Commit Graph

1016 Commits

Author SHA1 Message Date
Alex Bilbie
3af75729b8 Applied fixes from StyleCI 2016-03-17 07:22:59 -04:00
Alex Bilbie
7b8d9c9af3 Added missing RendererInterface 2016-03-17 11:22:04 +00:00
Alex Bilbie
15b6506644 No need to use Zend\Diactoros\Stream 2016-03-17 11:21:53 +00:00
Alex Bilbie
bd12c8b1a9 Fix exception usage 2016-03-17 11:18:59 +00:00
Alex Bilbie
c3c49c83f9 Merge pull request #472 from juliangut/templating
V5 - Template renderer holds template related information
2016-03-17 10:49:14 +01:00
Alex Bilbie
2f459b6470 Merge pull request #470 from juliangut/clarify
V5 - Clarify names and return types
2016-03-16 17:35:39 +01:00
Julián Gutiérrez
ee91072455 template renderer holds template related information 2016-03-16 12:32:21 +01:00
Alex Bilbie
d635b3484b Fix broken code 2016-03-15 21:30:18 +00:00
Alex Bilbie
3365f3d733 Moved client secret validation to abstract grant. Fixes #460 2016-03-15 21:30:13 +00:00
Alex Bilbie
c7a5a57304 Added getSecret method to ClientEntityInterface 2016-03-15 21:29:35 +00:00
Julián Gutiérrez
ae0edc40aa clarify names and return types 2016-03-15 22:25:28 +01:00
Alex Bilbie
7159352108 Applied fixes from StyleCI 2016-03-15 17:21:21 -04:00
Alex Bilbie
a70bc2360a Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-15 21:21:08 +00:00
Alex Bilbie
472ec68bbe Removed validateAccessToken from abstract response type 2016-03-15 21:20:59 +00:00
Alex Bilbie
e946c1e106 Remove old MAC output type 2016-03-15 21:20:46 +00:00
Julián Gutiérrez
66e473b1f0 clean use statment 2016-03-15 20:57:32 +01:00
Julián Gutiérrez
91c8daeb99 normalize repositories visibility 2016-03-15 20:54:59 +01:00
Julián Gutiérrez
9e04da01de unused use statements 2016-03-15 01:18:54 +01:00
Julián Gutiérrez
592f60de70 allways extract scopes from repository 2016-03-15 01:10:47 +01:00
Alex Bilbie
5ae9827d67 Merge pull request #461 from juliangut/extract_scopes
V5 - scopes extraction from querystring on auth_code and implicit grants
2016-03-14 12:36:17 +01:00
Julián Gutiérrez
9b665f494f convert JWT to string for http_build_query 2016-03-14 01:00:06 +01:00
Julián Gutiérrez
ced63e2051 allow scopes extraction on GET requests for auth_code and implicit grants 2016-03-14 00:12:14 +01:00
Julián Gutiérrez
a0402f1994 throw exception instead of return Response 2016-03-11 00:01:19 +01:00
Alex Bilbie
4ab9c52767 Merge pull request #448 from juliangut/validate_authenticated_request
V5 - rename validateRequest
2016-03-10 17:47:28 +00:00
Alex Bilbie
2b2d4a3df7 Merge pull request #444 from juliangut/secure_body_params_access
V5 - Secure access to body params
2016-03-10 17:47:20 +00:00
Alex Bilbie
4c55b6879d Merge pull request #457 from juliangut/renderer
V5 - Allow different template engines
2016-03-10 17:43:20 +00:00
Alex Bilbie
edf0ee8622 Removed unused code 2016-03-10 17:34:25 +00:00
Alex Bilbie
3b4a8cf5f3 Added code coverage ignore comments 2016-03-10 17:22:10 +00:00
Alex Bilbie
5074ad9a6c Fixed request attribute 2016-03-10 15:50:04 +00:00
Alex Bilbie
01517bb57a Added missing namespace 2016-03-10 15:09:56 +00:00
Julián Gutiérrez
320d9e65d5 StyleCI always watching upon us 2016-03-09 12:44:47 +01:00
Julián Gutiérrez
1218cede79 allow different template engines 2016-03-09 12:32:01 +01:00
Julián Gutiérrez
1bdeb71efb make StyleCI happy 2016-03-08 21:59:10 +01:00
Julián Gutiérrez
1632b80631 Merge branch 'V5-WIP' into secure_body_params_access 2016-03-08 21:57:43 +01:00
Alex Bilbie
997d390f3d Applied fixes from StyleCI 2016-02-22 03:00:50 -05:00
