Alex Bilbie
d531a37412
Don't add scope IDs
2013-05-10 17:26:23 -07:00
Alex Bilbie
ba2dc90f3b
Altered associateScope logic
2013-05-10 17:08:20 -07:00
Alex Bilbie
7373f312da
Updated variable name
2013-05-10 17:08:10 -07:00
Alex Bilbie
a01810d8fa
Updated validateAuthCode in PDO Session
2013-05-10 17:07:29 -07:00
Alex Bilbie
3ea3eb5ebd
Implemented getAuthCodeScopes() in PDO Session
2013-05-10 17:07:06 -07:00
Alex Bilbie
11022e16ef
Updated validateAuthCode() in SessionInterface
2013-05-10 17:06:44 -07:00
Alex Bilbie
8d06a7b685
Updated getAuthCodeScopes() in SessionInterface
2013-05-10 17:06:05 -07:00
Alex Bilbie
c66c8092f9
Revert "Return the session_id for validateAuthCode instead of an array"
...
This reverts commit 51138f8738
.
2013-05-10 16:57:39 -07:00
Alex Bilbie
591139f44d
Added associateAuthCodeScope to PDO
2013-05-10 16:57:18 -07:00
Alex Bilbie
410ad09b5c
Updated PDO associateAuthCode
2013-05-10 16:56:38 -07:00
Alex Bilbie
51138f8738
Return the session_id for validateAuthCode instead of an array
2013-05-10 16:53:52 -07:00
Alex Bilbie
aa8d38108f
Associate scopes to auth codes in separate method. Creating an auth code now returns an ID
2013-05-10 16:53:21 -07:00
Alex Bilbie
9372cc85d0
Added getAuthCodeScopes() method
2013-05-10 16:50:34 -07:00
Alex Bilbie
accb80289f
Added associateAuthCodeScope() method
2013-05-10 16:50:13 -07:00
Alex Bilbie
ce51821043
If rotateRefreshTokens() is true then associate new access tokens
2013-05-10 16:13:06 -07:00
Alex Bilbie
eac33d50b3
Added missing semicolon
2013-05-10 16:12:43 -07:00
Alex Bilbie
2552b73b17
Added rotateRefreshTokens() method
2013-05-10 16:00:40 -07:00
Alex Bilbie
8c4019693b
Updated @ziege's patch to overcome awkward access token definition requirement (i.e. access token can have a space in it) and also optimised code. Fixes #52
2013-05-10 12:57:34 -07:00
ziege
b88ef82563
Fixed two probems in access token check
...
1) The method returned the wrong result in case when the access token itself contained the string "Bearer".
2) When using cURL, the request is sometimes send twice (in my case when the first request returned a 404 error), and the Authorization header of the second request is doubled, so that you get a "Authorization: Bearer XXX, Bearer XXX". This case is checked now. (BTW: Tested with the current PHP version 5.4.15 on Windows.)
2013-05-10 20:00:01 +02:00
Alex Bilbie
41a7125370
Accidentally used PHP 5.4 style bracket
2013-05-09 11:48:21 -07:00
Alex Bilbie
f4bcfee687
Update associated scopes if requested in refresh access token. Fixes #47
2013-05-09 11:42:28 -07:00
Alex Bilbie
6d8eb9d05e
Added removeRefreshToken method to SessionInterface
2013-05-09 11:40:29 -07:00
Alex Bilbie
76f2f6a5e1
Don't delete old sessions when issuing new access tokens using the Password or Client Credential grants. Fixes #32
2013-05-09 10:43:44 -07:00
Alex Bilbie
d677b765b2
Renamed scopes.key to scopes.scope. Updated ScopeInterface and PDO/Scope. Fixes #45
2013-05-09 10:23:41 -07:00
Alex Bilbie
7035792325
Allow for multiple default scopes. Fixes #42
2013-05-09 10:15:36 -07:00
Alex Bilbie
351c2e97ea
If scope parameter is required and there are not requested scopes AND there is no default scope set then fail
...
Should have been included in with previous commit
2013-05-09 10:06:44 -07:00
Alex Bilbie
ddefb2ee16
Set the scope parameter to not be required by default. Fixes #43
2013-05-09 10:02:41 -07:00
Alex Bilbie
69af252844
Fixed docblock
2013-05-09 09:45:10 -07:00
Alex Bilbie
77fbb2a851
Removed docblocks from session PDO class
2013-05-09 07:55:54 -07:00
Alex Bilbie
c0683586e2
A refresh token should be bound to a client ID
2013-05-09 07:55:10 -07:00
Alex Bilbie
dbe21cc5a7
Removed null as default for parameters
2013-05-08 19:36:00 -07:00
Alex Bilbie
972e517280
Added example queries and expected responses
2013-05-08 18:37:34 -07:00
Alex Bilbie
ca9760cd36
Updated docblocks and example queries in scope and client storage interfaces
2013-05-08 18:16:24 -07:00
Alex Bilbie
1e57533127
Added getClientId method
2013-05-08 18:06:18 -07:00
Alex Bilbie
92e217d0ac
Show default parameters
2013-05-08 18:06:09 -07:00
Alex Bilbie
707354348a
Changed scope to be a delimiter to a space as required by the spec
2013-05-08 17:42:15 -07:00
Alex Bilbie
46f0e6c84d
Updated docblocks
2013-05-08 17:04:01 -07:00
Alex Bilbie
1dd768545a
Updated more docblocks
2013-05-08 14:10:58 -07:00
Alex Bilbie
787c8c566f
Updated docblocks
2013-05-08 14:10:48 -07:00
Alex Bilbie
fd10861065
Added missing docblock
2013-05-08 14:10:15 -07:00
Alex Bilbie
0812ca2927
Added missing clientId variable, fixed docblock
2013-05-08 13:59:17 -07:00
Alex Bilbie
a8a375ed1f
Anal code style fix
2013-05-08 13:40:15 -07:00
Alex Bilbie
e2350a65b1
Removed unused functions
2013-05-08 13:24:29 -07:00
Alex Bilbie
437833cd32
Renamed AuthServer to Authorization, renamed ResourceServer to Resource. Updated all tests and other files
2013-05-08 11:42:23 -07:00
Alex Bilbie
1df524ae6e
Added missing docblocks
2013-05-08 11:31:38 -07:00
Alex Bilbie
9d1693cf78
Fixed incorrect @link
2013-05-08 11:30:53 -07:00
Alex Bilbie
5524e9b9c8
Moved files into server namespace/folder and updated docblock copyright statements
2013-05-08 11:29:24 -07:00
Alex Bilbie
850473ce40
Renamed namespace to League\OAuth2\
2013-05-08 11:06:09 -07:00
Alex Bilbie
56b8b7c64e
Updated associateRefreshToken to use expire time
2013-05-08 10:38:16 -07:00
Alex Bilbie
d6932cbb5e
Renamed get/setExpiresIn to get/setAccessTokenTTL
2013-05-08 10:35:13 -07:00
Alex Bilbie
c77484e97b
Added refresh token TTL
2013-05-08 10:34:25 -07:00
Alex Bilbie
9f90cd2635
Added method to set the auth token TTL
2013-05-07 15:20:32 -07:00
Alex Bilbie
8fd9e3f312
Renamed setExpiresIn method to accessTokenTTL
2013-05-07 15:16:30 -07:00
Alex Bilbie
fdebbac2df
Allow grant access token expiresIn override
2013-05-06 15:04:00 -07:00
Alex Bilbie
a561a9d98a
Throw an exception if a grant can't be loaded when called in getGrantType
2013-05-06 13:57:46 -07:00
Alex Bilbie
