Alex Bilbie
655f6b9771
Merge pull request #445 from juliangut/abstract_token_validation
...
V5 - Abstract access token validation
2016-02-12 14:31:18 +00:00
Alex Bilbie
d95958bae4
Small fixes
2016-02-12 14:28:24 +00:00
Alex Bilbie
85b9412813
Multiple fixes
2016-02-12 14:18:52 +00:00
Alex Bilbie
1a5030200a
The response may be a PSR response which is valid
2016-02-12 14:18:45 +00:00
Alex Bilbie
796106b6c1
Fix for non-imported namespace
2016-02-12 14:18:34 +00:00
Alex Bilbie
4234b69f3a
Fix for method calls
2016-02-12 14:18:10 +00:00
Alex Bilbie
0115c41eea
Numerous bug fixes
2016-02-12 13:32:58 +00:00
Julián Gutiérrez
f314154216
abstract access token validation
2016-02-12 14:19:47 +01:00
Alex Bilbie
5e326d9e45
First commit of respondToAccessTokenRequest
2016-02-12 13:01:25 +00:00
Julián Gutiérrez
d2760e4ec7
secure access to body params
2016-02-12 13:56:14 +01:00
Alex Bilbie
2025749fa4
Updated respondToAuthorizationRequest
to use Plates templates instead of custom ResponseType
2016-02-12 11:55:41 +00:00
Alex Bilbie
1c913fe75e
Added default basic HTML login + authorise templates
2016-02-12 11:32:09 +00:00
Alex Bilbie
ac9955b393
Removed response type interfaces for auth code login + authorize because they were a stupid idea
2016-02-12 11:30:59 +00:00
Alex Bilbie
fccb06ed67
First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed
2016-02-12 10:01:15 +00:00
Alex Bilbie
f29703ea24
Updated Docblock
2016-02-12 10:00:41 +00:00
Alex Bilbie
dcc3f5d856
First commit of new ResponseTypes
2016-02-12 10:00:32 +00:00
Alex Bilbie
264eba9f20
Updated AuthCodeRepositoryInterface
2016-02-12 10:00:22 +00:00
Alex Bilbie
c2c199cf98
Added issueAuthCode method
2016-02-12 10:00:10 +00:00
Alex Bilbie
0b6bcad9fb
Added getCookieParameter method
2016-02-12 09:59:59 +00:00
Alex Bilbie
38a7e53cb5
Added optional redirectUri parameter to accessDenied method
2016-02-12 09:59:47 +00:00
Alex Bilbie
f4b83baf74
Fix getClientEntity method call
2016-02-12 09:09:39 +00:00
Alex Bilbie
5a08a0cbe2
Merge branch 'V5-WIP' into V5-AuthCode
...
# Conflicts:
# src/Grant/AbstractGrant.php
2016-02-12 09:06:28 +00:00
Alex Bilbie
7a628409db
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri
2016-02-12 09:03:35 +00:00
Alex Bilbie
c6d806d3f7
Docblock updates
2016-02-12 09:02:33 +00:00
Alex Bilbie
bfcf7af4d8
Added getQueryStringParameter method
2016-02-12 09:02:17 +00:00
Alex Bilbie
d96f57d27f
Got rid of mystery $identifier class property, moved it to the getIdentifier method
2016-02-12 08:33:59 +00:00
Julián Gutiérrez
8b185e0580
Merge branch 'V5-WIP' into minor_merge
2016-02-12 00:12:56 +01:00
Alex Bilbie
ca776e83a2
Fix for header writing
2016-02-11 17:58:35 +00:00
Alex Bilbie
ddf3f1b890
Merge branch 'V5-WIP' into V5-AuthCode
2016-02-11 17:50:08 +00:00
Alex Bilbie
a40ac5d77b
Minor fixes
2016-02-11 17:49:41 +00:00
Alex Bilbie
4bc89f3fc2
Removed unused import
2016-02-11 17:49:31 +00:00
Alex Bilbie
11d25eb5a1
Removed old exceptions
2016-02-11 17:49:24 +00:00
Alex Bilbie
770bda8f10
Merge pull request #431 from juliangut/redirectUri
...
V5 - use Psr\Http\Message\UriInterface
2016-02-11 17:35:33 +00:00
Alex Bilbie
7a8c92b3d9
Merge pull request #435 from juliangut/exception_middleware
...
V5 - Exception based access token check
2016-02-11 17:34:31 +00:00
Alex Bilbie
92a101f263
First commit of AuthCode rewrite
2016-02-11 17:30:01 +00:00
Julián Gutiérrez
b85f81c429
configurable refresh token TTL per grant
2016-01-21 18:11:53 +01:00
Julián Gutiérrez
8fb64041df
client secret can be null
2016-01-20 12:50:23 +01:00
Julián Gutiérrez
44155a8efc
allow refresh token ttl assign
2016-01-20 12:21:44 +01:00
Julián Gutiérrez
b7b1f56d0c
stream write fix
2016-01-20 10:58:45 +01:00
Julián Gutiérrez
3e5889e93b
minor improvements and documentation fixes
2016-01-20 10:36:16 +01:00
Julián Gutiérrez
ef5904ab1a
exception based determineAccessTokenInHeader
2016-01-20 00:32:59 +01:00
Julián Gutiérrez
94cc7c2bc7
fix server reference
2016-01-20 00:16:12 +01:00
Alex Bilbie
1e1043c04f
Merge pull request #432 from juliangut/middleware
...
