diff --git a/tests/TestBundle/Controller/DemoController.php b/tests/TestBundle/Controller/DemoController.php
index 724b5503..949e71ca 100644
--- a/tests/TestBundle/Controller/DemoController.php
+++ b/tests/TestBundle/Controller/DemoController.php
@@ -11,6 +11,7 @@
namespace AuthBucket\OAuth2\Tests\TestBundle\Controller;
+use AuthBucket\OAuth2\Exception\InvalidScopeException;
use Silex\Application;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Client;
@@ -21,6 +22,81 @@ public function indexAction(Request $request, Application $app)
{
return $app['twig']->render('demo/index.html.twig');
}
+ public function loginAction(Request $request, Application $app)
+ {
+ $session = $request->getSession();
+
+ $error = $app['security.last_error']($request);
+ $_username = $session->get('_username');
+ $_password = $session->get('_password');
+
+ return $app['twig']->render('demo/login.html.twig', array(
+ 'error' => $error,
+ '_username' => $_username,
+ '_password' => $_password,
+ ));
+ }
+
+ public function authorizeAction(Request $request, Application $app)
+ {
+ // We only handle non-authorized scope here.
+ try {
+ return $app['authbucket_oauth2.oauth2_controller']->authorizeAction($request);
+ } catch (InvalidScopeException $exception) {
+ $message = unserialize($exception->getMessage());
+ if ($message['error_description'] !== 'The requested scope is invalid.') {
+ throw $exception;
+ }
+ }
+
+ // Fetch parameters, which already checked.
+ $clientId = $request->query->get('client_id');
+ $username = $app['security']->getToken()->getUser()->getUsername();
+ $scope = preg_split('/\s+/', $request->query->get('scope', ''));
+
+ // Create form.
+ $form = $app['form.factory']->createBuilder('form')->getForm();
+ $form->handleRequest($request);
+
+ // Save authorized scope if submitted by POST.
+ if ($form->isValid()) {
+ $modelManagerFactory = $app['authbucket_oauth2.model_manager.factory'];
+ $authorizeManager = $modelManagerFactory->getModelManager('authorize');
+
+ // Update existing authorization if possible, else create new.
+ $authorize = $authorizeManager->readModelOneBy(array(
+ 'clientId' => $clientId,
+ 'username' => $username,
+ ));
+ if ($authorize === null) {
+ $class = $authorizeManager->getClassName();
+ $authorize = new $class();
+ $authorize->setClientId($clientId)
+ ->setUsername($username)
+ ->setScope((array) $scope);
+ $authorize = $authorizeManager->createModel($authorize);
+ } else {
+ $authorize->setClientId($clientId)
+ ->setUsername($username)
+ ->setScope(array_merge((array) $authorize->getScope(), $scope));
+ $authorizeManager->updateAuthorize($authorize);
+ }
+
+ // Back to this path, with original GET parameters.
+ return $app->redirect($request->getRequestUri());
+ }
+
+ // Display the form.
+ $authorizationRequest = $request->query->all();
+
+ return $app['twig']->render('demo/authorize.html.twig', array(
+ 'client_id' => $clientId,
+ 'username' => $username,
+ 'scopes' => $scope,
+ 'form' => $form->createView(),
+ 'authorization_request' => $authorizationRequest,
+ ));
+ }
public function requestCodeAction(Request $request, Application $app)
{
diff --git a/tests/TestBundle/Controller/OAuth2Controller.php b/tests/TestBundle/Controller/OAuth2Controller.php
index 11ae6702..5e7ed8ee 100644
--- a/tests/TestBundle/Controller/OAuth2Controller.php
+++ b/tests/TestBundle/Controller/OAuth2Controller.php
@@ -11,7 +11,6 @@
namespace AuthBucket\OAuth2\Tests\TestBundle\Controller;
-use AuthBucket\OAuth2\Exception\InvalidScopeException;
use Silex\Application;
use Symfony\Component\HttpFoundation\Request;
@@ -21,80 +20,4 @@ public function indexAction(Request $request, Application $app)
{
return $app['twig']->render('oauth2/index.html.twig');
}
-
- public function loginAction(Request $request, Application $app)
- {
- $session = $request->getSession();
-
- $error = $app['security.last_error']($request);
- $_username = $session->get('_username');
- $_password = $session->get('_password');
-
- return $app['twig']->render('oauth2/login.html.twig', array(
- 'error' => $error,
- '_username' => $_username,
- '_password' => $_password,
- ));
- }
-
- public function authorizeAction(Request $request, Application $app)
- {
- // We only handle non-authorized scope here.
