mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-05-31 14:12:07 +05:30
Compare commits
30 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
925776958f | ||
|
|
c86c7dde70 | ||
|
e184691ded | ||
|
|
b2648218f1 | ||
|
2aca909d20 | ||
|
79038ced78 | ||
|
|
7c2218fdcc | ||
|
|
935fff8308 | ||
|
0f1ddaaacf | ||
|
ecc07abb33 | ||
|
|
a1b8d87b47 | ||
|
|
80fc8e654b | ||
|
|
317f46b7ae | ||
|
88bf8b2367 | ||
|
|
315d079033 | ||
|
|
2824f7d27e | ||
|
|
0a6a4deca6 | ||
|
|
00c645545a | ||
|
|
417a64ad43 | ||
|
|
f5c3ba0b24 | ||
|
|
e1ef133067 | ||
|
|
523434902c | ||
|
|
aac467e616 | ||
|
|
76c2b6f88c | ||
|
|
72349ef22f | ||
|
|
850793ab88 | ||
|
|
0f73bf0054 | ||
|
|
7953f27b38 | ||
|
|
cc2c3a7044 | ||
|
|
06424fdbe2 |
@@ -7,8 +7,6 @@ cache:
|
||||
- vendor
|
||||
|
||||
php:
|
||||
- 5.5.9
|
||||
- 5.5
|
||||
- 5.6
|
||||
- 7.0
|
||||
- 7.1
|
||||
|
||||
19
CHANGELOG.md
19
CHANGELOG.md
@@ -1,11 +1,22 @@
|
||||
# Changelog
|
||||
|
||||
## 5.1.5 (released 2017-07-11)
|
||||
## 6.0.2 (released 2017-08-03)
|
||||
|
||||
To address feedback from the security release the following two changes have been made:
|
||||
* An invalid refresh token that can't be decrypted now returns a HTTP 401 error instead of HTTP 400 (Issue #759)
|
||||
* Removed chmod from CryptKey and add toggle to disable checking (Issue #776)
|
||||
* Fixes invalid code challenge method payload key name (Issue #777)
|
||||
|
||||
* If an RSA key cannot be `chmod`'ed to 600 then it will now throw a `E_USER_NOTICE` instead of an exception.
|
||||
* Not using the new encryption key method on `AuthorizationServer` will set throw an `E_USER_DEPRECATED` message instead of an error.
|
||||
## 6.0.1 (released 2017-07-19)
|
||||
|
||||
To address feedback from the security release the following change has been made:
|
||||
|
||||
* If an RSA key cannot be chmod'ed to 600 then it will now throw a E_USER_NOTICE instead of an exception.
|
||||
|
||||
## 6.0.0 (released 2017-07-01)
|
||||
|
||||
* Breaking change: The `AuthorizationServer` constructor now expects an encryption key string instead of a public key
|
||||
* Remove support for HHVM
|
||||
* Remove support for PHP 5.5
|
||||
|
||||
## 5.1.4 (released 2017-07-01)
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
Thanks for contributing to this project.
|
||||
|
||||
|
||||
**Please submit your pull request against the `develop` branch only.**
|
||||
**Please submit your pull request against the `master` branch only.**
|
||||
|
||||
|
||||
Please ensure that you run `phpunit` from the project root after you've made any changes.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:
|
||||
### Security Notice
|
||||
|
||||
### Please upgrade to version `>=5.1.4` (backwards compatible) or `6.x` (one tiny breaking change) to fix some potential security vulnerabilities
|
||||
### Please upgrade to version `>=5.1.4` (backwards compatible) or `6.x` (one tiny breaking change) to fix some potential security vulnerabilities - [visit this page for more information](https://oauth2.thephpleague.com/v5-security-improvements/)
|
||||
### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:
|
||||
|
||||
[](https://github.com/thephpleague/oauth2-server/releases)
|
||||
@@ -36,11 +36,9 @@ This library was created by Alex Bilbie. Find him on Twitter at [@alexbilbie](ht
|
||||
|
||||
The following versions of PHP are supported:
|
||||
|
||||
* PHP 5.5 (>=5.5.9)
|
||||
* PHP 5.6
|
||||
* PHP 7.0
|
||||
* PHP 7.1
|
||||
* HHVM
|
||||
|
||||
The `openssl` extension is also required.
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
"homepage": "https://oauth2.thephpleague.com/",
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"php": ">=5.5.9",
|
||||
"php": ">=5.6.0",
|
||||
"ext-openssl": "*",
|
||||
"league/event": "^2.1",
|
||||
"lcobucci/jwt": "^3.1",
|
||||
@@ -14,8 +14,7 @@
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "^4.8 || ^5.0",
|
||||
"zendframework/zend-diactoros": "^1.0",
|
||||
"indigophp/hash-compat": "^1.1"
|
||||
"zendframework/zend-diactoros": "^1.0"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
@@ -60,13 +59,5 @@
|
||||
"psr-4": {
|
||||
"LeagueTests\\": "tests/"
|
||||
}
|
||||
},
|
||||
"extra": {
|
||||
"branch-alias": {
|
||||
"dev-V5-WIP": "5.0-dev"
|
||||
}
|
||||
},
|
||||
"suggest": {
|
||||
"indigophp/hash-compat": "Polyfill for hash_equals function for PHP 5.5"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,7 +36,6 @@ $app = new App([
|
||||
$refreshTokenRepository = new RefreshTokenRepository();
|
||||
|
||||
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
|
||||
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
|
||||
|
||||
// Setup the authorization server
|
||||
$server = new AuthorizationServer(
|
||||
@@ -44,9 +43,8 @@ $app = new App([
|
||||
$accessTokenRepository,
|
||||
$scopeRepository,
|
||||
$privateKeyPath,
|
||||
$publicKeyPath
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
// Enable the authentication code grant on the server with a token TTL of 1 hour
|
||||
$server->enableGrantType(
|
||||
|
||||
@@ -32,7 +32,6 @@ $app = new App([
|
||||
// Path to public and private keys
|
||||
$privateKey = 'file://' . __DIR__ . '/../private.key';
|
||||
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
|
||||
$publicKey = 'file://' . __DIR__ . '/../public.key';
|
||||
|
||||
// Setup the authorization server
|
||||
$server = new AuthorizationServer(
|
||||
@@ -40,9 +39,8 @@ $app = new App([
|
||||
$accessTokenRepository,
|
||||
$scopeRepository,
|
||||
$privateKey,
|
||||
$publicKey
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
// Enable the client credentials grant on the server
|
||||
$server->enableGrantType(
|
||||
|
||||
@@ -32,7 +32,6 @@ $app = new App([
|
||||
$accessTokenRepository = new AccessTokenRepository();
|
||||
|
||||
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
|
||||
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
|
||||
|
||||
// Setup the authorization server
|
||||
$server = new AuthorizationServer(
|
||||
@@ -40,7 +39,7 @@ $app = new App([
|
||||
$accessTokenRepository,
|
||||
$scopeRepository,
|
||||
$privateKeyPath,
|
||||
$publicKeyPath
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
|
||||
@@ -38,7 +38,6 @@ $app = new App([
|
||||
$refreshTokenRepository = new RefreshTokenRepository();
|
||||
|
||||
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
|
||||
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
|
||||
|
||||
// Setup the authorization server
|
||||
$server = new AuthorizationServer(
|
||||
@@ -46,9 +45,8 @@ $app = new App([
|
||||
$accessTokenRepository,
|
||||
$scopeRepository,
|
||||
$privateKeyPath,
|
||||
$publicKeyPath
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
// Enable the authentication code grant on the server with a token TTL of 1 hour
|
||||
$server->enableGrantType(
|
||||
|
||||
@@ -24,9 +24,8 @@ $app = new App([
|
||||
new AccessTokenRepository(), // instance of AccessTokenRepositoryInterface
|
||||
new ScopeRepository(), // instance of ScopeRepositoryInterface
|
||||
'file://' . __DIR__ . '/../private.key', // path to private key
|
||||
'file://' . __DIR__ . '/../public.key' // path to public key
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen' // encryption key
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
$grant = new PasswordGrant(
|
||||
new UserRepository(), // instance of UserRepositoryInterface
|
||||
|
||||
@@ -32,7 +32,6 @@ $app = new App([
|
||||
$refreshTokenRepository = new RefreshTokenRepository();
|
||||
|
||||
$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
|
||||
$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
|
||||
|
||||
// Setup the authorization server
|
||||
$server = new AuthorizationServer(
|
||||
@@ -40,9 +39,8 @@ $app = new App([
|
||||
$accessTokenRepository,
|
||||