V5 - authentication middleware
2016-01-17 19:33:38 +00:00
Julián Gutiérrez
8591fc7686
moved to authentication middleware
2016-01-17 18:40:26 +01:00
Alex Bilbie
86b75edca0
Merge pull request #430 from juliangut/scopedelimiter
...
V5 - remove scopedelimiter parameter
2016-01-17 16:40:55 +00:00
Alex Bilbie
13ddec3283
Fix for PasswordGrant
2016-01-17 16:38:25 +00:00
Alex Bilbie
322caa77af
Fixes for RefreshTokenGrant
2016-01-17 16:35:52 +00:00
Julián Gutiérrez
95634fb390
compound redirect uri with Psr\Http\Message\UriInterface
2016-01-17 17:28:27 +01:00
Alex Bilbie
6beb8d42ff
Replaced SecureKey::generate with random_bytes method
2016-01-17 16:16:01 +00:00
Julián Gutiérrez
6cffbfe33b
remove scopedelimiter parameter
2016-01-17 17:01:08 +01:00
Alex Bilbie
5fcb47d66a
Merge pull request #425 from juliangut/scopes_extraction
...
V5 - normalize validatescopes
2016-01-17 14:59:37 +00:00
Alex Bilbie
8566a128c8
Pass errors back up the chain
2016-01-17 14:56:42 +00:00
Alex Bilbie
419cb6d149
Use first array result
2016-01-17 14:56:35 +00:00
Alex Bilbie
f1d06e7c33
Use the error returned from the response type
2016-01-17 14:56:06 +00:00
Alex Bilbie
212938d1e2
Fixed call to static
2016-01-17 14:55:48 +00:00
Alex Bilbie
cd19f11799
Fixed conversion to response object
2016-01-17 14:55:36 +00:00
Julián Gutiérrez
4862ca7d60
fix conflicts
2016-01-17 15:49:55 +01:00
Alex Bilbie
660378c7b3
Added MAC auth scheme to 401 header
2016-01-17 14:28:13 +00:00
Alex Bilbie
3d08051cbb
Removed default wording as there is no override
2016-01-17 14:23:18 +00:00
Alex Bilbie
0486d93fa3
Removed default wording as there are no overrides
2016-01-17 14:23:02 +00:00
Alex Bilbie
5a8659471c
Public key is set in abstract grant now
2016-01-17 14:21:53 +00:00
Alex Bilbie
f6664c6917
Private and public key paths are injected into grants now
2016-01-17 14:21:35 +00:00
Alex Bilbie
5f22ead287
Updated access denied hint
2016-01-17 14:11:21 +00:00
Alex Bilbie
19b12cda8e
Made getDefaultResponseType public
2016-01-17 14:08:53 +00:00
Alex Bilbie
6c787c374c
First commit of ResourceServerMiddleware
2016-01-17 14:08:42 +00:00
Alex Bilbie
cd68103267
New server constructor
2016-01-17 14:03:41 +00:00
Alex Bilbie
6332ecfa0b
Removed default overrides
2016-01-17 14:03:33 +00:00
Alex Bilbie
e43d95415b
Inject required params into grant type
2016-01-17 14:03:07 +00:00
Alex Bilbie
d755a8c01d
Updated the validation to BearerTokenResponse
2016-01-17 13:57:07 +00:00
Alex Bilbie
c7a904ca40
Added access token repository and public key path as required params to response type constructor
2016-01-17 13:56:46 +00:00
Alex Bilbie
8ee4dc7eb9
Fixed docblock
2016-01-17 13:56:14 +00:00
Alex Bilbie
645f719ee9
Added new repository setter methods to GrantTypeInterface
2016-01-17 13:55:12 +00:00
Alex Bilbie
0cc13630cc
Cody tidy
2016-01-17 13:54:55 +00:00
Alex Bilbie
e21a13c82c
Access token TTL is now configured on a per grant basis
2016-01-17 13:54:39 +00:00
Alex Bilbie
a4ce1e510e
Scope delimiter string is no longer configurable
2016-01-17 13:53:18 +00:00
Alex Bilbie
ad05a5cae6
Scope delimiter is no longer a required parameter
2016-01-17 13:51:56 +00:00
Alex Bilbie
e6cc6c35ec
Scope delimiter string is now a constant
2016-01-17 13:49:53 +00:00
Alex Bilbie
f74bca33ab
Removed parameters that are no longer required
2016-01-17 13:48:40 +00:00
Alex Bilbie
90d9d7bdd6
Required repositories are now set by the server
2016-01-17 13:47:44 +00:00
Julián Gutiérrez
8d8dbaea0c
normalize validatescopes
2016-01-17 14:35:43 +01:00
Alex Bilbie
03391e9630
Removed old access denied exception
2016-01-17 12:58:15 +00:00
Alex Bilbie
7242a8db31
Added access denied exception
2016-01-17 12:58:00 +00:00
Alex Bilbie
f44b618531
Docblock tidy
2016-01-17 12:57:50 +00:00
Alex Bilbie
9e4fd82763
Rewrote RefreshTokenGrant to understand encrypted tokens
2016-01-17 12:56:52 +00:00
Alex Bilbie
0744d8e926
Tidy up
2016-01-17 12:43:20 +00:00
Julián Gutiérrez
44ff8692dc
abstract common grants tasks
2016-01-17 00:41:55 +01:00
Alex Bilbie
dce1620f60
Removed unused imports
2016-01-15 18:37:46 +00:00
Alex Bilbie
bcd84320da
Updated docblocks
2016-01-15 18:37:26 +00:00
Alex Bilbie
a40374e6ec
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-01-15 18:36:38 +00:00
Alex Bilbie
748ae15376
Updated docblock
2016-01-15 18:36:34 +00:00
Alex Bilbie
7811721d28
Merge pull request #421 from juliangut/deferred_creation
...
