Commit Graph

675 Commits

Author SHA1 Message Date
Jake A. Smith
430a752315 Just a typo fix 2015-04-16 10:41:37 -05:00
Alex Bilbie
51184259d1 Merge pull request #323 from rdohms/interface-docs
Updated Interface Docs
2015-03-20 11:43:47 +00:00
rdohms
b21de11429 Updated Interface Docs
Made phpdocs match expectations like null when not found and using array notation for indicating array of <object>
2015-03-20 11:33:03 +01:00
Norbert Fuksz
7f7f45662a Fixed missing session scope
Close #297
2015-03-02 17:47:48 +00:00
Ismail BASKIN
3869b8f406 typo 2015-02-10 10:28:57 +02:00
Hannes Van De Vreken
dd795a82f4 Changed the order and added missing throws 2015-01-23 11:21:12 +01:00
Hannes Van De Vreken
166362d3cd Boyscouting the php docs to always use FQCNs 2015-01-23 11:17:19 +01:00
Scott Arciszewski
612775466c Remove side-effects in hash_equals()
This is functionally identical, but without the side-effect of defining a function in the current namespace.

Also, it uses absolute function reference (`\hash_equals` instead of `hash_equals`) because if someone defined `League\OAuth2\Server\TokenType\hash_equals()` elsewhere, it would try that first.

Kudos for using `hash_equals()` in your original design for this feature. Many OAuth2 implementations neglect this nuance :)
2015-01-01 01:34:22 -05:00
Alex Bilbie
282bb20cc8 Fix docblocks + method name 2014-12-27 23:00:11 +00:00
Alex Bilbie
b727be55a2 Merge branch 'master' of https://github.com/Symplicity/oauth2-server into Symplicity-master 2014-12-27 22:57:08 +00:00
Alex Bilbie
72a5c1794a Remove unused namespace 2014-12-27 22:50:13 +00:00
Alex Bilbie
707c85b0d6 Fixes and tests 2014-12-27 22:26:31 +00:00
Alex Bilbie
c56562b0b8 PSR fixes 2014-12-27 21:38:01 +00:00
Alex Bilbie
17be6f4549 Added MacTokenInterface 2014-12-27 21:35:45 +00:00
Alex Bilbie
b50fbff1e3 Update docblock 2014-12-27 21:35:45 +00:00
Alex Bilbie
7375a348c6 PHP code fix 2014-12-27 21:35:45 +00:00
Alex Bilbie
ae5dd9ce65 Added MAC TokenType 2014-12-27 21:35:45 +00:00
Alex Bilbie
f9e56ff62a Added MAC storage getter and setter 2014-12-27 21:35:45 +00:00
Dave Walker
851c7c0eb1 Per the spec:
The authorization server MAY issue a new refresh token, in which case
   the client MUST discard the old refresh token and replace it with the
   new refresh token.  The authorization server MAY revoke the old
   refresh token after issuing a new refresh token to the client.  If a
   new refresh token is issued, the refresh token scope MUST be
   identical to that of the refresh token included by the client in the
   request.

This commit allows users to specifiy the time before the Refresh Token
expire time to issue a new Refresh Token.

alter method names, naming convention(?)
2014-12-21 18:51:52 -05:00
mortenhauberg
60bd334b46 Changed "paremter" to "parameter" 2014-12-16 19:04:03 +01:00
Regan
d32bfaa757 Prevent duplicate session in auth code grant
The session already exists in the database, so we don't need to save it again. Doing so results in the session used for the auth code hanging around in the database with nothing associated to it, while the access token is associated to a new session caused by the `save()` method creating a duplicate. Fixes #266.
2014-12-15 15:09:36 +13:00
Graham Campbell
a12786cbd5 Removed an extra new line 2014-12-10 15:18:49 +00:00
Graham Campbell
a1726903b5 CS fixes 2014-12-10 13:10:35 +00:00
Ivan Enderlin
3b176fe220 Fix API CS. 2014-12-09 14:40:39 +01:00
Ivan Enderlin
986dc59627 The create method returns void. 2014-12-09 14:40:39 +01:00
Ivan Enderlin
0878897969 Fix API CS. 2014-12-09 14:15:36 +01:00
Scott Arciszewski
7a63f42462 Update DefaultAlgorithm.php
Prevent edge-case whereby, if the majority of `base64_encode($bytes)` consists of `/` or `+` characters, the resulting key will be shorter and less unpredictable (due to a smaller keyspace) than anticipated.

As a result, the `$len * 2` hack has been removed. Although it is highly probable that `$len * 2` will stop most edge cases from occurring, it does not actually guarantee the end result will be at least 40 characters long.
2014-12-08 18:40:31 -05:00
Alex Bilbie
f8b61b47b9 Ensure Refresh Token Entity hasn't expired 2014-12-03 23:22:14 +00:00
Alex Bilbie
b8331d12e4 Syntax improvements 2014-12-03 23:21:54 +00:00
Alex Bilbie
e1c0ff2685 Code coverage improvements in grant classes 2014-11-23 23:32:50 +00:00
Alex Bilbie
76de634f2b Added setSession on TokenTypeInterface as per #255 2014-11-21 00:06:17 +00:00
Alex Bilbie
cfada388db Declared methods from AbstractGrant on GrantTypeInterface as per #255 2014-11-21 00:06:01 +00:00
Alex Bilbie
2f971dc77f Declared all of the methods in AbstractTokenType in TokenTypeInterface as per #255 2014-11-20 23:54:52 +00:00
Alex Bilbie
ae7b7e9aa9 Fixed namespace includes 2014-11-20 23:54:14 +00:00
Alex Bilbie
bed6c3287e Spelling fixes 2014-11-20 23:53:14 +00:00
Alex Bilbie
f83e5a8731 Learnt how to spell delimiter 2014-11-20 23:52:29 +00:00
Brooke Bryan
6a1f927a6c Check refreshToken isset before attempting to call methods on it 2014-11-13 12:20:59 +00:00
Brooke Bryan
b2c0933ee6 Docbloc improvements 2014-11-12 18:10:29 +00:00
Luca Degasperi
001c15bfad Update ResourceServer.php 2014-11-09 09:45:20 +01:00
Graham Campbell
4c1cd04a24 CS fixes 2014-11-08 18:26:12 +00:00
Alex Bilbie
6b29b7450e If the client should redirect during AuthCodeGrant authorisation then provide a redirect uri 2014-11-08 17:03:15 +00:00
Alex Bilbie
b9debaab26 Fix #231 2014-11-08 16:44:39 +00:00
Alex Bilbie
856051bfb3 Fix #232 2014-11-08 16:20:13 +00:00
Alex Bilbie
a2a768b6e6 All interfaces extend StorageInterface 2014-11-07 02:31:37 +00:00
Alex Bilbie
4bbbc72035 Added StorageInterface 2014-11-07 02:29:04 +00:00
Alex Bilbie
3815355489 Removed generic getStorage method and replaced with distinct calls to getters 2014-11-07 02:20:06 +00:00
Alex Bilbie
9bb7af6f83 More docblock fixes 2014-11-07 01:48:23 +00:00
Alex Bilbie
d16b1b72ba Docblock fix 2014-11-07 01:36:17 +00:00
Alex Bilbie
e37289231d Removed dead code 2014-11-07 01:36:12 +00:00
Alex Bilbie
1c2ec943e9 Missing parameter 2014-11-07 01:35:59 +00:00