Merge branch 'hotfix/3.1.1'

digiaonline · Jun 5, 2017 · 7af0c67 · 7af0c67
2 parents 665f372 + a8789e6
commit 7af0c67
Show file tree

Hide file tree

Showing 9 changed files with 203 additions and 63 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -26,6 +26,14 @@ Don't forget to update the links at the bottom of the CHANGELOG.
 ### Security
 - To invite users to upgrade in case of vulnerabilities.
 
+## [3.1.1] - 2017-06-05
+### Added
+- Validate access token to OAuth2Service function calls.
+- ODM module to suggestions.
+
+### Fixed
+- Tests.
+
 ## [3.1.0] - 2017-06-02
 ### Added
 - Support for Authorization Code grant type.
@@ -107,7 +115,8 @@ Don't forget to update the links at the bottom of the CHANGELOG.
 - Project files.
 - Support for eloquent.
 
-[Unreleased]: https://github.com/nordsoftware/lumen-oauth2/compare/3.1.0...HEAD
+[Unreleased]: https://github.com/nordsoftware/lumen-oauth2/compare/3.1.1...HEAD
+[3.1.1]: https://github.com/nordsoftware/lumen-oauth2/compare/3.1.0...3.1.1
 [3.1.0]: https://github.com/nordsoftware/lumen-oauth2/compare/3.0.0...3.1.0
 [3.0.0]: https://github.com/nordsoftware/lumen-oauth2/compare/2.0.0...3.0.0
 [2.0.0]: https://github.com/nordsoftware/lumen-oauth2/compare/1.4.0...2.0.0

diff --git a/composer.json b/composer.json
@@ -32,7 +32,8 @@
   },
   "suggest": {
     "nordsoftware/lumen-oauth2-eloquent": "Eloquent storage connector",
-    "nordsoftware/lumen-oauth2-doctrine": "Doctrine storage connector"
+    "nordsoftware/lumen-oauth2-doctrine": "Doctrine storage connector",
+    "nordsoftware/lumen-oauth2-doctrine-odm": "Doctrine MongoDB storage connector"
   },
   "autoload": {
     "psr-4": {

diff --git a/src/OAuth2Service.php b/src/OAuth2Service.php
@@ -73,6 +73,9 @@ public function getResourceOwnerId()
      */
     public function getResourceOwnerType()
     {
+        // TODO: Calling validateAccessToken is kind of a hack, but it is necessary in order to load the access token.
+        $this->validateAccessToken();
+
         return $this->resourceServer->getAccessToken()->getSession()->getOwnerType();
     }
 
@@ -82,6 +85,9 @@ public function getResourceOwnerType()
      */
     public function getClientId()
     {
+        // TODO: Calling validateAccessToken is kind of a hack, but it is necessary in order to load the access token.
+        $this->validateAccessToken();
+
         return $this->resourceServer->getAccessToken()->getSession()->getClient()->getId();
     }
 

diff --git a/tests/_support/Mock/MockAuthCode.php b/tests/_support/Mock/MockAuthCode.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace Nord\Lumen\OAuth2\Tests;
+
+class MockAuthCode
+{
+    /**
+     * @var string
+     */
+    public static $code = 'tb89gB5f-4_1JqM';
+
+    /**
+     * @var string
+     */
+    public static $tokenType = 'Bearer';
+
+    /**
+     * @var int
+     */
+    public static $expiresIn = 3600;
+
+    /**
+     * @var string
+     */
+    public static $refreshToken = 'tGzv3JOkF0XG5Qx2TlKWIA';
+
+    /**
+     * @return array
+     */
+    public static function toArray()
+    {
+        return [
+            'code'  => self::$code,
+            'token_type'    => self::$tokenType,
+            'expires_in'    => self::$expiresIn,
+            'refresh_token' => self::$refreshToken
+        ];
+    }
+}
diff --git a/tests/_support/Mock/MockStorageServiceProvider.php b/tests/_support/Mock/MockStorageServiceProvider.php
@@ -5,6 +5,7 @@
 use Illuminate\Contracts\Container\Container;
 use Illuminate\Support\ServiceProvider;
 use League\OAuth2\Server\Storage\AccessTokenInterface;
+use League\OAuth2\Server\Storage\AuthCodeInterface;
 use League\OAuth2\Server\Storage\ClientInterface;
 use League\OAuth2\Server\Storage\RefreshTokenInterface;
 use League\OAuth2\Server\Storage\ScopeInterface;
@@ -33,6 +34,10 @@ protected function registerContainerBindings(Container $container)
             return new MockClientStorage;
         });
 
+        $container->bind(MockAuthCodeStorage::class, function () {
+            return new MockAuthCodeStorage();
+        });
+
         $container->bind(MockRefreshTokenStorage::class, function () {
             return new MockRefreshTokenStorage;
         });
@@ -46,6 +51,7 @@ protected function registerContainerBindings(Container $container)
         });
 
         $container->bind(AccessTokenInterface::class, MockAccessTokenStorage::class);
+        $container->bind(AuthCodeInterface::class, MockAuthCodeStorage::class);
         $container->bind(ClientInterface::class, MockClientStorage::class);
         $container->bind(RefreshTokenInterface::class, MockRefreshTokenStorage::class);
         $container->bind(ScopeInterface::class, MockScopeStorage::class);

diff --git a/tests/_support/Mock/Storages/MockAuthCodeStorage.php b/tests/_support/Mock/Storages/MockAuthCodeStorage.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace Nord\Lumen\OAuth2\Tests;
+
+use League\OAuth2\Server\Entity\AuthCodeEntity;
+use League\OAuth2\Server\Entity\ScopeEntity;
+use League\OAuth2\Server\Storage\AuthCodeInterface;
+
+class MockAuthCodeStorage extends MockStorage implements AuthCodeInterface
+{
+    /**
+     * @inheritdoc
+     */
+    public function get($token)
+    {
+        $entity = new AuthCodeEntity($this->server);
+
+        $entity->setId('tb89gB5f-4_1JqM');
+        $entity->setExpireTime(time() + 24*60*60); // NOW + 24h
+
+        return $entity;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getScopes(AuthCodeEntity $token)
+    {
+        throw new \Exception('Not implemented');
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function create($token, $expireTime, $sessionId, $redirectUri)
+    {
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function associateScope(AuthCodeEntity $token, ScopeEntity $scope)
+    {
+        throw new \Exception('Not implemented');
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function delete(AuthCodeEntity $token)
+    {
+    }
+}