Alex Bilbie
|
ad270f7d9d
|
Redirect either with query string parameters or fragment parameters
|
2016-02-22 07:58:44 +00:00 |
|
Alex Bilbie
|
a1bdaae9a9
|
Access token can now return a JWT from itself
|
2016-02-22 07:58:25 +00:00 |
|
Alex Bilbie
|
e08669d50c
|
Doc improvements
|
2016-02-22 07:58:12 +00:00 |
|
Alex Bilbie
|
d02437dd73
|
Improved testing
|
2016-02-21 18:13:39 +00:00 |
|
Alex Bilbie
|
eedcfe115c
|
Bug fixes
|
2016-02-21 17:09:12 +00:00 |
|
Alex Bilbie
|
2488cbd55d
|
Bug fixes
|
2016-02-21 17:08:49 +00:00 |
|
Alex Bilbie
|
7f539f8736
|
Removed unused exception parameters
|
2016-02-21 16:40:01 +00:00 |
|
Alex Bilbie
|
d0878300d0
|
Bug fix for AuthCodeGrant
|
2016-02-21 14:32:16 +00:00 |
|
Alex Bilbie
|
97c138bb0b
|
Removed unused SecureKey class
|
2016-02-20 10:05:15 +00:00 |
|
Alex Bilbie
|
a2460886f6
|
Applied fixes from StyleCI
|
2016-02-19 18:09:39 -05:00 |
|
Julián Gutiérrez
|
a644eacea7
|
Merge branch 'V5-WIP' into move_identifier_generation
|
2016-02-18 18:14:59 +01:00 |
|
Alex Bilbie
|
e8a01c3bcd
|
Fix for logic
|
2016-02-18 12:07:36 +00:00 |
|
Alex Bilbie
|
064eb85f4e
|
AbstractGrant now handles persisting tokens
|
2016-02-18 12:07:23 +00:00 |
|
Alex Bilbie
|
704e114568
|
Updated AuthCodeGrant
|
2016-02-18 10:49:39 +00:00 |
|
Alex Bilbie
|
3b36ae9000
|
Rewrote validateClient method to progressively test client secret and redirect URI
|
2016-02-18 10:49:05 +00:00 |
|
Alex Bilbie
|
7f67000d53
|
Provided implementation of new client entity methods
|
2016-02-18 10:48:23 +00:00 |
|
Alex Bilbie
|
de000b72a4
|
Updated ClientEntityInterface with additional methods
|
2016-02-18 10:48:12 +00:00 |
|
Alex Bilbie
|
0d8cb0d06f
|
Fixes for RefreshTokenGrant
|
2016-02-18 10:47:30 +00:00 |
|
Alex Bilbie
|
fc53d636f5
|
Updated getClientEntity now just requires the client ID and the grant type
|
2016-02-18 10:47:06 +00:00 |
|
Julián Gutiérrez
|
dbcaaa1f35
|
rename determineAccessTokenInHeader
|
2016-02-13 14:38:23 +01:00 |
|
Julián Gutiérrez
|
5d6634aa9f
|
Merge branch 'V5-WIP' into move_identifier_generation
|
2016-02-13 14:11:38 +01:00 |
|
Julián Gutiérrez
|
099c9ce41b
|
move token identifier generation
|
2016-02-13 14:07:09 +01:00 |
|
Alex Bilbie
|
335630f150
|
Added code coverage ignore docblocks
|
2016-02-12 18:08:27 +00:00 |
|
Alex Bilbie
|
e20c529f39
|
Added isExpired method to refresh token
|
2016-02-12 17:53:42 +00:00 |
|
Alex Bilbie
|
7f2fd69d0a
|
Removed respondsWith from interface
|
2016-02-12 17:52:37 +00:00 |
|
Alex Bilbie
|
29068dd84c
|
Removed responseWith method
|
2016-02-12 17:51:59 +00:00 |
|
Alex Bilbie
|
9a8b7ec898
|
Removed old codecept tests
|
2016-02-12 17:46:30 +00:00 |
|
Julián Gutiérrez
|
1f6bb40952
|
correcting param access mistake
|
2016-02-12 18:45:47 +01:00 |
|
Julián Gutiérrez
|
2f914a0aa3
|
secure params access on authcode grant
|
2016-02-12 18:32:09 +01:00 |
|
Julián Gutiérrez
|
95e3c1d1a2
|
Merge branch 'V5-WIP' into secure_body_params_access
|
2016-02-12 17:10:52 +01:00 |
|
Alex Bilbie
|
655f6b9771
|
Merge pull request #445 from juliangut/abstract_token_validation
V5 - Abstract access token validation
|
2016-02-12 14:31:18 +00:00 |
|
Alex Bilbie
|
d95958bae4
|
Small fixes
|
2016-02-12 14:28:24 +00:00 |
|
Alex Bilbie
|
85b9412813
|
Multiple fixes
|
2016-02-12 14:18:52 +00:00 |
|
Alex Bilbie
|
1a5030200a
|
The response may be a PSR response which is valid
|
2016-02-12 14:18:45 +00:00 |
|
Alex Bilbie
|
796106b6c1
|
Fix for non-imported namespace
|
2016-02-12 14:18:34 +00:00 |
|
Alex Bilbie
|
4234b69f3a
|
Fix for method calls
|
2016-02-12 14:18:10 +00:00 |
|
Alex Bilbie
|
0115c41eea
|
Numerous bug fixes
|
2016-02-12 13:32:58 +00:00 |
|
Julián Gutiérrez
|
f314154216
|
abstract access token validation
|
2016-02-12 14:19:47 +01:00 |
|
Alex Bilbie
|
5e326d9e45
|
First commit of respondToAccessTokenRequest
|
2016-02-12 13:01:25 +00:00 |
|
Julián Gutiérrez
|
d2760e4ec7
|
secure access to body params
|
2016-02-12 13:56:14 +01:00 |
|
Alex Bilbie
|
2025749fa4
|
Updated respondToAuthorizationRequest to use Plates templates instead of custom ResponseType
|
2016-02-12 11:55:41 +00:00 |
|
Alex Bilbie
|
1c913fe75e
|
Added default basic HTML login + authorise templates
|
2016-02-12 11:32:09 +00:00 |
|
Alex Bilbie
|
ac9955b393
|
Removed response type interfaces for auth code login + authorize because they were a stupid idea
|
2016-02-12 11:30:59 +00:00 |
|
Alex Bilbie
|
fccb06ed67
|
First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed
|
2016-02-12 10:01:15 +00:00 |
|
Alex Bilbie
|
f29703ea24
|
Updated Docblock
|
2016-02-12 10:00:41 +00:00 |
|
Alex Bilbie
|
dcc3f5d856
|
First commit of new ResponseTypes
|
2016-02-12 10:00:32 +00:00 |
|
Alex Bilbie
|
264eba9f20
|
Updated AuthCodeRepositoryInterface
|
2016-02-12 10:00:22 +00:00 |
|
Alex Bilbie
|
c2c199cf98
|
Added issueAuthCode method
|
2016-02-12 10:00:10 +00:00 |
|
Alex Bilbie
|
0b6bcad9fb
|
Added getCookieParameter method
|
2016-02-12 09:59:59 +00:00 |
|
Alex Bilbie
|
38a7e53cb5
|
Added optional redirectUri parameter to accessDenied method
|
2016-02-12 09:59:47 +00:00 |
|
Alex Bilbie
|
f4b83baf74
|
Fix getClientEntity method call
|
2016-02-12 09:09:39 +00:00 |
|
Alex Bilbie
|
5a08a0cbe2
|
Merge branch 'V5-WIP' into V5-AuthCode
# Conflicts:
# src/Grant/AbstractGrant.php
|
2016-02-12 09:06:28 +00:00 |
|
Alex Bilbie
|
7a628409db
|
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri
|
2016-02-12 09:03:35 +00:00 |
|
Alex Bilbie
|
c6d806d3f7
|
Docblock updates
|
2016-02-12 09:02:33 +00:00 |
|
Alex Bilbie
|
bfcf7af4d8
|
Added getQueryStringParameter method
|
2016-02-12 09:02:17 +00:00 |
|
Alex Bilbie
|
d96f57d27f
|
Got rid of mystery $identifier class property, moved it to the getIdentifier method
|
2016-02-12 08:33:59 +00:00 |
|
Julián Gutiérrez
|
8b185e0580
|
Merge branch 'V5-WIP' into minor_merge
|
2016-02-12 00:12:56 +01:00 |
|
Alex Bilbie
|
ca776e83a2
|
Fix for header writing
|
2016-02-11 17:58:35 +00:00 |
|
Alex Bilbie
|
ddf3f1b890
|
Merge branch 'V5-WIP' into V5-AuthCode
|
2016-02-11 17:50:08 +00:00 |
|
Alex Bilbie
|
a40ac5d77b
|
Minor fixes
|
2016-02-11 17:49:41 +00:00 |
|
Alex Bilbie
|
4bc89f3fc2
|
Removed unused import
|
2016-02-11 17:49:31 +00:00 |
|
Alex Bilbie
|
11d25eb5a1
|
Removed old exceptions
|
2016-02-11 17:49:24 +00:00 |
|
Alex Bilbie
|
770bda8f10
|
Merge pull request #431 from juliangut/redirectUri
V5 - use Psr\Http\Message\UriInterface
|
2016-02-11 17:35:33 +00:00 |
|
Alex Bilbie
|
7a8c92b3d9
|
Merge pull request #435 from juliangut/exception_middleware
V5 - Exception based access token check
|
2016-02-11 17:34:31 +00:00 |
|
Alex Bilbie
|
92a101f263
|
First commit of AuthCode rewrite
|
2016-02-11 17:30:01 +00:00 |
|
Julián Gutiérrez
|
b85f81c429
|
configurable refresh token TTL per grant
|
2016-01-21 18:11:53 +01:00 |
|
Julián Gutiérrez
|
8fb64041df
|
client secret can be null
|
2016-01-20 12:50:23 +01:00 |
|
Julián Gutiérrez
|
44155a8efc
|
allow refresh token ttl assign
|
2016-01-20 12:21:44 +01:00 |
|
Julián Gutiérrez
|
b7b1f56d0c
|
stream write fix
|
2016-01-20 10:58:45 +01:00 |
|
Julián Gutiérrez
|
3e5889e93b
|
minor improvements and documentation fixes
|
2016-01-20 10:36:16 +01:00 |
|
Julián Gutiérrez
|
ef5904ab1a
|
exception based determineAccessTokenInHeader
|
2016-01-20 00:32:59 +01:00 |
|
Julián Gutiérrez
|
94cc7c2bc7
|
fix server reference
|
2016-01-20 00:16:12 +01:00 |
|
Alex Bilbie
|
1e1043c04f
|
Merge pull request #432 from juliangut/middleware
V5 - authentication middleware
|
2016-01-17 19:33:38 +00:00 |
|
Julián Gutiérrez
|
8591fc7686
|
moved to authentication middleware
|
2016-01-17 18:40:26 +01:00 |
|
Alex Bilbie
|
86b75edca0
|
Merge pull request #430 from juliangut/scopedelimiter
V5 - remove scopedelimiter parameter
|
2016-01-17 16:40:55 +00:00 |
|
Alex Bilbie
|
13ddec3283
|
Fix for PasswordGrant
|
2016-01-17 16:38:25 +00:00 |
|
Alex Bilbie
|
322caa77af
|
Fixes for RefreshTokenGrant
|
2016-01-17 16:35:52 +00:00 |
|
Julián Gutiérrez
|
95634fb390
|
compound redirect uri with Psr\Http\Message\UriInterface
|
2016-01-17 17:28:27 +01:00 |
|
Alex Bilbie
|
6beb8d42ff
|
Replaced SecureKey::generate with random_bytes method
|
2016-01-17 16:16:01 +00:00 |
|
Julián Gutiérrez
|
6cffbfe33b
|
remove scopedelimiter parameter
|
2016-01-17 17:01:08 +01:00 |
|
Alex Bilbie
|
5fcb47d66a
|
Merge pull request #425 from juliangut/scopes_extraction
V5 - normalize validatescopes
|
2016-01-17 14:59:37 +00:00 |
|
Alex Bilbie
|
8566a128c8
|
Pass errors back up the chain
|
2016-01-17 14:56:42 +00:00 |
|
Alex Bilbie
|
419cb6d149
|
Use first array result
|
2016-01-17 14:56:35 +00:00 |
|
Alex Bilbie
|
f1d06e7c33
|
Use the error returned from the response type
|
2016-01-17 14:56:06 +00:00 |
|
Alex Bilbie
|
212938d1e2
|
Fixed call to static
|
2016-01-17 14:55:48 +00:00 |
|
Alex Bilbie
|
cd19f11799
|
Fixed conversion to response object
|
2016-01-17 14:55:36 +00:00 |
|
Julián Gutiérrez
|
4862ca7d60
|
fix conflicts
|
2016-01-17 15:49:55 +01:00 |
|
Alex Bilbie
|
660378c7b3
|
Added MAC auth scheme to 401 header
|
2016-01-17 14:28:13 +00:00 |
|