V5 - deferred default objects creation
2016-01-15 18:35:49 +00:00
Alex Bilbie
8f724bb720
Fix immutability issues
2016-01-15 18:32:53 +00:00
Julián Gutiérrez
65d981ad32
allow middleware use
2016-01-15 14:02:47 +01:00
Julián Gutiérrez
3de1b5917a
deferred default objects creation
2016-01-15 12:41:48 +01:00
Alex Bilbie
0fbe447862
Removed old exceptions
2016-01-15 00:17:13 +00:00
Alex Bilbie
84a9802a67
Removed ServerAwareTrait
2016-01-15 00:14:41 +00:00
Alex Bilbie
f7b3c018c5
Removed old authorization server
2016-01-15 00:05:59 +00:00
Alex Bilbie
a88c30cb53
Added invalid refresh token exception
2016-01-14 23:47:49 +00:00
Alex Bilbie
5e6f0fc6a3
Code tidy
2016-01-14 23:47:41 +00:00
Alex Bilbie
b57b497cb7
Revoke both refresh token and access token
2016-01-14 23:47:19 +00:00
Alex Bilbie
0b061e3086
Refresh token is encrypted payload now instead of JWT
2016-01-14 23:47:06 +00:00
Alex Bilbie
304ea2baf4
Encrypt refresh token parameters instead of using JWT
2016-01-14 23:46:24 +00:00
Alex Bilbie
56060b2c16
Code tidy
2016-01-14 23:45:36 +00:00
Alex Bilbie
633746b02e
Added KeyCrypt class
2016-01-14 23:44:39 +00:00
Alex Bilbie
936b8f93ec
Addititonal refresh token validation
2016-01-13 00:38:23 +00:00
Alex Bilbie
c1d15aa15c
Uset sub instead of uid
2016-01-13 00:38:08 +00:00
Alex Bilbie
79791e5848
Code tidy
2016-01-13 00:13:34 +00:00
Alex Bilbie
0efa7cd7ea
Set the uid on the refresh token
2016-01-13 00:13:16 +00:00
Alex Bilbie
eef5cf39d4
Fixes to refresh grant
2016-01-13 00:12:10 +00:00
Alex Bilbie
6fb3fb5110
Updated refresh token grant
2016-01-12 23:53:03 +00:00
Alex Bilbie
a2bbb17483
Updated repository method names
2016-01-12 23:52:08 +00:00
Alex Bilbie
3135f1796e
Generate a refresh token in password grant
2016-01-12 23:05:19 +00:00
Alex Bilbie
d565665ccb
Code tidy
2016-01-12 23:05:07 +00:00
Alex Bilbie
13a1ea6db8
Updated token interface to drop owner concept for simple user identifier
2016-01-12 23:04:33 +00:00
Alex Bilbie
6358be90c2
Token is now linked to a user identifier instead of owner concept
2016-01-12 23:04:03 +00:00
Alex Bilbie
de89a6bc89
Code tidy
2016-01-12 23:03:38 +00:00
Alex Bilbie
e03ad0d52f
Server constructor expects path to private key
2016-01-12 23:03:24 +00:00
Alex Bilbie
2a20de991b
Docblock update
2016-01-12 23:02:54 +00:00
Alex Bilbie
b8732a2f83
BearerTokenResponse now outputs JWTs. Fixes #209
2016-01-12 23:02:45 +00:00
Alex Bilbie
1bdad3ad14
Updated AbstractResponseType with interface methods
2016-01-12 23:01:55 +00:00
Alex Bilbie
fd47712060
Removed unused methods
2016-01-12 23:01:19 +00:00
Alex Bilbie
6339524c86
Updated RefreshToken methods
2016-01-12 23:00:05 +00:00
Alex Bilbie
5f9feda80c
ScopeEntity is JsonSerializable
2016-01-12 22:59:33 +00:00
Alex Bilbie
9958e1bf80
Added serverError exception
2016-01-12 22:59:14 +00:00
Alex Bilbie
758471ec16
Fixed docblock
2016-01-12 22:59:00 +00:00
Alex Bilbie
a9313e76d4
Removed old JsonWebTokenType response as all tokens are JWTs now
2016-01-12 22:56:10 +00:00
Alex Bilbie
e7e4892408
Fixed method parameter name
2015-11-16 12:58:38 +00:00
Alex Bilbie
46648f3e80
Updated password grant
2015-11-16 12:58:11 +00:00
Alex Bilbie
6f2e2a0071
Updated exceptions
2015-11-16 12:57:59 +00:00
Alex Bilbie
32b451aa21
Updates
2015-11-13 17:41:05 +00:00
Alex Bilbie
da8efa20cd
Updated repository method names to be more explicit
2015-11-13 17:39:07 +00:00
Alex Bilbie
03e4ac7ea6
Removed service providers
2015-11-13 17:38:48 +00:00
Alex Bilbie
1442842da9
TokenType -> ResponseType
2015-11-13 17:38:23 +00:00
Alex Bilbie
b479cb7912
New OAuthServerException class
2015-11-13 17:37:37 +00:00
Alex Bilbie
41c7a6e731
Removed old exceptions
2015-11-13 17:37:28 +00:00
Alex Bilbie
82413513e8
Checkin
2015-10-14 09:51:53 +01:00
Alex Bilbie
2e3c6b4f3a
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type
2015-04-06 08:32:44 +01:00
Alex Bilbie
8e9b12fefd
Code readability
2015-04-06 08:23:35 +01:00
Alex Bilbie