38f6be2aa0
Removed unnecessary methods
2013-05-05 18:22:03 +01:00
Alex Bilbie
d0abd8c295
Fixed getting of session scopes
2013-05-05 18:18:55 +01:00
Alex Bilbie
9be23cf222
Added session scopes
2013-05-05 18:16:28 +01:00
Alex Bilbie
90508a191d
Get scopes by access token instead of session ID
2013-05-05 18:14:27 +01:00
Alex Bilbie
10d7d3cb3d
Updated response params
2013-05-05 18:11:01 +01:00
Alex Bilbie
89850420f6
Updated query to return session details
2013-05-05 18:09:47 +01:00
Alex Bilbie
9b73eab07c
SQL query fix
2013-05-05 18:06:00 +01:00
Alex Bilbie
6897e233d4
Changed variable syntax style to be PSR2
2013-05-05 18:05:46 +01:00
Alex Bilbie
acfadc8993
Actually fixed the bug in validateAccessToken this time
2013-05-05 18:01:00 +01:00
Alex Bilbie
cc81e20206
Bug fix in validateAccessToken
2013-05-05 18:00:08 +01:00
Alex Bilbie
92303c7b26
Implemented validateAccessToken in PDO
2013-05-05 17:58:40 +01:00
Alex Bilbie
2866185349
Updated implicit grant
2013-04-30 15:51:55 +01:00
Alex Bilbie
b9570ac6b0
Fixed getScopes
2013-04-30 15:48:11 +01:00
Alex Bilbie
2a3ae641ab
Added getAccessToken, fixed validateRefreshToken docblock
2013-04-30 15:38:48 +01:00
Alex Bilbie
d149490c78
Updated getScopes
2013-04-30 15:32:07 +01:00
Alex Bilbie
c0d8a2c4fb
Lots of updated functions
2013-04-30 15:08:20 +01:00
Alex Bilbie
5b03859467
Removed unnecessary code
2013-04-30 15:08:03 +01:00
Alex Bilbie
a661634194
Updated refresh token grant
2013-04-30 15:07:44 +01:00
Alex Bilbie
c73d45fc07
PSR-2 fix
2013-04-30 14:33:30 +01:00
Alex Bilbie
85a53d7470
Fixed Password grant to match past updates
2013-04-30 14:28:59 +01:00
Alex Bilbie
18eea191ed
Fixed docblock
2013-04-30 14:28:40 +01:00
Alex Bilbie
14cff9ea44
Added missing db init
2013-04-29 11:59:45 +01:00
Alex Bilbie
1696903b8b
Removed extra bracket
2013-04-29 11:53:20 +01:00
Alex Bilbie
13c67c9a40
Updated completeFlow
2013-04-29 11:31:07 +01:00
Alex Bilbie
2dcb81d93c
Updated newAuthoriseRequest
2013-04-29 11:25:23 +01:00
Alex Bilbie
b39a9a5edc
Added missing DB instance::get() calls
2013-04-29 11:13:31 +01:00
Alex Bilbie
325242e3aa
Added missing third parameter
2013-04-29 11:12:35 +01:00
Alex Bilbie
757d2a4fd9
Removed scalar type hinting because it isn't supported
2013-04-29 11:11:16 +01:00
Alex Bilbie
725ab74e5c
Updated PDO session
2013-04-29 11:02:32 +01:00
Alex Bilbie
b7ca5d330b
Updated associateRefreshToken
2013-04-29 11:02:03 +01:00
Alex Bilbie
4034bea6d1
Updated client credentials grant
2013-04-29 10:36:35 +01:00
Alex Bilbie
6751c4d2fe
Fixed mistake from previous commit
2013-04-29 10:35:47 +01:00
Alex Bilbie
53a55d4946
Completely scrapped the old SessionInterface and simplified it
2013-04-29 10:34:11 +01:00
Alex Bilbie
79338d0d75
Delete an associated auth code
2013-04-29 00:02:00 +01:00
Alex Bilbie
