diff options
author | Mario Vavti <mario@mariovavti.com> | 2017-03-20 08:53:08 +0100 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2017-03-20 08:53:08 +0100 |
commit | b10c519cc16ac7cc115becd19bc8eeb3ee2e4c38 (patch) | |
tree | 303a49bd4e386ea8895e07c31f826b15f711ae27 /vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php | |
parent | 2f3f95d3a9473d4b9c15727c960f51026c992094 (diff) | |
parent | 1bdab6e633fd023432ed86ad898da1fe4ddc470f (diff) | |
download | volse-hubzilla-b10c519cc16ac7cc115becd19bc8eeb3ee2e4c38.tar.gz volse-hubzilla-b10c519cc16ac7cc115becd19bc8eeb3ee2e4c38.tar.bz2 volse-hubzilla-b10c519cc16ac7cc115becd19bc8eeb3ee2e4c38.zip |
Merge branch 'dev' into bs4
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php')
-rw-r--r-- | vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php new file mode 100644 index 000000000..c44350bfd --- /dev/null +++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Scope.php @@ -0,0 +1,103 @@ +<?php + +namespace OAuth2; + +use OAuth2\Storage\Memory; +use OAuth2\Storage\ScopeInterface as ScopeStorageInterface; + +/** +* @see OAuth2\ScopeInterface +*/ +class Scope implements ScopeInterface +{ + protected $storage; + + /** + * @param mixed @storage + * Either an array of supported scopes, or an instance of OAuth2\Storage\ScopeInterface + */ + public function __construct($storage = null) + { + if (is_null($storage) || is_array($storage)) { + $storage = new Memory((array) $storage); + } + + if (!$storage instanceof ScopeStorageInterface) { + throw new \InvalidArgumentException("Argument 1 to OAuth2\Scope must be null, an array, or instance of OAuth2\Storage\ScopeInterface"); + } + + $this->storage = $storage; + } + + /** + * Check if everything in required scope is contained in available scope. + * + * @param $required_scope + * A space-separated string of scopes. + * + * @return + * TRUE if everything in required scope is contained in available scope, + * and FALSE if it isn't. + * + * @see http://tools.ietf.org/html/rfc6749#section-7 + * + * @ingroup oauth2_section_7 + */ + public function checkScope($required_scope, $available_scope) + { + $required_scope = explode(' ', trim($required_scope)); + $available_scope = explode(' ', trim($available_scope)); + + return (count(array_diff($required_scope, $available_scope)) == 0); + } + + /** + * Check if the provided scope exists in storage. + * + * @param $scope + * A space-separated string of scopes. + * + * @return + * TRUE if it exists, FALSE otherwise. + */ + public function scopeExists($scope) + { + // Check reserved scopes first. + $scope = explode(' ', trim($scope)); + $reservedScope = $this->getReservedScopes(); + $nonReservedScopes = array_diff($scope, $reservedScope); + if (count($nonReservedScopes) == 0) { + return true; + } else { + // Check the storage for non-reserved scopes. + $nonReservedScopes = implode(' ', $nonReservedScopes); + + return $this->storage->scopeExists($nonReservedScopes); + } + } + + public function getScopeFromRequest(RequestInterface $request) + { + // "scope" is valid if passed in either POST or QUERY + return $request->request('scope', $request->query('scope')); + } + + public function getDefaultScope($client_id = null) + { + return $this->storage->getDefaultScope($client_id); + } + + /** + * Get reserved scopes needed by the server. + * + * In case OpenID Connect is used, these scopes must include: + * 'openid', offline_access'. + * + * @return + * An array of reserved scopes. + */ + public function getReservedScopes() + { + return array('openid', 'offline_access'); + } +} |