Merge c78b58b into 3c989b6

composer.json

@@ -16,18 +16,20 @@
       "homepage": "http://www.michaelgallego.fr"
     }
   ],
+  "minimum-stability": "dev",
   "require": {
-    "php": ">=5.4",
+    "php": ">=5.5",
     "zendframework/zend-servicemanager": "~2.2",
     "zendframework/zend-modulemanager": "~2.2",
     "zendframework/zend-mvc": "~2.2",
+    "zendframework/zend-http": "~2.2",
     "zendframework/zend-console": "~2.2",
     "zendframework/zend-stdlib": "~2.2",
     "doctrine/doctrine-module": "~0.9",
-    "zfr/zfr-oauth2-server": "0.7.*"
+    "zfr/zfr-oauth2-server": "dev-psr7 as 0.7.0"
   },
   "require-dev": {
-    "phpunit/phpunit": "~4.0",
+    "phpunit/phpunit": "~4.6",
     "squizlabs/php_codesniffer": "1.4.*",
     "zendframework/zend-view": "~2.2",
     "satooshi/php-coveralls": "~0.6"

config/module.config.php

@@ -16,33 +16,56 @@
  * and is licensed under the MIT license.
  */
 
+use Doctrine\ORM\Mapping\Driver\XmlDriver;
+use ZfrOAuth2\Server\AuthorizationServer;
+use ZfrOAuth2\Server\ResourceServer;
+use ZfrOAuth2\Server\Service\ClientService;
+use ZfrOAuth2\Server\Service\ScopeService;
+use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage;
+use ZfrOAuth2Module\Server\Controller\AuthorizationController;
+use ZfrOAuth2Module\Server\Controller\TokenController;
+use ZfrOAuth2Module\Server\Factory\AccessTokenServiceFactory;
+use ZfrOAuth2Module\Server\Factory\AccessTokenStorageFactory;
+use ZfrOAuth2Module\Server\Factory\AuthorizationCodeServiceFactory;
+use ZfrOAuth2Module\Server\Factory\AuthorizationControllerFactory;
+use ZfrOAuth2Module\Server\Factory\AuthorizationServerFactory;
+use ZfrOAuth2Module\Server\Factory\ClientServiceFactory;
+use ZfrOAuth2Module\Server\Factory\GrantPluginManagerFactory;
+use ZfrOAuth2Module\Server\Factory\ModuleOptionsFactory;
+use ZfrOAuth2Module\Server\Factory\RefreshTokenServiceFactory;
+use ZfrOAuth2Module\Server\Factory\ResourceServerFactory;
+use ZfrOAuth2Module\Server\Factory\ScopeServiceFactory;
+use ZfrOAuth2Module\Server\Factory\TokenControllerFactory;
+use ZfrOAuth2Module\Server\Grant\GrantPluginManager;
+use ZfrOAuth2Module\Server\Options\ModuleOptions;
+
 return [
     'service_manager' => [
         'factories' => [
             /**
              * Factories that map to a class
              */
-            'ZfrOAuth2\Server\AuthorizationServer'                             => 'ZfrOAuth2Module\Server\Factory\AuthorizationServerFactory',
-            'ZfrOAuth2\Server\ResourceServer'                                  => 'ZfrOAuth2Module\Server\Factory\ResourceServerFactory',
-            'ZfrOAuth2\Server\Service\ClientService'                           => 'ZfrOAuth2Module\Server\Factory\ClientServiceFactory',
-            'ZfrOAuth2\Server\Service\ScopeService'                            => 'ZfrOAuth2Module\Server\Factory\ScopeServiceFactory',
-            'ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage' => 'ZfrOAuth2Module\Server\Factory\AccessTokenStorageFactory',
-            'ZfrOAuth2Module\Server\Options\ModuleOptions'                     => 'ZfrOAuth2Module\Server\Factory\ModuleOptionsFactory',
-            'ZfrOAuth2Module\Server\Grant\GrantPluginManager'                  => 'ZfrOAuth2Module\Server\Factory\GrantPluginManagerFactory',
+            AuthorizationServer::class  => AuthorizationServerFactory::class,
+            ResourceServer::class       => ResourceServerFactory::class,
+            ClientService::class        => ClientServiceFactory::class,
+            ScopeService::class         => ScopeServiceFactory::class,
+            AccessTokenStorage::class   => AccessTokenStorageFactory::class,
+            ModuleOptions::class        => ModuleOptionsFactory::class,
+            GrantPluginManager::class   => GrantPluginManagerFactory::class,
 
