Merge branch 'release/0.2.2'

version number bump
Merge branch 'hotfix/resource-fixes' into develop
2025-05-31 14:12:07 +05:30 · 2012-09-19 19:29:18 +01:00 · 2012-09-19 19:29:14 +01:00 · 2012-09-19 19:27:58 +01:00 · 2012-09-19 19:27:32 +01:00 · 2012-09-19 19:27:04 +01:00
2 changed files with 27 additions and 8 deletions
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
 {
 	"name": "lncd/Oauth2",
 	"description": "OAuth 2.0 Framework",
-	"version": "0.2",
+	"version": "0.2.2",
 	"homepage": "https://github.com/lncd/OAuth2",
 	"license": "MIT",
 	"require": {
--- a/src/Oauth2/Resource/Server.php
+++ b/src/Oauth2/Resource/Server.php
@@ -2,7 +2,12 @@

 namespace Oauth2\Resource;

-class OAuthResourceServerException extends \Exception
+class ServerException extends \Exception
+{
+
+}
+
+class ClientException extends \Exception
 {

 }
@@ -56,7 +61,9 @@ class Server
     */
    public $errors = array(
        'missing_access_token'  =>  'An access token was not presented with the request',
-        'invalid_access_token'  =>  'The access token is not registered with the resource server'
+        'invalid_access_token'  =>  'The access token is not registered with the resource server',
+        'missing_access_token_details'  =>  'The registered database abstractor did not return a valid access token details response',
+        'invalid_access_token_scopes'   =>  'The registered database abstractor did not return a valid access token scopes response',
    );

    /**
@@ -147,21 +154,33 @@ class Server

            if ($result === false) {

-                throw new OAuthResourceServerException($this->errors['invalid_access_token']);
+                throw new ClientException($this->errors['invalid_access_token']);

            } else {

+                if ( ! array_key_exists('id', $result) || ! array_key_exists('owner_id', $result) || 
+                     ! array_key_exists('owner_type', $result)) {
+                    throw new ServerException($this->errors['missing_access_token_details']);
+                }
+
                $this->_accessToken = $accessToken;
                $this->_type = $result['owner_type'];
                $this->_typeId = $result['owner_id'];

                // Get the scopes
-                $this->_scopes = $this->_dbCall('sessionScopes', $result['id']);
+                $scopes = $this->_dbCall('sessionScopes', $result['id']);
+
+                if ( ! is_array($scopes))
+                {
+                    throw new ServerException($this->errors['invalid_access_token_scopes']);
+                }
+
+                $this->_scopes = $scopes;
            }

        } else {

-            throw new OAuthResourceServerException($this->errors['missing_access_token']);
+            throw new ClientException($this->errors['missing_access_token']);

        }
    }
@@ -208,11 +227,11 @@ class Server
    private function _dbCall()
    {
        if ($this->_db === null) {
-            throw new OAuthResourceServerException('No registered database abstractor');
+            throw new ServerException('No registered database abstractor');
        }

        if ( ! $this->_db instanceof Database) {
-            throw new OAuthResourceServerException('Registered database abstractor is not an instance of Oauth2\Resource\Database');
+            throw new ServerException('The registered database abstractor is not an instance of Oauth2\Resource\Database');
        }

        $args = func_get_args();
Author	SHA1	Message	Date
Alex Bilbie	085f849855	Merge branch 'release/0.2.2'	2012-09-19 19:29:18 +01:00
Alex Bilbie	6ea2f6480d	version number bump	2012-09-19 19:29:14 +01:00
Alex Bilbie	f75fef179a	Merge branch 'hotfix/resource-fixes' into develop	2012-09-19 19:27:58 +01:00
Alex Bilbie	a6cfd40b0f	Merge branch 'hotfix/resource-fixes'	2012-09-19 19:27:32 +01:00
Alex Bilbie	3f3b987fb1	Check responses from the database are valid	2012-09-19 19:27:04 +01:00
Alex Bilbie	58d0a988a9	Merge branch 'release/0.2' into develop	2012-08-27 16:05:50 +01:00