$scopeRepository,
|
||||
$privateKeyPath,
|
||||
$publicKeyPath
|
||||
'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
|
||||
);
|
||||
$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');
|
||||
|
||||
// Enable the refresh token grant on the server
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepository);
|
||||
|
||||
@@ -3,7 +3,6 @@
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) Alex Bilbie
|
||||
* @license http://mit-license.org/
|
||||
*
|
||||
* @link https://github.com/thephpleague/oauth2-server
|
||||
*/
|
||||
|
||||
@@ -26,8 +25,6 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
{
|
||||
use EmitterAwareTrait;
|
||||
|
||||
const ENCRYPTION_KEY_ERROR = 'You must set the encryption key going forward to improve the security of this library - see this page for more information https://oauth2.thephpleague.com/v5-security-improvements/';
|
||||
|
||||
/**
|
||||
* @var GrantTypeInterface[]
|
||||
*/
|
||||
@@ -80,7 +77,7 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
* @param AccessTokenRepositoryInterface $accessTokenRepository
|
||||
* @param ScopeRepositoryInterface $scopeRepository
|
||||
* @param CryptKey|string $privateKey
|
||||
* @param CryptKey|string $publicKey
|
||||
* @param string $encryptionKey
|
||||
* @param null|ResponseTypeInterface $responseType
|
||||
*/
|
||||
public function __construct(
|
||||
@@ -88,7 +85,7 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
AccessTokenRepositoryInterface $accessTokenRepository,
|
||||
ScopeRepositoryInterface $scopeRepository,
|
||||
$privateKey,
|
||||
$publicKey,
|
||||
$encryptionKey,
|
||||
ResponseTypeInterface $responseType = null
|
||||
) {
|
||||
$this->clientRepository = $clientRepository;
|
||||
@@ -100,24 +97,10 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
}
|
||||
$this->privateKey = $privateKey;
|
||||
|
||||
if ($publicKey instanceof CryptKey === false) {
|
||||
$publicKey = new CryptKey($publicKey);
|
||||
}
|
||||
$this->publicKey = $publicKey;
|
||||
|
||||
$this->encryptionKey = $encryptionKey;
|
||||
$this->responseType = $responseType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the encryption key
|
||||
*
|
||||
* @param string $key
|
||||
*/
|
||||
public function setEncryptionKey($key)
|
||||
{
|
||||
$this->encryptionKey = $key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Enable a grant type on the server.
|
||||
*
|
||||
@@ -134,14 +117,7 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
$grantType->setClientRepository($this->clientRepository);
|
||||
$grantType->setScopeRepository($this->scopeRepository);
|
||||
$grantType->setPrivateKey($this->privateKey);
|
||||
$grantType->setPublicKey($this->publicKey);
|
||||
$grantType->setEmitter($this->getEmitter());
|
||||
|
||||
if ($this->encryptionKey === null) {
|
||||
// @codeCoverageIgnoreStart
|
||||
trigger_error(self::ENCRYPTION_KEY_ERROR, E_USER_DEPRECATED);
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
$grantType->setEncryptionKey($this->encryptionKey);
|
||||
|
||||
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
|
||||
@@ -159,12 +135,6 @@ class AuthorizationServer implements EmitterAwareInterface
|
||||
*/
|
||||
public function validateAuthorizationRequest(ServerRequestInterface $request)
|
||||
{
|
||||
if ($this->encryptionKey === null) {
|
||||
// @codeCoverageIgnoreStart
|
||||
trigger_error(self::ENCRYPTION_KEY_ERROR, E_USER_DEPRECATED);
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
|
||||
foreach ($this->enabledGrantTypes as $grantType) {
|
||||
if ($grantType->canRespondToAuthorizationRequest($request)) {
|
||||
return $grantType->validateAuthorizationRequest($request);
|
||||
|
||||
@@ -12,6 +12,7 @@ namespace League\OAuth2\Server\AuthorizationValidators;
|
||||
use Lcobucci\JWT\Parser;
|
||||
use Lcobucci\JWT\Signer\Rsa\Sha256;
|
||||
use Lcobucci\JWT\ValidationData;
|
||||
use League\OAuth2\Server\CryptKey;
|
||||
use League\OAuth2\Server\CryptTrait;
|
||||
use League\OAuth2\Server\Exception\OAuthServerException;
|
||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||
@@ -26,6 +27,11 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
|
||||
*/
|
||||
private $accessTokenRepository;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\CryptKey
|
||||
*/
|
||||
protected $publicKey;