17bc6a1512
Comment update
2013-04-29 00:01:51 +01:00
Alex Bilbie
6543ebcd4d
Updated updateSession code
2013-04-29 00:01:34 +01:00
Alex Bilbie
351bec6019
Don't associate a scope with a session, we associate it with an access token later
2013-04-29 00:01:07 +01:00
Alex Bilbie
a4715bfc3b
Updated create a new session
2013-04-29 00:00:04 +01:00
Alex Bilbie
4ef8030a93
First commit of PDO storage class
2013-04-28 23:58:01 +01:00
Alex Bilbie
7bfbe81f61
Started PDO storage classes
2013-04-28 23:57:50 +01:00
Alex Bilbie
81d6bcf00a
Changed params around and removed line breaks
2013-04-28 23:57:29 +01:00
Alex Bilbie
a265b027cc
Removed stage parameter
2013-04-23 13:52:21 +01:00
Alex Bilbie
4727a83d84
Removed stage parameter
2013-04-23 13:29:33 +01:00
Alex Bilbie
645d412c02
Removed die(var_dump())
2013-03-31 13:57:35 +01:00
Alex Bilbie
5f1609577e
Added stateParamRequired method
2013-03-31 13:57:24 +01:00
Alex Bilbie
351580d9d8
Added getResponseTypes() method
2013-03-31 13:37:12 +01:00
Alex Bilbie
9c9db978c6
Move authorisation code grant stuff into own grant
2013-03-31 13:37:02 +01:00
Alex Bilbie
a18b4184f5
getScopes() now have the grant type and client ID passed
2013-03-28 10:44:45 +00:00
Alex Bilbie
a7b4f7d66b
Added grant to getClient calls. Fixes #21
2013-03-27 14:47:07 +00:00
Alex Bilbie
3481ec8aa2
Variable name fixes + little changes to support unit tests
2013-03-27 14:26:46 +00:00
ziege
e563230f10
Method to get all headers for the error response
...
Method added to get all required headers for the error response, according to the RFC - the correct HTTP status code and the "WWW-Authenticate" header in special cases.
2013-03-27 13:33:09 +00:00
ziege
4cb4d5ba21
Refresh token removed in Client Credentials Grant
...
As defined in RFC: http://tools.ietf.org/html/rfc6749#section-4.4.3
2013-03-27 13:25:58 +00:00
ziege
74d9946db3
Storage corrected
...
Wrong client storage replaced with session storage
2013-03-22 17:24:36 +01:00
Alex Bilbie
85312f6995
Updated ClientCredentials to properly include scopes
2013-03-22 12:36:18 +00:00
Alex Bilbie
f463eb9db1
Style fixes
2013-03-22 11:44:53 +00:00
Alex Bilbie
f4cdfa91c1
Updated Password grant
2013-03-22 11:41:04 +00:00
Alex Bilbie
105a5b2a31
Fixed client_id and client_secret retrieval from request in conformity with the RFC
2013-03-22 10:40:47 +00:00
Alex Bilbie
493834fcbf
Removed base64 decoding of token when present in authorization header. Fixes #23
2013-03-22 10:35:42 +00:00
Alex Bilbie
fce24aa74d
Added getDefaultScope method
2013-03-21 16:22:44 +00:00
Alex Bilbie
0c30b9ca66
Added scopeParamRequired method
2013-03-21 16:22:29 +00:00
Alex Bilbie
03aa81450e
Renamed method to setDefaultScope
2013-03-21 16:22:16 +00:00
Michael Gooden
5bd62fe942
Add optional default scope parameter.
...
