Merge branch 'release/1.0.4'

Version bump
Merge branch 'hotfix/doc-fix' into develop
2025-05-31 14:12:07 +05:30 · 2013-02-21 17:44:33 +00:00 · 2013-02-21 17:44:26 +00:00 · 2013-02-21 17:42:55 +00:00 · 2013-02-21 17:42:45 +00:00 · 2013-02-21 17:42:30 +00:00
13 changed files with 71 additions and 73 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,22 @@
 # Changelog

-## 1.0.0 (released 2012-02-15)
+## 1.0.4 (released 2013-02-21)
+
+* Fixed the SQL example for SessionInterface::getScopes()
+
+## 1.0.3 (released 2013-02-20)
+
+* Changed all instances of the "authentication server" to "authorization server"
+
+## 1.0.2 (released 2013-02-20)
+
+* Fixed MySQL create table order
+* Fixed version number in composer.json
+
+## 1.0.1 (released 2013-02-19)
+
+* Updated AuthServer.php to use `self::getParam()`
+
+## 1.0.0 (released 2013-02-15)

 * First release
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # PHP OAuth Framework

-The goal of this project is to develop a standards compliant [OAuth 2](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-v2/) authentication server and resource server.
+The goal of this project is to develop a standards compliant [OAuth 2](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-v2/) authorization server and resource server.

 ## Package Installation

@@ -9,7 +9,7 @@ The framework is provided as a Composer package which can be installed by adding
 ```javascript
 {
 	"require": {
-		"lncd\OAuth2": "*"
+		"lncd/OAuth2": "*"
 	}
 }
 ```
@@ -20,11 +20,11 @@ The library features 100% unit test code coverage. To run the tests yourself run

 ## Current Features

-### Authentication Server
+### Authorization Server

-The authentication server is a flexible class and following core specification grants are implemented:
+The authorization server is a flexible class and following core specification grants are implemented:

-* authentication code ([section 4.1](http://tools.ietf.org/html/rfc6749#section-4.1))
+* authorization code ([section 4.1](http://tools.ietf.org/html/rfc6749#section-4.1))
 * refresh token ([section 6](http://tools.ietf.org/html/rfc6749#section-6))
 * client credentials ([section 2.3.1](http://tools.ietf.org/html/rfc6749#section-2.3.1))
 * password (user credentials) ([section 4.3](http://tools.ietf.org/html/rfc6749#section-4.3))
@@ -35,7 +35,7 @@ The resource server allows you to secure your API endpoints by checking for a va

 ## Future Goals

-### Authentication Server
+### Authorization Server

 * Support for [JSON web tokens](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-json-web-token/).
 * Support for [SAML assertions](http://tools.ietf.org/wg/oauth/draft-ietf-oauth-saml2-bearer/).
--- a/build/phpunit.xml
+++ b/build/phpunit.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="../tests/Bootstrap.php">
 	<testsuites>
-		<testsuite name="Authentication Server">
-			<directory suffix="Test.php">../tests/authentication</directory>
+		<testsuite name="Authorization Server">
+			<directory suffix="Test.php">../tests/authorization</directory>
 		</testsuite>
 		<testsuite name="Resource Server">
 			<directory suffix="Test.php">../tests/resource</directory>
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
 {
 	"name": "lncd/oauth2",
 	"description": "OAuth 2.0 Framework",
-	"version": "1.0.0",
+	"version": "1.0.4",
 	"homepage": "https://github.com/lncd/OAuth2",
 	"license": "MIT",
 	"require": {
--- a/sql/mysql.sql
+++ b/sql/mysql.sql
@@ -1,12 +1,3 @@
-CREATE TABLE `oauth_client_endpoints` (
-  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
-  `client_id` varchar(40) NOT NULL DEFAULT '',
-  `redirect_uri` varchar(255) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  KEY `client_id` (`client_id`),
-  CONSTRAINT `oauth_client_endpoints_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
 CREATE TABLE `oauth_clients` (
  `id` varchar(40) NOT NULL DEFAULT '',
  `secret` varchar(40) NOT NULL DEFAULT '',
@@ -15,15 +6,13 @@ CREATE TABLE `oauth_clients` (
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

