aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2018-03-09 11:12:18 +0100
committerMario <mario@mariovavti.com>2018-03-09 11:12:18 +0100
commit4baf5eab16d809977a44e7911ddcab0ff8383897 (patch)
tree393f618c4cfc20f53264ecd8a26a08de0823d35d /vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
parent577da0eb9eb1f90a4cf7a70cfb3582cfb49007ac (diff)
parent7361af85b5488fc8bd1744389a3a332dc74276b0 (diff)
downloadvolse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.tar.gz
volse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.tar.bz2
volse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.zip
Merge branch '3.2RC'3.2
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php')
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php74
1 files changed, 56 insertions, 18 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
index 5d2d731fe..7fdaf85a6 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
@@ -10,9 +10,12 @@ use OAuth2\Scope;
use OAuth2\Storage\ClientInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
+use InvalidArgumentException;
+use LogicException;
+use RuntimeException;
/**
- * @see \OAuth2\Controller\TokenControllerInterface
+ * @see TokenControllerInterface
*/
class TokenController implements TokenControllerInterface
{
@@ -22,7 +25,7 @@ class TokenController implements TokenControllerInterface
protected $accessToken;
/**
- * @var array
+ * @var array<GrantTypeInterface>
*/
protected $grantTypes;
@@ -32,7 +35,7 @@ class TokenController implements TokenControllerInterface
protected $clientAssertionType;
/**
- * @var Scope|ScopeInterface
+ * @var ScopeInterface
*/
protected $scopeUtil;
@@ -41,12 +44,22 @@ class TokenController implements TokenControllerInterface
*/
protected $clientStorage;
+ /**
+ * Constructor
+ *
+ * @param AccessTokenInterface $accessToken
+ * @param ClientInterface $clientStorage
+ * @param array $grantTypes
+ * @param ClientAssertionTypeInterface $clientAssertionType
+ * @param ScopeInterface $scopeUtil
+ * @throws InvalidArgumentException
+ */
public function __construct(AccessTokenInterface $accessToken, ClientInterface $clientStorage, array $grantTypes = array(), ClientAssertionTypeInterface $clientAssertionType = null, ScopeInterface $scopeUtil = null)
{
if (is_null($clientAssertionType)) {
foreach ($grantTypes as $grantType) {
if (!$grantType instanceof ClientAssertionTypeInterface) {
- throw new \InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
+ throw new InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
}
}
}
@@ -63,6 +76,12 @@ class TokenController implements TokenControllerInterface
$this->scopeUtil = $scopeUtil;
}
+ /**
+ * Handle the token request.
+ *
+ * @param RequestInterface $request - Request object to grant access token
+ * @param ResponseInterface $response - Response object
+ */
public function handleTokenRequest(RequestInterface $request, ResponseInterface $response)
{
if ($token = $this->grantAccessToken($request, $response)) {
@@ -83,8 +102,10 @@ class TokenController implements TokenControllerInterface
* This would be called from the "/token" endpoint as defined in the spec.
* You can call your endpoint whatever you want.
*
- * @param RequestInterface $request Request object to grant access token
- * @param ResponseInterface $response
+ * @param RequestInterface $request - Request object to grant access token
+ * @param ResponseInterface $response - Response object
+ *
+ * @return bool|null|array
*
* @throws \InvalidArgumentException
* @throws \LogicException
@@ -97,9 +118,15 @@ class TokenController implements TokenControllerInterface
*/
public function grantAccessToken(RequestInterface $request, ResponseInterface $response)
{
- if (strtolower($request->server('REQUEST_METHOD')) != 'post') {
+ if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
+
+ return null;
+ }
+
+ if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
$response->setError(405, 'invalid_request', 'The request method must be POST when requesting an access token', '#section-3.2');
- $response->addHttpHeaders(array('Allow' => 'POST'));
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
return null;
}
@@ -121,6 +148,7 @@ class TokenController implements TokenControllerInterface
return null;
}
+ /** @var GrantTypeInterface $grantType */
$grantType = $this->grantTypes[$grantTypeIdentifier];
/**
@@ -128,8 +156,8 @@ class TokenController implements TokenControllerInterface
* ClientAssertionTypes allow for grant types which also assert the client data
* in which case ClientAssertion is handled in the validateRequest method
*
- * @see OAuth2\GrantType\JWTBearer
- * @see OAuth2\GrantType\ClientCredentials
+ * @see \OAuth2\GrantType\JWTBearer
+ * @see \OAuth2\GrantType\ClientCredentials
*/
if (!$grantType instanceof ClientAssertionTypeInterface) {
if (!$this->clientAssertionType->validateRequest($request, $response)) {
@@ -178,7 +206,6 @@ class TokenController implements TokenControllerInterface
*
* @see http://tools.ietf.org/html/rfc6749#section-3.3
*/
-
$requestedScope = $this->scopeUtil->getScopeFromRequest($request);
$availableScope = $grantType->getScope();
@@ -225,20 +252,24 @@ class TokenController implements TokenControllerInterface
}
/**
- * addGrantType
+ * Add grant type
*
- * @param GrantTypeInterface $grantType the grant type to add for the specified identifier
- * @param string $identifier a string passed in as "grant_type" in the response that will call this grantType
+ * @param GrantTypeInterface $grantType - the grant type to add for the specified identifier
+ * @param string|null $identifier - a string passed in as "grant_type" in the response that will call this grantType
*/
public function addGrantType(GrantTypeInterface $grantType, $identifier = null)
{
if (is_null($identifier) || is_numeric($identifier)) {
- $identifier = $grantType->getQuerystringIdentifier();
+ $identifier = $grantType->getQueryStringIdentifier();
}
$this->grantTypes[$identifier] = $grantType;
}
+ /**
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ */
public function handleRevokeRequest(RequestInterface $request, ResponseInterface $response)
{
if ($this->revokeToken($request, $response)) {
@@ -257,13 +288,20 @@ class TokenController implements TokenControllerInterface
*
* @param RequestInterface $request
* @param ResponseInterface $response
+ * @throws RuntimeException
* @return bool|null
*/
public function revokeToken(RequestInterface $request, ResponseInterface $response)
{
- if (strtolower($request->server('REQUEST_METHOD')) != 'post') {
+ if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
+
+ return null;
+ }
+
+ if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
$response->setError(405, 'invalid_request', 'The request method must be POST when revoking an access token', '#section-3.2');
- $response->addHttpHeaders(array('Allow' => 'POST'));
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
return null;
}
@@ -285,7 +323,7 @@ class TokenController implements TokenControllerInterface
// @todo remove this check for v2.0
if (!method_exists($this->accessToken, 'revokeToken')) {
$class = get_class($this->accessToken);
- throw new \RuntimeException("AccessToken {$class} does not implement required revokeToken method");
+ throw new RuntimeException("AccessToken {$class} does not implement required revokeToken method");
}
$this->accessToken->revokeToken($token, $token_type_hint);