- try {
- return $app['authbucket_oauth2.oauth2_controller']->authorizeAction($request);
- } catch (InvalidScopeException $exception) {
- $message = unserialize($exception->getMessage());
- if ($message['error_description'] !== 'The requested scope is invalid.') {
- throw $exception;
- }
- }
-
- // Fetch parameters, which already checked.
- $clientId = $request->query->get('client_id');
- $username = $app['security']->getToken()->getUser()->getUsername();
- $scope = preg_split('/\s+/', $request->query->get('scope', ''));
-
- // Create form.
- $form = $app['form.factory']->createBuilder('form')->getForm();
- $form->handleRequest($request);
-
- // Save authorized scope if submitted by POST.
- if ($form->isValid()) {
- $modelManagerFactory = $app['authbucket_oauth2.model_manager.factory'];
- $authorizeManager = $modelManagerFactory->getModelManager('authorize');
-
- // Update existing authorization if possible, else create new.
- $authorize = $authorizeManager->readModelOneBy(array(
- 'clientId' => $clientId,
- 'username' => $username,
- ));
- if ($authorize === null) {
- $class = $authorizeManager->getClassName();
- $authorize = new $class();
- $authorize->setClientId($clientId)
- ->setUsername($username)
- ->setScope((array) $scope);
- $authorize = $authorizeManager->createModel($authorize);
- } else {
- $authorize->setClientId($clientId)
- ->setUsername($username)
- ->setScope(array_merge((array) $authorize->getScope(), $scope));
- $authorizeManager->updateAuthorize($authorize);
- }
-
- // Back to this path, with original GET parameters.
- return $app->redirect($request->getRequestUri());
- }
-
- // Display the form.
- $authorizationRequest = $request->query->all();
-
- return $app['twig']->render('oauth2/authorize.html.twig', array(
- 'client_id' => $clientId,
- 'username' => $username,
- 'scopes' => $scope,
- 'form' => $form->createView(),
- 'authorization_request' => $authorizationRequest,
- ));
- }
}
diff --git a/tests/TestBundle/Resources/config/routing.php b/tests/TestBundle/Resources/config/routing.php
index 768a38ba..2ea02d5e 100644
--- a/tests/TestBundle/Resources/config/routing.php
+++ b/tests/TestBundle/Resources/config/routing.php
@@ -21,10 +21,10 @@
$app->get('/demo', 'authbucket_oauth2.tests.demo_controller:indexAction')
->bind('demo');
-$app->get('/demo/login', 'authbucket_oauth2.tests.oauth2_controller:loginAction')
+$app->get('/demo/login', 'authbucket_oauth2.tests.demo_controller:loginAction')
->bind('demo_login');
-$app->match('/demo/authorize', 'authbucket_oauth2.tests.oauth2_controller:authorizeAction')
+$app->match('/demo/authorize', 'authbucket_oauth2.tests.demo_controller:authorizeAction')
->bind('demo_authorize');
$app->get('/demo/request/code', 'authbucket_oauth2.tests.demo_controller:requestCodeAction')
diff --git a/tests/TestBundle/Resources/views/oauth2/authorize.html.twig b/tests/TestBundle/Resources/views/demo/authorize.html.twig
similarity index 100%
rename from tests/TestBundle/Resources/views/oauth2/authorize.html.twig
rename to tests/TestBundle/Resources/views/demo/authorize.html.twig
diff --git a/tests/TestBundle/Resources/views/oauth2/login.html.twig b/tests/TestBundle/Resources/views/demo/login.html.twig
similarity index 100%
rename from tests/TestBundle/Resources/views/oauth2/login.html.twig
rename to tests/TestBundle/Resources/views/demo/login.html.twig
diff --git a/tests/TestBundle/Resources/views/oauth2/index.html.twig b/tests/TestBundle/Resources/views/oauth2/index.html.twig
index 3c3c8fcf..ac0f8d1b 100644
--- a/tests/TestBundle/Resources/views/oauth2/index.html.twig
+++ b/tests/TestBundle/Resources/views/oauth2/index.html.twig
@@ -19,12 +19,12 @@
- Authorization Endpoint (/api/oauth2/authorize and /oauth2/authorize)
+ Authorization Endpoint (/api/oauth2/authorize and /demo/authorize)
The authorization endpoint is used to interact with the resource owner and obtain an authorization grant.
- Authorization endpoint (HTTP Basic Authentication and Form-based Authentication) are protected by Silex's SecurityServiceProvider in this example. Read though security.php to see how we implement it.
+ Authorization endpoint (HTTP Basic Authentication and Form-based Authentication) are protected by Silex's SecurityServiceProvider in this example. Read though security.php to see how we implement it.
Direct browser access is possible, authentication request will therefore triggered, and able to login with following testing account: