grantAccessToken() 공개 메소드

This would be called from the "/token" endpoint as defined in the spec. Obviously, you can call your endpoint whatever you want. Draft specifies that the authorization parameters should be retrieved from POST, but you can override to whatever method you like.
또한 보기: http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4
또한 보기: http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-10.6
또한 보기: http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-4.1.3
public grantAccessToken ( Request $request = null ) : Response
$request Symfony\Component\HttpFoundation\Request (optional) The request
리턴 Symfony\Component\HttpFoundation\Response
예제 #1
0
 /**
  * @param  Request $request
  * @return type
  */
 public function tokenAction(Request $request)
 {
     try {
         return $this->server->grantAccessToken($request);
     } catch (OAuth2ServerException $e) {
         return $e->getHttpResponse();
     }
 }
예제 #2
0
 /**
  * Tests OAuth2->grantAccessToken() with successful Auth code grant, but without redreict_uri in the input
  */
 public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect()
 {
     $request = new Request(array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code' => 'foo'));
     $storedToken = new OAuth2AuthCode('my_little_app', '', time() + 60, null, null, 'http://www.example.com');
     $mockStorage = $this->createBaseMock('OAuth2\\IOAuth2GrantCode');
     $mockStorage->expects($this->any())->method('getAuthCode')->will($this->returnValue($storedToken));
     $this->fixture = new OAuth2($mockStorage);
     $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, false);
     $response = $this->fixture->grantAccessToken($request);
     // Successful token grant will return a JSON encoded token:
     $this->assertRegexp('/{"access_token":".*","expires_in":\\d+,"token_type":"bearer"/', $response->getContent());
 }
예제 #3
0
 /**
  * If the user is logged generates the access token and sets into response creating a cookie.
  *
  * @param \Kreta\Bundle\UserBundle\Event\AuthorizationEvent $event The authorization event
  */
 public function onAuthorizationEvent(AuthorizationEvent $event)
 {
     $client = $this->clientManager->findClientBy(['secret' => $this->clientSecret]);
     $session = $event->getRequest()->getSession();
     $request = new Request();
     $request->query->add(['grant_type' => 'password', 'client_secret' => $this->clientSecret, 'client_id' => sprintf('%s_%s', $client->getId(), $client->getRandomId()), 'username' => $session->get('_email'), 'password' => $session->get('_password')]);
     $response = $this->oauthServer->grantAccessToken($request);
     $token = json_decode($response->getContent(), true);
     $event->getRequest()->getSession()->remove('_email');
     $event->getRequest()->getSession()->remove('_password');
     $event->getRequest()->getSession()->replace(['access_token' => $token['access_token'], 'refresh_token' => $token['refresh_token']]);
 }
예제 #4
0
 public function testErrorResponseContainsExtraHeaders()
 {
     $config = array(OAuth2::CONFIG_RESPONSE_EXTRA_HEADERS => array("Access-Control-Allow-Origin" => "http://www.foo.com", "X-Extra-Header-1" => "Foo-Bar"));
     $stub = new OAuth2GrantUserStub();
     $stub->addClient(new OAuth2Client('cid', 'cpass'));
     $stub->addUser('foo', 'bar');
     $stub->setAllowedGrantTypes(array('authorization_code', 'password'));
     $oauth2 = new OAuth2($stub, $config);
     $response = $oauth2->grantAccessToken(new Request(array('grant_type' => 'password', 'client_id' => 'cid', 'client_secret' => 'cpass', 'username' => 'foo', 'password' => 'bar')));
     $this->assertSame("http://www.foo.com", $response->headers->get("Access-Control-Allow-Origin"));
     $this->assertSame("Foo-Bar", $response->headers->get("X-Extra-Header-1"));
 }
 function it_listens_interactive_login(InteractiveLoginEvent $interactiveLoginEvent, TokenInterface $token, UserInterface $user, Request $request, SessionInterface $session, ParameterBagInterface $parameterBag, ClientManagerInterface $clientManager, ClientInterface $client, OAuth2 $oauthServer, Response $response)
 {
     $interactiveLoginEvent->getAuthenticationToken()->shouldBeCalled()->willReturn($token);
     $token->getUser()->shouldBeCalled()->willReturn($user);
     $interactiveLoginEvent->getRequest()->shouldBeCalled()->willReturn($request);