|
||||
|
||||
/**
|
||||
* @param AccessTokenRepositoryInterface $accessTokenRepository
|
||||
*/
|
||||
@@ -34,6 +40,16 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
|
||||
$this->accessTokenRepository = $accessTokenRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the private key
|
||||
*
|
||||
* @param \League\OAuth2\Server\CryptKey $key
|
||||
*/
|
||||
public function setPublicKey(CryptKey $key)
|
||||
{
|
||||
$this->publicKey = $key;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
|
||||
@@ -29,8 +29,9 @@ class CryptKey
|
||||
/**
|
||||
* @param string $keyPath
|
||||
* @param null|string $passPhrase
|
||||
* @param bool $keyPermissionsCheck
|
||||
*/
|
||||
public function __construct($keyPath, $passPhrase = null)
|
||||
public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true)
|
||||
{
|
||||
if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) {
|
||||
$keyPath = $this->saveKeyToFile($keyPath);
|
||||
@@ -44,21 +45,15 @@ class CryptKey
|
||||
throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath));
|
||||
}
|
||||
|
||||
// Verify the permissions of the key
|
||||
$keyPathPerms = decoct(fileperms($keyPath) & 0777);
|
||||
if ($keyPathPerms !== '600') {
|
||||
// Attempt to correct the permissions
|
||||
if (chmod($keyPath, 0600) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
trigger_error(
|
||||
sprintf(
|
||||
'Key file "%s" permissions are not correct, should be 600 instead of %s, unable to automatically resolve the issue',
|
||||
$keyPath,
|
||||
$keyPathPerms
|
||||
),
|
||||
E_USER_NOTICE
|
||||
);
|
||||
// @codeCoverageIgnoreEnd
|
||||
if ($keyPermissionsCheck === true) {
|
||||
// Verify the permissions of the key
|
||||
$keyPathPerms = decoct(fileperms($keyPath) & 0777);
|
||||
if (in_array($keyPathPerms, ['600', '660'], true) === false) {
|
||||
trigger_error(sprintf(
|
||||
'Key file "%s" permissions are not correct, should be 600 or 660 instead of %s',
|
||||
$keyPath,
|
||||
$keyPathPerms
|
||||
), E_USER_NOTICE);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -80,19 +75,19 @@ class CryptKey
|
||||
|
||||
if (!file_exists($keyPath) && !touch($keyPath)) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \RuntimeException('"%s" key file could not be created', $keyPath);
|
||||
throw new \RuntimeException(sprintf('"%s" key file could not be created', $keyPath));
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
|
||||
if (file_put_contents($keyPath, $key) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \RuntimeException('Unable to write key file to temporary directory "%s"', $tmpDir);
|
||||
throw new \RuntimeException(sprintf('Unable to write key file to temporary directory "%s"', $tmpDir));
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
|
||||
if (chmod($keyPath, 0600) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \RuntimeException('The key file "%s" file mode could not be changed with chmod to 600', $keyPath);
|
||||
throw new \RuntimeException(sprintf('The key file "%s" file mode could not be changed with chmod to 600', $keyPath));
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
|
||||
|
||||
@@ -1,11 +1,9 @@
|
||||
<?php
|
||||
/**
|
||||
* Public/private key encryption.
|
||||
*
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) Alex Bilbie
|
||||
* @license http://mit-license.org/
|
||||
*
|
||||
* @link https://github.com/thephpleague/oauth2-server
|
||||
*/
|
||||
|
||||
@@ -15,80 +13,26 @@ use Defuse\Crypto\Crypto;
|
||||
|
||||
trait CryptTrait
|
||||
{
|
||||
/**
|
||||
* @var CryptKey
|
||||
*/
|
||||
protected $privateKey;
|
||||
|
||||
/**
|
||||
* @var CryptKey
|
||||
*/
|
||||
protected $publicKey;
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
protected $encryptionKey;
|
||||
|
||||
/**
|
||||
* Set path to private key.
|
||||
*
|
||||
* @param CryptKey $privateKey
|
||||
*/
|
||||
public function setPrivateKey(CryptKey $privateKey)
|
||||
{
|
||||
$this->privateKey = $privateKey;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set path to public key.
|
||||
*
|
||||
* @param CryptKey $publicKey
|
||||
*/
|
||||
public function setPublicKey(CryptKey $publicKey)
|
||||
{
|
||||
$this->publicKey = $publicKey;
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt data with a private key.
