oauth2-server

mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-26 15:00:19 +05:30

Author	SHA1	Message	Date
Alex Bilbie	3b36ae9000	Rewrote validateClient method to progressively test client secret and redirect URI	2016-02-18 10:49:05 +00:00
Alex Bilbie	7f67000d53	Provided implementation of new client entity methods	2016-02-18 10:48:23 +00:00
Alex Bilbie	de000b72a4	Updated ClientEntityInterface with additional methods	2016-02-18 10:48:12 +00:00
Alex Bilbie	0d8cb0d06f	Fixes for RefreshTokenGrant	2016-02-18 10:47:30 +00:00
Alex Bilbie	fc53d636f5	Updated getClientEntity now just requires the client ID and the grant type	2016-02-18 10:47:06 +00:00
Julián Gutiérrez	dbcaaa1f35	rename determineAccessTokenInHeader	2016-02-13 14:38:23 +01:00
Julián Gutiérrez	5d6634aa9f	Merge branch 'V5-WIP' into move_identifier_generation	2016-02-13 14:11:38 +01:00
Julián Gutiérrez	099c9ce41b	move token identifier generation	2016-02-13 14:07:09 +01:00
Alex Bilbie	335630f150	Added code coverage ignore docblocks	2016-02-12 18:08:27 +00:00
Alex Bilbie	e20c529f39	Added isExpired method to refresh token	2016-02-12 17:53:42 +00:00
Alex Bilbie	7f2fd69d0a	Removed respondsWith from interface	2016-02-12 17:52:37 +00:00
Alex Bilbie	29068dd84c	Removed responseWith method	2016-02-12 17:51:59 +00:00
Alex Bilbie	9a8b7ec898	Removed old codecept tests	2016-02-12 17:46:30 +00:00
Julián Gutiérrez	1f6bb40952	correcting param access mistake	2016-02-12 18:45:47 +01:00
Julián Gutiérrez	2f914a0aa3	secure params access on authcode grant	2016-02-12 18:32:09 +01:00
Julián Gutiérrez	95e3c1d1a2	Merge branch 'V5-WIP' into secure_body_params_access	2016-02-12 17:10:52 +01:00
Alex Bilbie	655f6b9771	Merge pull request #445 from juliangut/abstract_token_validation V5 - Abstract access token validation	2016-02-12 14:31:18 +00:00
Alex Bilbie	d95958bae4	Small fixes	2016-02-12 14:28:24 +00:00
Alex Bilbie	85b9412813	Multiple fixes	2016-02-12 14:18:52 +00:00
Alex Bilbie	1a5030200a	The response may be a PSR response which is valid	2016-02-12 14:18:45 +00:00
Alex Bilbie	796106b6c1	Fix for non-imported namespace	2016-02-12 14:18:34 +00:00
Alex Bilbie	4234b69f3a	Fix for method calls	2016-02-12 14:18:10 +00:00
Alex Bilbie	0115c41eea	Numerous bug fixes	2016-02-12 13:32:58 +00:00
Julián Gutiérrez	f314154216	abstract access token validation	2016-02-12 14:19:47 +01:00
Alex Bilbie	5e326d9e45	First commit of respondToAccessTokenRequest	2016-02-12 13:01:25 +00:00
Julián Gutiérrez	d2760e4ec7	secure access to body params	2016-02-12 13:56:14 +01:00
Alex Bilbie	2025749fa4	Updated `respondToAuthorizationRequest` to use Plates templates instead of custom ResponseType	2016-02-12 11:55:41 +00:00
Alex Bilbie	1c913fe75e	Added default basic HTML login + authorise templates	2016-02-12 11:32:09 +00:00
Alex Bilbie	ac9955b393	Removed response type interfaces for auth code login + authorize because they were a stupid idea	2016-02-12 11:30:59 +00:00
Alex Bilbie	fccb06ed67	First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed	2016-02-12 10:01:15 +00:00
