New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[stable13] Improve OAuth #9540

Merged
merged 8 commits into from May 23, 2018

Conversation

Projects
None yet
3 participants
@rullzer
Member

rullzer commented May 22, 2018

Backport of:

Allow the rotation of tokens
This for example will allow rotating the apptoken for oauth

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@codecov

This comment has been minimized.

codecov bot commented May 22, 2018

Codecov Report

Merging #9540 into stable13 will increase coverage by 0.01%.
The diff coverage is 62.9%.

@@              Coverage Diff              @@
##             stable13   #9540      +/-   ##
=============================================
+ Coverage       51.38%   51.4%   +0.01%     
- Complexity      25052   25081      +29     
=============================================
  Files            1609    1612       +3     
  Lines           95350   95457     +107     
  Branches         1376    1376              
=============================================
+ Hits            48999   49066      +67     
- Misses          46351   46391      +40
Impacted Files Coverage Δ Complexity Δ
apps/oauth2/composer/composer/autoload_static.php 0% <ø> (ø) 1 <0> (ø) ⬇️
core/Migrations/Version13000Date20180516101403.php 0% <0%> (ø) 2 <2> (?)
version.php 0% <0%> (ø) 0 <0> (ø) ⬇️
...pps/oauth2/composer/composer/autoload_classmap.php 0% <0%> (ø) 0 <0> (ø) ⬇️
apps/oauth2/lib/Migration/SetTokenExpiration.php 0% <0%> (ø) 5 <5> (?)
...vate/Authentication/Token/DefaultTokenProvider.php 98.03% <100%> (+3.65%) 32 <2> (+6) ⬆️
...uthentication/Exceptions/ExpiredTokenException.php 100% <100%> (ø) 2 <2> (?)
lib/private/Authentication/Token/DefaultToken.php 89.58% <100%> (+2.74%) 17 <4> (+4) ⬆️
core/Controller/ClientFlowLoginController.php 79.35% <100%> (ø) 25 <0> (ø) ⬇️
...rivate/Authentication/Token/DefaultTokenMapper.php 100% <100%> (ø) 11 <0> (ø) ⬇️
... and 7 more

rullzer added some commits May 16, 2018

Certain tokens can expire
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Set OAuth token expiration
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fail if the response type is not properly set
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Authenticate the clients on requesting a token
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Rotate token
On a refresh token request:
* rorate
* reset expire

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Don't use special chars to avoid confusion
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@ChristophWurst

LGTM 👍

@@ -6,8 +6,14 @@
class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
{
public static $firstCharsPsr4 = array (
'O' => true,
public static $prefixLengthsPsr4 = array (

This comment has been minimized.

@ChristophWurst

ChristophWurst May 23, 2018

Member

why was this changed?

This comment has been minimized.

@rullzer

rullzer May 23, 2018

Member

Because I had to rerun the autoload dump. And I guess there is a new composer version ;)

@MorrisJobke

Works 👍

@MorrisJobke MorrisJobke merged commit 2f059d1 into stable13 May 23, 2018

3 checks passed

codecov/patch 62.9% of diff hit (target 51.38%)
Details
codecov/project 51.4% (+0.01%) compared to 41cd607
Details
continuous-integration/drone/pr the build was successful
Details

@MorrisJobke MorrisJobke deleted the backport/9517/stable13 branch May 23, 2018

@MorrisJobke MorrisJobke referenced this pull request May 31, 2018

Merged

13.0.3 RC 1 #9700

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment