mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-05-31 14:12:07 +05:30
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
ddff5f923d | ||
|
|
17e72e0cf4 | ||
|
c25be195f9 | ||
|
|
d842d395d0 | ||
|
|
9afa707d54 | ||
|
|
33a725606d | ||
|
|
e3f13bf545 | ||
|
|
dbc80a4360 | ||
|
|
4b63c20a58 |
@@ -9,7 +9,7 @@ The framework is provided as a Composer package which can be installed by adding
|
||||
```javascript
|
||||
{
|
||||
"require": {
|
||||
"lncd\OAuth2": "*"
|
||||
"lncd/OAuth2": "*"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "lncd/oauth2",
|
||||
"description": "OAuth 2.0 Framework",
|
||||
"version": "1.0.0",
|
||||
"version": "1.0.2",
|
||||
"homepage": "https://github.com/lncd/OAuth2",
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
|
||||
@@ -1,12 +1,3 @@
|
||||
CREATE TABLE `oauth_client_endpoints` (
|
||||
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`client_id` varchar(40) NOT NULL DEFAULT '',
|
||||
`redirect_uri` varchar(255) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `client_id` (`client_id`),
|
||||
CONSTRAINT `oauth_client_endpoints_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE `oauth_clients` (
|
||||
`id` varchar(40) NOT NULL DEFAULT '',
|
||||
`secret` varchar(40) NOT NULL DEFAULT '',
|
||||
@@ -15,15 +6,13 @@ CREATE TABLE `oauth_clients` (
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE `oauth_session_scopes` (
|
||||
CREATE TABLE `oauth_client_endpoints` (
|
||||
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`session_id` int(11) unsigned NOT NULL,
|
||||
`scope_id` int(11) unsigned NOT NULL,
|
||||
`client_id` varchar(40) NOT NULL DEFAULT '',
|
||||
`redirect_uri` varchar(255) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `session_id` (`session_id`),
|
||||
KEY `scope_id` (`scope_id`),
|
||||
CONSTRAINT `oauth_session_scopes_ibfk_5` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `oauth_session_scopes_ibfk_4` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
|
||||
KEY `client_id` (`client_id`),
|
||||
CONSTRAINT `oauth_client_endpoints_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE `oauth_sessions` (
|
||||
@@ -50,4 +39,15 @@ CREATE TABLE `oauth_scopes` (
|
||||
`description` varchar(255) DEFAULT '',
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `scope` (`scope`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE `oauth_session_scopes` (
|
||||
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`session_id` int(11) unsigned NOT NULL,
|
||||
`scope_id` int(11) unsigned NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `session_id` (`session_id`),
|
||||
KEY `scope_id` (`scope_id`),
|
||||
CONSTRAINT `oauth_session_scopes_ibfk_5` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `oauth_session_scopes_ibfk_4` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
@@ -248,22 +248,13 @@ class AuthServer
|
||||
*/
|
||||
public function checkAuthoriseParams($inputParams = array())
|
||||
{
|
||||
$authParams = array();
|
||||
|
||||
// Client ID
|
||||
$authParams['client_id'] = (isset($inputParams['client_id'])) ?
|
||||
$inputParams['client_id'] :
|
||||
self::getRequest()->get('client_id');
|
||||
// Auth params
|
||||
$authParams = self::getParam(array('client_id', 'redirect_uri', 'response_type', 'scope'), 'get', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'client_id'), 0);
|
||||
}
|
||||
|
||||
// Redirect URI
|
||||
$authParams['redirect_uri'] = (isset($inputParams['redirect_uri'])) ?
|
||||
$inputParams['redirect_uri'] :
|
||||
self::getRequest()->get('redirect_uri');
|
||||
|
||||
if (is_null($authParams['redirect_uri'])) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'redirect_uri'), 0);
|
||||
}
|
||||
@@ -277,11 +268,6 @@ class AuthServer
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
// Response type
|
||||
$authParams['response_type'] = (isset($inputParams['response_type'])) ?
|
||||
$inputParams['response_type'] :
|
||||
self::getRequest()->get('response_type');
|
||||
|
||||
if (is_null($authParams['response_type'])) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'response_type'), 0);
|
||||
}
|
||||
@@ -291,12 +277,8 @@ class AuthServer
|
||||
throw new Exception\ClientException(self::$exceptionMessages['unsupported_response_type'], 3);
|
||||
}
|
||||
|
||||
// Get and validate scopes
|
||||
$scopes = (isset($inputParams['scope'])) ?