Alex Bilbie	f29703ea24	Updated Docblock	2016-02-12 10:00:41 +00:00
Alex Bilbie	dcc3f5d856	First commit of new ResponseTypes	2016-02-12 10:00:32 +00:00
Alex Bilbie	264eba9f20	Updated AuthCodeRepositoryInterface	2016-02-12 10:00:22 +00:00
Alex Bilbie	c2c199cf98	Added issueAuthCode method	2016-02-12 10:00:10 +00:00
Alex Bilbie	0b6bcad9fb	Added getCookieParameter method	2016-02-12 09:59:59 +00:00
Alex Bilbie	38a7e53cb5	Added optional redirectUri parameter to accessDenied method	2016-02-12 09:59:47 +00:00
Alex Bilbie	f4b83baf74	Fix getClientEntity method call	2016-02-12 09:09:39 +00:00
Alex Bilbie	5a08a0cbe2	Merge branch 'V5-WIP' into V5-AuthCode # Conflicts: # src/Grant/AbstractGrant.php	2016-02-12 09:06:28 +00:00
Alex Bilbie	7a628409db	Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri	2016-02-12 09:03:35 +00:00
Alex Bilbie	c6d806d3f7	Docblock updates	2016-02-12 09:02:33 +00:00
Alex Bilbie	bfcf7af4d8	Added getQueryStringParameter method	2016-02-12 09:02:17 +00:00
Alex Bilbie	d96f57d27f	Got rid of mystery $identifier class property, moved it to the getIdentifier method	2016-02-12 08:33:59 +00:00
Julián Gutiérrez	8b185e0580	Merge branch 'V5-WIP' into minor_merge	2016-02-12 00:12:56 +01:00
Alex Bilbie	ca776e83a2	Fix for header writing	2016-02-11 17:58:35 +00:00
Alex Bilbie	ddf3f1b890	Merge branch 'V5-WIP' into V5-AuthCode	2016-02-11 17:50:08 +00:00
Alex Bilbie	a40ac5d77b	Minor fixes	2016-02-11 17:49:41 +00:00
Alex Bilbie	4bc89f3fc2	Removed unused import	2016-02-11 17:49:31 +00:00
Alex Bilbie	11d25eb5a1	Removed old exceptions	2016-02-11 17:49:24 +00:00
Alex Bilbie	770bda8f10	Merge pull request #431 from juliangut/redirectUri V5 - use Psr\Http\Message\UriInterface	2016-02-11 17:35:33 +00:00
Alex Bilbie	7a8c92b3d9	Merge pull request #435 from juliangut/exception_middleware V5 - Exception based access token check	2016-02-11 17:34:31 +00:00
Alex Bilbie	92a101f263	First commit of AuthCode rewrite	2016-02-11 17:30:01 +00:00
Julián Gutiérrez	b85f81c429	configurable refresh token TTL per grant	2016-01-21 18:11:53 +01:00
Julián Gutiérrez	8fb64041df	client secret can be null	2016-01-20 12:50:23 +01:00
Julián Gutiérrez	44155a8efc	allow refresh token ttl assign	2016-01-20 12:21:44 +01:00
Julián Gutiérrez	b7b1f56d0c	stream write fix	2016-01-20 10:58:45 +01:00
Julián Gutiérrez	3e5889e93b	minor improvements and documentation fixes	2016-01-20 10:36:16 +01:00
Julián Gutiérrez	ef5904ab1a	exception based determineAccessTokenInHeader	2016-01-20 00:32:59 +01:00
Julián Gutiérrez	94cc7c2bc7	fix server reference	2016-01-20 00:16:12 +01:00
Alex Bilbie	1e1043c04f	Merge pull request #432 from juliangut/middleware V5 - authentication middleware	2016-01-17 19:33:38 +00:00
Julián Gutiérrez	8591fc7686	moved to authentication middleware	2016-01-17 18:40:26 +01:00
Alex Bilbie	86b75edca0	Merge pull request #430 from juliangut/scopedelimiter V5 - remove scopedelimiter parameter	2016-01-17 16:40:55 +00:00
Alex Bilbie	13ddec3283	Fix for PasswordGrant	2016-01-17 16:38:25 +00:00
Alex Bilbie	322caa77af	Fixes for RefreshTokenGrant	2016-01-17 16:35:52 +00:00
