function it_checks_if_multiple_valid_scopes_are_included_into_the_current_ones(ResourceServer $checker, AccessTokenEntity $accessTokenEntity) { $accessTokenEntity->hasScope('foo')->willReturn(true)->shouldBecalled(); $accessTokenEntity->hasScope('bar')->willReturn(true)->shouldBeCalled(); $checker->getAccessToken()->willReturn($accessTokenEntity)->shouldBeCalledTimes(2); $this->hasScope(['foo', 'bar'])->shouldReturn(true); }
/** * Validate a routes scopes. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token * @param \Dingo\Api\Routing\Route $route * * @throws \League\OAuth2\Server\Exception\InvalidScopeException * * @return bool */ protected function validateRouteScopes(AccessTokenEntity $token, Route $route) { $scopes = $route->scopes(); if (empty($scopes)) { return true; } foreach ($scopes as $scope) { if ($token->hasScope($scope)) { return true; } } throw new InvalidScopeException($scope); }
/** * Validate a route has all scopes. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token * @param \Dingo\Api\Routing\Route $route * * @throws \League\OAuth2\Server\Exception\InvalidScopeException * * @return bool */ protected function validateAllRouteScopes(AccessTokenEntity $token, Route $route) { $scopes = $route->scopes(); foreach ($scopes as $scope) { if (!$token->hasScope($scope)) { throw new InvalidScopeException($scope); } } return true; }