/** * function to create the OAuth2 Server Object */ public function setup(Application $app) { $app['fixtures_manager'] = new FixturesManager($app); // make sure the sqlite file is initialized $sqliteFile = __DIR__ . '/../../../data/coop.sqlite'; $dbFileExists = file_exists($sqliteFile); if (!$dbFileExists) { $app['fixtures_manager']->resetDatabase(); } // create PDO-based sqlite storage $storage = new Pdo(array('dsn' => 'sqlite:' . $sqliteFile)); $app['storage'] = $storage; // if we created the db, lets put in some data if (!$dbFileExists) { $app['fixtures_manager']->populateSqliteDb(); } // create array of supported grant types // todo - update the documentation in _authentication.twig when we add more $grantTypes = array('authorization_code' => new AuthorizationCode($storage), 'client_credentials' => new ClientCredentials($storage), 'refresh_token' => new RefreshToken($storage, array('always_issue_new_refresh_token' => true))); // instantiate the oauth server $server = new OAuth2Server($storage, array('enforce_state' => false, 'allow_implicit' => true, 'access_lifetime' => 86400), $grantTypes); $app['api_actions'] = ['barn-unlock' => 'Unlock the Barn', 'toiletseat-down' => 'Put the Toilet Seat Down', 'chickens-feed' => 'Feed Your Chickens', 'eggs-collect' => 'Collect Eggs from Your Chickens', 'eggs-count' => 'Get the Number of Eggs Collected Today']; $app['scopes'] = array_merge($app['api_actions'], ['profile' => 'Access Your Profile Data']); // add scopes $memory = new Memory(array('supported_scopes' => array_keys($app['scopes']))); $server->setScopeUtil(new Scope($memory)); // add the server to the silex "container" so we can use it in our controllers (see src/OAuth2Demo/Server/Controllers/.*) $app['oauth_server'] = $server; /** * add HttpFoundataionBridge Response to the container, which returns a silex-compatible response object * @see (https://github.com/bshaffer/oauth2-server-httpfoundation-bridge) */ $app['oauth_response'] = new BridgeResponse(); }
/** * Create service * * @param ServiceLocatorInterface $serviceLocator * @throws \InvalidArgumentException * @return mixed */ public function createService(ServiceLocatorInterface $serviceLocator) { $config = $serviceLocator->get('Config'); if (isset($config['parrot-oauth2'])) { $config = $config['parrot-oauth2']; $storage = array('user_credentials' => $serviceLocator->get('Parrot\\Oauth2\\Storage\\UserCredentials'), 'client_credentials' => $serviceLocator->get('Parrot\\Oauth2\\Storage\\ClientCredentials'), 'access_token' => $serviceLocator->get('Parrot\\Oauth2\\Storage\\AccessToken'), 'scope' => $serviceLocator->get('Parrot\\Oauth2\\Storage\\Scope')); $server = new Server($storage, $config); $server->setScopeUtil($serviceLocator->get('Parrot\\Oauth2\\Storage\\Scope')); return $server; } else { throw new InvalidArgumentException('Parrot OAuth2 requires a defined config'); } }
public function setup(Application $app) { //$dsn = "mysql:dbname=renap_users;unix_socket=/tmp/mysqld.sock;host:localhost;"; $dsn = "mysql:dbname=renap_users;host:localhost;"; $username = "******"; $password = "******"; $storage = new Pdo(array("dsn" => $dsn, "username" => $username, "password" => $password)); $grantTypes = array('authorization_code' => new AuthorizationCode($storage), 'refresh_token' => new RefreshToken($storage, array('always_issue_new_refresh_token' => true))); $server = new OAuth2Server($storage, array('enforce_state' => true, 'allow_implicit' => true, 'issuer' => $_SERVER['HTTP_HOST']), $grantTypes); $defaultScope = 'basic'; $supportedScopes = array('basic', 'admin'); $memory = new Memory(array('default_scope' => $defaultScope, 'supported_scopes' => $supportedScopes)); $scopeUtil = new Scope($memory); $server->setScopeUtil($scopeUtil); $storage->setUser("admin", "admin", "Alexander", "Baquiax", 'admin'); $app['oauth_server'] = $server; $app['mysql_client'] = $storage; $app['oauth_response'] = new BridgeResponse(); }
protected function configure(Slim $app) { $app->container->singleton('request', function ($c) { //Use adapter so slim and oauth2 library works with the same object return new RequestAdapter($c['environment']); //Request::createFromGlobals(); }); $app->container->singleton('response', function ($c) { //Use adapter so slim and oauth2 library works with the same object return new ResponseAdapter(); }); $app->container->singleton('saml_settings', function ($c) { if ($saml_settings = (include $c['settings']['saml']['settings_file'])) { return $saml_settings; } else { die("couldn find settings file in ['settings']['saml']['settings_file'] "); } }); $app->container->singleton('oauthServer', function ($c) { //basic set up $settings = $c['settings']; $storage = new Pdo($settings['db']); $server = new Server($storage); //saml-bearer grant! This conf is actually the file from /inst/saml_settings.php //and its almost directly handled by onelogin/php-saml library //refer to onelogin/php-saml for more information. //Note that you will have to properly configure saml IDP $server->addGrantType(new Saml2Bearer($c['saml_settings'])); //just in case you only want to see how to set up basic stuff using slim $server->addGrantType(new ClientCredentials($storage)); $server->addGrantType(new AuthorizationCode($storage)); $defaultScope = 'basic'; $supportedScopes = array('basic', 'mail', 'bank_account'); $memory = new Memory(array('default_scope' => $defaultScope, 'supported_scopes' => $supportedScopes)); $scopeUtil = new Scope($memory); $server->setScopeUtil($scopeUtil); return $server; }); }
public function testEnforceScope() { $storage = Bootstrap::getInstance()->getMemoryStorage(); $server = new Server($storage); $server->addGrantType(new ClientCredentials($storage)); $scope = new Scope(array('default_scope' => false, 'supported_scopes' => array('testscope'))); $server->setScopeUtil($scope); $request = TestRequest::createPost(array('grant_type' => 'client_credentials', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret')); $response = $server->handleTokenRequest($request); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'This application requires you specify a scope parameter'); }
/** * @return Server */ private function configureOAuth() { $storage = new \Components\PropelStorage(); $server = new Server($storage); $server->addGrantType(new ClientCredentials($storage)); $server->addGrantType(new AuthorizationCode($storage)); $memory = new Memory(array('default_scope' => [], 'supported_scopes' => ['admin'])); $scopeUtil = new Scope($memory); $server->setScopeUtil($scopeUtil); return $server; }