Alex Bilbie
e2794c47af First commit of the implicit grant 2016-02-22 07:59:17 +00:00
Alex Bilbie
0d0aaa8764 Use the new access token covertToJWT method 2016-02-22 07:58:59 +00:00
Alex Bilbie
ad270f7d9d Redirect either with query string parameters or fragment parameters 2016-02-22 07:58:44 +00:00
Alex Bilbie
a1bdaae9a9 Access token can now return a JWT from itself 2016-02-22 07:58:25 +00:00
Alex Bilbie
e08669d50c Doc improvements 2016-02-22 07:58:12 +00:00
Alex Bilbie
d02437dd73 Improved testing 2016-02-21 18:13:39 +00:00
Alex Bilbie
eedcfe115c Bug fixes 2016-02-21 17:09:12 +00:00
Alex Bilbie
2488cbd55d Bug fixes 2016-02-21 17:08:49 +00:00
Alex Bilbie
7f539f8736 Removed unused exception parameters 2016-02-21 16:40:01 +00:00
Alex Bilbie
d0878300d0 Bug fix for AuthCodeGrant 2016-02-21 14:32:16 +00:00
Alex Bilbie
97c138bb0b Removed unused SecureKey class 2016-02-20 10:05:15 +00:00
Alex Bilbie
a2460886f6 Applied fixes from StyleCI 2016-02-19 18:09:39 -05:00
Julián Gutiérrez
a644eacea7 Merge branch 'V5-WIP' into move_identifier_generation 2016-02-18 18:14:59 +01:00
Alex Bilbie
e8a01c3bcd Fix for logic 2016-02-18 12:07:36 +00:00
Alex Bilbie
064eb85f4e AbstractGrant now handles persisting tokens 2016-02-18 12:07:23 +00:00
Alex Bilbie
704e114568 Updated AuthCodeGrant 2016-02-18 10:49:39 +00:00
Alex Bilbie
3b36ae9000 Rewrote validateClient method to progressively test client secret and redirect URI 2016-02-18 10:49:05 +00:00
Alex Bilbie
7f67000d53 Provided implementation of new client entity methods 2016-02-18 10:48:23 +00:00
Alex Bilbie
de000b72a4 Updated ClientEntityInterface with additional methods 2016-02-18 10:48:12 +00:00
Alex Bilbie
0d8cb0d06f Fixes for RefreshTokenGrant 2016-02-18 10:47:30 +00:00
Alex Bilbie
fc53d636f5 Updated getClientEntity now just requires the client ID and the grant type 2016-02-18 10:47:06 +00:00
Julián Gutiérrez
dbcaaa1f35 rename determineAccessTokenInHeader 2016-02-13 14:38:23 +01:00
Julián Gutiérrez
5d6634aa9f Merge branch 'V5-WIP' into move_identifier_generation 2016-02-13 14:11:38 +01:00
Julián Gutiérrez
099c9ce41b move token identifier generation 2016-02-13 14:07:09 +01:00
Alex Bilbie
335630f150 Added code coverage ignore docblocks 2016-02-12 18:08:27 +00:00
Alex Bilbie
e20c529f39 Added isExpired method to refresh token 2016-02-12 17:53:42 +00:00
Alex Bilbie
7f2fd69d0a Removed respondsWith from interface 2016-02-12 17:52:37 +00:00
Alex Bilbie
29068dd84c Removed responseWith method 2016-02-12 17:51:59 +00:00
Alex Bilbie
9a8b7ec898 Removed old codecept tests 2016-02-12 17:46:30 +00:00
Julián Gutiérrez
1f6bb40952 correcting param access mistake 2016-02-12 18:45:47 +01:00
Julián Gutiérrez
2f914a0aa3 secure params access on authcode grant 2016-02-12 18:32:09 +01:00
Julián Gutiérrez
95e3c1d1a2 Merge branch 'V5-WIP' into secure_body_params_access 2016-02-12 17:10:52 +01:00
Alex Bilbie
655f6b9771 Merge pull request #445 from juliangut/abstract_token_validation
V5 - Abstract access token validation
2016-02-12 14:31:18 +00:00
Alex Bilbie
d95958bae4 Small fixes 2016-02-12 14:28:24 +00:00
Alex Bilbie
85b9412813 Multiple fixes 2016-02-12 14:18:52 +00:00
Alex Bilbie
1a5030200a The response may be a PSR response which is valid 2016-02-12 14:18:45 +00:00
Alex Bilbie
796106b6c1 Fix for non-imported namespace 2016-02-12 14:18:34 +00:00
Alex Bilbie
4234b69f3a Fix for method calls 2016-02-12 14:18:10 +00:00
Alex Bilbie
0115c41eea Numerous bug fixes 2016-02-12 13:32:58 +00:00
Julián Gutiérrez
