diff --git a/composer.json b/composer.json index bd8a10f..5e95545 100644 --- a/composer.json +++ b/composer.json @@ -16,18 +16,20 @@ "homepage": "http://www.michaelgallego.fr" } ], + "minimum-stability": "dev", "require": { - "php": ">=5.4", + "php": ">=5.5", "zendframework/zend-servicemanager": "~2.2", "zendframework/zend-modulemanager": "~2.2", "zendframework/zend-mvc": "~2.2", + "zendframework/zend-http": "~2.2", "zendframework/zend-console": "~2.2", "zendframework/zend-stdlib": "~2.2", "doctrine/doctrine-module": "~0.9", - "zfr/zfr-oauth2-server": "0.7.*" + "zfr/zfr-oauth2-server": "dev-psr7 as 0.7.0" }, "require-dev": { - "phpunit/phpunit": "~4.0", + "phpunit/phpunit": "~4.6", "squizlabs/php_codesniffer": "1.4.*", "zendframework/zend-view": "~2.2", "satooshi/php-coveralls": "~0.6" diff --git a/config/module.config.php b/config/module.config.php index 37abb8b..ee860fe 100644 --- a/config/module.config.php +++ b/config/module.config.php @@ -16,33 +16,56 @@ * and is licensed under the MIT license. */ +use Doctrine\ORM\Mapping\Driver\XmlDriver; +use ZfrOAuth2\Server\AuthorizationServer; +use ZfrOAuth2\Server\ResourceServer; +use ZfrOAuth2\Server\Service\ClientService; +use ZfrOAuth2\Server\Service\ScopeService; +use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage; +use ZfrOAuth2Module\Server\Controller\AuthorizationController; +use ZfrOAuth2Module\Server\Controller\TokenController; +use ZfrOAuth2Module\Server\Factory\AccessTokenServiceFactory; +use ZfrOAuth2Module\Server\Factory\AccessTokenStorageFactory; +use ZfrOAuth2Module\Server\Factory\AuthorizationCodeServiceFactory; +use ZfrOAuth2Module\Server\Factory\AuthorizationControllerFactory; +use ZfrOAuth2Module\Server\Factory\AuthorizationServerFactory; +use ZfrOAuth2Module\Server\Factory\ClientServiceFactory; +use ZfrOAuth2Module\Server\Factory\GrantPluginManagerFactory; +use ZfrOAuth2Module\Server\Factory\ModuleOptionsFactory; +use ZfrOAuth2Module\Server\Factory\RefreshTokenServiceFactory; +use ZfrOAuth2Module\Server\Factory\ResourceServerFactory; +use ZfrOAuth2Module\Server\Factory\ScopeServiceFactory; +use ZfrOAuth2Module\Server\Factory\TokenControllerFactory; +use ZfrOAuth2Module\Server\Grant\GrantPluginManager; +use ZfrOAuth2Module\Server\Options\ModuleOptions; + return [ 'service_manager' => [ 'factories' => [ /** * Factories that map to a class */ - 'ZfrOAuth2\Server\AuthorizationServer' => 'ZfrOAuth2Module\Server\Factory\AuthorizationServerFactory', - 'ZfrOAuth2\Server\ResourceServer' => 'ZfrOAuth2Module\Server\Factory\ResourceServerFactory', - 'ZfrOAuth2\Server\Service\ClientService' => 'ZfrOAuth2Module\Server\Factory\ClientServiceFactory', - 'ZfrOAuth2\Server\Service\ScopeService' => 'ZfrOAuth2Module\Server\Factory\ScopeServiceFactory', - 'ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage' => 'ZfrOAuth2Module\Server\Factory\AccessTokenStorageFactory', - 'ZfrOAuth2Module\Server\Options\ModuleOptions' => 'ZfrOAuth2Module\Server\Factory\ModuleOptionsFactory', - 'ZfrOAuth2Module\Server\Grant\GrantPluginManager' => 'ZfrOAuth2Module\Server\Factory\GrantPluginManagerFactory', + AuthorizationServer::class => AuthorizationServerFactory::class, + ResourceServer::class => ResourceServerFactory::class, + ClientService::class => ClientServiceFactory::class, + ScopeService::class => ScopeServiceFactory::class, + AccessTokenStorage::class => AccessTokenStorageFactory::class, + ModuleOptions::class => ModuleOptionsFactory::class, + GrantPluginManager::class => GrantPluginManagerFactory::class, /** * Factories that do not map to a class */ - 'ZfrOAuth2\Server\Service\AuthorizationCodeService' => 'ZfrOAuth2Module\Server\Factory\AuthorizationCodeServiceFactory', - 'ZfrOAuth2\Server\Service\AccessTokenService' => 'ZfrOAuth2Module\Server\Factory\AccessTokenServiceFactory', - 'ZfrOAuth2\Server\Service\RefreshTokenService' => 'ZfrOAuth2Module\Server\Factory\RefreshTokenServiceFactory', + 'ZfrOAuth2\Server\Service\AuthorizationCodeService' => AuthorizationCodeServiceFactory::class, + 'ZfrOAuth2\Server\Service\AccessTokenService' => AccessTokenServiceFactory::class, + 'ZfrOAuth2\Server\Service\RefreshTokenService' => RefreshTokenServiceFactory::class, ] ], 'doctrine' => [ 'driver' => [ 'zfr_oauth2_driver' => [ - 'class' => 'Doctrine\ORM\Mapping\Driver\XmlDriver', + 'class' => XmlDriver::class, 'paths' => __DIR__ . '/../../zfr-oauth2-server/config/doctrine', ], 'orm_default' => [ @@ -85,7 +108,7 @@ 'options' => [ 'route' => '/authorize', 'defaults' => [ - 'controller' => 'ZfrOAuth2Module\Server\Controller\AuthorizationController', + 'controller' => AuthorizationController::class, 'action' => 'authorize' ] ] @@ -96,7 +119,7 @@ 'options' => [ 'route' => '/token', 'defaults' => [ - 'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController', + 'controller' => TokenController::class, 'action' => 'token' ] ] @@ -107,7 +130,7 @@ 'options' => [ 'route' => '/revoke', 'defaults' => [ - 'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController', + 'controller' => TokenController::class, 'action' => 'revoke' ] ] @@ -125,7 +148,7 @@ 'options' => [ 'route' => 'oauth2 server delete expired tokens', 'defaults' => [ - 'controller' => 'ZfrOAuth2Module\Server\Controller\TokenController', + 'controller' => TokenController::class, 'action' => 'delete-expired-tokens' ] ] @@ -136,8 +159,8 @@ 'controllers' => [ 'factories' => [ - 'ZfrOAuth2Module\Server\Controller\AuthorizationController' => 'ZfrOAuth2Module\Server\Factory\AuthorizationControllerFactory', - 'ZfrOAuth2Module\Server\Controller\TokenController' => 'ZfrOAuth2Module\Server\Factory\TokenControllerFactory' + AuthorizationController::class => AuthorizationControllerFactory::class, + TokenController::class => TokenControllerFactory::class ] ], diff --git a/src/ZfrOAuth2Module/Server/Controller/TokenController.php b/src/ZfrOAuth2Module/Server/Controller/TokenController.php index 9944d45..c570141 100644 --- a/src/ZfrOAuth2Module/Server/Controller/TokenController.php +++ b/src/ZfrOAuth2Module/Server/Controller/TokenController.php @@ -18,8 +18,11 @@ namespace ZfrOAuth2Module\Server\Controller; +use Psr\Http\Message\ResponseInterface; use Zend\Console\Request as ConsoleRequest; +use Zend\Diactoros\ServerRequestFactory; use Zend\Http\Request as HttpRequest; +use Zend\Http\Response as HttpResponse; use Zend\Mvc\Controller\AbstractActionController; use ZfrOAuth2\Server\AuthorizationServer; use ZfrOAuth2Module\Server\Exception\RuntimeException; @@ -55,7 +58,13 @@ public function tokenAction() return null; } - return $this->authorizationServer->handleTokenRequest($this->request); + // Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from + // globals, and then convert the response back to ZF2 format + + $request = ServerRequestFactory::fromGlobals(); + $response = $this->authorizationServer->handleTokenRequest($request); + + return $this->convertToZfResponse($response); } /** @@ -70,7 +79,13 @@ public function revokeAction() return null; } - return $this->authorizationServer->handleRevocationRequest($this->request); + // Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from + // globals, and then convert the response back to ZF2 format + + $request = ServerRequestFactory::fromGlobals(); + $response = $this->authorizationServer->handleRevocationRequest($request); + + return $this->convertToZfResponse($response); } /** @@ -99,4 +114,25 @@ public function deleteExpiredTokensAction() return "\nExpired tokens were properly deleted!