/** * Validate the client. * * @param \lcon\Http\RequestInterface $request * * @throws \League\OAuth2\Server\Exception\OAuthServerException * * @return \League\OAuth2\Server\Entities\ClientEntityInterface */ protected function validateClient(\Phalcon\Http\RequestInterface $request) { $clientId = $this->getRequestParameter('client_id', $request, $this->getServerParameter('PHP_AUTH_USER', $request)); if (is_null($clientId)) { throw OAuthServerException::invalidRequest('client_id'); } // If the client is confidential require the client secret $clientSecret = $this->getRequestParameter('client_secret', $request, $this->getServerParameter('PHP_AUTH_PW', $request)); $client = $this->clientRepository->getClientEntity($clientId, $this->getIdentifier(), $clientSecret, true); if (!$client instanceof ClientEntityInterface) { $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request)); throw OAuthServerException::invalidClient(); } // If a redirect URI is provided ensure it matches what is pre-registered $redirectUri = $this->getRequestParameter('redirect_uri', $request, null); if ($redirectUri !== null) { if (is_string($client->getRedirectUri()) && strcmp($client->getRedirectUri(), $redirectUri) !== 0) { $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request)); throw OAuthServerException::invalidClient(); } elseif (is_array($client->getRedirectUri()) && in_array($redirectUri, $client->getRedirectUri()) === false) { $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request)); throw OAuthServerException::invalidClient(); } } return $client; }
/** * Validate the client. * * @param \Psr\Http\Message\ServerRequestInterface $request * * @throws \League\OAuth2\Server\Exception\OAuthServerException * * @return \League\OAuth2\Server\Entities\ClientEntityInterface */ protected function validateClient(ServerRequestInterface $request) { list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request); $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser); if (is_null($clientId)) { throw OAuthServerException::invalidRequest('client_id'); } // If the client is confidential require the client secret $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword); $client = $this->clientRepository->getClientEntity($clientId, $this->getIdentifier(), $clientSecret, true); if (!$client instanceof ClientEntityInterface) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } // If a redirect URI is provided ensure it matches what is pre-registered $redirectUri = $this->getRequestParameter('redirect_uri', $request, null); if ($redirectUri !== null) { if (is_string($client->getRedirectUri()) && strcmp($client->getRedirectUri(), $redirectUri) !== 0) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } elseif (is_array($client->getRedirectUri()) && in_array($redirectUri, $client->getRedirectUri()) === false) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidClient(); } } return $client; }