diff --git a/src/League/OAuth2/Server/AbstractServer.php b/src/League/OAuth2/Server/AbstractServer.php new file mode 100644 index 00000000..3cf125ef --- /dev/null +++ b/src/League/OAuth2/Server/AbstractServer.php @@ -0,0 +1,73 @@ + + * @copyright Copyright (c) PHP League of Extraordinary Packages + * @license http://mit-license.org/ + * @link http://github.com/php-loep/oauth2-server + */ + +namespace League\OAuth2\Server; + +use Symfony\Component\HttpFoundation\Request; + +/** + * OAuth 2.0 Resource Server + */ + +abstract class AbstractServer +{ + /** + * The request object + * + * @var Util\RequestInterface + */ + protected $request; + + /** + * Storage classes + * @var array + */ + protected $storages = []; + + /** + * Sets the Request Object + * @param \Symfony\Component\HttpFoundation\Request The Request Object + * @return self + */ + public function setRequest(Request $request) + { + $this->request = $request; + return $this; + } + + /** + * Gets the Request object. It will create one from the globals if one is not set. + * @return \Symfony\Component\HttpFoundation\Request + */ + public function getRequest() + { + if ($this->request === null) { + $this->request = \Symfony\Component\HttpFoundation\Request::createFromGlobals(); + } + + return $this->request; + } + + /** + * Return a storage class + * @param string $obj The class required + * @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface + */ + public function getStorage($obj) + { + if (!isset($this->storages[$obj])) { + throw new ServerException( + 'The `'.$obj.'` storage interface has not been registered with the authorization server' + ); + } + return $this->storages[$obj]; + } +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Authorization.php b/src/League/OAuth2/Server/Authorization.php index 3f3342b0..ad5ff2f5 100644 --- a/src/League/OAuth2/Server/Authorization.php +++ b/src/League/OAuth2/Server/Authorization.php @@ -28,7 +28,7 @@ use Symfony\Component\HttpFoundation\Request; /** * OAuth 2.0 authorization server class */ -class Authorization +class Authorization extends AbstractServer { /** * The delimeter between scopes specified in the scope query string parameter @@ -49,12 +49,6 @@ class Authorization */ protected $responseTypes = []; - /** - * The client, scope and session storage classes - * @var array - */ - protected $storages = []; - /** * The registered grant types * @var array @@ -71,7 +65,7 @@ class Authorization * Default scope(s) to be used if none is provided * @var string|array */ - protected $defaultScope = null; + protected $defaultScope; /** * Require the "state" parameter to be in checkAuthoriseParams() @@ -79,12 +73,6 @@ class Authorization */ protected $requireStateParam = false; - /** - * The request object - * @var Util\RequestInterface - */ - protected $request = null; - /** * Exception error codes * @var array @@ -444,45 +432,6 @@ class Authorization return $this; } - /** - * Sets the Request Object - * @param \Symfony\Component\HttpFoundation\Request The Request Object - * @return self - */ - public function setRequest(Request $request) - { - $this->request = $request; - return $this; - } - - /** - * Gets the Request object. It will create one from the globals if one is not set. - * @return \Symfony\Component\HttpFoundation\Request - */ - public function getRequest() - { - if ($this->request === null) { - $this->request = \Symfony\Component\HttpFoundation\Request::createFromGlobals(); - } - - return $this->request; - } - - /** - * Return a storage class - * @param string $obj The class required - * @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface - */ - public function getStorage($obj) - { - if (!isset($this->storages[$obj])) { - throw new ServerException( - 'The `'.$obj.'` storage interface has not been registered with the authorization server' - ); - } - return $this->storages[$obj]; - } - /** * Issue an access token * @return array Authorise request parameters diff --git a/src/League/OAuth2/Server/Resource.php b/src/League/OAuth2/Server/Resource.php index 1e2ea1f4..028c7f9e 100644 --- a/src/League/OAuth2/Server/Resource.php +++ b/src/League/OAuth2/Server/Resource.php @@ -11,134 +11,78 @@ namespace League\OAuth2\Server; -use League\OAuth2\Server\Storage\SessionInterface; -use League\OAuth2\Server\Storage\AccessTokenInterface; +use League\OAuth2\Server\Storage\StorageWrapper; use League\OAuth2\Server\Storage\ClientInterface; +use League\OAuth2\Server\Storage\AccessTokenInterface; +use League\OAuth2\Server\Storage\AuthCodeInterface; +use League\OAuth2\Server\Storage\SessionInterface; +use League\OAuth2\Server\Storage\ScopeInterface; use Symfony\Component\HttpFoundation\Request; /** * OAuth 2.0 Resource Server */ -class Resource +class Resource extends AbstractServer { /** * The access token - * * @var League\OAuth2\Server\AccessToken */ - protected $accessToken = null; - - /** - * The session - * - * @var \League\OAuth2\Server\Session - */ - protected $session = null; - - /** - * The request object - * - * @var Util\RequestInterface - */ - protected $request = null; + protected $accessToken; /** * The query string key which is used by clients to present the access token (default: access_token) - * * @var string */ protected $tokenKey = 'access_token'; - /** - * The client ID - * - * @var League\OAuth2\Server\Client - */ - protected $client = null; - - /** - * Session storage - * - * @var League\OAuth2\Server\Storage\SessionInterface - */ - protected $sessionStorage = null; - - /** - * Access token