95a2308ff6
Added @todo
2015-04-06 08:23:24 +01:00
Alex Bilbie
9985f3eee2
Fixed docblock
2015-04-06 08:23:18 +01:00
Alex Bilbie
39df4ff9b1
Clarified docblock
2015-04-06 08:21:25 +01:00
Alex Bilbie
90d18c553d
Broke expiration DateTime out into seperate variable for readability
2015-04-06 08:13:41 +01:00
Alex Bilbie
385b03db6f
Import DateTime instead of using root namespace
2015-04-06 08:08:18 +01:00
Alex Bilbie
a15995c126
First commit of updated auth code grant
2015-04-05 21:57:29 +01:00
Alex Bilbie
f4cfd37745
Added isExpired method
2015-04-05 21:57:17 +01:00
Alex Bilbie
a0d5d5817b
Updated AuthCodeEntity
2015-04-05 21:57:04 +01:00
Alex Bilbie
d468cbf600
Updated AuthCodeRepositoryInterface
2015-04-05 21:56:42 +01:00
Alex Bilbie
be14b3a2df
Updated namespace
2015-04-05 21:14:22 +01:00
Alex Bilbie
1f1f0d8f15
Added PasswordGrantProvider to container
2015-04-05 21:14:06 +01:00
Alex Bilbie
8fcf93c489
Removed unused method
2015-04-05 21:13:53 +01:00
Alex Bilbie
bdd71743cd
Added knowledge of UserRepository
2015-04-05 21:13:45 +01:00
Alex Bilbie
77b5282b46
Namespace updates
2015-04-05 21:13:15 +01:00
Alex Bilbie
e88d802918
Added UserEntityInterface
2015-04-05 21:13:04 +01:00
Alex Bilbie
61ab070692
Renamed ClientCredentialsGrantServerProvider to ClientCredentialsGrantProvider
2015-04-05 21:12:55 +01:00
Alex Bilbie
d3ed454881
Added PasswordGrantProvider
2015-04-05 21:12:26 +01:00
Alex Bilbie
b5bbf8332f
Added JsonWebTokenType
2015-04-05 21:12:05 +01:00
Alex Bilbie
110d5ce76f
Respond with json content-type header
2015-04-05 21:11:51 +01:00
Alex Bilbie
eabcf82268
Added UserRepositoryInterface
2015-04-05 21:10:50 +01:00
Alex Bilbie
6a78d53d03
Updated grants
2015-04-05 21:10:41 +01:00
Alex Bilbie
b831d19f8d
Renamed interface
2015-04-05 21:10:18 +01:00
Alex Bilbie
721e52c5d9
Renamed response types to token types
2015-04-05 21:10:06 +01:00
Alex Bilbie
15cef6ba16
Code tidy
2015-04-05 18:16:26 +01:00
Alex Bilbie
72b741d7c9
Added generateHttpResponse method to exception
2015-04-05 18:16:21 +01:00
Alex Bilbie
26c1abdd3c
Remove client secret propety on entity
2015-04-05 17:13:55 +01:00
Alex Bilbie
d63efc8dbf
Updated grant type interface
2015-04-05 17:05:57 +01:00
Alex Bilbie
1e39f1d84a
Updated abstract server
2015-04-05 17:03:13 +01:00
Alex Bilbie
0b66fd1948
First commit of new server class
2015-04-05 17:03:06 +01:00
Alex Bilbie
f1da0d2943
Added ClientCredentialsGrantServerProvider
2015-04-05 17:01:41 +01:00
Alex Bilbie
f964fd2962
Updated abstract grant and client credentials grant
2015-04-05 17:01:19 +01:00
Alex Bilbie
36a1a430b5
Updated response types
2015-04-05 17:01:00 +01:00
Alex Bilbie
3721ecb40a
Updated repository interfaces
2015-04-05 17:00:43 +01:00
Alex Bilbie
f357602090
Removed old traits
2015-04-05 14:03:34 +01:00
Alex Bilbie
a48630c837
New entities, traits and interfaces
2015-04-05 14:03:25 +01:00
Alex Bilbie
171be1c422
Updated .gitignore and .gitattributes
2015-04-05 13:59:38 +01:00
Alex Bilbie
a73322fb43
Renamed namespace Util > Utils
2015-04-04 15:42:12 +01:00
Alex Bilbie
027971776b
Namespace renamed TokenType > TokenTypes
2015-04-04 15:41:53 +01:00
Alex Bilbie
5d7eeb0512
Spelling fix
2015-03-01 21:29:52 +00:00
Alex Bilbie
742b51c2cd
Removed domain events
2015-03-01 21:29:47 +00:00
Alex Bilbie
cc7596f3b3
Renamed storage to repository
2015-02-22 19:44:26 +00:00
Hannes Van De Vreken
dd795a82f4
Changed the order and added missing throws
2015-01-23 11:21:12 +01:00
Hannes Van De Vreken
166362d3cd
Boyscouting the php docs to always use FQCNs
2015-01-23 11:17:19 +01:00
Scott Arciszewski
612775466c
Remove side-effects in hash_equals()
...
This is functionally identical, but without the side-effect of defining a function in the current namespace.
Also, it uses absolute function reference (`\hash_equals` instead of `hash_equals`) because if someone defined `League\OAuth2\Server\TokenType\hash_equals()` elsewhere, it would try that first.