             /**
              * Factories that do not map to a class
              */
-            'ZfrOAuth2\Server\Service\AuthorizationCodeService' => 'ZfrOAuth2Module\Server\Factory\AuthorizationCodeServiceFactory',
-            'ZfrOAuth2\Server\Service\AccessTokenService'       => 'ZfrOAuth2Module\Server\Factory\AccessTokenServiceFactory',
-            'ZfrOAuth2\Server\Service\RefreshTokenService'      => 'ZfrOAuth2Module\Server\Factory\RefreshTokenServiceFactory',
+            'ZfrOAuth2\Server\Service\AuthorizationCodeService' => AuthorizationCodeServiceFactory::class,
+            'ZfrOAuth2\Server\Service\AccessTokenService'       => AccessTokenServiceFactory::class,
+            'ZfrOAuth2\Server\Service\RefreshTokenService'      => RefreshTokenServiceFactory::class,
         ]
     ],
 
     'doctrine' => [
         'driver' => [
             'zfr_oauth2_driver' => [
-                'class' => 'Doctrine\ORM\Mapping\Driver\XmlDriver',
+                'class' => XmlDriver::class,
                 'paths' => __DIR__ . '/../../zfr-oauth2-server/config/doctrine',
             ],
             'orm_default' => [
@@ -85,7 +108,7 @@
                         'options' => [
                             'route'    => '/authorize',
                             'defaults' => [
-                                'controller' => 'ZfrOAuth2Module\Server\Controller\AuthorizationController',
+                                'controller' => AuthorizationController::class,
                                 'action'     => 'authorize'
                             ]
                         ]
@@ -96,7 +119,7 @@
                         'options' => [
                             'route'    => '/token',
                             'defaults' => [
-                                'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController',
+                                'controller' => TokenController::class,
                                 'action'     => 'token'
                             ]
                         ]
@@ -107,7 +130,7 @@
                         'options' => [
                             'route'    => '/revoke',
                             'defaults' => [
-                                'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController',
+                                'controller' => TokenController::class,
                                 'action'     => 'revoke'
                             ]
                         ]
@@ -125,7 +148,7 @@
                     'options' => [
                         'route'    => 'oauth2 server delete expired tokens',
                         'defaults' => [
-                            'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController',
+                            'controller' => TokenController::class,
                             'action'     => 'delete-expired-tokens'
                         ]
                     ]
@@ -136,8 +159,8 @@
 
     'controllers' => [
         'factories' => [
-            'ZfrOAuth2Module\Server\Controller\AuthorizationController' => 'ZfrOAuth2Module\Server\Factory\AuthorizationControllerFactory',
-            'ZfrOAuth2Module\Server\Controller\TokenController'         => 'ZfrOAuth2Module\Server\Factory\TokenControllerFactory'
+            AuthorizationController::class => AuthorizationControllerFactory::class,
+            TokenController::class         => TokenControllerFactory::class
         ]
     ],
 

src/ZfrOAuth2Module/Server/Controller/TokenController.php

@@ -18,8 +18,11 @@
 
 namespace ZfrOAuth2Module\Server\Controller;
 
+use Psr\Http\Message\ResponseInterface;
 use Zend\Console\Request as ConsoleRequest;
+use Zend\Diactoros\ServerRequestFactory;
 use Zend\Http\Request as HttpRequest;
+use Zend\Http\Response as HttpResponse;
 use Zend\Mvc\Controller\AbstractActionController;
 use ZfrOAuth2\Server\AuthorizationServer;
 use ZfrOAuth2Module\Server\Exception\RuntimeException;
@@ -55,7 +58,13 @@ public function tokenAction()
             return null;
         }
 
-        return $this->authorizationServer->handleTokenRequest($this->request);
+        // Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from
+        // globals, and then convert the response back to ZF2 format
+
+        $request  = ServerRequestFactory::fromGlobals();
+        $response = $this->authorizationServer->handleTokenRequest($request);
+
+        return $this->convertToZfResponse($response);
     }
 
     /**
@@ -70,7 +79,13 @@ public function revokeAction()
             return null;
         }
 