f314154216 abstract access token validation 2016-02-12 14:19:47 +01:00
Alex Bilbie
5e326d9e45 First commit of respondToAccessTokenRequest 2016-02-12 13:01:25 +00:00
Julián Gutiérrez
d2760e4ec7 secure access to body params 2016-02-12 13:56:14 +01:00
Alex Bilbie
2025749fa4 Updated respondToAuthorizationRequest to use Plates templates instead of custom ResponseType 2016-02-12 11:55:41 +00:00
Alex Bilbie
1c913fe75e Added default basic HTML login + authorise templates 2016-02-12 11:32:09 +00:00
Alex Bilbie
ac9955b393 Removed response type interfaces for auth code login + authorize because they were a stupid idea 2016-02-12 11:30:59 +00:00
Alex Bilbie
fccb06ed67 First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed 2016-02-12 10:01:15 +00:00
Alex Bilbie
f29703ea24 Updated Docblock 2016-02-12 10:00:41 +00:00
Alex Bilbie
dcc3f5d856 First commit of new ResponseTypes 2016-02-12 10:00:32 +00:00
Alex Bilbie
264eba9f20 Updated AuthCodeRepositoryInterface 2016-02-12 10:00:22 +00:00
Alex Bilbie
c2c199cf98 Added issueAuthCode method 2016-02-12 10:00:10 +00:00
Alex Bilbie
0b6bcad9fb Added getCookieParameter method 2016-02-12 09:59:59 +00:00
Alex Bilbie
38a7e53cb5 Added optional redirectUri parameter to accessDenied method 2016-02-12 09:59:47 +00:00
Alex Bilbie
f4b83baf74 Fix getClientEntity method call 2016-02-12 09:09:39 +00:00
Alex Bilbie
5a08a0cbe2 Merge branch 'V5-WIP' into V5-AuthCode
# Conflicts:
#	src/Grant/AbstractGrant.php
2016-02-12 09:06:28 +00:00
Alex Bilbie
7a628409db Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00
Alex Bilbie
c6d806d3f7 Docblock updates 2016-02-12 09:02:33 +00:00
Alex Bilbie
bfcf7af4d8 Added getQueryStringParameter method 2016-02-12 09:02:17 +00:00
Alex Bilbie
d96f57d27f Got rid of mystery $identifier class property, moved it to the getIdentifier method 2016-02-12 08:33:59 +00:00
Julián Gutiérrez
8b185e0580 Merge branch 'V5-WIP' into minor_merge 2016-02-12 00:12:56 +01:00
Alex Bilbie
ca776e83a2 Fix for header writing 2016-02-11 17:58:35 +00:00
Alex Bilbie
ddf3f1b890 Merge branch 'V5-WIP' into V5-AuthCode 2016-02-11 17:50:08 +00:00
Alex Bilbie
a40ac5d77b Minor fixes 2016-02-11 17:49:41 +00:00
Alex Bilbie
4bc89f3fc2 Removed unused import 2016-02-11 17:49:31 +00:00
Alex Bilbie
11d25eb5a1 Removed old exceptions 2016-02-11 17:49:24 +00:00
Alex Bilbie
770bda8f10 Merge pull request #431 from juliangut/redirectUri
V5 - use Psr\Http\Message\UriInterface
2016-02-11 17:35:33 +00:00
Alex Bilbie
7a8c92b3d9 Merge pull request #435 from juliangut/exception_middleware
V5 - Exception based access token check
2016-02-11 17:34:31 +00:00
Alex Bilbie
92a101f263 First commit of AuthCode rewrite 2016-02-11 17:30:01 +00:00
Julián Gutiérrez
b85f81c429 configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00
Julián Gutiérrez
8fb64041df client secret can be null 2016-01-20 12:50:23 +01:00
Julián Gutiérrez
44155a8efc allow refresh token ttl assign 2016-01-20 12:21:44 +01:00
Julián Gutiérrez
b7b1f56d0c stream write fix 2016-01-20 10:58:45 +01:00
Julián Gutiérrez
3e5889e93b minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00
Julián Gutiérrez
ef5904ab1a exception based determineAccessTokenInHeader 2016-01-20 00:32:59 +01:00
Julián Gutiérrez
94cc7c2bc7 fix server reference 2016-01-20 00:16:12 +01:00
Alex Bilbie
1e1043c04f Merge pull request #432 from juliangut/middleware
V5 - authentication middleware
2016-01-17 19:33:38 +00:00
Julián Gutiérrez
8591fc7686 moved to authentication middleware 2016-01-17 18:40:26 +01:00
Alex Bilbie