Julián Gutiérrez	95634fb390	compound redirect uri with Psr\Http\Message\UriInterface	2016-01-17 17:28:27 +01:00
Alex Bilbie	6beb8d42ff	Replaced SecureKey::generate with random_bytes method	2016-01-17 16:16:01 +00:00
Julián Gutiérrez	6cffbfe33b	remove scopedelimiter parameter	2016-01-17 17:01:08 +01:00
Alex Bilbie	5fcb47d66a	Merge pull request #425 from juliangut/scopes_extraction V5 - normalize validatescopes	2016-01-17 14:59:37 +00:00
Alex Bilbie	8566a128c8	Pass errors back up the chain	2016-01-17 14:56:42 +00:00
Alex Bilbie	419cb6d149	Use first array result	2016-01-17 14:56:35 +00:00
Alex Bilbie	f1d06e7c33	Use the error returned from the response type	2016-01-17 14:56:06 +00:00
Alex Bilbie	212938d1e2	Fixed call to static	2016-01-17 14:55:48 +00:00
Alex Bilbie	cd19f11799	Fixed conversion to response object	2016-01-17 14:55:36 +00:00
Julián Gutiérrez	4862ca7d60	fix conflicts	2016-01-17 15:49:55 +01:00
Alex Bilbie	660378c7b3	Added MAC auth scheme to 401 header	2016-01-17 14:28:13 +00:00
Alex Bilbie	3d08051cbb	Removed default wording as there is no override	2016-01-17 14:23:18 +00:00
Alex Bilbie	0486d93fa3	Removed default wording as there are no overrides	2016-01-17 14:23:02 +00:00
Alex Bilbie	5a8659471c	Public key is set in abstract grant now	2016-01-17 14:21:53 +00:00
Alex Bilbie	f6664c6917	Private and public key paths are injected into grants now	2016-01-17 14:21:35 +00:00
Alex Bilbie	5f22ead287	Updated access denied hint	2016-01-17 14:11:21 +00:00
Alex Bilbie	19b12cda8e	Made getDefaultResponseType public	2016-01-17 14:08:53 +00:00
Alex Bilbie	6c787c374c	First commit of ResourceServerMiddleware	2016-01-17 14:08:42 +00:00
Alex Bilbie	cd68103267	New server constructor	2016-01-17 14:03:41 +00:00
Alex Bilbie	6332ecfa0b	Removed default overrides	2016-01-17 14:03:33 +00:00
Alex Bilbie	e43d95415b	Inject required params into grant type	2016-01-17 14:03:07 +00:00
Alex Bilbie	d755a8c01d	Updated the validation to BearerTokenResponse	2016-01-17 13:57:07 +00:00
Alex Bilbie	c7a904ca40	Added access token repository and public key path as required params to response type constructor	2016-01-17 13:56:46 +00:00
Alex Bilbie	8ee4dc7eb9	Fixed docblock	2016-01-17 13:56:14 +00:00
Alex Bilbie	645f719ee9	Added new repository setter methods to GrantTypeInterface	2016-01-17 13:55:12 +00:00
Alex Bilbie	0cc13630cc	Cody tidy	2016-01-17 13:54:55 +00:00
Alex Bilbie	e21a13c82c	Access token TTL is now configured on a per grant basis	2016-01-17 13:54:39 +00:00
Alex Bilbie	a4ce1e510e	Scope delimiter string is no longer configurable	2016-01-17 13:53:18 +00:00
Alex Bilbie	ad05a5cae6	Scope delimiter is no longer a required parameter	2016-01-17 13:51:56 +00:00
Alex Bilbie	e6cc6c35ec	Scope delimiter string is now a constant	2016-01-17 13:49:53 +00:00
Alex Bilbie	f74bca33ab	Removed parameters that are no longer required	2016-01-17 13:48:40 +00:00
Alex Bilbie	90d9d7bdd6	Required repositories are now set by the server	2016-01-17 13:47:44 +00:00
Julián Gutiérrez	8d8dbaea0c	normalize validatescopes	2016-01-17 14:35:43 +01:00
