ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 01:36:02 +05:30
Code Issues Packages Projects Releases Wiki Activity

Fix #231

Browse Source
This commit is contained in:
Alex Bilbie 2014-11-08 16:44:39 +00:00
parent 856051bfb3
commit b9debaab26
7 changed files with 80 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/relational/Storage/AccessTokenStorage.php
View File

@ -20,7 +20,6 @@ class AccessTokenStorage extends Adapter implements AccessTokenInterface
{
$result = Capsule::table('oauth_access_tokens')
->where('access_token', $token)
->where('expire_time', '>=', time())
->get();
if (count($result) === 1) {

1
examples/relational/Storage/RefreshTokenStorage.php
View File

@ -17,7 +17,6 @@ class RefreshTokenStorage extends Adapter implements RefreshTokenInterface
{
$result = Capsule::table('oauth_refresh_tokens')
->where('refresh_token', $token)
->where('expire_time', '>=', time())
->get();
if (count($result) === 1) {

9
src/Entity/AbstractTokenEntity.php
View File

@ -96,6 +96,15 @@ abstract class AbstractTokenEntity
return $this->expireTime;
}
/**
* Is the token expired?
* @return bool
*/
public function isExpired()
{
return ((time() - $this->expireTime) > 0);
}
/**
* Set token ID
* @param string $token Token ID

5
src/Grant/AuthCodeGrant.php
View File

@ -209,6 +209,11 @@ class AuthCodeGrant extends AbstractGrant
throw new Exception\InvalidRequestException('code');
}
// Ensure the auth code hasn't expired
if ($code->isExpired() === true) {
throw new Exception\InvalidRequestException('code');
}
// Check redirect URI presented matches redirect URI originally used in authorize request
if ($code->getRedirectUri() !== $redirectUri) {
throw new Exception\InvalidRequestException('redirect_uri');

7
src/ResourceServer.php
View File

@ -99,10 +99,17 @@ class ResourceServer extends AbstractServer
// Set the access token
$this->accessToken = $this->getAccessTokenStorage()->get($accessTokenString);
// Ensure the access token exists
if (!$this->accessToken instanceof AccessTokenEntity) {
throw new Exception\AccessDeniedException;
}
// Check the access token hasn't expired
// Ensure the auth code hasn't expired
if ($this->accessToken->isExpired() === true) {
throw new Exception\AccessDeniedException;
}
return true;
}

4
tests/unit/Grant/AuthCodeGrantTest.php
View File

@ -551,7 +551,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('delete');
$authCodeStorage->shouldReceive('get')->andReturn(
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')->setExpireTime(time() + 300)
);
$authCodeStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
@ -622,7 +622,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('delete');
$authCodeStorage->shouldReceive('get')->andReturn(
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')->setExpireTime(time() + 300)
);
$authCodeStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->hydrate(['id' => 'foo'])

58
tests/unit/ResourceServerTest.php
View File

@ -142,7 +142,7 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
});
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))->setId('abcdef')
(new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() + 300)
);
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
@ -167,4 +167,60 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
$this->assertTrue($server->isValidRequest());
$this->assertEquals('abcdef', $server->getAccessToken());
}
/**
* @expectedException League\OAuth2\Server\Exception\AccessDeniedException
*/
public function testIsValidExpiredToken()
{
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$server = new ResourceServer(
$sessionStorage,
$accessTokenStorage,
$clientStorage,
$scopeStorage
);
$server->setIdKey('at');
$server->addEventListener('session.owner', function($event) {
$this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity);
});
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() - 300)
);
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->hydrate(['id' => 'foo']),
(new ScopeEntity($server))->hydrate(['id' => 'bar'])
]);
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
(new SessionEntity($server))->setId('foobar')->setOwner('user', 123)
);
$clientStorage->shouldReceive('getBySession')->andReturn(
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$request = new \Symfony\Component\HttpFoundation\Request();
$request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([
'Authorization' => 'Bearer abcdef'
]);
$server->setRequest($request);
$server->isValidRequest();
}
}