Commit Graph

1928 Commits

Author SHA1 Message Date
Lukáš Unger
17b6e2a207 tests: Fix missing redirect uri test, add redirect uri mismatch test 2016-07-08 16:04:14 +02:00
Lukáš Unger
54422a244f tests: AuthCodeGrantTest additional tests 2016-07-08 15:31:29 +02:00
Lukáš Unger
9899aa1f99 tests: ImplicitGrantTest additional tests 2016-07-08 15:30:59 +02:00
Lukáš Unger
32efd091a1 tests: use MockBuilder everywhere 2016-07-08 15:29:21 +02:00
Alex Bilbie
68e4b1d390 Updated changelog 2016-06-28 09:03:41 +01:00
Alex Bilbie
5ee1583c5b Ensure state is in access denied redirect. Fixes #597 2016-06-28 09:03:01 +01:00
Alex Bilbie
66de05a395 Merge pull request #605 from jfilla/master
Added catch Runtime exception when parsing JWT string
2016-06-28 08:49:29 +01:00
Alex Bilbie
df20da1235 Merge pull request #601 from zerkms/ISSUE-596_UNIQUE_ACCESS_TOKEN
Added a check for unique access token constraint violation
2016-06-28 08:48:38 +01:00
Alex Bilbie
7321622104 Merge pull request #606 from GrahamCampbell/patch-2
Allow random compat 2.x
2016-06-28 08:46:57 +01:00
Graham Campbell
84187041bd Allow random compat 2.x 2016-06-27 19:31:35 +01:00
Jakub Filla
9eccc40eb6 Added catch Runtime exception when parsing JWT string 2016-06-22 12:38:03 +02:00
Alex Bilbie
8b865cc523 Merge pull request #604 from iansltx/http-basic-from-header
Look at Authorization header directly for HTTP Basic auth checks
2016-06-22 08:42:30 +01:00
Ian Littman
9775c0076b Look at Authorization header directly for HTTP Basic auth check
Should allow for better compatibility with server implementations that aren't sitting on top of a standard SAPI (e.g. persistent web servers building a PSR-7 compatible request from a socket-received message).

One catch here is that I've seen Apache hijack the HTTP Authorization header in the past, though that would probably impact the other aspects of the server just as much as it would this, so I think that risk is manageable.

Added tests to cover all paths through the new code, so the AbstractGrant type still has 100% coverage :)

Did notice that, as of the latest versions of PHPUnit, the mock creation method is deprecated. Maybe that needs to be updated? Haven't checked to see whether the replacements are PHPUnit 4.8 compatible though, so maybe they need to stay in order to test on older PHP versions?
2016-06-21 21:08:38 -05:00
Ivan Kurnosov
b68ef973df Added a check for unique access token constraint violation 2016-06-20 20:19:03 +12:00
Alex Bilbie
c6e5f12a7c Merge pull request #600 from zerkms/ISSUE-598_REDUNDANT_IS_EXPIRED
Removed isExpired() from interfaces and traits
2016-06-17 09:14:38 +01:00
Ivan Kurnosov
6b88cbeb13 Removed isExpired() from interfaces and traits 2016-06-17 19:50:04 +12:00
Alex Bilbie
64a0fcb3a6 Updated examples. Fixes #589 2016-06-02 09:35:27 +01:00
Alex Bilbie
78dbb267ed Merge pull request #578 from juliangut/master
unify middleware exception responses
2016-05-12 09:53:42 +01:00
Julián Gutiérrez
22e6a350dd unify middleware exception responses 2016-05-11 14:13:58 +02:00
Alex Bilbie
c0936cc320 Updated commercial support statement 2016-05-10 13:23:56 +01:00
Alex Bilbie
bb82651bec First commit of update changelog 2016-05-10 08:10:50 +01:00
Alex Bilbie
599c9aba75 Added indigophp/hash-compat to suggest and require dev for PHP 5.5 support 2016-05-06 15:23:57 +01:00
Alex Bilbie
4c6c189dff Added a list of supported RFCs 2016-05-06 15:23:25 +01:00
Alex Bilbie
8e8aed1a50 Implemented RFC7636. Fixes #574 2016-05-06 15:23:16 +01:00
Alex Bilbie
4a4f4fe2d7 Added commercial support section to README 2016-05-04 09:17:38 +01:00
Alex Bilbie
6b18a9441a Updated changelog 2016-05-04 09:13:20 +01:00
Alex Bilbie
44ff7b33a1 Merge branch 'master' of github.com:thephpleague/oauth2-server 2016-05-04 09:10:11 +01:00
Alex Bilbie
db055f790d Revert "Remove redundant parameters in example" #553
This reverts commit 9a93dca05c.
2016-05-04 09:10:05 +01:00
Alex Bilbie
d1bc4848c8 Revert "Remove redundant parameters in example"
This reverts commit 9a93dca05c.
2016-05-04 09:07:50 +01:00
Alex Bilbie
cf63403585 Merge branch 'master' of github.com:thephpleague/oauth2-server 2016-05-04 08:56:04 +01:00
Alex Bilbie
cdf43e498e Use constant for event name instead of explicit string. Fixes #563 2016-05-04 08:55:57 +01:00
Alex Bilbie
a12fc98b0d Merge pull request #569 from ismailbaskin/patch-2
Correct wrong phpdoc
2016-05-04 08:45:58 +01:00
Alex Bilbie
019d285235 Merge pull request #570 from Themodem/master
Fixed typo in exception string
2016-05-04 08:45:37 +01:00
Lee
0bb968f413 Fixed typo in exception string 2016-05-04 15:13:48 +08:00
ismail BASKIN
88b19ad2d0 Correct wrong phpdoc 2016-05-04 00:54:36 +03:00
Alex Bilbie
6856699cab Merge pull request #564 from ismailbaskin/patch-1
Remove unused request property
2016-04-30 12:16:12 +01:00
ismail BASKIN
72cd9a62e1 Remove unused request property 2016-04-30 05:08:28 +03:00
Alex Bilbie
acf262f879 Merge pull request #553 from markinjapan/patch-1
Remove redundant parameters in getNewToken()
2016-04-27 20:58:29 +01:00
Alex Bilbie
5241309bdb Fixes #560 2016-04-27 20:53:12 +01:00
Mark
9a93dca05c Remove redundant parameters in example 2016-04-20 16:52:54 +09:00
Mark
a6b7a5cedc Remove use of redundant parameters 2016-04-20 16:52:36 +09:00
Mark
78b6bddc4d Remove redundant parameters 2016-04-20 16:29:37 +09:00
Alex Bilbie
14b6761c0f Changelog update 2016-04-19 10:28:20 +01:00
Alex Bilbie
7c61922f07 Merge pull request #551 from ivyhjk/patch-1
wrong comment "month"
2016-04-19 09:53:17 +01:00
ivyhjk
20535ad95b wrong comment "month" 2016-04-18 18:08:27 -03:00
Alex Bilbie
e885114714 Improved examples 2016-04-18 12:23:21 +01:00
Alex Bilbie
f80d0d39a4 Updated .scrutenizer.yml 2016-04-18 12:23:13 +01:00
Alex Bilbie
7bfd5b7d0d Added abstract methods for required methods 2016-04-18 12:22:15 +01:00
Alex Bilbie
143a2e32f7 Client may return an array of redirect URIs 2016-04-18 12:21:42 +01:00
Alex Bilbie
8f418cff08 Added missing state parameter in redirect response 2016-04-18 12:19:54 +01:00