\n\n"; } + + /** + * Convert a PSR-7 response to ZF2 response + * + * @param ResponseInterface $response + * @return HttpResponse + */ + private function convertToZfResponse(ResponseInterface $response) + { + $zfResponse = new HttpResponse(); + + $zfResponse->setStatusCode($response->getStatusCode()); + $zfResponse->setReasonPhrase($response->getReasonPhrase()); + $zfResponse->setContent((string) $response->getBody()); + + foreach ($response->getHeaders() as $name => $values) { + $zfResponse->getHeaders()->addHeaderLine($name, implode(", ", $values)); + } + + return $zfResponse; + } } diff --git a/tests/ZfrOAuth2ModuleTest/Server/Authentication/AuthenticationFunctionalTest.php b/tests/ZfrOAuth2ModuleTest/Server/Authentication/AuthenticationFunctionalTest.php index cd7d59b..8671766 100644 --- a/tests/ZfrOAuth2ModuleTest/Server/Authentication/AuthenticationFunctionalTest.php +++ b/tests/ZfrOAuth2ModuleTest/Server/Authentication/AuthenticationFunctionalTest.php @@ -21,8 +21,13 @@ use PHPUnit_Framework_TestCase; use Zend\Authentication\AuthenticationService; use Zend\Http\Request as HttpRequest; +use Zend\Mvc\Application; +use Zend\Mvc\MvcEvent; +use Zend\Stdlib\RequestInterface; use ZfrOAuth2\Server\Entity\AccessToken; +use ZfrOAuth2\Server\Entity\TokenOwnerInterface; use ZfrOAuth2\Server\Exception\OAuth2Exception; +use ZfrOAuth2\Server\ResourceServer; use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage; /** @@ -58,9 +63,9 @@ class AuthenticationFunctionalTest extends PHPUnit_Framework_TestCase */ protected function setUp() { - $this->mvcEvent = $this->getMock('Zend\Mvc\MvcEvent'); - $application = $this->getMock('Zend\Mvc\Application', [], [], '', false); - $this->resourceServer = $this->getMock('ZfrOAuth2\Server\ResourceServer', [], [], '', false); + $this->mvcEvent = $this->getMock(MvcEvent::class); + $application = $this->getMock(Application::class, [], [], '', false); + $this->resourceServer = $this->getMock(ResourceServer::class, [], [], '', false); $this->authenticationStorage = new AccessTokenStorage($this->resourceServer, $application); $this->authenticationService = new AuthenticationService($this->authenticationStorage); @@ -74,7 +79,7 @@ public function testSuccessAuthenticationOnValidToken() $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request)); $token = new AccessToken(); - $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface'); + $owner = $this->getMock(TokenOwnerInterface::class); $token->setOwner($owner); $this @@ -96,7 +101,7 @@ public function testFailAuthenticationOnNoToken() $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request)); $token = new AccessToken(); - $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface'); + $owner = $this->getMock(TokenOwnerInterface::class); $token->setOwner($owner); $this @@ -117,7 +122,7 @@ public function testFailAuthenticationOnExpiredToken() $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request)); $token = new AccessToken(); - $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface'); + $owner = $this->getMock(TokenOwnerInterface::class); $token->setOwner($owner); $this @@ -127,7 +132,7 @@ public function testFailAuthenticationOnExpiredToken() ->with($request) ->will($this->throwException(new OAuth2Exception('Expired token', 123))); - $this->setExpectedException('ZfrOAuth2\Server\Exception\OAuth2Exception', 'Expired token', 123); + $this->setExpectedException(OAuth2Exception::class, 'Expired token', 123); $this->authenticationService->getIdentity(); } @@ -142,7 +147,7 @@ public function testFailAuthenticationOnNoRequest() public function testFailAuthenticationOnNonHttpRequest() { - $request = $this->getMock('Zend\Stdlib\RequestInterface'); + $request = $this->getMock(RequestInterface::class); $this->mvcEvent->expects($this->any())->method('getRequest')->will($this->returnValue($request)); diff --git a/tests/ZfrOAuth2ModuleTest/Server/Authentication/Storage/AccessTokenStorageTest.php b/tests/ZfrOAuth2ModuleTest/Server/Authentication/Storage/AccessTokenStorageTest.php index 4b670f5..5b79830 100644 --- a/tests/ZfrOAuth2ModuleTest/Server/Authentication/Storage/AccessTokenStorageTest.php +++ b/tests/ZfrOAuth2ModuleTest/Server/Authentication/Storage/AccessTokenStorageTest.php @@ -19,8 +19,11 @@ namespace ZfrOAuth2ModuleTest\Server\Authentication\Storage; use Zend\Http\Request as HttpRequest; +use Zend\Mvc\Application; use Zend\Mvc\MvcEvent; use ZfrOAuth2\Server\Entity\AccessToken; +use ZfrOAuth2\Server\Entity\TokenOwnerInterface; +use ZfrOAuth2\Server\ResourceServer; use