Kudos for using `hash_equals()` in your original design for this feature. Many OAuth2 implementations neglect this nuance :)
2015-01-01 01:34:22 -05:00
Alex Bilbie
282bb20cc8
Fix docblocks + method name
2014-12-27 23:00:11 +00:00
Alex Bilbie
b727be55a2
Merge branch 'master' of https://github.com/Symplicity/oauth2-server into Symplicity-master
2014-12-27 22:57:08 +00:00
Alex Bilbie
72a5c1794a
Remove unused namespace
2014-12-27 22:50:13 +00:00
Alex Bilbie
707c85b0d6
Fixes and tests
2014-12-27 22:26:31 +00:00
Alex Bilbie
c56562b0b8
PSR fixes
2014-12-27 21:38:01 +00:00
Alex Bilbie
17be6f4549
Added MacTokenInterface
2014-12-27 21:35:45 +00:00
Alex Bilbie
b50fbff1e3
Update docblock
2014-12-27 21:35:45 +00:00
Alex Bilbie
7375a348c6
PHP code fix
2014-12-27 21:35:45 +00:00
Alex Bilbie
ae5dd9ce65
Added MAC TokenType
2014-12-27 21:35:45 +00:00
Alex Bilbie
f9e56ff62a
Added MAC storage getter and setter
2014-12-27 21:35:45 +00:00
Dave Walker
851c7c0eb1
Per the spec:
...
The authorization server MAY issue a new refresh token, in which case
the client MUST discard the old refresh token and replace it with the
new refresh token. The authorization server MAY revoke the old
refresh token after issuing a new refresh token to the client. If a
new refresh token is issued, the refresh token scope MUST be
identical to that of the refresh token included by the client in the
request.
This commit allows users to specifiy the time before the Refresh Token
expire time to issue a new Refresh Token.
alter method names, naming convention(?)
2014-12-21 18:51:52 -05:00
mortenhauberg
60bd334b46
Changed "paremter" to "parameter"
2014-12-16 19:04:03 +01:00
Regan
d32bfaa757
Prevent duplicate session in auth code grant
...
The session already exists in the database, so we don't need to save it again. Doing so results in the session used for the auth code hanging around in the database with nothing associated to it, while the access token is associated to a new session caused by the `save()` method creating a duplicate. Fixes #266 .
2014-12-15 15:09:36 +13:00
Graham Campbell
a12786cbd5
Removed an extra new line
2014-12-10 15:18:49 +00:00
Graham Campbell
a1726903b5
CS fixes
2014-12-10 13:10:35 +00:00
Ivan Enderlin
3b176fe220
Fix API CS.
2014-12-09 14:40:39 +01:00
Ivan Enderlin
986dc59627
The create
method returns void.
2014-12-09 14:40:39 +01:00
Ivan Enderlin
0878897969
Fix API CS.
2014-12-09 14:15:36 +01:00
Scott Arciszewski
7a63f42462
Update DefaultAlgorithm.php
...
Prevent edge-case whereby, if the majority of `base64_encode($bytes)` consists of `/` or `+` characters, the resulting key will be shorter and less unpredictable (due to a smaller keyspace) than anticipated.
As a result, the `$len * 2` hack has been removed. Although it is highly probable that `$len * 2` will stop most edge cases from occurring, it does not actually guarantee the end result will be at least 40 characters long.
2014-12-08 18:40:31 -05:00
Alex Bilbie
f8b61b47b9
Ensure Refresh Token Entity hasn't expired
2014-12-03 23:22:14 +00:00
Alex Bilbie
b8331d12e4
Syntax improvements
2014-12-03 23:21:54 +00:00
Alex Bilbie
e1c0ff2685
Code coverage improvements in grant classes
2014-11-23 23:32:50 +00:00
Alex Bilbie
76de634f2b
Added setSession on TokenTypeInterface as per #255
2014-11-21 00:06:17 +00:00
Alex Bilbie
cfada388db
Declared methods from AbstractGrant on GrantTypeInterface as per #255
2014-11-21 00:06:01 +00:00
Alex Bilbie
2f971dc77f
Declared all of the methods in AbstractTokenType in TokenTypeInterface as per #255
2014-11-20 23:54:52 +00:00
Alex Bilbie
ae7b7e9aa9
Fixed namespace includes
2014-11-20 23:54:14 +00:00
Alex Bilbie
bed6c3287e
Spelling fixes
2014-11-20 23:53:14 +00:00
Alex Bilbie
