/**
  * Given a client, grant type and optional user identifier validate the set of scopes requested are valid and optionally
  * append additional scopes or remove requested scopes.
  *
  * @param ScopeEntityInterface[]                               $scopes
  * @param string                                               $grantType
  * @param \League\OAuth2\Server\Entities\ClientEntityInterface $clientEntity
  * @param null|string                                          $userIdentifier
  *
  * @return \League\OAuth2\Server\Entities\ScopeEntityInterface[]
  */
 public function finalizeScopes(array $scopes, $grantType, ClientEntityInterface $clientEntity, $userIdentifier = null)
 {
     $scopeModel = $this->modelResolver->getModel('ScopeModel');
     $clientModel = $this->modelResolver->getModel('ClientModel');
     $clientModel = $clientModel::byIdentifier($clientEntity->getIdentifier())->first();
     if (is_null($clientModel)) {
         return [];
     }
     $scopes = array_map(function ($scopes) {
         return $scopes->getIdentifier();
     }, $scopes);
     $validScopes = $scopeModel::byIdentifierIn($scopes)->get()->pluck($scopeModel::$identifierKey);
     $validScopes = collect($validScopes);
     if (!empty($clientModel->scopes)) {
         $clientScopes = $clientModel->scopes;
         if (!$clientModel::$canHandleArray) {
             $clientScopes = json_decode($clientScopes);
         }
         $validScopes = $validScopes->intersect($clientScopes);
     }
     $validScopeEntities = [];
     foreach ($validScopes as $validScope) {
         $scopeEntity = new ScopeEntity();
         $scopeEntity->setIdentifier($validScope);
         $validScopeEntities[] = $scopeEntity;
     }
     return $validScopeEntities;
 }
Example #2
0
 /**
  * Given a client, grant type and optional user identifier validate the set of scopes requested are valid and optionally
  * append additional scopes or remove requested scopes.
  *
  * @param array<ScopeEntityInterface> $scopes
  * @param string $grantType
  * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $clientEntity
  * @param string $userIdentifier
  *
  * @return array<\League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface>
  **/
 public function finalizeScopes(array $scopes, $grantType, ClientEntityInterface $clientEntity, $userIdentifier = null)
 {
     $builder = (new Builder())->columns(['Scope.id'])->addFrom(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Scope::class, 'Scope');
     $scopesIdentifiers = [];
     foreach ($scopes as $scope) {
         $scopesIdentifiers[] = $scope->getIdentifier();
     }
     $builder->inWhere('Scope.id', $scopesIdentifiers);
     if ($this->getConfig()->limit_scopes_to_grants === true) {
         $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\GrantScope::class, 'GrantScope.scope_id = Scope.id', 'GrantScope')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Grant::class, 'Grant.id = GrantScope.grant_id', 'Grant')->andWhere('Grant.id = :grantType:', compact('grantType'));
     }
     if ($this->getConfig()->limit_clients_to_scopes === true) {
         $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\ClientScope::class, 'ClientScope.scope_id = Scope.id', 'ClientScope')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Client::class, 'Client.id = ClientScope.client_id', 'Client')->andWhere('Client.id = :client_id:', ['client_id' => $clientEntity->getIdentifier()]);
     }
     if ($this->getConfig()->limit_users_to_scopes === true) {
         $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\UserScope::class, 'UserScope.scope_id = Scope.id', 'UserScope')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\User::class, 'User.id = UserScope.user_id', 'User')->AndWhere('User.id = :userIdentifier:', compact('userIdentifier'));
     }
     $query = $builder->getQuery();
     $result = $query->execute();
     if (!$result || $result->count() <= 0) {
         $scope = current($scopes);
         throw OAuthServerException::invalidScope($scope->getIdentifier());
     }
     $entities = [];
     foreach ($result as $scope) {
         $entity = new ScopeEntity();
         $entity->setIdentifier($scope->id);
         $entities[] = $entity;
     }
     return $entities;
 }
Example #3
0
 public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity)
 {
     $builder = (new Builder())->columns(['User.id', 'User.username', 'User.password'])->addFrom(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\User::class, 'User')->where('User.username = :username:'******'username'))->limit(1);
     if ($this->getConfig()->limit_users_to_clients === true) {
         $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\UserClient::class, 'UserClient.user_id = User.id', 'UserClient')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Client::class, 'Client.id = UserClient.client_id', 'Client')->andWhere('Client.id = :client_id:', ['client_id' => $clientEntity->getIdentifier()]);
     }
     if ($this->getConfig()->limit_users_to_grants === true) {
         $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\UserGrant::class, 'UserGrant.user_id = User.id', 'UserGrant')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Grant::class, 'Grant.id = UserGrant.grant_id', 'Grant')->andWhere('Grant.id = :grantType:', compact('grantType'));
     }
     $query = $builder->getQuery();
     $result = $query->getSingleResult();
     if (!$result) {
         throw OAuthServerException::invalidCredentials();
     }
     $security = new Security();
     if ($security->checkHash($password, $result->password) !== true) {
         throw OAuthServerException::invalidCredentials();
     }
     $user = new UserEntity();
     $user->setIdentifier($result->id);
     return $user;
 }
Example #4
0
 /**
  * @param \League\OAuth2\Server\Entities\ScopeEntityInterface[] $scopes
  * @param string $grantType
  * @param ClientEntityInterface $clientEntity
  * @param null $userIdentifier|string
  * @return \League\OAuth2\Server\Entities\ScopeEntityInterface[]
  */
 public function finalizeScopes(array $scopes, $grantType, ClientEntityInterface $clientEntity, $userIdentifier = null)
 {
     $scopesId = [];
     foreach ($scopes as $item) {
         $scopesId[] = $item->getIdentifier();
     }
     $query = ScopesModel::findByScopeId($scopesId);
     ScopesModel::findByGrantId($grantType, $query);
     ScopesModel::findByClientId($clientEntity->getIdentifier(), $query);
     if ($userIdentifier) {
         ScopesModel::findByUserId($userIdentifier, $query);
     }
     $result = $query->all();
     $entitys = [];
     foreach ($result as $item) {
         foreach ($scopes as $key => $scope) {
             if ($item->id == $scope->getIdentifier()) {
                 $entitys[$key] = $scope;
             }
         }
     }
     return $entitys;
 }