public function testGettersAndSetters() { $owner = $this->getMock(TokenOwnerInterface::class); $client = new Client(); $expiresAt = new DateTime(); $authorizationCode = new AuthorizationCode(); $authorizationCode->setToken('token'); $authorizationCode->setScopes(['scope1', 'scope2']); $authorizationCode->setClient($client); $authorizationCode->setExpiresAt($expiresAt); $authorizationCode->setOwner($owner); $authorizationCode->setRedirectUri('http://www.example.com'); $this->assertEquals('token', $authorizationCode->getToken()); $this->assertCount(2, $authorizationCode->getScopes()); $this->assertTrue($authorizationCode->matchScopes('scope1')); $this->assertFalse($authorizationCode->matchScopes('scope3')); $this->assertSame($client, $authorizationCode->getClient()); $this->assertEquals($expiresAt, $authorizationCode->getExpiresAt()); $this->assertSame($owner, $authorizationCode->getOwner()); $this->assertEquals('http://www.example.com', $authorizationCode->getRedirectUri()); }
/** * {@inheritDoc} * @throws OAuth2Exception */ public function createAuthorizationResponse(ServerRequestInterface $request, Client $client, TokenOwnerInterface $owner = null) { $queryParams = $request->getQueryParams(); // We must validate some parameters first $responseType = $queryParams['response_type'] ?? null; if ($responseType !== self::GRANT_RESPONSE_TYPE) { throw OAuth2Exception::invalidRequest(sprintf('The desired grant type must be "code", but "%s" was given', $responseType)); } // We try to fetch the redirect URI from query param as per spec, and if none found, we just use // the first redirect URI defined in the client $redirectUri = $queryParams['redirect_uri'] ?? $client->getRedirectUris()[0]; // If the redirect URI cannot be found in the list, we throw an error as we don't want the user // to be redirected to an unauthorized URL if (!$client->hasRedirectUri($redirectUri)) { throw OAuth2Exception::invalidRequest('Redirect URI does not match the registered one'); } // Scope and state allow to perform additional validation $scope = $queryParams['scope'] ?? null; $state = $queryParams['state'] ?? null; $authorizationCode = new AuthorizationCode(); $authorizationCode->setRedirectUri($redirectUri); $this->populateToken($authorizationCode, $client, $owner, $scope); $authorizationCode = $this->authorizationCodeService->createToken($authorizationCode); $uri = http_build_query(array_filter(['code' => $authorizationCode->getToken(), 'state' => $state])); return new Response\RedirectResponse($redirectUri . '?' . $uri); }