Alex Bilbie
|
3d08051cbb
|
Removed default wording as there is no override
|
2016-01-17 14:23:18 +00:00 |
|
Alex Bilbie
|
0486d93fa3
|
Removed default wording as there are no overrides
|
2016-01-17 14:23:02 +00:00 |
|
Alex Bilbie
|
5a8659471c
|
Public key is set in abstract grant now
|
2016-01-17 14:21:53 +00:00 |
|
Alex Bilbie
|
f6664c6917
|
Private and public key paths are injected into grants now
|
2016-01-17 14:21:35 +00:00 |
|
Alex Bilbie
|
5f22ead287
|
Updated access denied hint
|
2016-01-17 14:11:21 +00:00 |
|
Alex Bilbie
|
19b12cda8e
|
Made getDefaultResponseType public
|
2016-01-17 14:08:53 +00:00 |
|
Alex Bilbie
|
6c787c374c
|
First commit of ResourceServerMiddleware
|
2016-01-17 14:08:42 +00:00 |
|
Alex Bilbie
|
cd68103267
|
New server constructor
|
2016-01-17 14:03:41 +00:00 |
|
Alex Bilbie
|
6332ecfa0b
|
Removed default overrides
|
2016-01-17 14:03:33 +00:00 |
|
Alex Bilbie
|
e43d95415b
|
Inject required params into grant type
|
2016-01-17 14:03:07 +00:00 |
|
Alex Bilbie
|
d755a8c01d
|
Updated the validation to BearerTokenResponse
|
2016-01-17 13:57:07 +00:00 |
|
Alex Bilbie
|
c7a904ca40
|
Added access token repository and public key path as required params to response type constructor
|
2016-01-17 13:56:46 +00:00 |
|
Alex Bilbie
|
8ee4dc7eb9
|
Fixed docblock
|
2016-01-17 13:56:14 +00:00 |
|
Alex Bilbie
|
645f719ee9
|
Added new repository setter methods to GrantTypeInterface
|
2016-01-17 13:55:12 +00:00 |
|
Alex Bilbie
|
0cc13630cc
|
Cody tidy
|
2016-01-17 13:54:55 +00:00 |
|
Alex Bilbie
|
e21a13c82c
|
Access token TTL is now configured on a per grant basis
|
2016-01-17 13:54:39 +00:00 |
|
Alex Bilbie
|
a4ce1e510e
|
Scope delimiter string is no longer configurable
|
2016-01-17 13:53:18 +00:00 |
|
Alex Bilbie
|
ad05a5cae6
|
Scope delimiter is no longer a required parameter
|
2016-01-17 13:51:56 +00:00 |
|
Alex Bilbie
|
e6cc6c35ec
|
Scope delimiter string is now a constant
|
2016-01-17 13:49:53 +00:00 |
|
Alex Bilbie
|
f74bca33ab
|
Removed parameters that are no longer required
|
2016-01-17 13:48:40 +00:00 |
|
Alex Bilbie
|
90d9d7bdd6
|
Required repositories are now set by the server
|
2016-01-17 13:47:44 +00:00 |
|
Julián Gutiérrez
|
8d8dbaea0c
|
normalize validatescopes
|
2016-01-17 14:35:43 +01:00 |
|
Alex Bilbie
|
03391e9630
|
Removed old access denied exception
|
2016-01-17 12:58:15 +00:00 |
|
Alex Bilbie
|
7242a8db31
|
Added access denied exception
|
2016-01-17 12:58:00 +00:00 |
|
Alex Bilbie
|
f44b618531
|
Docblock tidy
|
2016-01-17 12:57:50 +00:00 |
|
Alex Bilbie
|
9e4fd82763
|
Rewrote RefreshTokenGrant to understand encrypted tokens
|
2016-01-17 12:56:52 +00:00 |
|
Alex Bilbie
|
0744d8e926
|
Tidy up
|
2016-01-17 12:43:20 +00:00 |
|
Julián Gutiérrez
|
44ff8692dc
|
abstract common grants tasks
|
2016-01-17 00:41:55 +01:00 |
|
Alex Bilbie
|
dce1620f60
|
Removed unused imports
|
2016-01-15 18:37:46 +00:00 |
|
Alex Bilbie
|
bcd84320da
|
Updated docblocks
|
2016-01-15 18:37:26 +00:00 |
|
Alex Bilbie
|
a40374e6ec
|
