mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-05-31 14:12:07 +05:30
Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
13cd0cacdf | ||
|
f03e4a9e37 | ||
|
|
da92410ecb | ||
|
|
23303905a8 | ||
|
0b8e69f0d0 | ||
|
a448f2167b | ||
|
2f14f6b391 | ||
|
|
94369abd60 | ||
|
|
45edac4216 | ||
|
|
5bdfc9908a | ||
|
|
1890d71838 | ||
|
|
00d5fb5834 | ||
|
49b776c495 | ||
|
|
31e03c2d36 | ||
|
|
6f85bcbbf1 | ||
|
7771bc04ec | ||
|
|
f34dd4a0cb |
@@ -1,5 +1,9 @@
|
||||
# Changelog
|
||||
|
||||
## 3.2.2 (released 2014-07-23)
|
||||
|
||||
* Fix Resource server Request HTTP header access (Issue #188)
|
||||
|
||||
## 3.2 (released 2014-04-16)
|
||||
|
||||
* Added the ability to change the algorithm that is used to generate the token strings (Issue #151)
|
||||
|
||||
16
README.md
16
README.md
@@ -42,27 +42,13 @@ The authorization server is a flexible class and the following core specificatio
|
||||
* client credentials ([section 2.3.1](http://tools.ietf.org/html/rfc6749#section-2.3.1))
|
||||
* password (user credentials) ([section 4.3](http://tools.ietf.org/html/rfc6749#section-4.3))
|
||||
|
||||
An [overview of the different OAuth 2.0 grants](https://github.com/thephpleague/oauth2-server/wiki/Which-OAuth-2.0-grant-should-I-use%3F) can be found in the [wiki].
|
||||
|
||||
### Resource Server
|
||||
|
||||
The resource server allows you to secure your API endpoints by checking for a valid OAuth access token in the request and ensuring the token has the correct scope(s) (i.e. permissions) to access resources.
|
||||
|
||||
### Custom grants
|
||||
|
||||
Custom grants can be created easily by implementing an interface. Check out the [custom grant guide](https://github.com/thephpleague/oauth2-server/wiki/Creating-custom-grants).
|
||||
|
||||
## Tutorials and Documentation
|
||||
|
||||
* **[Wiki]** - The wiki has lots of guides on how to use this library.
|
||||
|
||||
* **[Developing an OAuth-2.0 Authorization Server]** - A simple tutorial on how to use the authorization server.
|
||||
|
||||
* **[Securing your API with OAuth 2.0]** - A simple tutorial on how to use the resource server to secure an API server.
|
||||
|
||||
[Wiki]: https://github.com/thephpleague/oauth2-server/wiki
|
||||
[Securing your API with OAuth 2.0]: https://github.com/thephpleague/oauth2-server/wiki/Securing-your-API-with-OAuth-2.0
|
||||
[Developing an OAuth-2.0 Authorization Server]: https://github.com/thephpleague/oauth2-server/wiki/Developing-an-OAuth-2.0-authorization-server
|
||||
Custom grants can be created easily by implementing an interface.
|
||||
|
||||
## Changelog
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
"php": ">=5.4.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"mockery/mockery": ">=0.7.2",
|
||||
"mockery/mockery": "~0.8",
|
||||
"league/phpunit-coverage-listener": "~1.0"
|
||||
},
|
||||
"repositories": [
|
||||
@@ -43,7 +43,9 @@
|
||||
"League\\OAuth2\\Server": "src/"
|
||||
}
|
||||
},
|
||||
"suggest": {
|
||||
|
||||
"extra": {
|
||||
"branch-alias": {
|
||||
"dev-master": "3.2.x-dev"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -84,6 +84,7 @@ class Resource
|
||||
0 => 'invalid_request',
|
||||
1 => 'invalid_token',
|
||||
2 => 'insufficient_scope',
|
||||
3 => 'missing_token',
|
||||
);
|
||||
|
||||
/**
|
||||
@@ -94,6 +95,7 @@ class Resource
|
||||
'invalid_request' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
|
||||
'invalid_token' => 'The access token provided is expired, revoked, malformed, or invalid for other reasons.',
|
||||
'insufficient_scope' => 'The request requires higher privileges than provided by the access token. Required scopes are: %s.',
|
||||
'missing_token' => 'The request is missing an access token in either the Authorization header or the %s request parameter.',
|
||||
);
|
||||
|
||||
/**
|
||||
@@ -109,6 +111,7 @@ class Resource
|
||||
'invalid_request' => 400,
|
||||
'invalid_token' => 401,
|
||||
'insufficient_scope' => 403,
|
||||
'missing_token' => 400,
|
||||
);
|
||||
|
||||
/**
|
||||
@@ -163,9 +166,9 @@ class Resource
|
||||
// include the "WWW-Authenticate" response header field
|
||||
// matching the authentication scheme used by the client.
|
||||
// @codeCoverageIgnoreStart
|
||||
if ($error === 'insufficient_scope') {
|
||||
if ($error === 'invalid_token') {
|
||||
$authScheme = null;
|
||||
$request = new Request();
|
||||
$request = Request::buildFromGlobals();
|
||||
if ($request->server('PHP_AUTH_USER') !== null) {
|
||||
$authScheme = 'Basic';
|
||||
} else {
|
||||
@@ -387,7 +390,7 @@ class Resource
|
||||
}
|
||||
|
||||
if (empty($accessToken)) {
|
||||
throw new Exception\MissingAccessTokenException(self::$exceptionMessages['invalid_request'], 0);
|
||||
throw new Exception\MissingAccessTokenException(sprintf(self::$exceptionMessages['missing_token'], $this->tokenKey), 3);
|
||||
}
|
||||
|
||||
return $accessToken;
|
||||
|
||||
@@ -76,22 +76,25 @@ class Request implements RequestInterface
|
||||
|
||||
protected function readHeaders()
|
||||
{
|
||||
if (function_exists('getallheaders')) {
|
||||
if (function_exists('apache_request_headers')) {
|
||||
// @codeCoverageIgnoreStart
|
||||
$headers = getallheaders();
|
||||
$headers = apache_request_headers();
|
||||
} elseif (function_exists('http_get_request_headers')) {
|
||||
$headers = http_get_request_headers();
|
||||
} else {
|
||||
// @codeCoverageIgnoreEnd
|
||||
$headers = array();
|
||||
foreach ($this->server() as $name => $value) {
|
||||
if (substr($name, 0, 5) == 'HTTP_') {
|
||||
$name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))));
|
||||
// HTTP_FOO_BAR becomes FOO-BAR
|
||||
$name = str_replace(array('HTTP_', '_'), array('', '-'), $name);
|
||||
$headers[$name] = $value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $this->normalizeHeaders($headers);
|
||||
}
|
||||
}
|
||||
|
||||
protected function getPropertyValue($property, $index = null, $default = null)
|
||||
{
|
||||
@@ -143,4 +146,4 @@ class Request implements RequestInterface
|
||||
|
||||
return $key;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,8 +38,8 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_getExceptionHttpHeaders()
|
||||
{
|
||||
$this->assertEquals(array('HTTP/1.1 400 Bad Request'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_request'));
|
||||
$this->assertEquals(array('HTTP/1.1 401 Unauthorized'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
|
||||
$this->assertContains('HTTP/1.1 403 Forbidden', League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
|
||||
$this->assertContains('HTTP/1.1 401 Unauthorized', League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
|
||||
$this->assertEquals(array('HTTP/1.1 403 Forbidden'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
|
||||
}
|
||||
|
||||
public function test_setRequest()
|
||||
|
||||
Reference in New Issue
Block a user