|
||||
*
|
||||
* @param string $unencryptedData
|
||||
*
|
||||
* @throws \LogicException
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function encrypt($unencryptedData)
|
||||
{
|
||||
if ($this->encryptionKey !== null) {
|
||||
try {
|
||||
return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
|
||||
} catch (\Exception $e) {
|
||||
throw new \LogicException($e->getMessage());
|
||||
}
|
||||
|
||||
$privateKey = openssl_pkey_get_private($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase());
|
||||
$privateKeyDetails = @openssl_pkey_get_details($privateKey);
|
||||
if ($privateKeyDetails === null) {
|
||||
throw new \LogicException(
|
||||
sprintf('Could not get details of private key: %s', $this->privateKey->getKeyPath())
|
||||
);
|
||||
}
|
||||
|
||||
$chunkSize = ceil($privateKeyDetails['bits'] / 8) - 11;
|
||||
$output = '';
|
||||
|
||||
while ($unencryptedData) {
|
||||
$chunk = substr($unencryptedData, 0, $chunkSize);
|
||||
$unencryptedData = substr($unencryptedData, $chunkSize);
|
||||
if (openssl_private_encrypt($chunk, $encrypted, $privateKey) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \LogicException('Failed to encrypt data');
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
$output .= $encrypted;
|
||||
}
|
||||
openssl_pkey_free($privateKey);
|
||||
|
||||
return base64_encode($output);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -97,41 +41,15 @@ trait CryptTrait
|
||||
* @param string $encryptedData
|
||||
*
|
||||
* @throws \LogicException
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function decrypt($encryptedData)
|
||||
{
|
||||
if ($this->encryptionKey !== null) {
|
||||
try {
|
||||
return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
|
||||
} catch (\Exception $e) {
|
||||
throw new \LogicException($e->getMessage());
|
||||
}
|
||||
|
||||
$publicKey = openssl_pkey_get_public($this->publicKey->getKeyPath());
|
||||
$publicKeyDetails = @openssl_pkey_get_details($publicKey);
|
||||
if ($publicKeyDetails === null) {
|
||||
throw new \LogicException(
|
||||
sprintf('Could not get details of public key: %s', $this->publicKey->getKeyPath())
|
||||
);
|
||||
}
|
||||
|
||||
$chunkSize = ceil($publicKeyDetails['bits'] / 8);
|
||||
$output = '';
|
||||
|
||||
$encryptedData = base64_decode($encryptedData);
|
||||
|
||||
while ($encryptedData) {
|
||||
$chunk = substr($encryptedData, 0, $chunkSize);
|
||||
$encryptedData = substr($encryptedData, $chunkSize);
|
||||
if (openssl_public_decrypt($chunk, $decrypted, $publicKey/*, OPENSSL_PKCS1_OAEP_PADDING*/) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
throw new \LogicException('Failed to decrypt data');
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
$output .= $decrypted;
|
||||
}
|
||||
openssl_pkey_free($publicKey);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -152,7 +152,7 @@ class OAuthServerException extends \Exception
|
||||
*/
|
||||
public static function invalidRefreshToken($hint = null)
|
||||
{
|
||||
return new static('The refresh token is invalid.', 8, 'invalid_request', 400, $hint);
|
||||
return new static('The refresh token is invalid.', 8, 'invalid_request', 401, $hint);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use League\Event\EmitterAwareTrait;
|
||||
use League\OAuth2\Server\CryptKey;
|
||||
use League\OAuth2\Server\CryptTrait;
|
||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
|
||||
@@ -75,6 +76,11 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
*/
|
||||
protected $refreshTokenTTL;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\CryptKey
|
||||
*/
|
||||
protected $privateKey;
|
||||
|
||||
/**
|
||||
* @param ClientRepositoryInterface $clientRepository
|
||||
*/
|
||||
@@ -131,6 +137,16 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$this->refreshTokenTTL = $refreshTokenTTL;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the private key
|
||||
*
|
||||
* @param \League\OAuth2\Server\CryptKey $key
|
||||
*/
|
||||
public function setPrivateKey(CryptKey $key)
|
||||
{
|
||||
$this->privateKey = $key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the client.