-        return $this->authorizationServer->handleRevocationRequest($this->request);
+        // Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from
+        // globals, and then convert the response back to ZF2 format
+
+        $request  = ServerRequestFactory::fromGlobals();
+        $response = $this->authorizationServer->handleRevocationRequest($request);
+
+        return $this->convertToZfResponse($response);
     }
 
     /**
@@ -99,4 +114,25 @@ public function deleteExpiredTokensAction()
 
         return "\nExpired tokens were properly deleted!\n\n";
     }
+
+    /**
+     * Convert a PSR-7 response to ZF2 response
+     *
+     * @param  ResponseInterface $response
+     * @return HttpResponse
+     */
+    private function convertToZfResponse(ResponseInterface $response)
+    {
+        $zfResponse = new HttpResponse();
+
+        $zfResponse->setStatusCode($response->getStatusCode());
+        $zfResponse->setReasonPhrase($response->getReasonPhrase());
+        $zfResponse->setContent((string) $response->getBody());
+
+        foreach ($response->getHeaders() as $name => $values) {
+            $zfResponse->getHeaders()->addHeaderLine($name, implode(", ", $values));
+        }
+
+        return $zfResponse;
+    }
 }

tests/ZfrOAuth2ModuleTest/Server/Authentication/AuthenticationFunctionalTest.php

@@ -21,8 +21,13 @@
 use PHPUnit_Framework_TestCase;
 use Zend\Authentication\AuthenticationService;
 use Zend\Http\Request as HttpRequest;
+use Zend\Mvc\Application;
+use Zend\Mvc\MvcEvent;
+use Zend\Stdlib\RequestInterface;
 use ZfrOAuth2\Server\Entity\AccessToken;
+use ZfrOAuth2\Server\Entity\TokenOwnerInterface;
 use ZfrOAuth2\Server\Exception\OAuth2Exception;
+use ZfrOAuth2\Server\ResourceServer;
 use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage;
 
 /**
@@ -58,9 +63,9 @@ class AuthenticationFunctionalTest extends PHPUnit_Framework_TestCase
      */
     protected function setUp()
     {
-        $this->mvcEvent              = $this->getMock('Zend\Mvc\MvcEvent');
-        $application                 = $this->getMock('Zend\Mvc\Application', [], [], '', false);
-        $this->resourceServer        = $this->getMock('ZfrOAuth2\Server\ResourceServer', [], [], '', false);
+        $this->mvcEvent              = $this->getMock(MvcEvent::class);
+        $application                 = $this->getMock(Application::class, [], [], '', false);
+        $this->resourceServer        = $this->getMock(ResourceServer::class, [], [], '', false);
         $this->authenticationStorage = new AccessTokenStorage($this->resourceServer, $application);
         $this->authenticationService = new AuthenticationService($this->authenticationStorage);
 
@@ -74,7 +79,7 @@ public function testSuccessAuthenticationOnValidToken()
         $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request));
 
         $token = new AccessToken();
-        $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface');
+        $owner = $this->getMock(TokenOwnerInterface::class);
         $token->setOwner($owner);
 
         $this
@@ -96,7 +101,7 @@ public function testFailAuthenticationOnNoToken()
         $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request));
 
         $token = new AccessToken();
-        $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface');
+        $owner = $this->getMock(TokenOwnerInterface::class);
         $token->setOwner($owner);
 
         $this
@@ -117,7 +122,7 @@ public function testFailAuthenticationOnExpiredToken()
         $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request));
 
         $token = new AccessToken();
-        $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface');
+        $owner = $this->getMock(TokenOwnerInterface::class);
         $token->setOwner($owner);
 
         $this
@@ -127,7 +132,7 @@ public function testFailAuthenticationOnExpiredToken()
             ->with($request)
             ->will($this->throwException(new OAuth2Exception('Expired token', 123)));
 
-        $this->setExpectedException('ZfrOAuth2\Server\Exception\OAuth2Exception', 'Expired token', 123);
+        $this->setExpectedException(OAuth2Exception::class, 'Expired token', 123);
 
         $this->authenticationService->getIdentity();
     }
@@ -142,7 +147,7 @@ public function testFailAuthenticationOnNoRequest()
 
     public function testFailAuthenticationOnNonHttpRequest()
     {
-        $request = $this->getMock('Zend\Stdlib\RequestInterface');
+        $request = $this->getMock(RequestInterface::class);
 
         $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request));
 

tests/ZfrOAuth2ModuleTest/Server/Authentication/Storage/AccessTokenStorageTest.php

