diff options
author | Mario <mario@mariovavti.com> | 2018-03-09 11:12:18 +0100 |
---|---|---|
committer | Mario <mario@mariovavti.com> | 2018-03-09 11:12:18 +0100 |
commit | 4baf5eab16d809977a44e7911ddcab0ff8383897 (patch) | |
tree | 393f618c4cfc20f53264ecd8a26a08de0823d35d /vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php | |
parent | 577da0eb9eb1f90a4cf7a70cfb3582cfb49007ac (diff) | |
parent | 7361af85b5488fc8bd1744389a3a332dc74276b0 (diff) | |
download | volse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.tar.gz volse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.tar.bz2 volse-hubzilla-4baf5eab16d809977a44e7911ddcab0ff8383897.zip |
Merge branch '3.2RC'3.2
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php')
-rw-r--r-- | vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php | 74 |
1 files changed, 56 insertions, 18 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php index 5d2d731fe..7fdaf85a6 100644 --- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php +++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php @@ -10,9 +10,12 @@ use OAuth2\Scope; use OAuth2\Storage\ClientInterface; use OAuth2\RequestInterface; use OAuth2\ResponseInterface; +use InvalidArgumentException; +use LogicException; +use RuntimeException; /** - * @see \OAuth2\Controller\TokenControllerInterface + * @see TokenControllerInterface */ class TokenController implements TokenControllerInterface { @@ -22,7 +25,7 @@ class TokenController implements TokenControllerInterface protected $accessToken; /** - * @var array + * @var array<GrantTypeInterface> */ protected $grantTypes; @@ -32,7 +35,7 @@ class TokenController implements TokenControllerInterface protected $clientAssertionType; /** - * @var Scope|ScopeInterface + * @var ScopeInterface */ protected $scopeUtil; @@ -41,12 +44,22 @@ class TokenController implements TokenControllerInterface */ protected $clientStorage; + /** + * Constructor + * + * @param AccessTokenInterface $accessToken + * @param ClientInterface $clientStorage + * @param array $grantTypes + * @param ClientAssertionTypeInterface $clientAssertionType + * @param ScopeInterface $scopeUtil + * @throws InvalidArgumentException + */ public function __construct(AccessTokenInterface $accessToken, ClientInterface $clientStorage, array $grantTypes = array(), ClientAssertionTypeInterface $clientAssertionType = null, ScopeInterface $scopeUtil = null) { if (is_null($clientAssertionType)) { foreach ($grantTypes as $grantType) { if (!$grantType instanceof ClientAssertionTypeInterface) { - throw new \InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface'); + throw new InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface'); } } } @@ -63,6 +76,12 @@ class TokenController implements TokenControllerInterface $this->scopeUtil = $scopeUtil; } + /** + * Handle the token request. + * + * @param RequestInterface $request - Request object to grant access token + * @param ResponseInterface $response - Response object + */ public function handleTokenRequest(RequestInterface $request, ResponseInterface $response) { if ($token = $this->grantAccessToken($request, $response)) { @@ -83,8 +102,10 @@ class TokenController implements TokenControllerInterface * This would be called from the "/token" endpoint as defined in the spec. * You can call your endpoint whatever you want. * - * @param RequestInterface $request Request object to grant access token - * @param ResponseInterface $response + * @param RequestInterface $request - Request object to grant access token + * @param ResponseInterface $response - Response object + * + * @return bool|null|array * * @throws \InvalidArgumentException * @throws \LogicException @@ -97,9 +118,15 @@ class TokenController implements TokenControllerInterface */ public function grantAccessToken(RequestInterface $request, ResponseInterface $response) { - if (strtolower($request->server('REQUEST_METHOD')) != 'post') { + if (strtolower($request->server('REQUEST_METHOD')) === 'options') { + $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS')); + + return null; + } + + if (strtolower($request->server('REQUEST_METHOD')) !== 'post') { $response->setError(405, 'invalid_request', 'The request method must be POST when requesting an access token', '#section-3.2'); - $response->addHttpHeaders(array('Allow' => 'POST')); + $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS')); return null; } @@ -121,6 +148,7 @@ class TokenController implements TokenControllerInterface return null; } + /** @var GrantTypeInterface $grantType */ $grantType = $this->grantTypes[$grantTypeIdentifier]; /** @@ -128,8 +156,8 @@ class TokenController implements TokenControllerInterface * ClientAssertionTypes allow for grant types which also assert the client data * in which case ClientAssertion is handled in the validateRequest method * - * @see OAuth2\GrantType\JWTBearer - * @see OAuth2\GrantType\ClientCredentials + * @see \OAuth2\GrantType\JWTBearer + * @see \OAuth2\GrantType\ClientCredentials */ if (!$grantType instanceof ClientAssertionTypeInterface) { if (!$this->clientAssertionType->validateRequest($request, $response)) { @@ -178,7 +206,6 @@ class TokenController implements TokenControllerInterface * * @see http://tools.ietf.org/html/rfc6749#section-3.3 */ - $requestedScope = $this->scopeUtil->getScopeFromRequest($request); $availableScope = $grantType->getScope(); @@ -225,20 +252,24 @@ class TokenController implements TokenControllerInterface } /** - * addGrantType + * Add grant type * - * @param GrantTypeInterface $grantType the grant type to add for the specified identifier - * @param string $identifier a string passed in as "grant_type" in the response that will call this grantType + * @param GrantTypeInterface $grantType - the grant type to add for the specified identifier + * @param string|null $identifier - a string passed in as "grant_type" in the response that will call this grantType */ public function addGrantType(GrantTypeInterface $grantType, $identifier = null) { if (is_null($identifier) || is_numeric($identifier)) { - $identifier = $grantType->getQuerystringIdentifier(); + $identifier = $grantType->getQueryStringIdentifier(); } $this->grantTypes[$identifier] = $grantType; } + /** + * @param RequestInterface $request + * @param ResponseInterface $response + */ public function handleRevokeRequest(RequestInterface $request, ResponseInterface $response) { if ($this->revokeToken($request, $response)) { @@ -257,13 +288,20 @@ class TokenController implements TokenControllerInterface * * @param RequestInterface $request * @param ResponseInterface $response + * @throws RuntimeException * @return bool|null */ public function revokeToken(RequestInterface $request, ResponseInterface $response) { - if (strtolower($request->server('REQUEST_METHOD')) != 'post') { + if (strtolower($request->server('REQUEST_METHOD')) === 'options') { + $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS')); + + return null; + } + + if (strtolower($request->server('REQUEST_METHOD')) !== 'post') { $response->setError(405, 'invalid_request', 'The request method must be POST when revoking an access token', '#section-3.2'); - $response->addHttpHeaders(array('Allow' => 'POST')); + $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS')); return null; } @@ -285,7 +323,7 @@ class TokenController implements TokenControllerInterface // @todo remove this check for v2.0 if (!method_exists($this->accessToken, 'revokeToken')) { $class = get_class($this->accessToken); - throw new \RuntimeException("AccessToken {$class} does not implement required revokeToken method"); + throw new RuntimeException("AccessToken {$class} does not implement required revokeToken method"); } $this->accessToken->revokeToken($token, $token_type_hint); |