Signed-off-by: Michael Gooden <me@michaelgooden.net>
2013-03-21 14:47:29 +00:00
lapause
26781d2c38
Corrected wrong return documentation for SessionInterface::validateAuthCode() method
2013-03-21 14:42:51 +00:00
lapause
18e1bb33de
Added missing details (return values on failure) to methods of SessionInterface
2013-03-21 14:42:47 +00:00
lapause
3a6468897f
Removed obsolete namespace inclusion
2013-03-21 14:42:43 +00:00
lapause
97484eea6a
Typo correction in inline doc
2013-03-21 14:42:38 +00:00
Alex Bilbie
3341728eb2
Added implicit grant
2013-03-06 18:01:44 +00:00
Alex Bilbie
6b172d4c27
Made getGrantType public for use with implicit grant
2013-03-06 18:01:34 +00:00
Alex Bilbie
4962762c28
Change from static calls
2013-03-06 18:01:12 +00:00
Alex Bilbie
56b559894c
Spelling fix
2013-03-06 17:57:48 +00:00
Alex Bilbie
a9a68a5cc8
Added scope parameter association for clientcredentials and password scope
...
TODO: Unit tests
2013-03-06 17:18:48 +00:00
Alex Bilbie
542ca52d49
Set a default parameter for getParam
2013-03-06 17:18:13 +00:00
Alex Bilbie
7d0c075b36
It ain't static anymore Jim
2013-03-06 17:18:04 +00:00
Alex Bilbie
07c07ccb5e
Removed static functions, inject authserver instance into grants
2013-03-06 16:59:18 +00:00
Michael Gooden
f70c039275
Fix state parameter check typo
2013-03-04 17:31:59 +02:00
Alex Bilbie
34a7d14557
Added requireStateParam() method. Fixes #9
2013-03-04 13:15:12 +00:00
Alex Bilbie
f5b6b43bef
Added requireScopes() method
2013-03-04 13:10:00 +00:00
Michael Gooden
3be3794311
Normalise long function definition.
...
Signed-off-by: Michael Gooden <michael@bluepointweb.com>
2013-03-04 12:20:11 +00:00
Michael Gooden
710c65aa42
Fix typo in SessionInterface::validateAuthCode.
2013-03-04 12:20:11 +00:00
Alex Bilbie
ffac434bcc
Added missing state parameter
2013-02-22 15:38:47 +00:00
Alex Bilbie
822669fc0c
Update getScopes
2013-02-21 17:51:01 +00:00
Alex Bilbie
22dcef33da
Fixed SQL to get a session\'s scopes
2013-02-21 17:42:30 +00:00
Alex Bilbie
43d064733f
Changed all mentions of authentication to authorization server
2013-02-20 12:40:42 +00:00
Alex Bilbie
e3f13bf545
Use self::getParam
2013-02-19 00:40:30 +00:00
Alex Bilbie
4b63c20a58
Updated docblocks with correct SQL
2013-02-19 00:26:28 +00:00
Alex Bilbie
92d9435bba
Added method to get the exception type
2013-02-15 16:29:00 +00:00
Alex Bilbie
f818bdf40e
Updated docblocks
2013-02-13 19:59:08 +00:00
Alex Bilbie
246732153c
Updated grantTypes to use AuthServer::getParam()
2013-02-13 19:39:43 +00:00
Alex Bilbie
4506037bda
Docblock updates
2013-02-13 19:36:56 +00:00
Alex Bilbie
d99002ef2f
Renamed variable as $authParams is no longer used
2013-02-13 19:36:10 +00:00
Alex Bilbie
1e2d2b3d25
Added AuthServer::getParam() function to reduce repetitive code
2013-02-13 18:25:10 +00:00
Alex Bilbie
0f4546db47
Changed 'oauth_token' to 'access_token'
2013-02-13 17:10:44 +00:00
Alex Bilbie
1cfe10105a
Updated docblocks for the two main classes
2013-02-12 20:33:23 +00:00
Alex Bilbie
e771099568
Removed unnecessary functions
2013-02-12 17:22:15 +00:00
Alex Bilbie
61d1685e84
Minor fixes to password grant
2013-02-12 16:45:33 +00:00