-CREATE TABLE `oauth_session_scopes` (
+CREATE TABLE `oauth_client_endpoints` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
-  `session_id` int(11) unsigned NOT NULL,
-  `scope_id` int(11) unsigned NOT NULL,
+  `client_id` varchar(40) NOT NULL DEFAULT '',
+  `redirect_uri` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`),
-  KEY `session_id` (`session_id`),
-  KEY `scope_id` (`scope_id`),
-  CONSTRAINT `oauth_session_scopes_ibfk_5` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `oauth_session_scopes_ibfk_4` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
+  KEY `client_id` (`client_id`),
+  CONSTRAINT `oauth_client_endpoints_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

 CREATE TABLE `oauth_sessions` (
@@ -50,4 +39,15 @@ CREATE TABLE `oauth_scopes` (
  `description` varchar(255) DEFAULT '',
  PRIMARY KEY (`id`),
  UNIQUE KEY `scope` (`scope`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `oauth_session_scopes` (
+  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+  `session_id` int(11) unsigned NOT NULL,
+  `scope_id` int(11) unsigned NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `session_id` (`session_id`),
+  KEY `scope_id` (`scope_id`),
+  CONSTRAINT `oauth_session_scopes_ibfk_5` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `oauth_session_scopes_ibfk_4` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--- a/src/OAuth2/AuthServer.php
+++ b/src/OAuth2/AuthServer.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * OAuth 2.0 Authentication Server
+ * OAuth 2.0 Authorization Server
 *
 * @package     lncd/oauth2
 * @author      Alex Bilbie <hello@alexbilbie.com>
@@ -19,7 +19,7 @@ use OAuth2\Storage\ScopeInterface;
 use OAuth2\Grant\GrantTypeInterface;

 /**
- * OAuth 2.0 authentication server class
+ * OAuth 2.0 authorization server class
 */
 class AuthServer
 {
@@ -122,7 +122,7 @@ class AuthServer
    }

    /**
-     * Create a new OAuth2 authentication server
+     * Create a new OAuth2 authorization server
     *
     * @param ClientInterface  $client  A class which inherits from Storage/ClientInterface
     * @param SessionInterface $session A class which inherits from Storage/SessionInterface
@@ -248,22 +248,13 @@ class AuthServer
     */
    public function checkAuthoriseParams($inputParams = array())
    {
-        $authParams = array();
-
-        // Client ID
-        $authParams['client_id'] = (isset($inputParams['client_id'])) ?
-                                    $inputParams['client_id'] :
-                                    self::getRequest()->get('client_id');
+        // Auth params
+        $authParams = self::getParam(array('client_id', 'redirect_uri', 'response_type', 'scope'), 'get', $inputParams);

        if (is_null($authParams['client_id'])) {
            throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'client_id'), 0);
        }

-        // Redirect URI
-        $authParams['redirect_uri'] = (isset($inputParams['redirect_uri'])) ?
-                                        $inputParams['redirect_uri'] :
-                                        self::getRequest()->get('redirect_uri');
-
        if (is_null($authParams['redirect_uri'])) {
            throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'redirect_uri'), 0);
        }
@@ -277,11 +268,6 @@ class AuthServer

        $authParams['client_details'] = $clientDetails;

-        // Response type
-       $authParams['response_type'] = (isset($inputParams['response_type'])) ?
-                                        $inputParams['response_type'] :
-                                        self::getRequest()->get('response_type');
-
        if (is_null($authParams['response_type'])) {
            throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'response_type'), 0);
        }
@@ -291,12 +277,8 @@ class AuthServer
            throw new Exception\ClientException(self::$exceptionMessages['unsupported_response_type'], 3);
        }

-        // Get and validate scopes
-        $scopes = (isset($inputParams['scope'])) ?
-                        $inputParams['scope'] :
-                        self::getRequest()->get('scope', '');
-
-        $scopes = explode($this->scopeDelimeter, $scopes);
+        // Validate scopes
+        $scopes = explode($this->scopeDelimeter, $authParams['scope']);

        for ($i = 0; $i < count($scopes); $i++) {
            $scopes[$i] = trim($scopes[$i]);
@@ -358,9 +340,7 @@ class AuthServer
     */
    public function issueAccessToken($inputParams = array())
    {
-        $grantType = (isset($inputParams['grant_type'])) ?
-                                    $inputParams['grant_type'] :
-                                    self::getRequest()->post('grant_type');
+        $grantType = self::getParam('grant_type', 'post', $inputParams);

        if (is_null($grantType)) {
            throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'grant_type'), 0);
@@ -395,7 +375,7 @@ class AuthServer
    public static function getParam($param = '', $method = 'get', $inputParams = array())
    {
        if (is_string($param)) {
-            return (isset($inputParams[$param])) ? $inputParams['client_id'] : self::getRequest()->{$method}($param);
+            return (isset($inputParams[$param])) ? $inputParams[$param] : self::getRequest()->{$method}($param);
        } else {
            $response = array();
            foreach ($param as $p) {
--- a/src/OAuth2/Storage/ClientInterface.php
+++ b/src/OAuth2/Storage/ClientInterface.php
@@ -20,19 +20,17 @@ interface ClientInterface
 	 *
 	 * <code>
 	 * # Client ID + redirect URI
-	 * SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
-	 *  client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
-	 *  client_endpoints.redirect_uri = $redirectUri
+	 * SELECT oauth_clients.id FROM oauth_clients LEFT JOIN client_endpoints ON client_endpoints.client_id
+	 *  = oauth_clients.id WHERE oauth_clients.id = $clientId AND client_endpoints.redirect_uri = $redirectUri
 	 *
 	 * # Client ID + client secret
-	 * SELECT clients.id FROM clients  WHERE clients.id = $clientId AND
-	 *  clients.secret = $clientSecret
+	 * SELECT oauth_clients.id FROM oauth_clients  WHERE oauth_clients.id = $clientId AND
+	 *  oauth_clients.secret = $clientSecret
 	 *
 	 * # Client ID + client secret + redirect URI
-	 * SELECT clients.id FROM clients LEFT JOIN client_endpoints ON
-	 *  client_endpoints.client_id = clients.id WHERE clients.id = $clientId AND
-	 *  clients.secret = $clientSecret AND client_endpoints.redirect_uri =
-	 *  $redirectUri
+	 * SELECT oauth_clients.id FROM oauth_clients LEFT JOIN client_endpoints ON client_endpoints.client_id
+	 *  = oauth_clients.id WHERE oauth_clients.id = $clientId AND oauth_clients.secret = $clientSecret
+	 *  AND client_endpoints.redirect_uri = $redirectUri
 	 * </code>
 	 *
 	 * Response:
--- a/src/OAuth2/Storage/ScopeInterface.php
+++ b/src/OAuth2/Storage/ScopeInterface.php
@@ -19,7 +19,7 @@ interface ScopeInterface
     * Example SQL query:
     *
     * <code>
-     * SELECT * FROM scopes WHERE scope = $scope
+     * SELECT * FROM oauth_scopes WHERE scope = $scope
     * </code>
     *
     * Response:
--- a/src/OAuth2/Storage/SessionInterface.php
+++ b/src/OAuth2/Storage/SessionInterface.php
@@ -225,9 +225,10 @@ interface SessionInterface
     * Example SQL query:
     *
     * <code>
-     * SELECT scopes.scope, scopes.name, scopes.description FROM
-     * oauth_session_scopes JOIN scopes ON oauth_session_scopes.scope =
-     *  scopes.scope WHERE access_token = $accessToken
+     * SELECT oauth_scopes.scope, oauth_scopes.name, oauth_scopes.description
+     *  FROM oauth_session_scopes JOIN oauth_scopes ON
+     *  oauth_session_scopes.scope_id = oauth_scopes.id WHERE
+     *  session_id = $sessionId
     * </code>
     *
     * Response:
@@ -244,8 +245,8 @@ interface SessionInterface
     * )
     * </code>
     *
-     * @param  string $accessToken The access token
+     * @param  int   $sessionId The session ID
     * @return array
     */
-    public function getScopes($accessToken);
+    public function getScopes($sessionId);
 }
--- a/tests/authentication/AuthServerTest.php
+++ b/tests/authentication/AuthServerTest.php
@@ -2,7 +2,7 @@

 use \Mockery as m;