@@ -19,8 +19,11 @@
 namespace ZfrOAuth2ModuleTest\Server\Authentication\Storage;
 
 use Zend\Http\Request as HttpRequest;
+use Zend\Mvc\Application;
 use Zend\Mvc\MvcEvent;
 use ZfrOAuth2\Server\Entity\AccessToken;
+use ZfrOAuth2\Server\Entity\TokenOwnerInterface;
+use ZfrOAuth2\Server\ResourceServer;
 use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage;
 
 /**
@@ -51,9 +54,9 @@ class AccessTokenStorageTest extends \PHPUnit_Framework_TestCase
      */
     protected function setUp()
     {
-        $application          = $this->getMock('Zend\Mvc\Application', [], [], '', false);
+        $application          = $this->getMock(Application::class, [], [], '', false);
         $mvcEvent             = new MvcEvent();
-        $this->resourceServer = $this->getMock('ZfrOAuth2\Server\ResourceServer', [], [], '', false);
+        $this->resourceServer = $this->getMock(ResourceServer::class, [], [], '', false);
         $this->request        = new HttpRequest();
         $this->storage        = new AccessTokenStorage($this->resourceServer, $application);
 
@@ -76,7 +79,7 @@ public function testIsConsideredAsEmptyIfNoAccessToken()
     public function testReadOwnerFromAccessToken()
     {
         $token = new AccessToken();
-        $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface');
+        $owner = $this->getMock(TokenOwnerInterface::class);
 
         $token->setOwner($owner);
 

tests/ZfrOAuth2ModuleTest/Server/Controller/TokenControllerTest.php

@@ -20,6 +20,8 @@
 
 use Zend\Http\Request as HttpRequest;
 use Zend\Http\Response as HttpResponse;
+use Zend\Stdlib\RequestInterface;
+use ZfrOAuth2\Server\AuthorizationServer;
 use ZfrOAuth2Module\Server\Controller\TokenController;
 
 /**
@@ -32,10 +34,10 @@ class TokenControllerTest extends \PHPUnit_Framework_TestCase
 {
     public function testDoNothingIfNotHttpRequest()
     {
-        $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false);
+        $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false);
         $controller          = new TokenController($authorizationServer);
 
-        $request = $this->getMock('Zend\Stdlib\RequestInterface');
+        $request = $this->getMock(RequestInterface::class);
 
         $reflProperty = new \ReflectionProperty($controller, 'request');
         $reflProperty->setAccessible(true);
@@ -48,7 +50,7 @@ public function testDoNothingIfNotHttpRequest()
 
     public function testDelegateToAuthorizationServerIfHttpRequest()
     {
-        $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false);
+        $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false);
         $controller          = new TokenController($authorizationServer);
 
         $request  = new HttpRequest();
@@ -68,7 +70,7 @@ public function testDelegateToAuthorizationServerIfHttpRequest()
 
     public function testCanRevokeToken()
     {
-        $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false);
+        $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false);
         $controller          = new TokenController($authorizationServer);
 
         $request  = new HttpRequest();

tests/ZfrOAuth2ModuleTest/Server/Options/ModuleOptionsTest.php

@@ -18,6 +18,7 @@
 
 namespace ZfrOAuth2ModuleTest\Server\Options;
 
+use ZfrOAuth2\Server\Grant\ClientCredentialsGrant;
 use ZfrOAuth2Module\Server\Options\ModuleOptions;
 
 /**
@@ -38,14 +39,14 @@ public function testSettersAndGetters()
             'access_token_ttl'       => 3000,
             'refresh_token_ttl'      => 30000,
             'owner_callable'         => $callable,
-            'grants'                 => ['ZfrOAuth2\Server\Grant\ClientCredentialsGrant']
+            'grants'                 => [ClientCredentialsGrant::class]
         ]);
 
         $this->assertEquals('my_object_manager', $options->getObjectManager());
         $this->assertEquals(300, $options->getAuthorizationCodeTtl());
         $this->assertEquals(3000, $options->getAccessTokenTtl());
         $this->assertEquals(30000, $options->getRefreshTokenTtl());
         $this->assertSame($callable, $options->getOwnerCallable());
-        $this->assertEquals(['ZfrOAuth2\Server\Grant\ClientCredentialsGrant'], $options->getGrants());
+        $this->assertEquals([ClientCredentialsGrant::class], $options->getGrants());
     }
 }