|
||||
*
|
||||
|
||||
@@ -312,30 +312,16 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
);
|
||||
|
||||
$payload = [
|
||||
'client_id' => $authCode->getClient()->getIdentifier(),
|
||||
'redirect_uri' => $authCode->getRedirectUri(),
|
||||
'auth_code_id' => $authCode->getIdentifier(),
|
||||
'scopes' => $authCode->getScopes(),
|
||||
'user_id' => $authCode->getUserIdentifier(),
|
||||
'expire_time' => (new \DateTime())->add($this->authCodeTTL)->format('U'),
|
||||
'code_challenge' => $authorizationRequest->getCodeChallenge(),
|
||||
'code_challenge_method ' => $authorizationRequest->getCodeChallengeMethod(),
|
||||
'client_id' => $authCode->getClient()->getIdentifier(),
|
||||
'redirect_uri' => $authCode->getRedirectUri(),
|
||||
'auth_code_id' => $authCode->getIdentifier(),
|
||||
'scopes' => $authCode->getScopes(),
|
||||
'user_id' => $authCode->getUserIdentifier(),
|
||||
'expire_time' => (new \DateTime())->add($this->authCodeTTL)->format('U'),
|
||||
'code_challenge' => $authorizationRequest->getCodeChallenge(),
|
||||
'code_challenge_method' => $authorizationRequest->getCodeChallengeMethod(),
|
||||
];
|
||||
|
||||
if ($this->encryptionKey === null) {
|
||||
// Add padding to vary the length of the payload
|
||||
$payload['_padding'] = base64_encode(random_bytes(mt_rand(8, 256)));
|
||||
// Shuffle the payload so that the structure is no longer know and obvious
|
||||
$keys = array_keys($payload);
|
||||
shuffle($keys);
|
||||
$shuffledPayload = [];
|
||||
foreach ($keys as $key) {
|
||||
$shuffledPayload[$key] = $payload[$key];
|
||||
}
|
||||
} else {
|
||||
$shuffledPayload = $payload;
|
||||
}
|
||||
|
||||
$response = new RedirectResponse();
|
||||
$response->setRedirectUri(
|
||||
$this->makeRedirectUri(
|
||||
@@ -343,7 +329,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
[
|
||||
'code' => $this->encrypt(
|
||||
json_encode(
|
||||
$shuffledPayload
|
||||
$payload
|
||||
)
|
||||
),
|
||||
'state' => $authorizationRequest->getState(),
|
||||
|
||||
@@ -126,13 +126,6 @@ interface GrantTypeInterface extends EmitterAwareInterface
|
||||
*/
|
||||
public function setPrivateKey(CryptKey $privateKey);
|
||||
|
||||
/**
|
||||
* Set the path to the public key.
|
||||
*
|
||||
* @param CryptKey $publicKey
|
||||
*/
|
||||
public function setPublicKey(CryptKey $publicKey);
|
||||
|
||||
/**
|
||||
* Set the encryption key
|
||||
*
|
||||
|
||||
@@ -12,6 +12,7 @@ namespace League\OAuth2\Server\Repositories;
|
||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||
use League\OAuth2\Server\Entities\ClientEntityInterface;
|
||||
use League\OAuth2\Server\Entities\ScopeEntityInterface;
|
||||
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
|
||||
|
||||
/**
|
||||
* Access token interface.
|
||||
@@ -33,6 +34,8 @@ interface AccessTokenRepositoryInterface extends RepositoryInterface
|
||||
* Persists a new access token to permanent storage.
|
||||
*
|
||||
* @param AccessTokenEntityInterface $accessTokenEntity
|
||||
*
|
||||
* @throws UniqueTokenIdentifierConstraintViolationException
|
||||
*/
|
||||
public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEntity);
|
||||
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
namespace League\OAuth2\Server\Repositories;
|
||||
|
||||
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
|
||||
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
|
||||
|
||||
/**
|
||||
* Auth code storage interface.
|
||||
@@ -27,6 +28,8 @@ interface AuthCodeRepositoryInterface extends RepositoryInterface
|
||||
* Persists a new auth code to permanent storage.
|
||||
*
|
||||
* @param AuthCodeEntityInterface $authCodeEntity
|
||||
*
|
||||
* @throws UniqueTokenIdentifierConstraintViolationException
|
||||
*/
|
||||
public function persistNewAuthCode(AuthCodeEntityInterface $authCodeEntity);
|
||||
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
namespace League\OAuth2\Server\Repositories;
|
||||
|
||||
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
||||
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
|
||||
|
||||
/**
|
||||
* Refresh token interface.
|
||||
@@ -27,6 +28,8 @@ interface RefreshTokenRepositoryInterface extends RepositoryInterface
|
||||
* Create a new refresh token_name.
|
||||
*
|
||||
* @param RefreshTokenEntityInterface $refreshTokenEntity
|
||||
*
|
||||
* @throws UniqueTokenIdentifierConstraintViolationException
|
||||
*/
|
||||
public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntity);
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
|
||||
namespace League\OAuth2\Server\ResponseTypes;
|
||||
|
||||
use League\OAuth2\Server\CryptKey;
|
||||
use League\OAuth2\Server\CryptTrait;
|
||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
||||
@@ -29,6 +30,11 @@ abstract class AbstractResponseType implements ResponseTypeInterface
|
||||
*/
|
||||
protected $refreshToken;
|
||||
|
||||
/**
|
||||
* @var CryptKey
|
||||
*/
|
||||
protected $privateKey;
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
@@ -44,4 +50,15 @@ abstract class AbstractResponseType implements ResponseTypeInterface
|
||||
{
|
||||
$this->refreshToken = $refreshToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the private key
|
||||
*
|
||||
* @param \League\OAuth2\Server\CryptKey $key
|
||||
*/
|
||||
public function setPrivateKey(CryptKey $key)
|
||||
{
|
||||
$this->privateKey = $key;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -26,6 +26,13 @@ use Zend\Diactoros\ServerRequestFactory;
|
||||
|
||||
class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function setUp()
|
||||
{
|
||||
// Make sure the keys have the correct permissions.
