Andrew Millington
e0cc5ee1b0
Merge branch 'master' of https://github.com/thephpleague/oauth2-server into fix-pkce-implementation
2018-02-18 13:57:19 +00:00
Andrew Millington
b78c012796
Change code challenge and verifier to be constants in test
2018-02-18 13:51:34 +00:00
Andrew Millington
25c3c216a0
Apply fixes from StyleCI
2018-02-17 19:31:59 +00:00
Lukáš Unger
1f87c7a7be
Update PHPUnit, run static analysis on tests
2018-02-11 23:22:46 +01:00
Erick Torres
ce2662ece7
Merge branch 'master' of github.com:thephpleague/oauth2-server into fix-pkce-implementation
...
# Conflicts:
# tests/Grant/AuthCodeGrantTest.php
2018-02-05 15:32:15 -05:00
Andrew Millington
8bbd218856
Merge pull request #842 from sgomez/fix-challenge-pkce
...
Fix S256 code challenge method
2018-01-25 23:16:15 +00:00
Andrew Millington
eb9cde5ab7
Merge pull request #805 from raarts/Accept-RSA-key-with-crlf-v2
...
Also accept an RSA key with crlf
2018-01-23 22:24:52 +00:00
Sergio Gómez
1b692e2298
Fix S256 code challenge method
...
According to [RFC7636#section-4.3](https://tools.ietf.org/html/rfc7636#section-4.3 ):
If the "code_challenge_method" from Section 4.3 was "S256", the
received "code_verifier" is hashed by SHA-256, base64url-encoded, and
then compared to the "code_challenge", i.e.:
BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge
So, the hash must be done before the base64_encode.
The tests are modified to use example data from the
[RFC7636#appendix-B](https://tools.ietf.org/html/rfc7636#appendix-B ).
2018-01-18 05:31:44 +01:00
Ron Arts
91d9c11fb4
Fixed tests, allow whitespace at the end of a key
2018-01-03 10:18:32 +01:00
Ron Arts
2ec8d148b0
fix .gitattributes
2018-01-03 09:41:39 +01:00
Erick Torres
01d21b2533
Update statement to generate codeChallenge in AuthCodeGrantTest
2017-12-29 12:32:12 -05:00
Andrew Millington
b6d9835281
Merge branch 'master' into fix-pkce-implementation
2017-12-28 16:37:37 +00:00
Andrew Millington
57ca83a8ba
Removing missing scope tests as temporarily reverted this functionality
2017-12-24 00:18:20 +00:00
Andrew Millington
41bba7f58c
Removing missing scope test
...
Temporarily removing missing scope test as have reverted this functionality for version 6.1.1
2017-12-24 00:07:22 +00:00
Andrew Millington
dcae4af6ce
Remove missing scope test
...
Temporarily removing missing scope test for the AuthGrant
2017-12-24 00:06:18 +00:00
Andrew Millington
1c36b70dab
Fixed ordering so we only hash after base64 encoding
2017-12-23 02:06:18 +00:00
Andrew Millington
f11e4c81cd
Merge pull request #697 from fkooman/fix-s256
...
Fix PKCE code verifier encoding to match specification
2017-12-23 01:52:33 +00:00
Gabriel Caruso
9ceafe5dd3
Refactoring tests
2017-12-06 18:24:42 -02:00
Andrew Millington
8c93fd74c9
Merge pull request #573 from ismailbaskin/master
...
Include redirect_uri check on authorization endpoint
2017-11-19 20:57:27 +00:00
Sephster
b50c7622db
Add in validation for authorization requests.
...