f83e5a8731
Learnt how to spell delimiter
2014-11-20 23:52:29 +00:00
Brooke Bryan
6a1f927a6c
Check refreshToken isset before attempting to call methods on it
2014-11-13 12:20:59 +00:00
Brooke Bryan
b2c0933ee6
Docbloc improvements
2014-11-12 18:10:29 +00:00
Luca Degasperi
001c15bfad
Update ResourceServer.php
2014-11-09 09:45:20 +01:00
Graham Campbell
4c1cd04a24
CS fixes
2014-11-08 18:26:12 +00:00
Alex Bilbie
6b29b7450e
If the client should redirect during AuthCodeGrant authorisation then provide a redirect uri
2014-11-08 17:03:15 +00:00
Alex Bilbie
b9debaab26
Fix #231
2014-11-08 16:44:39 +00:00
Alex Bilbie
856051bfb3
Fix #232
2014-11-08 16:20:13 +00:00
Alex Bilbie
a2a768b6e6
All interfaces extend StorageInterface
2014-11-07 02:31:37 +00:00
Alex Bilbie
4bbbc72035
Added StorageInterface
2014-11-07 02:29:04 +00:00
Alex Bilbie
3815355489
Removed generic getStorage method and replaced with distinct calls to getters
2014-11-07 02:20:06 +00:00
Alex Bilbie
9bb7af6f83
More docblock fixes
2014-11-07 01:48:23 +00:00
Alex Bilbie
d16b1b72ba
Docblock fix
2014-11-07 01:36:17 +00:00
Alex Bilbie
e37289231d
Removed dead code
2014-11-07 01:36:12 +00:00
Alex Bilbie
1c2ec943e9
Missing parameter
2014-11-07 01:35:59 +00:00
Alex Bilbie
17dfc897b4
Docfix
2014-11-07 01:30:54 +00:00
Alex Bilbie
7586e62da1
Dead code
2014-11-07 01:30:50 +00:00
Alex Bilbie
a1c3746a5a
Another docblock fix
2014-11-07 01:26:42 +00:00
Alex Bilbie
d23dc4d247
Docblock fixes
2014-11-07 01:25:13 +00:00
Alex Bilbie
293bc52972
Code declared in interface, not needed
2014-11-07 01:25:04 +00:00
Alex Bilbie
11ab167376
Docblock fix
2014-11-07 01:20:05 +00:00
Alex Bilbie
f290de6dfc
Docblock fixes
2014-11-07 01:17:04 +00:00
Alex Bilbie
d260167155
Docblock fixes
2014-11-07 01:13:21 +00:00
Alex Bilbie
fedd10b5ed
Docblock fix
2014-11-07 01:07:55 +00:00
Alex Bilbie
746cd4ab7d
Namespace fix
2014-11-07 01:07:47 +00:00
Alex Bilbie
f01cf7ef2f
Merge branch 'develop' of github.com:thephpleague/oauth2-server into develop
2014-11-07 00:46:09 +00:00
Alex Bilbie
61f8195edd
Docblock fixes
2014-11-07 00:46:02 +00:00
Alex Bilbie
fbf1535db1
Renamed Adapter to AbstractStorage because it isn't actually an adapter
2014-11-07 00:45:25 +00:00
Leevi Graham
b60693c5d6
Associate the $client with $session.
2014-11-07 07:50:22 +11:00
Alex Bilbie
bfcccb2671
Merge pull request #215 from sumeko/patch-1
...
Update AbstractServer.php
2014-10-01 22:26:57 +01:00
Alex Bilbie
0f13ff188a
Renamed method to getRequest
2014-10-01 00:14:16 +01:00
Alex Bilbie
136edf16c5
Fix #213
2014-09-30 23:55:21 +01:00
Alex Bilbie
536ef3244d
Inject the session into the token type
2014-09-30 22:28:49 +01:00
Alex Bilbie
a3f5d20592
Changed method names to be clearer that we're setting params
2014-09-30 22:28:38 +01:00
Alex Bilbie
1e3a192920
Inject server into tokentype
2014-09-30 22:26:34 +01:00
Alex Bilbie
b68a5c2abb
Added authentication failure events
2014-09-30 22:16:34 +01:00
Sum
64ca2a4b49
Update AbstractServer.php
2014-09-22 12:56:15 +07:00
pulkit
1ff3d1adda
support grant specific access token ttl
2014-09-11 13:58:01 +01:00
Alex Bilbie
9e2a6ed238
If there are no scopes to format then just return an empty array
2014-09-10 17:22:01 +01:00
Alex Bilbie
be51cdf9b1
Fixed spelling mistake
2014-09-09 13:36:20 +01:00
Alex Bilbie
7d8989a8cd
Fix #202
2014-08-18 16:47:36 +01:00
Alex Bilbie
b9e12a7fec
Removed length
2014-08-16 10:57:08 +02:00
Alex Bilbie
522c7478c7
Fix #169
2014-08-06 09:53:47 +01:00
Alex Bilbie
130d42c85e
Removed some files which shouldn't be there
2014-08-06 09:37:19 +01:00
Alex Bilbie
0433791bc6
Accidentally merged wrong version of file
2014-08-06 09:29:32 +01:00
Alex Bilbie
79f15f3855
Merge branch 'v4.0.0-WIP' into develop
...
