ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-29 00:10:43 +05:30
Code Issues Packages Projects Releases Wiki Activity
2,125 Commits 11 Branches 86 Tags 15 MiB
7a6c35bc29
Commit Graph

112 Commits

Author SHA1 Message Date
Andrew Millington
ef06c29ee8
Merge pull request #840 from liverbool/master 
BUGFIX: Wrong redirect uri.
 2018-02-11 20:20:41 +00:00
Andrew Millington
5fb9fc929a Reinstate check on client redirect URI to fail if multiple redirect URIs have been listed for the client and one has not been specified in the auth request 2018-02-11 20:10:01 +00:00
liverbool
b3cd73cac7 code cleaner 
cc.

Co-Authored-By: Andrew Millington <sephster@users.noreply.github.com>
 2018-02-09 05:54:05 +07:00
Sergio Gómez
1b692e2298 Fix S256 code challenge method 
According to [RFC7636#section-4.3](https://tools.ietf.org/html/rfc7636#section-4.3):

    If the "code_challenge_method" from Section 4.3 was "S256", the
    received "code_verifier" is hashed by SHA-256, base64url-encoded, and
    then compared to the "code_challenge", i.e.:

    BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge

So, the hash must be done before the base64_encode.

The tests are modified to use example data from the
[RFC7636#appendix-B](https://tools.ietf.org/html/rfc7636#appendix-B).
 2018-01-18 05:31:44 +01:00
liverbool
d22f222e65 BUGFIX: Wrong redirect uri. 
This's bugfix when redirect on error.
 2018-01-13 11:52:31 +07:00
Andrew Millington
1c36b70dab
Fixed ordering so we only hash after base64 encoding 2017-12-23 02:06:18 +00:00
Andrew Millington
f11e4c81cd
Merge pull request #697 from fkooman/fix-s256 
Fix PKCE code verifier encoding to match specification
 2017-12-23 01:52:33 +00:00
Andrew Millington
8c93fd74c9
Merge pull request #573 from ismailbaskin/master 
Include redirect_uri check on authorization endpoint
 2017-11-19 20:57:27 +00:00
Sephster
c895885700 Modify grants so only auth requests use default scopes 2017-11-13 22:19:44 +00:00
Andrew Millington
0f08063864 Fixed use of default scope so it is only for authorization requests 2017-11-06 22:33:28 +00:00
Andrew Millington
c996b66528 Add means to set default scopes for grants 2017-10-18 22:08:41 +01:00
Hugo Hamon
79038ced78 [BC Break] Fixes invalid code challenge method payload key name 
I guess this change might be a BC break for existing and active authorization tokens when they're validated by the server. The good thing is that an authorization token has a very short expiration time and is used once to request an access token.
 2017-08-02 17:55:11 +02:00
Alex Bilbie
f5c3ba0b24 Removed dead code 2017-07-01 18:22:51 +01:00
Alex Bilbie
aee1779432 Apply fixes from StyleCI 2017-07-01 16:19:23 +00:00
Alex Bilbie
0706d66c76 Don’t pad and shuffle the payload if an encryption key has been set 2017-07-01 16:45:29 +01:00
Alex Bilbie
4a717104fa Shuffle the contents of the authorization code payload 2017-07-01 16:45:29 +01:00
Alex Bilbie
57d199b889 Stricter validation of code challenge value to match RFC 7636 requirements 2017-07-01 16:44:43 +01:00
François Kooman
6426e597a3
Fix PKCE code verifier encoding to match specification 
The current implementation of PKCE does not follow the specification
correctly regarding the encoding of the code verifier. This patch
correctly encodes the hash of the code verifier according to
Appenix A of RFC 7636.
 2017-01-24 11:36:34 +01:00
Lukáš Unger
c874c59b9c Explicitly compare to false when checking not instanceof 2016-07-09 12:09:21 +02:00
Lukáš Unger
c3a4670c11 Updated PHPDoc 2016-07-09 02:01:53 +02:00
Alex Bilbie
5ee1583c5b Ensure state is in access denied redirect. Fixes #597 2016-06-28 09:03:01 +01:00
Alex Bilbie
8e8aed1a50 Implemented RFC7636. Fixes #574 2016-05-06 15:23:16 +01:00
İsmail BASKIN
7285ede563
Include redirect_uri check on authorization endpoint 2016-05-04 13:34:37 +03:00
Alex Bilbie
cdf43e498e Use constant for event name instead of explicit string. Fixes #563 2016-05-04 08:55:57 +01:00
Alex Bilbie
46e7eef14e Client could potentially return an array of redirect URIs 2016-04-18 12:12:36 +01:00
Alex Bilbie
51f44fdf17 Code tidy 2016-04-18 12:12:06 +01:00
Alex Bilbie
fb8f47e868 Added $mustValidateSecret parameter to ClientRepositoryInterface:: getClientEntity(). Fixes #550 2016-04-18 08:32:49 +01:00
Alex Bilbie
257318e524 Merge pull request #547 from lookyman/scope-fixes 
Fix scope loading in grants
 2016-04-17 13:06:57 +01:00
Alex Bilbie
f007e25070 Added copyright docblocks 2016-04-17 13:06:05 +01:00
Lukáš Unger
3904767873 Fix scope loading in grants 2016-04-17 13:50:56 +02:00
Alex Bilbie
2328f59601 Applied fixes from StyleCI 2016-04-10 12:16:40 -04:00
Bobselp
eb7526ae97 finalize scopes for AuthCodeGrant 2016-04-10 18:07:18 +02:00
Bobselp
03e8eb6157 revoke an used auth code 2016-04-10 18:05:16 +02:00
Alex Bilbie
92a483b3bd Improved tests 2016-04-10 16:14:01 +01:00
Alex Bilbie
5969082963 Fix tests and improve code coverate 2016-04-10 15:58:01 +01:00
Alex Bilbie
096a4a2883 Remove unused params 2016-04-10 14:22:32 +01:00
Alex Bilbie
a0c4900ee7 Client is not required here because of finalizeScopes method 2016-04-10 13:53:16 +01:00
Alex Bilbie
5d3516c7b4 Applied fixes from StyleCI 2016-04-10 06:48:46 -04:00
Alex Bilbie
4bc835c007 Updated AuthCodeGrant with new methods to validate and complete an authorization request 2016-04-10 11:48:21 +01:00
Alex Bilbie
b7064befe4 Checkin 2016-04-10 10:07:08 +01:00
Alex Bilbie
c6faa228fe Updated references to interfaces 2016-04-09 15:25:45 +01:00
Julián Gutiérrez
e513b42117 remove access token repository from response types 2016-03-28 12:10:51 +02:00
Alex Bilbie
630a92b45f Applied fixes from StyleCI 2016-03-24 06:07:20 -04:00
Alex Bilbie
6383a58755 Updated scope validation 2016-03-24 10:04:15 +00:00
Alex Bilbie
b5b5d9f347 Added finalizeScopes method to ScopeRepositoryInterface 2016-03-23 18:36:23 +00:00
Alex Bilbie
a698a4da7e Added RequestEvent 2016-03-23 12:54:17 +00:00
Alex Bilbie
878afeb9f9 ClientRepository implementations are now responsible for dealing with client secret 2016-03-22 16:29:04 +00:00
Alex Bilbie
09770dc537 Inject client into getUserEntityByUserCredentials method 2016-03-22 15:11:20 +00:00
Alex Bilbie
400eae153b Added grant and scopes to UserRepository getUserEntityByUserCredentials method 2016-03-22 14:18:02 +00:00
Julián Gutiérrez
4b775fe241 include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 00:25:32 +01:00