storage - * - * @var League\OAuth2\Server\Storage\AccessTokenInterface - */ - protected $accessTokenStorage = null; - - /** - * Client storage - * - * @var League\OAuth2\Server\Storage\ClientInterface - */ - protected $clientStorage = null; - /** * Initialise the resource server - * - * @param SessionInterface $sessionStorage [description] - * @param AccessTokenInteface $accessTokenStorage [description] - * @param ClientInterface $clientStorage [description] - * + * @param SessionInterface $sessionStorage + * @param AccessTokenInteface $accessTokenStorage + * @param ClientInterface $clientStorage + * @param ScopeInterface $scopeStorage * @return self */ public function __construct( SessionInterface $sessionStorage, - AccessTokenInteface $accessTokenStorage, - ClientInterface $clientStorage + AccessTokenInterface $accessTokenStorage, + ClientInterface $clientStorage, + ScopeInterface $scopeStorage ) { - $this->sessionStorage = $sessionStorage; - $this->accessTokenStorage = $accessTokenStorage; - $this->clientStorage = $clientStorage; + $this->setStorage('session', $sessionStorage); + $this->setStorage('access_token', $accessTokenStorage); + $this->setStorage('client', $clientStorage); + $this->setStorage('scope', $scopeStorage); + return $this; } /** - * Sets the Request Object - * - * @param \Symfony\Component\HttpFoundation\Request The Request Object - * + * Set the storage + * @param string $type Storage type + * @param mixed $storage Storage class * @return self */ - public function setRequest(Request $request) + protected function setStorage($type, $storage) { - $this->request = $request; + $storage->setServer($this); + $this->storages[$type] = $storage; return $this; } - /** - * Gets the Request object. It will create one from the globals if one is not set. - * - * @return \Symfony\Component\HttpFoundation\Request - */ - public function getRequest() - { - if ($this->request = null) { - return Symfony\Component\HttpFoundation\Request::createFromGlobals(); - } - - return $this->request; - } - /** * Returns the query string key for the access token. - * * @return string */ public function getTokenKey() { - return $this->tokenKey; + return $this->accessToken->getToken(); } /** * Sets the query string key for the access token. - * * @param $key The new query string key - * * @return self */ public function setTokenKey($key) @@ -149,105 +93,61 @@ class Resource /** * Gets the access token owner ID - * * @return string */ public function getOwnerId() { - return $this->session->getOwnerId(); + return $this->accessToken->getSession()->getOwnerId(); } /** * Gets the owner type - * * @return string */ public function getOwnerType() { - return $this->session->getOwnerType(); + return $this->accessToken->getSession()->getOwnerType(); } /** * Gets the access token - * * @return string */ public function getAccessToken() { - return $this->accessToken->getId(); + return $this->accessToken->getToken(); } /** * Gets the client ID that created the session - * * @return string */ public function getClientId() { - return $this->client->getId(); + return $this->accessToken->getSession()->getClient()->getId(); } /** * Checks if the access token is valid or not - * * @param $headersOnly Limit Access Token to Authorization header only - * * @return bool */ public function isValid($headersOnly = false) { try { - $accessToken = $this->determineAccessToken($headersOnly); + $accessTokenString = $this->determineAccessToken($headersOnly); } catch (Exception $e) { return false; } // Set the access token - $tokenResult = $this->accessTokenStorage->getToken($accessToken); - if ($tokenResult === null) { - return false; - } + $this->accessToken = $this->storages['access_token']->get($accessTokenString); - $accessToken = new AccessToken; - $accessToken->setId($token); - $accessToken->setTTL($tokenResult['ttl']); - $accessToken->setTimestamp($tokenResult['created']); - - $scopes = $this->accessTokenStorage->getTokenScopes($token); - foreach ($scopes as $scope => $details) { - $accessToken->associateScope($scope, $details); - } - - $this->accessToken = $accessToken; - - // Set the session - $sessionResult = $this->sessionStorage->getSession($tokenResult['session_id']); - if ($sessionResult === null) { - return false; - } - - $session = new Session(); - $session->setOwner($sessionResult['owner_type'], $sessionResult['owner_id']); - - $this->session = $session; - - // Set the client - $clientResult = $this->clientStorage->getClient($sessionResult['client_id']); - if ($clientResult === null) { - return false; - } - - $client = new Client(); - $client->setCredentials($clientResult['client_id'], $clientResult['client_secret']); - - $this->client = $client; - - return true; + return ($this->accessToken instanceof AccessToken); } /** * Get the session scopes - * * @return array */ public function getScopes() @@ -262,25 +162,13 @@ class Resource */ public function hasScope($scopes) { - if (is_string($scopes)) { - return $this->accessToken->hasScope($scopes); - } elseif (is_array($scopes)) { - foreach ($scopes as $scope) { - if (!$this->accessToken->hasScope($scope)) { - return false; - } - } - return true; - } + return $this->accessToken->hasScope($scopes); } /** * Reads in the access token from the headers - * * @param $headersOnly Limit Access Token to Authorization header only - * * @throws Exception\MissingAccessTokenException Thrown if there is no access token presented - * * @return string */ public function determineAccessToken($headersOnly = false)