Alex Bilbie	03391e9630	Removed old access denied exception	2016-01-17 12:58:15 +00:00
Alex Bilbie	7242a8db31	Added access denied exception	2016-01-17 12:58:00 +00:00
Alex Bilbie	f44b618531	Docblock tidy	2016-01-17 12:57:50 +00:00
Alex Bilbie	9e4fd82763	Rewrote RefreshTokenGrant to understand encrypted tokens	2016-01-17 12:56:52 +00:00
Alex Bilbie	0744d8e926	Tidy up	2016-01-17 12:43:20 +00:00
Julián Gutiérrez	44ff8692dc	abstract common grants tasks	2016-01-17 00:41:55 +01:00
Alex Bilbie	dce1620f60	Removed unused imports	2016-01-15 18:37:46 +00:00
Alex Bilbie	bcd84320da	Updated docblocks	2016-01-15 18:37:26 +00:00
Alex Bilbie	a40374e6ec	Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP	2016-01-15 18:36:38 +00:00
Alex Bilbie	748ae15376	Updated docblock	2016-01-15 18:36:34 +00:00
Alex Bilbie	7811721d28	Merge pull request #421 from juliangut/deferred_creation V5 - deferred default objects creation	2016-01-15 18:35:49 +00:00
Alex Bilbie	8f724bb720	Fix immutability issues	2016-01-15 18:32:53 +00:00
Julián Gutiérrez	65d981ad32	allow middleware use	2016-01-15 14:02:47 +01:00
Julián Gutiérrez	3de1b5917a	deferred default objects creation	2016-01-15 12:41:48 +01:00
Alex Bilbie	0fbe447862	Removed old exceptions	2016-01-15 00:17:13 +00:00
Alex Bilbie	84a9802a67	Removed ServerAwareTrait	2016-01-15 00:14:41 +00:00
Alex Bilbie	f7b3c018c5	Removed old authorization server	2016-01-15 00:05:59 +00:00
Alex Bilbie	a88c30cb53	Added invalid refresh token exception	2016-01-14 23:47:49 +00:00
Alex Bilbie	5e6f0fc6a3	Code tidy	2016-01-14 23:47:41 +00:00
Alex Bilbie	b57b497cb7	Revoke both refresh token and access token	2016-01-14 23:47:19 +00:00
Alex Bilbie	0b061e3086	Refresh token is encrypted payload now instead of JWT	2016-01-14 23:47:06 +00:00
Alex Bilbie	304ea2baf4	Encrypt refresh token parameters instead of using JWT	2016-01-14 23:46:24 +00:00
Alex Bilbie	56060b2c16	Code tidy	2016-01-14 23:45:36 +00:00
Alex Bilbie	633746b02e	Added KeyCrypt class	2016-01-14 23:44:39 +00:00
Alex Bilbie	936b8f93ec	Addititonal refresh token validation	2016-01-13 00:38:23 +00:00
Alex Bilbie	c1d15aa15c	Uset sub instead of uid	2016-01-13 00:38:08 +00:00
Alex Bilbie	79791e5848	Code tidy	2016-01-13 00:13:34 +00:00
Alex Bilbie	0efa7cd7ea	Set the uid on the refresh token	2016-01-13 00:13:16 +00:00
Alex Bilbie	eef5cf39d4	Fixes to refresh grant	2016-01-13 00:12:10 +00:00
Alex Bilbie	6fb3fb5110	Updated refresh token grant	2016-01-12 23:53:03 +00:00
Alex Bilbie	a2bbb17483	Updated repository method names	2016-01-12 23:52:08 +00:00
Alex Bilbie	3135f1796e	Generate a refresh token in password grant	2016-01-12 23:05:19 +00:00
Alex Bilbie	d565665ccb	Code tidy	2016-01-12 23:05:07 +00:00
Alex Bilbie	13a1ea6db8	Updated token interface to drop owner concept for simple user identifier	2016-01-12 23:04:33 +00:00
Alex Bilbie	6358be90c2	Token is now linked to a user identifier instead of owner concept	2016-01-12 23:04:03 +00:00
Alex Bilbie	de89a6bc89	Code tidy	2016-01-12 23:03:38 +00:00
Alex Bilbie	e03ad0d52f	Server constructor expects path to private key	2016-01-12 23:03:24 +00:00