Fixes thephpleague/oauth2-server#677
2017-11-14 00:12:04 +00:00
Sephster
dc9c1a1023
Remove blank line to keep code consistent
2017-11-13 23:59:55 +00:00
Sephster
7878cf9c13
Merge remote-tracking branch 'upstream/master'
2017-11-13 23:52:36 +00:00
Sephster
1bcee9aaba
Add a test for a missing scope for the password grant
2017-11-13 23:16:30 +00:00
Sephster
1e3a84fc85
Add a test to ensure response requests fail without a scope specified
2017-11-13 23:00:27 +00:00
Sephster
a5c5929dc9
Change default scope to be basic
2017-11-13 22:34:12 +00:00
Sephster
c6bf2e1df0
Remove unnecessary white spaces
2017-11-13 22:31:50 +00:00
Sephster
65789e0f39
Fix tests to support default scopes for authorization requests
2017-11-13 22:20:42 +00:00
Gabriel Caruso
04f3d39b45
Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase
2017-11-08 16:07:07 -02:00
Andrew Millington
ce8248c10f
Remove erroneous character
2017-11-06 22:56:54 +00:00
Andrew Millington
13be557825
Re-add the complete testCompleteAuthorizationRequestNoUser()
2017-11-06 22:51:11 +00:00
Andrew Millington
0f08063864
Fixed use of default scope so it is only for authorization requests
2017-11-06 22:33:28 +00:00
Andrew Millington
bd2cdaf5da
Change missing scope test to check for invalid_scope exception
2017-10-31 23:01:19 +00:00
Andrew Millington
d0619385b8
Add a basic test to ensure we throw an exception when no scope is given
2017-10-31 21:00:14 +00:00
Ron Arts
f79d3f27cf
Incorporate https://github.com/thephpleague/oauth2-server/pull/731 . Thanks.
...
Now can handle cr/lf, cr, and lf endings. And on php5 large keys as well.
2017-10-31 10:14:46 +01:00
Andrew Millington
3828f87b19
Fix tests as no longer set the default scope in the constructor
...
Use new setDefaultScope() method instead. Also changed default scope to
be a blank string instead of null
2017-10-30 23:48:02 +00:00
Andrew Millington
1161ceda0d
Fix the authorization server middleware test
2017-10-30 23:26:49 +00:00
Andrew Millington
f9143b5163
Fix the refresh token grant test
2017-10-30 23:26:11 +00:00
Ron Arts
90fec63104
Setup the public.key.crlf with the proper permissions
2017-10-30 16:41:10 +01:00
Ron Arts
4563685375
Also accept an RSA key with crlf
2017-10-30 16:21:17 +01:00
Brian Retterer
23c7138d48
Apply fixes from StyleCI
2017-10-23 15:26:10 +00:00
Andrew Millington
24f29b6382
Fix more tests to support default scope setting
2017-10-19 22:37:19 +01:00
Andrew Millington
8c788e9fc8
Update tests so they don't trigger missing or invalid scope exceptions
2017-10-18 22:11:13 +01:00
Andrew Millington
4d28eadf93
Update tests so they don't trigger missing or invalid scope exceptions
2017-10-18 22:11:02 +01:00
Erick Torres
4270f5bac1
Merge branch 'master' of github.com:erickjth/oauth2-server into fix-pkce-implementation
...
# Conflicts:
# src/Grant/AuthCodeGrant.php
2017-09-07 17:24:48 -05:00
Yannick de Lange
2aca909d20
Removed chmod from CryptKey and add toggle to disable checking
2017-08-03 15:57:39 +02:00
Erick Torres
e2f9b73df3
Fix broken tests
2017-07-07 12:19:11 -05:00
Erick Torres
fbb3586cae
Merge branch 'master' of github.com:erickjth/oauth2-server into fix-pkce-implementation
...
# Conflicts:
# src/Grant/AuthCodeGrant.php
# tests/Grant/AuthCodeGrantTest.php
2017-07-07 12:06:32 -05:00
Alex Bilbie
aac467e616
Fixed broken tests
2017-07-01 18:11:19 +01:00
Alex Bilbie
1af4012df4
New property on AuthorizationServer to receive an encryption key which is used for future encryption/decryption instead of keybased encryption/decryption
2017-07-01 16:45:29 +01:00
Alex Bilbie
57d199b889
Stricter validation of code challenge value to match RFC 7636 requirements
2017-07-01 16:44:43 +01:00