|
||||
$inputParams['scope'] :
|
||||
self::getRequest()->get('scope', '');
|
||||
|
||||
$scopes = explode($this->scopeDelimeter, $scopes);
|
||||
// Validate scopes
|
||||
$scopes = explode($this->scopeDelimeter, $authParams['scope']);
|
||||
|
||||
for ($i = 0; $i < count($scopes); $i++) {
|
||||
$scopes[$i] = trim($scopes[$i]);
|
||||
@@ -358,9 +340,7 @@ class AuthServer
|
||||
*/
|
||||
public function issueAccessToken($inputParams = array())
|
||||
{
|
||||
$grantType = (isset($inputParams['grant_type'])) ?
|
||||
$inputParams['grant_type'] :
|
||||
self::getRequest()->post('grant_type');
|
||||
$grantType = self::getParam('grant_type', 'post', $inputParams);
|
||||
|
||||
if (is_null($grantType)) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'grant_type'), 0);
|
||||
@@ -395,7 +375,7 @@ class AuthServer
|
||||
public static function getParam($param = '', $method = 'get', $inputParams = array())
|
||||
{
|
||||
if (is_string($param)) {
|
||||
return (isset($inputParams[$param])) ? $inputParams['client_id'] : self::getRequest()->{$method}($param);
|
||||
return (isset($inputParams[$param])) ? $inputParams[$param] : self::getRequest()->{$method}($param);
|
||||
} else {
|
||||
$response = array();
|
||||
foreach ($param as $p) {
|
||||
|
||||
@@ -20,19 +20,17 @@ interface ClientInterface
|
||||
*
|
||||
* <code>
|
||||
* # Client ID + redirect URI
|
||||
* SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
|
||||
* client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
|
||||
* client_endpoints.redirect_uri = $redirectUri
|
||||
* SELECT oauth_clients.id FROM oauth_clients LEFT JOIN client_endpoints ON client_endpoints.client_id
|
||||
* = oauth_clients.id WHERE oauth_clients.id = $clientId AND client_endpoints.redirect_uri = $redirectUri
|
||||
*
|
||||
* # Client ID + client secret
|
||||
* SELECT clients.id FROM clients WHERE clients.id = $clientId AND
|
||||
* clients.secret = $clientSecret
|
||||
* SELECT oauth_clients.id FROM oauth_clients WHERE oauth_clients.id = $clientId AND
|
||||
* oauth_clients.secret = $clientSecret
|
||||
*
|
||||
* # Client ID + client secret + redirect URI
|
||||
* SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
|
||||
* client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
|
||||
* clients.secret = $clientSecret AND client_endpoints.redirect_uri =
|
||||
* $redirectUri
|
||||
* SELECT oauth_clients.id FROM oauth_clients LEFT JOIN client_endpoints ON client_endpoints.client_id
|
||||
* = oauth_clients.id WHERE oauth_clients.id = $clientId AND oauth_clients.secret = $clientSecret
|
||||
* AND client_endpoints.redirect_uri = $redirectUri
|
||||
* </code>
|
||||
*
|
||||
* Response:
|
||||
|
||||
@@ -19,7 +19,7 @@ interface ScopeInterface
|
||||
* Example SQL query:
|
||||
*
|
||||
* <code>
|
||||
* SELECT * FROM scopes WHERE scope = $scope
|
||||
* SELECT * FROM oauth_scopes WHERE scope = $scope
|
||||
* </code>
|
||||
*
|
||||
* Response:
|
||||
|
||||
@@ -225,9 +225,10 @@ interface SessionInterface
|
||||
* Example SQL query:
|
||||
*
|
||||
* <code>
|
||||
* SELECT scopes.scope, scopes.name, scopes.description FROM
|
||||
* oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope =
|
||||
* scopes.scope WHERE access_token = $accessToken
|
||||
* SELECT oauth_scopes.scope, oauth_scopes.name, oauth_scopes.description
|
||||
* FROM oauth_session_scopes JOIN oauth_scopes ON
|
||||
* oauth_session_scopes.scope = oauth_scopes.scope
|
||||
* WHERE access_token = $accessToken
|
||||
* </code>
|
||||
*
|
||||
* Response:
|
||||
|
||||
@@ -304,7 +304,8 @@ class Authentication_Server_test extends PHPUnit_Framework_TestCase
|
||||
'name' => 'Foo Name',
|
||||
'description' => 'Foo Name Description'
|
||||
)
|
||||
)
|
||||
),
|
||||
'scope' => 'foo'
|
||||
), $v);
|
||||
}
|
||||
|
||||
@@ -354,7 +355,8 @@ class Authentication_Server_test extends PHPUnit_Framework_TestCase
|
||||
'name' => 'Foo Name',
|
||||
'description' => 'Foo Name Description'
|
||||
)
|
||||
)
|
||||
),
|
||||
'scope' => 'foo'
|
||||
), $v);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user