Alex Bilbie	2a20de991b	Docblock update	2016-01-12 23:02:54 +00:00
Alex Bilbie	b8732a2f83	BearerTokenResponse now outputs JWTs. Fixes #209	2016-01-12 23:02:45 +00:00
Alex Bilbie	1bdad3ad14	Updated AbstractResponseType with interface methods	2016-01-12 23:01:55 +00:00
Alex Bilbie	fd47712060	Removed unused methods	2016-01-12 23:01:19 +00:00
Alex Bilbie	6339524c86	Updated RefreshToken methods	2016-01-12 23:00:05 +00:00
Alex Bilbie	5f9feda80c	ScopeEntity is JsonSerializable	2016-01-12 22:59:33 +00:00
Alex Bilbie	9958e1bf80	Added serverError exception	2016-01-12 22:59:14 +00:00
Alex Bilbie	758471ec16	Fixed docblock	2016-01-12 22:59:00 +00:00
Alex Bilbie	a9313e76d4	Removed old JsonWebTokenType response as all tokens are JWTs now	2016-01-12 22:56:10 +00:00
Alex Bilbie	e7e4892408	Fixed method parameter name	2015-11-16 12:58:38 +00:00
Alex Bilbie	46648f3e80	Updated password grant	2015-11-16 12:58:11 +00:00
Alex Bilbie	6f2e2a0071	Updated exceptions	2015-11-16 12:57:59 +00:00
Alex Bilbie	32b451aa21	Updates	2015-11-13 17:41:05 +00:00
Alex Bilbie	da8efa20cd	Updated repository method names to be more explicit	2015-11-13 17:39:07 +00:00
Alex Bilbie	03e4ac7ea6	Removed service providers	2015-11-13 17:38:48 +00:00
Alex Bilbie	1442842da9	TokenType -> ResponseType	2015-11-13 17:38:23 +00:00
Alex Bilbie	b479cb7912	New OAuthServerException class	2015-11-13 17:37:37 +00:00
Alex Bilbie	41c7a6e731	Removed old exceptions	2015-11-13 17:37:28 +00:00
Alex Bilbie	82413513e8	Checkin	2015-10-14 09:51:53 +01:00
Alex Bilbie	2e3c6b4f3a	Refactored constructor to set defaults, added new setter methods for default token TTL and default token type	2015-04-06 08:32:44 +01:00
Alex Bilbie	8e9b12fefd	Code readability	2015-04-06 08:23:35 +01:00
Alex Bilbie	95a2308ff6	Added @todo	2015-04-06 08:23:24 +01:00
Alex Bilbie	9985f3eee2	Fixed docblock	2015-04-06 08:23:18 +01:00
Alex Bilbie	39df4ff9b1	Clarified docblock	2015-04-06 08:21:25 +01:00
Alex Bilbie	90d18c553d	Broke expiration DateTime out into seperate variable for readability	2015-04-06 08:13:41 +01:00
Alex Bilbie	385b03db6f	Import DateTime instead of using root namespace	2015-04-06 08:08:18 +01:00
Alex Bilbie	a15995c126	First commit of updated auth code grant	2015-04-05 21:57:29 +01:00
Alex Bilbie	f4cfd37745	Added isExpired method	2015-04-05 21:57:17 +01:00
Alex Bilbie	a0d5d5817b	Updated AuthCodeEntity	2015-04-05 21:57:04 +01:00
Alex Bilbie	d468cbf600	Updated AuthCodeRepositoryInterface	2015-04-05 21:56:42 +01:00
Alex Bilbie	be14b3a2df	Updated namespace	2015-04-05 21:14:22 +01:00
Alex Bilbie	1f1f0d8f15	Added PasswordGrantProvider to container	2015-04-05 21:14:06 +01:00
Alex Bilbie	8fcf93c489	Removed unused method	2015-04-05 21:13:53 +01:00
Alex Bilbie	bdd71743cd	Added knowledge of UserRepository	2015-04-05 21:13:45 +01:00
Alex Bilbie	77b5282b46	Namespace updates	2015-04-05 21:13:15 +01:00
Alex Bilbie	e88d802918	Added UserEntityInterface	2015-04-05 21:13:04 +01:00
Alex Bilbie	61ab070692	Renamed ClientCredentialsGrantServerProvider to ClientCredentialsGrantProvider	2015-04-05 21:12:55 +01:00