-class Authentication_Server_test extends PHPUnit_Framework_TestCase
+class Authorization_Server_test extends PHPUnit_Framework_TestCase
 {
    private $client;
    private $session;
@@ -304,7 +304,8 @@ class Authentication_Server_test extends PHPUnit_Framework_TestCase
                    'name'  =>  'Foo Name',
                    'description'   =>  'Foo Name Description'
                )
-            )
+            ),
+            'scope' =>  'foo'
        ), $v);
    }

@@ -354,7 +355,8 @@ class Authentication_Server_test extends PHPUnit_Framework_TestCase
                    'name'  =>  'Foo Name',
                    'description'   =>  'Foo Name Description'
                )
-            )
+            ),
+            'scope' =>  'foo'
        ), $v);
    }

--- a/tests/authentication/ClientCredentialsGrantTest.php
+++ b/tests/authentication/ClientCredentialsGrantTest.php
--- a/tests/authentication/PasswordGrantTest.php
+++ b/tests/authentication/PasswordGrantTest.php
--- a/tests/authentication/RefreshTokenTest.php
+++ b/tests/authentication/RefreshTokenTest.php
Author	SHA1	Message	Date
Alex Bilbie	ab8bc44849	Merge branch 'release/1.0.4'	2013-02-21 17:44:33 +00:00
Alex Bilbie	4f832e1eb1	Version bump	2013-02-21 17:44:26 +00:00
Alex Bilbie	9add9edcc1	Merge branch 'hotfix/doc-fix' into develop	2013-02-21 17:42:55 +00:00
Alex Bilbie	59e23fb32a	Merge branch 'hotfix/doc-fix'	2013-02-21 17:42:45 +00:00
Alex Bilbie	22dcef33da	Fixed SQL to get a session\'s scopes	2013-02-21 17:42:30 +00:00
Alex Bilbie	866c598809	Merge branch 'release/1.0.3' into develop	2013-02-20 13:17:48 +00:00
Alex Bilbie	b6d99abcb0	Merge branch 'release/1.0.3'	2013-02-20 13:17:39 +00:00
Alex Bilbie	c692ac8bab	Version bump	2013-02-20 13:17:36 +00:00
Alex Bilbie	43d064733f	Changed all mentions of authentication to authorization server	2013-02-20 12:40:42 +00:00
Alex Bilbie	6c00aea91d	Merge branch 'release/1.0.2' into develop	2013-02-20 12:33:59 +00:00
Alex Bilbie	ddff5f923d	Merge branch 'release/1.0.2'	2013-02-20 12:33:50 +00:00
Alex Bilbie	17e72e0cf4	Fixed composer.json version + bump	2013-02-20 12:33:47 +00:00
Julien Chaumond	c25be195f9	Re-order MySQL table creations Or it fails, at least on my version of MySQL (5.5.29), through PhpMyAdmin	2013-02-20 12:32:55 +00:00
Julien Chaumond	d842d395d0	Fix composer element	2013-02-20 12:32:55 +00:00
Alex Bilbie	9afa707d54	Merge branch 'release/1.0.1'	2013-02-19 00:42:26 +00:00
Alex Bilbie	33a725606d	Version bump	2013-02-19 00:41:37 +00:00
Alex Bilbie	e3f13bf545	Use self::getParam	2013-02-19 00:40:30 +00:00
Alex Bilbie	dbc80a4360	Minor fixes to tests	2013-02-19 00:40:22 +00:00
Alex Bilbie	4b63c20a58	Updated docblocks with correct SQL	2013-02-19 00:26:28 +00:00