mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-16 02:03:16 +05:30
Merge branch 'release/3.2'
This commit is contained in:
commit
e8aeaf0777
@ -1,5 +1,9 @@
|
||||
# Changelog
|
||||
|
||||
## 3.2 (released 2014-04-16)
|
||||
|
||||
* Added the ability to change the algorithm that is used to generate the token strings (Issue #151)
|
||||
|
||||
## 3.1.2 (released 2014-02-26)
|
||||
|
||||
* Support Authorization being an environment variable. [See more](http://fortrabbit.com/docs/essentials/quirks-and-constraints#authorization-header)
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "league/oauth2-server",
|
||||
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
|
||||
"version": "3.1.2",
|
||||
"version": "3.2",
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"php": ">=5.4.0"
|
||||
|
@ -0,0 +1,38 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Secure key default algorithm
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Util\KeyAlgorithm;
|
||||
|
||||
|
||||
class DefaultAlgorithm implements KeyAlgorithmInterface
|
||||
{
|
||||
/**
|
||||
* @param int $len
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function make($len = 40)
|
||||
{
|
||||
// We generate twice as many bytes here because we want to ensure we have
|
||||
// enough after we base64 encode it to get the length we need because we
|
||||
// take out the "/", "+", and "=" characters.
|
||||
$bytes = openssl_random_pseudo_bytes($len * 2, $strong);
|
||||
|
||||
// We want to stop execution if the key fails because, well, that is bad.
|
||||
if ($bytes === false || $strong === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \Exception('Error Generating Key');
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
|
||||
return substr(str_replace(array('/', '+', '='), '', base64_encode($bytes)), 0, $len);
|
||||
}
|
||||
}
|
@ -0,0 +1,18 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Key algorithm interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Util\KeyAlgorithm;
|
||||
|
||||
|
||||
interface KeyAlgorithmInterface
|
||||
{
|
||||
public function make($len = 40);
|
||||
}
|
@ -11,11 +11,16 @@
|
||||
|
||||
namespace League\OAuth2\Server\Util;
|
||||
|
||||
use League\OAuth2\Server\Util\KeyAlgorithm\DefaultAlgorithm;
|
||||
use League\OAuth2\Server\Util\KeyAlgorithm\KeyAlgorithmInterface;
|
||||
|
||||
/**
|
||||
* SecureKey class
|
||||
*/
|
||||
class SecureKey
|
||||
{
|
||||
protected static $algorithm;
|
||||
|
||||
/**
|
||||
* Generate a new unique code
|
||||
* @param integer $len Length of the generated code
|
||||
@ -23,18 +28,27 @@ class SecureKey
|
||||
*/
|
||||
public static function make($len = 40)
|
||||
{
|
||||
// We generate twice as many bytes here because we want to ensure we have
|
||||
// enough after we base64 encode it to get the length we need because we
|
||||
// take out the "/", "+", and "=" characters.
|
||||
$bytes = openssl_random_pseudo_bytes($len * 2, $strong);
|
||||
return self::getAlgorithm()->make($len);
|
||||
}
|
||||
|
||||
// We want to stop execution if the key fails because, well, that is bad.
|
||||
if ($bytes === false || $strong === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \Exception('Error Generating Key');
|
||||
// @codeCoverageIgnoreEnd
|
||||
/**
|
||||
* @param KeyAlgorithmInterface $algorithm
|
||||
*/
|
||||
public static function setAlgorithm(KeyAlgorithmInterface $algorithm)
|
||||
{
|
||||
self::$algorithm = $algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return KeyAlgorithmInterface
|
||||
*/
|
||||
public static function getAlgorithm()
|
||||
{
|
||||
if (!self::$algorithm) {
|
||||
|
||||
self::$algorithm = new DefaultAlgorithm();
|
||||
}
|
||||
|
||||
return substr(str_replace(array('/', '+', '='), '', base64_encode($bytes)), 0, $len);
|
||||
return self::$algorithm;
|
||||
}
|
||||
}
|
@ -12,4 +12,21 @@ class Secure_Key_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertTrue($v1 !== $v2);
|
||||
$this->assertEquals(50, strlen($v3));
|
||||
}
|
||||
|
||||
public function test_make_with_different_algorithm()
|
||||
{
|
||||
$algorithm = $this->getMock('League\OAuth2\Server\Util\KeyAlgorithm\KeyAlgorithmInterface');
|
||||
|
||||
$result = 'dasdsdsaads';
|
||||
$algorithm
|
||||
->expects($this->once())
|
||||
->method('make')
|
||||
->with(11)
|
||||
->will($this->returnValue($result))
|
||||
;
|
||||
|
||||
League\OAuth2\Server\Util\SecureKey::setAlgorithm($algorithm);
|
||||
$this->assertSame($algorithm, League\OAuth2\Server\Util\SecureKey::getAlgorithm());
|
||||
$this->assertEquals($result, League\OAuth2\Server\Util\SecureKey::make(11));
|
||||
}
|
||||
}
|
22
tests/util/key_algorithm/DefaultAlgorithmTest.php
Normal file
22
tests/util/key_algorithm/DefaultAlgorithmTest.php
Normal file
@ -0,0 +1,22 @@
|
||||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: jderay
|
||||
* Date: 3/11/14
|
||||
* Time: 12:31 PM
|
||||
*/
|
||||
|
||||
class Default_Algorithm_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function test_make()
|
||||
{
|
||||
$algorithm = new League\OAuth2\Server\Util\KeyAlgorithm\DefaultAlgorithm();
|
||||
$v1 = $algorithm->make();
|
||||
$v2 = $algorithm->make();
|
||||
$v3 = $algorithm->make(50);
|
||||
|
||||
$this->assertEquals(40, strlen($v1));
|
||||
$this->assertTrue($v1 !== $v2);
|
||||
$this->assertEquals(50, strlen($v3));
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user