Alex Bilbie	d3ed454881	Added PasswordGrantProvider	2015-04-05 21:12:26 +01:00
Alex Bilbie	b5bbf8332f	Added JsonWebTokenType	2015-04-05 21:12:05 +01:00
Alex Bilbie	110d5ce76f	Respond with json content-type header	2015-04-05 21:11:51 +01:00
Alex Bilbie	eabcf82268	Added UserRepositoryInterface	2015-04-05 21:10:50 +01:00
Alex Bilbie	6a78d53d03	Updated grants	2015-04-05 21:10:41 +01:00
Alex Bilbie	b831d19f8d	Renamed interface	2015-04-05 21:10:18 +01:00
Alex Bilbie	721e52c5d9	Renamed response types to token types	2015-04-05 21:10:06 +01:00
Alex Bilbie	15cef6ba16	Code tidy	2015-04-05 18:16:26 +01:00
Alex Bilbie	72b741d7c9	Added generateHttpResponse method to exception	2015-04-05 18:16:21 +01:00
Alex Bilbie	26c1abdd3c	Remove client secret propety on entity	2015-04-05 17:13:55 +01:00
Alex Bilbie	d63efc8dbf	Updated grant type interface	2015-04-05 17:05:57 +01:00
Alex Bilbie	1e39f1d84a	Updated abstract server	2015-04-05 17:03:13 +01:00
Alex Bilbie	0b66fd1948	First commit of new server class	2015-04-05 17:03:06 +01:00
Alex Bilbie	f1da0d2943	Added ClientCredentialsGrantServerProvider	2015-04-05 17:01:41 +01:00
Alex Bilbie	f964fd2962	Updated abstract grant and client credentials grant	2015-04-05 17:01:19 +01:00
Alex Bilbie	36a1a430b5	Updated response types	2015-04-05 17:01:00 +01:00
Alex Bilbie	3721ecb40a	Updated repository interfaces	2015-04-05 17:00:43 +01:00
Alex Bilbie	f357602090	Removed old traits	2015-04-05 14:03:34 +01:00
Alex Bilbie	a48630c837	New entities, traits and interfaces	2015-04-05 14:03:25 +01:00
Alex Bilbie	171be1c422	Updated .gitignore and .gitattributes	2015-04-05 13:59:38 +01:00
Alex Bilbie	a73322fb43	Renamed namespace Util > Utils	2015-04-04 15:42:12 +01:00
Alex Bilbie	027971776b	Namespace renamed TokenType > TokenTypes	2015-04-04 15:41:53 +01:00
Alex Bilbie	5d7eeb0512	Spelling fix	2015-03-01 21:29:52 +00:00
Alex Bilbie	742b51c2cd	Removed domain events	2015-03-01 21:29:47 +00:00
Alex Bilbie	cc7596f3b3	Renamed storage to repository	2015-02-22 19:44:26 +00:00
Hannes Van De Vreken	dd795a82f4	Changed the order and added missing throws	2015-01-23 11:21:12 +01:00
Hannes Van De Vreken	166362d3cd	Boyscouting the php docs to always use FQCNs	2015-01-23 11:17:19 +01:00
Scott Arciszewski	612775466c	Remove side-effects in hash_equals() This is functionally identical, but without the side-effect of defining a function in the current namespace. Also, it uses absolute function reference (`\hash_equals` instead of `hash_equals`) because if someone defined `League\OAuth2\Server\TokenType\hash_equals()` elsewhere, it would try that first. Kudos for using `hash_equals()` in your original design for this feature. Many OAuth2 implementations neglect this nuance :)	2015-01-01 01:34:22 -05:00
Alex Bilbie	282bb20cc8	Fix docblocks + method name	2014-12-27 23:00:11 +00:00
Alex Bilbie	b727be55a2	Merge branch 'master' of https://github.com/Symplicity/oauth2-server into Symplicity-master	2014-12-27 22:57:08 +00:00

... 2 3 4 5 6 ...

1015 Commits