     $parameterBag->get('_username')->shouldBeCalled()->willReturn('*****@*****.**');
     $parameterBag->get('_password')->shouldBeCalled()->willReturn('123456');
     $request->request = $parameterBag;
     $request->getSession()->shouldBeCalled()->willReturn($session);
     $session->set('_email', '*****@*****.**')->shouldBeCalled();
     $session->set('_password', '123456')->shouldBeCalled();
     $clientManager->findClientBy(['secret' => 'client-secret'])->shouldBeCalled()->willReturn($client);
     $client->getId()->shouldBeCalled()->willReturn('the-id');
     $client->getRandomId()->shouldBeCalled()->willReturn('random-id');
     $session->get('_email')->shouldBeCalled()->willReturn('*****@*****.**');
     $session->get('_password')->shouldBeCalled()->willReturn('123456');
     $oauthServer->grantAccessToken(Argument::type('Symfony\\Component\\HttpFoundation\\Request'))->shouldBeCalled()->willReturn($response);
     $response->getContent()->shouldBeCalled()->willReturn('the response content');
     $session->remove('_email')->shouldBeCalled()->willReturn('*****@*****.**');
     $session->remove('_password')->shouldBeCalled()->willReturn('123456');
     $session->replace(['access_token' => null, 'refresh_token' => null])->shouldBeCalled();
     $this->onInteractiveLogin($interactiveLoginEvent);
 }
예제 #6
0
 /**
  * Tests OAuth2->grantAccessToken() with urn: extension
  */
 public function testGrantAccessTokenWithGrantExtensionJwtBearer()
 {
     $clientId = 'cid';
     $clientSecret = 'csecret';
     $grantType = 'urn:ietf:params:oauth:grant-type:jwt-bearer';
     $subject = 1234;
     $stub = new \OAuth2\Tests\Fixtures\OAuth2GrantExtensionJwtBearer();
     $stub->addClient(new OAuth2Client($clientId, $clientSecret));
     $stub->setAllowedGrantTypes(array($grantType));
     $stub->setExpectedSubject($subject);
     $oauth2 = new OAuth2($stub);
     $response = $oauth2->grantAccessToken(new Request(array('grant_type' => $grantType, 'client_id' => $clientId, 'client_secret' => $clientSecret, 'jwt' => \OAuth2\Tests\Fixtures\OAuth2GrantExtensionJwtBearer::encodeJwt(array('sub' => $subject)))));
     $this->assertSame(array('content-type' => array('application/json'), 'cache-control' => array('no-store, private'), 'pragma' => array('no-cache')), array_diff_key($response->headers->all(), array('date' => null)));
     $this->assertRegExp('{"access_token":"[^"]+","expires_in":3600,"token_type":"bearer","scope":null,"refresh_token":"[^"]+"}', $response->getContent());
     $token = $stub->getLastAccessToken();
     $this->assertSame('cid', $token->getClientId());
     $data = $token->getData();
     $this->assertSame($subject, $data['sub']);
 }
예제 #7
0
파일: token.php 프로젝트: esvit/oauth2-php
<?php

/**
 * @file
 * Sample token endpoint.
 *
 * Obviously not production-ready code, just simple and to the point.
 *
 * In reality, you'd probably use a nifty framework to handle most of the crud for you.
 */
use OAuth2\OAuth2;
use OAuth2\OAuth2ServerException;
require 'lib/bootstrap.php';
$oauth = new OAuth2(new OAuth2StoragePDO(newPDO()));
try {
    $response = $oauth->grantAccessToken();
    $response->send();
} catch (OAuth2ServerException $oauthError) {
    $oauthError->getHttpResponse()->send();
}
예제 #8
0
 /**
  * Tests OAuth2->grantAccessToken() with extension
  */
 public function testGrantAccessTokenWithGrantExtension()
 {
     $clientId = 'cid';
     $clientSecret = 'csecret';
     $grantType = 'http://company.com/fb_access_token';
     $fbId = '35';
     $fbAccessToken = 'da4b9237bacccd_35';
     $stub = new \OAuth2\Tests\Fixtures\OAuth2GrantExtensionStub();
     $stub->addClient(new OAuth2Client($clientId, $clientSecret));
     $stub->setAllowedGrantTypes(array($grantType));
     $stub->addFacebookId($fbId);
     $oauth2 = new OAuth2($stub);
     $response = $oauth2->grantAccessToken(new Request(array('grant_type' => $grantType, 'client_id' => $clientId, 'client_secret' => $clientSecret, 'fb_access_token' => $fbAccessToken)));
     $this->assertSame(array('content-type' => array('application/json'), 'cache-control' => array('no-store, private'), 'pragma' => array('no-cache')), array_diff_key($response->headers->all(), array('date' => null)));
     $this->assertRegExp('{"access_token":"[^"]+","expires_in":3600,"token_type":"bearer"}', $response->getContent());
 }