diff options
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php')
-rw-r--r-- | vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php | 48 |
1 files changed, 32 insertions, 16 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php index 0ecb7e18d..ef6120300 100644 --- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php +++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php @@ -5,6 +5,7 @@ namespace OAuth2\ClientAssertionType; use OAuth2\Storage\ClientCredentialsInterface; use OAuth2\RequestInterface; use OAuth2\ResponseInterface; +use LogicException; /** * Validate a client via Http Basic authentication @@ -19,14 +20,16 @@ class HttpBasic implements ClientAssertionTypeInterface protected $config; /** - * @param OAuth2\Storage\ClientCredentialsInterface $clientStorage REQUIRED Storage class for retrieving client credentials information - * @param array $config OPTIONAL Configuration options for the server - * <code> - * $config = array( - * 'allow_credentials_in_request_body' => true, // whether to look for credentials in the POST body in addition to the Authorize HTTP Header - * 'allow_public_clients' => true // if true, "public clients" (clients without a secret) may be authenticated - * ); - * </code> + * Config array $config should look as follows: + * @code + * $config = array( + * 'allow_credentials_in_request_body' => true, // whether to look for credentials in the POST body in addition to the Authorize HTTP Header + * 'allow_public_clients' => true // if true, "public clients" (clients without a secret) may be authenticated + * ); + * @endcode + * + * @param ClientCredentialsInterface $storage Storage + * @param array $config Configuration options for the server */ public function __construct(ClientCredentialsInterface $storage, array $config = array()) { @@ -37,6 +40,14 @@ class HttpBasic implements ClientAssertionTypeInterface ), $config); } + /** + * Validate the OAuth request + * + * @param RequestInterface $request + * @param ResponseInterface $response + * @return bool|mixed + * @throws LogicException + */ public function validateRequest(RequestInterface $request, ResponseInterface $response) { if (!$clientData = $this->getClientCredentials($request, $response)) { @@ -44,7 +55,7 @@ class HttpBasic implements ClientAssertionTypeInterface } if (!isset($clientData['client_id'])) { - throw new \LogicException('the clientData array must have "client_id" set'); + throw new LogicException('the clientData array must have "client_id" set'); } if (!isset($clientData['client_secret']) || $clientData['client_secret'] == '') { @@ -70,6 +81,11 @@ class HttpBasic implements ClientAssertionTypeInterface return true; } + /** + * Get the client id + * + * @return mixed + */ public function getClientId() { return $this->clientData['client_id']; @@ -82,13 +98,14 @@ class HttpBasic implements ClientAssertionTypeInterface * According to the spec (draft 20), the client_id can be provided in * the Basic Authorization header (recommended) or via GET/POST. * - * @return - * A list containing the client identifier and password, for example + * @param RequestInterface $request + * @param ResponseInterface $response + * @return array|null A list containing the client identifier and password, for example: * @code - * return array( - * "client_id" => CLIENT_ID, // REQUIRED the client id - * "client_secret" => CLIENT_SECRET, // OPTIONAL the client secret (may be omitted for public clients) - * ); + * return array( + * "client_id" => CLIENT_ID, // REQUIRED the client id + * "client_secret" => CLIENT_SECRET, // OPTIONAL the client secret (may be omitted for public clients) + * ); * @endcode * * @see http://tools.ietf.org/html/rfc6749#section-2.3.1 @@ -108,7 +125,6 @@ class HttpBasic implements ClientAssertionTypeInterface * client_secret can be null if the client's password is an empty string * @see http://tools.ietf.org/html/rfc6749#section-2.3.1 */ - return array('client_id' => $request->request('client_id'), 'client_secret' => $request->request('client_secret')); } } |