|
||||
chmod(__DIR__ . '/Stubs/private.key', 0600);
|
||||
chmod(__DIR__ . '/Stubs/public.key', 0600);
|
||||
}
|
||||
|
||||
public function testRespondToRequestInvalidGrantType()
|
||||
{
|
||||
$server = new AuthorizationServer(
|
||||
@@ -33,10 +40,9 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
|
||||
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key',
|
||||
base64_encode(random_bytes(36)),
|
||||
new StubResponseType()
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
|
||||
|
||||
@@ -64,10 +70,9 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
$accessTokenRepositoryMock,
|
||||
$scopeRepositoryMock,
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key',
|
||||
base64_encode(random_bytes(36)),
|
||||
new StubResponseType()
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
|
||||
|
||||
@@ -89,7 +94,6 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($server);
|
||||
$method = $abstractGrantReflection->getMethod('getResponseType');
|
||||
@@ -109,7 +113,6 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
||||
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
||||
@@ -120,9 +123,6 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/Stubs/public.key'));
|
||||
|
||||
$server->enableGrantType($grant);
|
||||
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@@ -156,7 +156,6 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
$server->enableGrantType($grant);
|
||||
|
||||
$request = new ServerRequest(
|
||||
@@ -189,7 +188,6 @@ class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
|
||||
@@ -8,7 +8,7 @@ use LeagueTests\Stubs\CryptTraitStub;
|
||||
class CryptTraitTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
/**
|
||||
* CryptTrait stub
|
||||
* @var \LeagueTests\Stubs\CryptTraitStub
|
||||
*/
|
||||
protected $cryptStub;
|
||||
|
||||
@@ -26,30 +26,4 @@ class CryptTraitTest extends \PHPUnit_Framework_TestCase
|
||||
$this->assertNotEquals($payload, $encrypted);
|
||||
$this->assertEquals($payload, $plainText);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testBadPrivateKey()
|
||||
{
|
||||
$this->cryptStub->setPrivateKey(new CryptKey(__DIR__ . '/Stubs/public.key'));
|
||||
$this->cryptStub->doEncrypt('');
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testBadPublicKey()
|
||||
{
|
||||
$this->cryptStub->setPublicKey(new CryptKey(__DIR__ . '/Stubs/private.key'));
|
||||
$this->cryptStub->doDecrypt('');
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testNonExistentKey()
|
||||
{
|
||||
new CryptKey('foo/bar');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,8 +27,6 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
/** @var AbstractGrant $grantMock */
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$grantMock->setPrivateKey(new CryptKey(__DIR__ . '/../Stubs/private.key'));
|
||||
$grantMock->setPublicKey(new CryptKey(__DIR__ . '/../Stubs/public.key'));
|
||||
$grantMock->setEmitter(new Emitter());
|
||||
}
|
||||
|
||||
|
||||
@@ -510,9 +510,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
}
|
||||
@@ -537,9 +535,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
}
|
||||
@@ -574,8 +570,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -643,8 +638,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -715,8 +709,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -773,7 +766,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -820,7 +813,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -873,8 +866,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -919,8 +911,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -983,8 +974,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1044,8 +1034,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1105,8 +1094,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1164,8 +1152,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1237,8 +1224,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1310,8 +1296,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1370,9 +1355,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
}
|
||||
@@ -1398,9 +1381,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
}
|
||||
@@ -1427,9 +1408,6 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
new \DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
}
|
||||
|
||||
@@ -1464,8 +1442,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1536,8 +1513,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
@@ -1608,8 +1584,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
|
||||
@@ -283,7 +283,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
@@ -307,7 +306,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
@@ -329,7 +327,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$this->assertTrue($grant->completeAuthorizationRequest($authRequest) instanceof RedirectResponse);
|
||||
@@ -354,7 +351,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
@@ -379,7 +375,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
|
||||
@@ -21,7 +21,7 @@ use Zend\Diactoros\ServerRequest;
|
||||
class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
/**
|
||||
* CryptTrait stub
|
||||
* @var CryptTraitStub
|
||||
*/
|
||||
protected $cryptStub;
|
||||
|
||||
@@ -65,7 +65,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
@@ -121,7 +121,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
