/** * Tests OAuth2->grantAccessToken() with successful Auth code grant, but without redreict_uri in the input */ public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect() { $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code' => 'foo'); $storedToken = array('redirect_uri' => 'http://www.example.com', 'client_id' => 'my_little_app', 'expires' => time() + 60); $mockStorage = $this->createBaseMock('IOAuth2GrantCode'); $mockStorage->expects($this->any())->method('getAuthCode')->will($this->returnValue($storedToken)); // Successful token grant will return a JSON encoded token: $this->expectOutputRegex('/{"access_token":".*","expires_in":\\d+,"token_type":"bearer"/'); $this->fixture = new OAuth2($mockStorage); $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, false); $this->fixture->grantAccessToken($inputData, array()); }
public function post($request) { $res = new Response($request); try { $oauth = new OAuth2(new Oauth2StorageUserCredential()); $oauth->grantAccessToken($_POST); } catch (OAuth2ServerException $oauthError) { $oauthError->sendHttpResponse(); } return $res; }
public function grantAccessToken($scope = NULL) { $this->scope = $scope; parent::grantAccessToken(); }
// @todo Not too sure what this is doing but we need to look at it. if ($userId != '') { $oauth->finishClientAuthorization(TRUE, $userId, $_GET); // AUTO AUTHORIZE } try { $auth_params = $oauth->getAuthorizeParams(); } catch (OAuth2ServerException $oauthError) { $oauthError->sendHttpResponse(); } break; case 'request_token': header('X-Frame-Options: DENY'); error_reporting(0); try { $oauth->grantAccessToken(); } catch (OAuth2ServerException $oauthError) { $oauthError->sendHttpResponse(); } break; case 'request_access': error_reporting(0); try { $token = $oauth->getBearerToken(); $data = $oauth->verifyAccessToken($token); // GET THE USER ID FROM THE TOKEN AND NOT THE REQUESTING PARTY $user_id = $data['user_id']; global $wpdb; $info = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}users WHERE ID = " . $user_id . ""); // don't send sensitive info accross the wire. unset($info->user_pass);
/** * Tests OAuth2->grantAccessToken() with extension * */ public function testGrantAccessTokenWithGrantExtension() { $this->markTestIncomplete("grantAccessToken test not implemented"); $this->fixture->grantAccessToken(); }
/** * This starts output buffering so the returned data is actual data instead * of raw JSON-encoded stuff. * @see OAuth2::grantAccessToken() */ public function grantAccessToken(array $inputData = NULL, array $authHeaders = NULL) { // grantAccessToken directly echo's (BAD), but it's a 3rd party library, so what are you going to do? $authData = parent::grantAccessToken($inputData, $authHeaders); $token = $this->storage->refreshToken; $downloadToken = $token->download_token; $authData['refresh_expires_in'] = $token->expire_ts - time(); $authData['download_token'] = $token->download_token; if (!empty($_SESSION['oauth2']['client_id']) && !empty($token->id)) { $_SESSION['oauth2']['refresh_token'] = $token->id; // PHP parser barfs on $this->storage::TOKEN_CHECK_TIME $storage = $this->storage; $_SESSION['oauth2']['token_check_time'] = time() + $storage::TOKEN_CHECK_TIME; } return $authData; }