Conflicts:
.gitignore
.travis.yml
README.md
composer.json
phpunit.xml
sql/mysql.sql
src/League/OAuth2/Server/Grant/RefreshToken.php
src/League/OAuth2/Server/Resource.php
src/League/OAuth2/Server/Storage/SessionInterface.php
src/League/OAuth2/Server/Util/Request.php
src/Util/KeyAlgorithm/DefaultAlgorithm.php
tests/resource/ResourceServerTest.php
tests/util/RedirectUriTest.php
tests/util/RequestTest.php
tests/util/SecureKeyTest.php
2014-08-06 09:21:56 +01:00
Alex Bilbie
0754b9ec75
Merge branch 'v4.0.0-relational-example' into v4.0.0-WIP
2014-08-06 09:02:54 +01:00
Alex Bilbie
06d5b343d6
Fixed incorrect exception status code and error type
2014-08-06 08:42:58 +01:00
Alex Bilbie
07a42f6f43
Added setAccessTokenId method
2014-08-06 08:42:42 +01:00
Alex Bilbie
71ac21b70e
Removed unnecessary methods
2014-08-06 08:41:50 +01:00
Alex Bilbie
7b9899c46b
Removed line break in error messages
2014-08-04 09:11:53 +01:00
Alex Bilbie
f3fc921212
Added redirect URI property
2014-07-27 17:16:46 +01:00
Alex Bilbie
54e6bbd4a6
expires
isn't part of the spec
2014-07-27 17:15:55 +01:00
Alex Bilbie
0d6c4f65b9
Store the redirect URI too
2014-07-27 17:14:50 +01:00
Robbie Mackay
49b776c495
In Resource::getExceptionHttpHeaders() use Request::BuildFromGlobals
2014-07-23 07:48:05 -07:00
Woody Gilk
31e03c2d36
Fix broken http header extraction in Util\Request
2014-07-23 07:47:29 -07:00
Alex Bilbie
20032f33a2
More tests
2014-07-12 12:07:46 +01:00
Alex Bilbie
b694cca743
Fix broken test
2014-07-12 08:58:18 +01:00
Alex Bilbie
1e78f62823
Lotsa bug fixes and updates
2014-07-11 18:27:03 +01:00
Alex Bilbie
48dea185d8
Added getEventEmitter method to abstractserver
2014-07-11 18:18:41 +01:00
Woody Gilk
f34dd4a0cb
401 status is for invalid_token, not insufficient_scope
2014-07-11 11:59:18 -05:00
Alex Bilbie
0a3215be8e
Added entity trate
2014-07-11 15:18:47 +01:00
Alex Bilbie
954f29f879
Added league/event and implemented SessionOwnerEvent
2014-07-11 15:13:28 +01:00
Woody Gilk
33f4f5b7ab
Add $required parameter to hasScope(), triggers InsufficientScopeException
2014-07-10 17:02:16 -05:00
Woody Gilk
e61782975a
Copy getExceptionType(), getExceptionMessage(), and getExceptionHttpHeaders() to Resource server
2014-07-10 17:02:16 -05:00
Woody Gilk
d7c1c50269
Throw MissingAccessTokenException in the Resource server when no token exists
2014-07-10 16:59:25 -05:00
Fahmi Ardi
92779ad078
missing clientSecret variable
2014-07-03 15:03:58 +07:00
Fahmi Ardi
83c7dea1cc
allowing client crendentials to be sent as Basic authentication
2014-07-03 14:58:13 +07:00
Alex Bilbie
33c68a2103
More updates to relational example
2014-06-23 08:20:34 +01:00
Alex Bilbie
9af1d2a201
100% test coverage
2014-06-20 14:29:47 +01:00
Alex Bilbie
f24d1be3e9
Merge branch 'refs/heads/v4.0.0-WIP' into v4.0.0-relational-example
2014-06-20 14:16:40 +01:00
Alex Bilbie
80802e5df4
Merge branch 'v4.0.0-WIP' of github.com:php-loep/oauth2-server into v4.0.0-WIP
2014-06-20 14:16:09 +01:00
Dustin Wheeler
c1269a97d6
Adds create method to AuthCodeInterface. Relates to #160 .
2014-05-29 19:27:45 -07:00
Alex Bilbie
5e4cd98706
Use US spelling
2014-05-23 16:26:29 +01:00
Andrew Cairns
400d4d8f1e
Fixing Bearer case for consistency
2014-05-20 17:13:29 +01:00
Alex Bilbie
81e9e7364b
Removed example SQL
2014-05-09 10:08:00 +01:00
Alex Bilbie
11664e6d37
Added ability to cast token as a string
2014-05-09 08:16:02 +01:00
Alex Bilbie
d40ee11ef5
Scope entity is json serializable
2014-05-08 11:55:04 +01:00
Alex Bilbie
b9cedc8b93
PSR fixes
2014-05-08 11:52:51 +01:00
Alex Bilbie
58adefa7d0
Removed unnecessary parameter
2014-05-08 10:29:52 +01:00
Alex Bilbie
61f039366b
Throw correct exception when access token is invalid
2014-05-08 10:29:40 +01:00
Alex Bilbie
6a0596f40b
Fix #164
2014-05-07 17:30:07 +01:00
Alex Bilbie
49650d1ae9
Removed Mac token type for now
2014-05-07 17:21:32 +01:00
Alex Bilbie
aae99c2487
Use token type to determine access token in header
2014-05-07 17:21:24 +01:00
Alex Bilbie
0d293e7c30
Merge branch 'refs/heads/v4.0.0-WIP' into 4.0.0-156-token-types
2014-05-07 17:11:46 +01:00
Alex Bilbie
7516606fd3
Set default token type as bearer for Resource Server
2014-05-07 17:10:52 +01:00
Alex Bilbie
87fbcb19af
Use the correct variable
2014-05-07 17:09:45 +01:00
Alex Bilbie
6300cd5d72
Set the default token type as Bearer
2014-05-07 17:09:34 +01:00
Alex Bilbie
0b047fd8e4
Update token types
2014-05-07 17:09:19 +01:00
Luca Degasperi
07c04d15d7