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
|
2016-01-15 18:36:38 +00:00 |
|
Alex Bilbie
|
748ae15376
|
Updated docblock
|
2016-01-15 18:36:34 +00:00 |
|
Alex Bilbie
|
7811721d28
|
Merge pull request #421 from juliangut/deferred_creation
V5 - deferred default objects creation
|
2016-01-15 18:35:49 +00:00 |
|
Alex Bilbie
|
8f724bb720
|
Fix immutability issues
|
2016-01-15 18:32:53 +00:00 |
|
Julián Gutiérrez
|
65d981ad32
|
allow middleware use
|
2016-01-15 14:02:47 +01:00 |
|
Julián Gutiérrez
|
3de1b5917a
|
deferred default objects creation
|
2016-01-15 12:41:48 +01:00 |
|
Alex Bilbie
|
0fbe447862
|
Removed old exceptions
|
2016-01-15 00:17:13 +00:00 |
|
Alex Bilbie
|
84a9802a67
|
Removed ServerAwareTrait
|
2016-01-15 00:14:41 +00:00 |
|
Alex Bilbie
|
f7b3c018c5
|
Removed old authorization server
|
2016-01-15 00:05:59 +00:00 |
|
Alex Bilbie
|
a88c30cb53
|
Added invalid refresh token exception
|
2016-01-14 23:47:49 +00:00 |
|
Alex Bilbie
|
5e6f0fc6a3
|
Code tidy
|
2016-01-14 23:47:41 +00:00 |
|
Alex Bilbie
|
b57b497cb7
|
Revoke both refresh token and access token
|
2016-01-14 23:47:19 +00:00 |
|
Alex Bilbie
|
0b061e3086
|
Refresh token is encrypted payload now instead of JWT
|
2016-01-14 23:47:06 +00:00 |
|
Alex Bilbie
|
304ea2baf4
|
Encrypt refresh token parameters instead of using JWT
|
2016-01-14 23:46:24 +00:00 |
|
Alex Bilbie
|
56060b2c16
|
Code tidy
|
2016-01-14 23:45:36 +00:00 |
|
Alex Bilbie
|
633746b02e
|
Added KeyCrypt class
|
2016-01-14 23:44:39 +00:00 |
|
Alex Bilbie
|
936b8f93ec
|
Addititonal refresh token validation
|
2016-01-13 00:38:23 +00:00 |
|
Alex Bilbie
|
c1d15aa15c
|
Uset sub instead of uid
|
2016-01-13 00:38:08 +00:00 |
|
Alex Bilbie
|
79791e5848
|
Code tidy
|
2016-01-13 00:13:34 +00:00 |
|
Alex Bilbie
|
0efa7cd7ea
|
Set the uid on the refresh token
|
2016-01-13 00:13:16 +00:00 |
|
Alex Bilbie
|
eef5cf39d4
|
Fixes to refresh grant
|
2016-01-13 00:12:10 +00:00 |
|
Alex Bilbie
|
6fb3fb5110
|
Updated refresh token grant
|
2016-01-12 23:53:03 +00:00 |
|
Alex Bilbie
|
a2bbb17483
|
Updated repository method names
|
2016-01-12 23:52:08 +00:00 |
|
Alex Bilbie
|
3135f1796e
|
Generate a refresh token in password grant
|
2016-01-12 23:05:19 +00:00 |
|
Alex Bilbie
|
d565665ccb
|
Code tidy
|
2016-01-12 23:05:07 +00:00 |
|
Alex Bilbie
|
13a1ea6db8
|
Updated token interface to drop owner concept for simple user identifier
|
2016-01-12 23:04:33 +00:00 |
|
Alex Bilbie
|
6358be90c2
|
Token is now linked to a user identifier instead of owner concept
|
2016-01-12 23:04:03 +00:00 |
|
Alex Bilbie
|
de89a6bc89
|
Code tidy
|
2016-01-12 23:03:38 +00:00 |
|
Alex Bilbie
|
e03ad0d52f
|
Server constructor expects path to private key
|
2016-01-12 23:03:24 +00:00 |
|
Alex Bilbie
|
2a20de991b
|
Docblock update
|
2016-01-12 23:02:54 +00:00 |
|
Alex Bilbie
|
b8732a2f83
|
BearerTokenResponse now outputs JWTs. Fixes #209
|
2016-01-12 23:02:45 +00:00 |
|
Alex Bilbie
|
1bdad3ad14
|
Updated AbstractResponseType with interface methods
|
2016-01-12 23:01:55 +00:00 |
|