
protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client, array &$scopes)
|
protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client)
|
||||||
{
|
{
|
||||||
$username = $this->getRequestParameter('username', $request);
|
$username = $this->getRequestParameter('username', $request);
|
||||||
if (is_null($username)) {
|
if (is_null($username)) {
|
||||||
@ -89,8 +91,7 @@ class PasswordGrant extends AbstractGrant
|
|||||||
$username,
|
$username,
|
||||||
$password,
|
$password,
|
||||||
$this->getIdentifier(),
|
$this->getIdentifier(),
|
||||||
$client,
|
$client
|
||||||
$scopes
|
|
||||||
);
|
);
|
||||||
if (!$user instanceof UserEntityInterface) {
|
if (!$user instanceof UserEntityInterface) {
|
||||||
$this->getEmitter()->emit(new RequestEvent('user.authentication.failed', $request));
|
$this->getEmitter()->emit(new RequestEvent('user.authentication.failed', $request));
|
||||||
|
@ -10,6 +10,9 @@
|
|||||||
*/
|
*/
|
||||||
namespace League\OAuth2\Server\Repositories;
|
namespace League\OAuth2\Server\Repositories;
|
||||||
|
|
||||||
|
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
|
||||||
|
use League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Scope interface.
|
* Scope interface.
|
||||||
*/
|
*/
|
||||||
@ -25,4 +28,16 @@ interface ScopeRepositoryInterface extends RepositoryInterface
|
|||||||
* @return \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface
|
* @return \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface
|
||||||
*/
|
*/
|
||||||
public function getScopeEntityByIdentifier($identifier, $grantType, $clientId = null);
|
public function getScopeEntityByIdentifier($identifier, $grantType, $clientId = null);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a client and user validate the set of scopes requested are valid and optionally
|
||||||
|
* append additional scopes or remove requested scopes.
|
||||||
|
*
|
||||||
|
* @param ScopeEntityInterface[] $scopes
|
||||||
|
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $clientEntity
|
||||||
|
* @param null|string $userIdentifier
|
||||||
|
*
|
||||||
|
* @return \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface[]
|
||||||
|
*/
|
||||||
|
public function finalizeScopes(array $scopes = [], ClientEntityInterface $clientEntity, $userIdentifier = null);
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user