diff options
Diffstat (limited to 'library/oauth2/src/OAuth2/TokenType')
-rw-r--r-- | library/oauth2/src/OAuth2/TokenType/Bearer.php | 130 | ||||
-rw-r--r-- | library/oauth2/src/OAuth2/TokenType/Mac.php | 22 | ||||
-rw-r--r-- | library/oauth2/src/OAuth2/TokenType/TokenTypeInterface.php | 21 |
3 files changed, 0 insertions, 173 deletions
diff --git a/library/oauth2/src/OAuth2/TokenType/Bearer.php b/library/oauth2/src/OAuth2/TokenType/Bearer.php deleted file mode 100644 index 8ac8596ac..000000000 --- a/library/oauth2/src/OAuth2/TokenType/Bearer.php +++ /dev/null @@ -1,130 +0,0 @@ -<?php - -namespace OAuth2\TokenType; - -use OAuth2\RequestInterface; -use OAuth2\ResponseInterface; - -/** -* -*/ -class Bearer implements TokenTypeInterface -{ - private $config; - - public function __construct(array $config = array()) - { - $this->config = array_merge(array( - 'token_param_name' => 'access_token', - 'token_bearer_header_name' => 'Bearer', - ), $config); - } - - public function getTokenType() - { - return 'Bearer'; - } - - /** - * Check if the request has supplied token - * - * @see https://github.com/bshaffer/oauth2-server-php/issues/349#issuecomment-37993588 - */ - public function requestHasToken(RequestInterface $request) - { - $headers = $request->headers('AUTHORIZATION'); - - // check the header, then the querystring, then the request body - return !empty($headers) || (bool) ($request->request($this->config['token_param_name'])) || (bool) ($request->query($this->config['token_param_name'])); - } - - /** - * This is a convenience function that can be used to get the token, which can then - * be passed to getAccessTokenData(). The constraints specified by the draft are - * attempted to be adheared to in this method. - * - * As per the Bearer spec (draft 8, section 2) - there are three ways for a client - * to specify the bearer token, in order of preference: Authorization Header, - * POST and GET. - * - * NB: Resource servers MUST accept tokens via the Authorization scheme - * (http://tools.ietf.org/html/rfc6750#section-2). - * - * @todo Should we enforce TLS/SSL in this function? - * - * @see http://tools.ietf.org/html/rfc6750#section-2.1 - * @see http://tools.ietf.org/html/rfc6750#section-2.2 - * @see http://tools.ietf.org/html/rfc6750#section-2.3 - * - * Old Android version bug (at least with version 2.2) - * @see http://code.google.com/p/android/issues/detail?id=6684 - * - */ - public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response) - { - $headers = $request->headers('AUTHORIZATION'); - - /** - * Ensure more than one method is not used for including an - * access token - * - * @see http://tools.ietf.org/html/rfc6750#section-3.1 - */ - $methodsUsed = !empty($headers) + (bool) ($request->query($this->config['token_param_name'])) + (bool) ($request->request($this->config['token_param_name'])); - if ($methodsUsed > 1) { - $response->setError(400, 'invalid_request', 'Only one method may be used to authenticate at a time (Auth header, GET or POST)'); - - return null; - } - - /** - * If no authentication is provided, set the status code - * to 401 and return no other error information - * - * @see http://tools.ietf.org/html/rfc6750#section-3.1 - */ - if ($methodsUsed == 0) { - $response->setStatusCode(401); - - return null; - } - - // HEADER: Get the access token from the header - if (!empty($headers)) { - if (!preg_match('/' . $this->config['token_bearer_header_name'] . '\s(\S+)/i', $headers, $matches)) { - $response->setError(400, 'invalid_request', 'Malformed auth header'); - - return null; - } - - return $matches[1]; - } - - if ($request->request($this->config['token_param_name'])) { - // // POST: Get the token from POST data - if (!in_array(strtolower($request->server('REQUEST_METHOD')), array('post', 'put'))) { - $response->setError(400, 'invalid_request', 'When putting the token in the body, the method must be POST or PUT', '#section-2.2'); - - return null; - } - - $contentType = $request->server('CONTENT_TYPE'); - if (false !== $pos = strpos($contentType, ';')) { - $contentType = substr($contentType, 0, $pos); - } - - if ($contentType !== null && $contentType != 'application/x-www-form-urlencoded') { - // IETF specifies content-type. NB: Not all webservers populate this _SERVER variable - // @see http://tools.ietf.org/html/rfc6750#section-2.2 - $response->setError(400, 'invalid_request', 'The content type for POST requests must be "application/x-www-form-urlencoded"'); - - return null; - } - - return $request->request($this->config['token_param_name']); - } - - // GET method - return $request->query($this->config['token_param_name']); - } -} diff --git a/library/oauth2/src/OAuth2/TokenType/Mac.php b/library/oauth2/src/OAuth2/TokenType/Mac.php deleted file mode 100644 index fe6a86aa6..000000000 --- a/library/oauth2/src/OAuth2/TokenType/Mac.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -namespace OAuth2\TokenType; - -use OAuth2\RequestInterface; -use OAuth2\ResponseInterface; - -/** -* This is not yet supported! -*/ -class Mac implements TokenTypeInterface -{ - public function getTokenType() - { - return 'mac'; - } - - public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response) - { - throw new \LogicException("Not supported"); - } -} diff --git a/library/oauth2/src/OAuth2/TokenType/TokenTypeInterface.php b/library/oauth2/src/OAuth2/TokenType/TokenTypeInterface.php deleted file mode 100644 index ad77d4a25..000000000 --- a/library/oauth2/src/OAuth2/TokenType/TokenTypeInterface.php +++ /dev/null @@ -1,21 +0,0 @@ -<?php - -namespace OAuth2\TokenType; - -use OAuth2\RequestInterface; -use OAuth2\ResponseInterface; - -interface TokenTypeInterface -{ - /** - * Token type identification string - * - * ex: "bearer" or "mac" - */ - public function getTokenType(); - - /** - * Retrieves the token string from the request object - */ - public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response); -} |