86b75edca0 Merge pull request #430 from juliangut/scopedelimiter
V5 - remove scopedelimiter parameter
2016-01-17 16:40:55 +00:00
Alex Bilbie
13ddec3283 Fix for PasswordGrant 2016-01-17 16:38:25 +00:00
Alex Bilbie
322caa77af Fixes for RefreshTokenGrant 2016-01-17 16:35:52 +00:00
Julián Gutiérrez
95634fb390 compound redirect uri with Psr\Http\Message\UriInterface 2016-01-17 17:28:27 +01:00
Alex Bilbie
6beb8d42ff Replaced SecureKey::generate with random_bytes method 2016-01-17 16:16:01 +00:00
Julián Gutiérrez
6cffbfe33b remove scopedelimiter parameter 2016-01-17 17:01:08 +01:00
Alex Bilbie
5fcb47d66a Merge pull request #425 from juliangut/scopes_extraction
V5 - normalize validatescopes
2016-01-17 14:59:37 +00:00
Alex Bilbie
8566a128c8 Pass errors back up the chain 2016-01-17 14:56:42 +00:00
Alex Bilbie
419cb6d149 Use first array result 2016-01-17 14:56:35 +00:00
Alex Bilbie
f1d06e7c33 Use the error returned from the response type 2016-01-17 14:56:06 +00:00
Alex Bilbie
212938d1e2 Fixed call to static 2016-01-17 14:55:48 +00:00
Alex Bilbie
cd19f11799 Fixed conversion to response object 2016-01-17 14:55:36 +00:00
Julián Gutiérrez
4862ca7d60 fix conflicts 2016-01-17 15:49:55 +01:00
Alex Bilbie
660378c7b3 Added MAC auth scheme to 401 header 2016-01-17 14:28:13 +00:00
Alex Bilbie
3d08051cbb Removed default wording as there is no override 2016-01-17 14:23:18 +00:00
Alex Bilbie
0486d93fa3 Removed default wording as there are no overrides 2016-01-17 14:23:02 +00:00
Alex Bilbie
5a8659471c Public key is set in abstract grant now 2016-01-17 14:21:53 +00:00
Alex Bilbie
f6664c6917 Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00
Alex Bilbie
5f22ead287 Updated access denied hint 2016-01-17 14:11:21 +00:00
Alex Bilbie
19b12cda8e Made getDefaultResponseType public 2016-01-17 14:08:53 +00:00
Alex Bilbie
6c787c374c First commit of ResourceServerMiddleware 2016-01-17 14:08:42 +00:00
Alex Bilbie
cd68103267 New server constructor 2016-01-17 14:03:41 +00:00
Alex Bilbie
6332ecfa0b Removed default overrides 2016-01-17 14:03:33 +00:00
Alex Bilbie
e43d95415b Inject required params into grant type 2016-01-17 14:03:07 +00:00
Alex Bilbie
d755a8c01d Updated the validation to BearerTokenResponse 2016-01-17 13:57:07 +00:00
Alex Bilbie
c7a904ca40 Added access token repository and public key path as required params to response type constructor 2016-01-17 13:56:46 +00:00
Alex Bilbie
8ee4dc7eb9 Fixed docblock 2016-01-17 13:56:14 +00:00
Alex Bilbie
645f719ee9 Added new repository setter methods to GrantTypeInterface 2016-01-17 13:55:12 +00:00
Alex Bilbie
0cc13630cc Cody tidy 2016-01-17 13:54:55 +00:00
Alex Bilbie
e21a13c82c Access token TTL is now configured on a per grant basis 2016-01-17 13:54:39 +00:00
Alex Bilbie
a4ce1e510e Scope delimiter string is no longer configurable 2016-01-17 13:53:18 +00:00
Alex Bilbie
ad05a5cae6 Scope delimiter is no longer a required parameter 2016-01-17 13:51:56 +00:00
Alex Bilbie
e6cc6c35ec Scope delimiter string is now a constant 2016-01-17 13:49:53 +00:00
Alex Bilbie
f74bca33ab Removed parameters that are no longer required 2016-01-17 13:48:40 +00:00
Alex Bilbie
90d9d7bdd6 Required repositories are now set by the server 2016-01-17 13:47:44 +00:00
Julián Gutiérrez
8d8dbaea0c normalize validatescopes 2016-01-17 14:35:43 +01:00
Alex Bilbie
03391e9630 Removed old access denied exception 2016-01-17 12:58:15 +00:00
Alex Bilbie
7242a8db31 Added access denied exception 2016-01-17 12:58:00 +00:00
Alex Bilbie
f44b618531 Docblock tidy 2016-01-17 12:57:50 +00:00