@@ -180,7 +180,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
@@ -227,7 +227,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
@@ -259,7 +259,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = 'foobar';
|
||||
@@ -291,14 +291,13 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
||||
|
||||
|
||||
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
||||
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
||||
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
@@ -344,7 +343,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
@@ -391,7 +390,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$oldRefreshToken = $this->cryptStub->doEncrypt(
|
||||
|
||||
@@ -33,10 +33,9 @@ class AuthorizationServerMiddlewareTest extends \PHPUnit_Framework_TestCase
|
||||
$accessRepositoryMock,
|
||||
$scopeRepositoryMock,
|
||||
'file://' . __DIR__ . '/../Stubs/private.key',
|
||||
'file://' . __DIR__ . '/../Stubs/public.key',
|
||||
base64_encode(random_bytes(36)),
|
||||
new StubResponseType()
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$server->enableGrantType(new ClientCredentialsGrant());
|
||||
|
||||
@@ -67,10 +66,9 @@ class AuthorizationServerMiddlewareTest extends \PHPUnit_Framework_TestCase
|
||||
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
|
||||
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
|
||||
'file://' . __DIR__ . '/../Stubs/private.key',
|
||||
'file://' . __DIR__ . '/../Stubs/public.key',
|
||||
base64_encode(random_bytes(36)),
|
||||
new StubResponseType()
|
||||
);
|
||||
$server->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
|
||||
|
||||
@@ -99,7 +97,8 @@ class AuthorizationServerMiddlewareTest extends \PHPUnit_Framework_TestCase
|
||||
$response = $exception->generateHttpResponse(new Response());
|
||||
|
||||
$this->assertEquals(302, $response->getStatusCode());
|
||||
$this->assertEquals('http://foo/bar?error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope', $response->getHeader('location')[0]);
|
||||
$this->assertEquals('http://foo/bar?error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
|
||||
$response->getHeader('location')[0]);
|
||||
}
|
||||
|
||||
public function testOAuthErrorResponseRedirectUriFragment()
|
||||
@@ -108,6 +107,7 @@ class AuthorizationServerMiddlewareTest extends \PHPUnit_Framework_TestCase
|
||||
$response = $exception->generateHttpResponse(new Response(), true);
|
||||
|
||||
$this->assertEquals(302, $response->getStatusCode());
|
||||
$this->assertEquals('http://foo/bar#error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope', $response->getHeader('location')[0]);
|
||||
$this->assertEquals('http://foo/bar#error=invalid_scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope',
|
||||
$response->getHeader('location')[0]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -23,7 +23,7 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponse($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setIdentifier('clientName');
|
||||
@@ -67,7 +67,7 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponseWithParams($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setIdentifier('clientName');
|
||||
@@ -115,7 +115,7 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponse($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setIdentifier('clientName');
|
||||
@@ -141,7 +141,6 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
$accessTokenRepositoryMock->method('isAccessTokenRevoked')->willReturn(false);
|
||||
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
@@ -162,7 +161,7 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponse($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setIdentifier('clientName');
|
||||
@@ -185,7 +184,6 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
$json = json_decode((string) $response->getBody());
|
||||
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
@@ -205,7 +203,7 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
$responseType = new BearerTokenResponse();
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$client = new ClientEntity();
|
||||
$client->setIdentifier('clientName');
|
||||
@@ -231,7 +229,6 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
$accessTokenRepositoryMock->method('isAccessTokenRevoked')->willReturn(true);
|
||||
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
@@ -253,12 +250,11 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponse($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
@@ -280,12 +276,11 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
|
||||
|
||||
$responseType = new BearerTokenResponse($accessTokenRepositoryMock);
|
||||
$responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
$responseType->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
|
||||
@@ -11,8 +11,12 @@ class CryptTraitStub
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->setPrivateKey(new CryptKey('file://' . __DIR__ . '/private.key'));
|
||||
$this->setPublicKey(new CryptKey('file://' . __DIR__ . '/public.key'));
|
||||
$this->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||
}
|
||||
|
||||
public function getKey()
|
||||
{
|
||||
return $this->encryptionKey;
|
||||
}
|
||||
|
||||
public function doEncrypt($unencryptedData)
|
||||
|
||||
Reference in New Issue
Block a user