ZfrOAuth2Module\Server\Authentication\Storage\AccessTokenStorage; /** @@ -51,9 +54,9 @@ class AccessTokenStorageTest extends \PHPUnit_Framework_TestCase */ protected function setUp() { - $application = $this->getMock('Zend\Mvc\Application', [], [], '', false); + $application = $this->getMock(Application::class, [], [], '', false); $mvcEvent = new MvcEvent(); - $this->resourceServer = $this->getMock('ZfrOAuth2\Server\ResourceServer', [], [], '', false); + $this->resourceServer = $this->getMock(ResourceServer::class, [], [], '', false); $this->request = new HttpRequest(); $this->storage = new AccessTokenStorage($this->resourceServer, $application); @@ -76,7 +79,7 @@ public function testIsConsideredAsEmptyIfNoAccessToken() public function testReadOwnerFromAccessToken() { $token = new AccessToken(); - $owner = $this->getMock('ZfrOAuth2\Server\Entity\TokenOwnerInterface'); + $owner = $this->getMock(TokenOwnerInterface::class); $token->setOwner($owner); diff --git a/tests/ZfrOAuth2ModuleTest/Server/Controller/TokenControllerTest.php b/tests/ZfrOAuth2ModuleTest/Server/Controller/TokenControllerTest.php index 46b5d44..641cd85 100644 --- a/tests/ZfrOAuth2ModuleTest/Server/Controller/TokenControllerTest.php +++ b/tests/ZfrOAuth2ModuleTest/Server/Controller/TokenControllerTest.php @@ -20,6 +20,8 @@ use Zend\Http\Request as HttpRequest; use Zend\Http\Response as HttpResponse; +use Zend\Stdlib\RequestInterface; +use ZfrOAuth2\Server\AuthorizationServer; use ZfrOAuth2Module\Server\Controller\TokenController; /** @@ -32,10 +34,10 @@ class TokenControllerTest extends \PHPUnit_Framework_TestCase { public function testDoNothingIfNotHttpRequest() { - $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false); + $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false); $controller = new TokenController($authorizationServer); - $request = $this->getMock('Zend\Stdlib\RequestInterface'); + $request = $this->getMock(RequestInterface::class); $reflProperty = new \ReflectionProperty($controller, 'request'); $reflProperty->setAccessible(true); @@ -48,7 +50,7 @@ public function testDoNothingIfNotHttpRequest() public function testDelegateToAuthorizationServerIfHttpRequest() { - $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false); + $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false); $controller = new TokenController($authorizationServer); $request = new HttpRequest(); @@ -68,7 +70,7 @@ public function testDelegateToAuthorizationServerIfHttpRequest() public function testCanRevokeToken() { - $authorizationServer = $this->getMock('ZfrOAuth2\Server\AuthorizationServer', [], [], '', false); + $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false); $controller = new TokenController($authorizationServer); $request = new HttpRequest(); diff --git a/tests/ZfrOAuth2ModuleTest/Server/Options/ModuleOptionsTest.php b/tests/ZfrOAuth2ModuleTest/Server/Options/ModuleOptionsTest.php index c8e060f..bd61a46 100644 --- a/tests/ZfrOAuth2ModuleTest/Server/Options/ModuleOptionsTest.php +++ b/tests/ZfrOAuth2ModuleTest/Server/Options/ModuleOptionsTest.php @@ -18,6 +18,7 @@ namespace ZfrOAuth2ModuleTest\Server\Options; +use ZfrOAuth2\Server\Grant\ClientCredentialsGrant; use ZfrOAuth2Module\Server\Options\ModuleOptions; /** @@ -38,7 +39,7 @@ public function testSettersAndGetters() 'access_token_ttl' => 3000, 'refresh_token_ttl' => 30000, 'owner_callable' => $callable, - 'grants' => ['ZfrOAuth2\Server\Grant\ClientCredentialsGrant'] + 'grants' => [ClientCredentialsGrant::class] ]); $this->assertEquals('my_object_manager', $options->getObjectManager()); @@ -46,6 +47,6 @@ public function testSettersAndGetters() $this->assertEquals(3000, $options->getAccessTokenTtl()); $this->assertEquals(30000, $options->getRefreshTokenTtl()); $this->assertSame($callable, $options->getOwnerCallable()); - $this->assertEquals(['ZfrOAuth2\Server\Grant\ClientCredentialsGrant'], $options->getGrants()); + $this->assertEquals([ClientCredentialsGrant::class], $options->getGrants()); } }