/**
* @dataProvider validProviderFromArray
*/
public function testValidFromArray($id, $secret, $type, $redirectUri, $name, $allowedScope, $icon, $description, $contactEmail)
{
$c = new ClientData(array('id' => $id, 'secret' => $secret, 'redirect_uri' => $redirectUri, 'name' => $name, 'type' => $type, 'allowed_scope' => $allowedScope, 'icon' => $icon, 'description' => $description, 'contact_email' => $contactEmail));
$this->assertEquals($id, $c->getId());
$this->assertEquals($secret, $c->getSecret());
$this->assertEquals($redirectUri, $c->getRedirectUri());
$this->assertEquals($name, $c->getName());
$this->assertEquals($allowedScope, $c->getAllowedScope());
$this->assertEquals($icon, $c->getIcon());
$this->assertEquals($description, $c->getDescription());
$this->assertFalse($c->getDisableUserConsent());
$this->assertEquals($contactEmail, $c->getContactEmail());
}
public function addClient(ClientData $clientData)
{
$stmt = $this->db->prepare('INSERT INTO clients (id, name, description, secret, disable_user_consent, redirect_uri, type, icon, allowed_scope, contact_email) VALUES(:client_id, :name, :description, :secret, :disable_user_consent, :redirect_uri, :type, :icon, :allowed_scope, :contact_email)');
$stmt->bindValue(':client_id', $clientData->getId(), PDO::PARAM_STR);
$stmt->bindValue(':name', $clientData->getName(), PDO::PARAM_STR);
$stmt->bindValue(':description', $clientData->getDescription(), PDO::PARAM_STR);
$stmt->bindValue(':secret', $clientData->getSecret(), PDO::PARAM_STR);
$stmt->bindValue(':redirect_uri', $clientData->getRedirectUri(), PDO::PARAM_STR);
$stmt->bindValue(':disable_user_consent', $clientData->getDisableUserConsent(), PDO::PARAM_BOOL);
$stmt->bindValue(':type', $clientData->getType(), PDO::PARAM_STR);
$stmt->bindValue(':icon', $clientData->getIcon(), PDO::PARAM_STR);
$stmt->bindValue(':allowed_scope', $clientData->getAllowedScope(), PDO::PARAM_STR);
$stmt->bindValue(':contact_email', $clientData->getContactEmail(), PDO::PARAM_STR);
$stmt->execute();
return 1 === $stmt->rowCount();
}
private function addApproval(ClientData $clientData, $userId, $scope)
{
$approval = $this->storage->getApprovalByResourceOwnerId($clientData->getId(), $userId);
if (false === $approval) {
// no approval exists, generate a refresh_token and add it
$refreshToken = 'code' === $clientData->getType() ? $this->io->getRandomHex() : null;
$this->storage->addApproval($clientData->getId(), $userId, $scope, $refreshToken);
} else {
// an approval exists, we don't care about the scope, we just
// update it if needed keeping the same refresh_token
$this->storage->updateApproval($clientData->getId(), $userId, $scope);
}
}
public function handleRefreshToken(TokenRequest $tokenRequest, ClientData $clientData)
{
$refreshToken = $tokenRequest->getRefreshToken();
$scope = $tokenRequest->getScope();
$result = $this->db->getApprovalByRefreshToken($clientData->getId(), $refreshToken);
if (false === $result) {
throw new BadRequestException('invalid_grant', 'the refresh_token was not found');
}
$token = array();
$token['access_token'] = $this->io->getRandomHex();
$token['expires_in'] = $this->accessTokenExpiry;
if (null !== $scope) {
// the client wants to obtain a specific scope
$requestedScope = new Scope($scope);
$authorizedScope = new Scope($result['scope']);
if ($requestedScope->hasOnlyScope($authorizedScope)) {
// if it is a subset of the authorized scope we honor that
$token['scope'] = $requestedScope->toString();
} else {
// if not the client gets the authorized scope
$token['scope'] = $result['scope'];
}
} else {
$token['scope'] = $result['scope'];
}
$token['token_type'] = 'bearer';
$this->db->storeAccessToken($token['access_token'], $this->io->getTime(), $clientData->getId(), $result['resource_owner_id'], $token['scope'], $token['expires_in']);
return $token;
}