updated calls to proper request methods
2014-05-06 14:30:25 +02:00
Luca Degasperi
95d068e818
Added a missing use statement
2014-05-06 13:52:50 +02:00
Alex Bilbie
c5ffd05eee
First commit of token types
2014-05-03 14:03:02 +01:00
Alex Bilbie
f7e68d6e10
Fixed auth code entity storage calls
2014-05-03 11:40:39 +01:00
Alex Bilbie
719b87a40c
Added missing methods to auth code storage interface
2014-05-03 11:39:18 +01:00
Alex Bilbie
19bd476395
Fix silly mistake
2014-05-03 11:13:36 +01:00
Alex Bilbie
b82551c97d
PHPCS fixes
2014-05-03 11:08:33 +01:00
Alex Bilbie
ed7f5370ca
More CS fixer changes
2014-05-03 10:53:57 +01:00
Alex Bilbie
97e7a00bca
CS fixer changes
2014-05-03 10:53:43 +01:00
Alex Bilbie
ffc25fb276
Renamed Grants
2014-05-02 17:24:55 +01:00
Alex Bilbie
97fd115530
Updated with new entity names
2014-05-02 17:21:53 +01:00
Alex Bilbie
228144a701
Inject server
2014-05-02 15:14:46 +01:00
Alex Bilbie
184fac507b
Bug fix for OAuthException
2014-05-02 15:14:36 +01:00
Alex Bilbie
82c10c32fd
Removed FQN
2014-05-02 15:14:25 +01:00
Alex Bilbie
782f43c73a
Updated entity class names
2014-05-02 15:14:12 +01:00
Alex Bilbie
bdd2bc322c
Renamed entities (added Entity to the end of class name)
2014-05-02 15:12:00 +01:00
Alex Bilbie
e5315dc016
Test fixes
2014-05-01 14:57:12 +01:00
Alex Bilbie
8b4b884a03
Pass the token instead of string
2014-05-01 14:47:01 +01:00
Alex Bilbie
f78caa24bb
Renamed method to be more obvious
2014-05-01 14:46:43 +01:00
Alex Bilbie
79b1e39798
Removed special case for cURL
2014-05-01 14:46:35 +01:00
Alex Bilbie
797ed66eda
Added getBySession
2014-05-01 14:46:22 +01:00
Alex Bilbie
16bdc36ccb
Accept token instead of strings
2014-05-01 14:45:38 +01:00
Alex Bilbie
b5f02d0739
Inject the access token object
2014-05-01 14:44:13 +01:00
Alex Bilbie
9f1f0cc3bc
Updates to exceptions
2014-05-01 14:32:54 +01:00
Alex Bilbie
6981ced972
Updated thrown exceptions
2014-04-25 11:24:48 +01:00
Alex Bilbie
019dfa8836
Updated thrown exceptions
2014-04-25 11:24:42 +01:00
Alex Bilbie
7f6ca35628
Updated exceptions
2014-04-25 11:24:33 +01:00
Alex Bilbie
e1a7f576e4
Moved exception code into new exception classes
2014-04-25 11:24:25 +01:00
Alex Bilbie
647de842ff
Updated exceptions
2014-04-25 10:01:01 +01:00
Alex Bilbie
d7ddfe6452
Updated docblock
2014-04-06 22:01:56 +01:00
Alex Bilbie
5893ba4e8e
Fixes #151
2014-04-06 21:08:35 +01:00
Alex Bilbie
b2c07aa68f
Renamed method make
to generate
2014-04-06 21:08:20 +01:00
Alex Bilbie
29b0389a75
PSR-4 baby!
2014-04-06 19:17:56 +01:00
Alex Bilbie
2aa318cfd7
AuthCode grant
2014-04-06 19:14:46 +01:00
Alex Bilbie
82f7c7abaf
Removed unused method
2014-04-06 19:14:37 +01:00
Alex Bilbie
2d90540531
Spelling fix
2014-04-06 19:14:29 +01:00
Alex Bilbie
de681b1ebf
RefreshToken is already taken so use RT
2014-04-06 19:14:16 +01:00
Joseph Deray
b12a1d84df
added the ability to change the algorithm used to generate the token strings. added files missing in last commit
2014-03-11 12:41:21 -04:00
Joseph Deray
901aab9deb
added the ability to change the algorithm used to generate the token strings
2014-03-11 12:39:09 -04:00
Alex Bilbie
9ac56ad547
Updated @link
2014-03-09 20:05:38 +00:00
Alex Bilbie
c60b29d201
First commit of AuthCode grant and entity
2014-03-09 20:03:05 +00:00
Alex Bilbie
2a524efff5
Bug fix
2014-03-09 20:02:22 +00:00
Alex Bilbie
22794d49d1
Removed old implicit grant
2014-03-09 19:35:53 +00:00
Alex Bilbie
4e37d9bb61
Updated Refresh Token and Password grants
2014-03-09 19:35:23 +00:00
Alex Bilbie
af06f9f3ea
Updated copyright
2014-03-09 19:34:37 +00:00
Alex Bilbie
aef86227da
Updated copyright
2014-03-09 19:34:23 +00:00
Phil Sturgeon
f83a9a7fa4
Support Authorization header passed as ENV var
...
Some hosts (at this point I only know of Fortrabbit) require Authorization headers to be passed as an environment variable, which PHP will then shove into . See more: http://fortrabbit.com/docs/essentials/quirks-and-constraints\#authorization-header
2014-02-26 17:28:17 -05:00
Alex Bilbie
d10cc5040d
Inject server into storage
2014-02-24 16:50:19 +00:00
Alex Bilbie
468acbc369
Renamed Resource to ResourceServer
2014-02-24 14:43:26 +00:00
Alex Bilbie
013b1b53b4
Renamed Authorization to AuthorizationServer
2014-02-24 14:43:00 +00:00
Alex Bilbie
5254c9d225
Renamed Authorization to AuthorizationServer
2014-02-24 14:42:35 +00:00
Alex Bilbie
e4622b1f65
Check for headers only by default, also allow a token to be passed in
2014-01-17 17:17:13 +00:00