diff --git a/composer.json b/composer.json index def54954..e6c4999a 100644 --- a/composer.json +++ b/composer.json @@ -20,7 +20,7 @@ "ext-openssl": "*", "doctrine/doctrine-bundle": "^2.8.0", "doctrine/orm": "^2.14|^3.0", - "league/oauth2-server": "^9", + "league/oauth2-server": "^9.0.1", "nyholm/psr7": "^1.4", "psr/http-factory": "^1.0", "symfony/event-dispatcher": "^5.4|^6.2|^7.0", diff --git a/src/Command/ClearExpiredTokensCommand.php b/src/Command/ClearExpiredTokensCommand.php index 05f1d3ee..3946a9db 100644 --- a/src/Command/ClearExpiredTokensCommand.php +++ b/src/Command/ClearExpiredTokensCommand.php @@ -35,7 +35,7 @@ final class ClearExpiredTokensCommand extends Command public function __construct( AccessTokenManagerInterface $accessTokenManager, RefreshTokenManagerInterface $refreshTokenManager, - AuthorizationCodeManagerInterface $authorizationCodeManager + AuthorizationCodeManagerInterface $authorizationCodeManager, ) { parent::__construct(); diff --git a/src/Controller/AuthorizationController.php b/src/Controller/AuthorizationController.php index 7b5215e4..da56eef5 100644 --- a/src/Controller/AuthorizationController.php +++ b/src/Controller/AuthorizationController.php @@ -68,7 +68,7 @@ public function __construct( ClientManagerInterface $clientManager, HttpMessageFactoryInterface $httpMessageFactory, HttpFoundationFactoryInterface $httpFoundationFactory, - ResponseFactoryInterface $responseFactory + ResponseFactoryInterface $responseFactory, ) { $this->server = $server; $this->eventDispatcher = $eventDispatcher; diff --git a/src/Controller/TokenController.php b/src/Controller/TokenController.php index 5f7b43e9..7ea0d81c 100644 --- a/src/Controller/TokenController.php +++ b/src/Controller/TokenController.php @@ -47,7 +47,7 @@ public function __construct( HttpMessageFactoryInterface $httpMessageFactory, HttpFoundationFactoryInterface $httpFoundationFactory, ResponseFactoryInterface $responseFactory, - EventDispatcherInterface $eventDispatcher + EventDispatcherInterface $eventDispatcher, ) { $this->server = $server; $this->httpMessageFactory = $httpMessageFactory; diff --git a/src/Manager/Doctrine/ClientManager.php b/src/Manager/Doctrine/ClientManager.php index 32d2bfd9..397d760d 100644 --- a/src/Manager/Doctrine/ClientManager.php +++ b/src/Manager/Doctrine/ClientManager.php @@ -39,7 +39,7 @@ final class ClientManager implements ClientManagerInterface public function __construct( EntityManagerInterface $entityManager, EventDispatcherInterface $dispatcher, - string $clientFqcn + string $clientFqcn, ) { $this->entityManager = $entityManager; $this->dispatcher = $dispatcher; diff --git a/src/Model/AccessToken.php b/src/Model/AccessToken.php index ad034bfd..19413288 100644 --- a/src/Model/AccessToken.php +++ b/src/Model/AccessToken.php @@ -48,7 +48,7 @@ public function __construct( \DateTimeInterface $expiry, ClientInterface $client, ?string $userIdentifier, - array $scopes + array $scopes, ) { $this->identifier = $identifier; $this->expiry = $expiry; diff --git a/src/Model/AuthorizationCode.php b/src/Model/AuthorizationCode.php index 72135cac..971acd17 100644 --- a/src/Model/AuthorizationCode.php +++ b/src/Model/AuthorizationCode.php @@ -48,7 +48,7 @@ public function __construct( \DateTimeInterface $expiry, ClientInterface $client, ?string $userIdentifier, - array $scopes + array $scopes, ) { $this->identifier = $identifier; $this->expiry = $expiry; diff --git a/src/Repository/AccessTokenRepository.php b/src/Repository/AccessTokenRepository.php index 62f4a5a6..1b007271 100644 --- a/src/Repository/AccessTokenRepository.php +++ b/src/Repository/AccessTokenRepository.php @@ -35,7 +35,7 @@ final class AccessTokenRepository implements AccessTokenRepositoryInterface public function __construct( AccessTokenManagerInterface $accessTokenManager, ClientManagerInterface $clientManager, - ScopeConverterInterface $scopeConverter + ScopeConverterInterface $scopeConverter, ) { $this->accessTokenManager = $accessTokenManager; $this->clientManager = $clientManager; diff --git a/src/Repository/AuthCodeRepository.php b/src/Repository/AuthCodeRepository.php index 31d3e7e3..6320e81e 100644 --- a/src/Repository/AuthCodeRepository.php +++ b/src/Repository/AuthCodeRepository.php @@ -34,7 +34,7 @@ final class AuthCodeRepository implements AuthCodeRepositoryInterface public function __construct( AuthorizationCodeManagerInterface $authorizationCodeManager, ClientManagerInterface $clientManager, - ScopeConverterInterface $scopeConverter + ScopeConverterInterface $scopeConverter, ) { $this->authorizationCodeManager = $authorizationCodeManager; $this->clientManager = $clientManager; diff --git a/src/Repository/RefreshTokenRepository.php b/src/Repository/RefreshTokenRepository.php index d8ae2886..be199be7 100644 --- a/src/Repository/RefreshTokenRepository.php +++ b/src/Repository/RefreshTokenRepository.php @@ -26,7 +26,7 @@ final class RefreshTokenRepository implements RefreshTokenRepositoryInterface public function __construct( RefreshTokenManagerInterface $refreshTokenManager, - AccessTokenManagerInterface $accessTokenManager + AccessTokenManagerInterface $accessTokenManager, ) { $this->refreshTokenManager = $refreshTokenManager; $this->accessTokenManager = $accessTokenManager; diff --git a/src/Repository/ScopeRepository.php b/src/Repository/ScopeRepository.php index f3ab67d5..16db4635 100644 --- a/src/Repository/ScopeRepository.php +++ b/src/Repository/ScopeRepository.php @@ -44,7 +44,7 @@ public function __construct( ScopeManagerInterface $scopeManager, ClientManagerInterface $clientManager, ScopeConverterInterface $scopeConverter, - EventDispatcherInterface $eventDispatcher + EventDispatcherInterface $eventDispatcher, ) { $this->scopeManager = $scopeManager; $this->clientManager = $clientManager; @@ -73,7 +73,7 @@ public function finalizeScopes( string $grantType, ClientEntityInterface $clientEntity, string|int|null $userIdentifier = null, - ?string $authCodeId = null + ?string $authCodeId = null, ): array { /** @var AbstractClient $client */ $client = $this->clientManager->find($clientEntity->getIdentifier()); diff --git a/src/Repository/UserRepository.php b/src/Repository/UserRepository.php index 5c841c7f..a69f18b2 100644 --- a/src/Repository/UserRepository.php +++ b/src/Repository/UserRepository.php @@ -35,7 +35,7 @@ final class UserRepository implements UserRepositoryInterface public function __construct( ClientManagerInterface $clientManager, EventDispatcherInterface $eventDispatcher, - UserConverterInterface $userConverter + UserConverterInterface $userConverter, ) { $this->clientManager = $clientManager; $this->eventDispatcher = $eventDispatcher; @@ -46,7 +46,7 @@ public function getUserEntityByUserCredentials( string $username, string $password, string $grantType, - ClientEntityInterface $clientEntity + ClientEntityInterface $clientEntity, ): ?UserEntityInterface { /** @var AbstractClient $client */ $client = $this->clientManager->find($clientEntity->getIdentifier()); diff --git a/src/Security/Authentication/Token/OAuth2Token.php b/src/Security/Authentication/Token/OAuth2Token.php index 53c225ee..43bcf05e 100644 --- a/src/Security/Authentication/Token/OAuth2Token.php +++ b/src/Security/Authentication/Token/OAuth2Token.php @@ -20,7 +20,7 @@ public function __construct( string $accessTokenId, string $oauthClientId, array $scopes, - string $rolePrefix + string $rolePrefix, ) { $this->setAttribute('access_token_id', $accessTokenId); $this->setAttribute('oauth_client_id', $oauthClientId); diff --git a/src/Security/Authenticator/OAuth2Authenticator.php b/src/Security/Authenticator/OAuth2Authenticator.php index 2050ee79..9577edfb 100644 --- a/src/Security/Authenticator/OAuth2Authenticator.php +++ b/src/Security/Authenticator/OAuth2Authenticator.php @@ -45,7 +45,7 @@ public function __construct( HttpMessageFactoryInterface $httpMessageFactory, ResourceServer $resourceServer, UserProviderInterface $userProvider, - string $rolePrefix + string $rolePrefix, ) { $this->httpMessageFactory = $httpMessageFactory; $this->resourceServer = $resourceServer; diff --git a/tests/Fixtures/FixtureFactory.php b/tests/Fixtures/FixtureFactory.php index 185e589b..f9f75894 100644 --- a/tests/Fixtures/FixtureFactory.php +++ b/tests/Fixtures/FixtureFactory.php @@ -76,7 +76,7 @@ public static function initializeFixtures( ClientManagerInterface $clientManager, AccessTokenManagerInterface $accessTokenManager, RefreshTokenManagerInterface $refreshTokenManager, - AuthorizationCodeManagerInterface $authCodeManager + AuthorizationCodeManagerInterface $authCodeManager, ): void { foreach (self::createScopes() as $scope) { $scopeManager->save($scope); diff --git a/tests/Integration/AbstractIntegrationTest.php b/tests/Integration/AbstractIntegrationTest.php index d4d09a49..ef91fb65 100644 --- a/tests/Integration/AbstractIntegrationTest.php +++ b/tests/Integration/AbstractIntegrationTest.php @@ -223,7 +223,7 @@ protected function handleResourceRequest(ServerRequestInterface $serverRequest): return $serverRequest; } - protected function handleAuthorizationRequest(ServerRequestInterface $serverRequest, $approved = true): ResponseInterface + protected function handleAuthorizationRequest(ServerRequestInterface $serverRequest, $approved = true, $isImplicitGrantFlow = false): ResponseInterface { $response = $this->psrFactory->createResponse(); @@ -236,7 +236,7 @@ protected function handleAuthorizationRequest(ServerRequestInterface $serverRequ $response = $this->authorizationServer->completeAuthorizationRequest($authRequest, $response); } catch (OAuthServerException $e) { - $response = $e->generateHttpResponse($response); + $response = $e->generateHttpResponse($response, $isImplicitGrantFlow); } return $response; @@ -268,7 +268,7 @@ private function createAuthorizationServer( AccessTokenRepositoryInterface $accessTokenRepository, RefreshTokenRepositoryInterface $refreshTokenRepository, UserRepositoryInterface $userRepository, - AuthCodeRepositoryInterface $authCodeRepository + AuthCodeRepositoryInterface $authCodeRepository, ): AuthorizationServer { $authorizationServer = new AuthorizationServer( $clientRepository, diff --git a/tests/Integration/AuthorizationServerTest.php b/tests/Integration/AuthorizationServerTest.php index 1b148b2e..a9a708fa 100644 --- a/tests/Integration/AuthorizationServerTest.php +++ b/tests/Integration/AuthorizationServerTest.php @@ -711,7 +711,7 @@ public function testSuccessfulImplicitRequest(): void 'client_id' => 'foo', ]); - $response = $this->handleAuthorizationRequest($request); + $response = $this->handleAuthorizationRequest($request, true, true); $this->assertSame(302, $response->getStatusCode()); $responseData = []; parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_FRAGMENT), $responseData); @@ -733,7 +733,7 @@ public function testSuccessfulImplicitRequestWithState(): void 'state' => 'quzbaz', ]); - $response = $this->handleAuthorizationRequest($request); + $response = $this->handleAuthorizationRequest($request, true, true); $this->assertSame(302, $response->getStatusCode()); $responseData = []; @@ -757,7 +757,7 @@ public function testSuccessfulImplicitRequestRedirectUri(): void 'redirect_uri' => 'https://example.org/oauth2/redirect-uri', ]); - $response = $this->handleAuthorizationRequest($request); + $response = $this->handleAuthorizationRequest($request, true, true); $this->assertSame(302, $response->getStatusCode()); $responseData = []; parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_FRAGMENT), $responseData); @@ -779,10 +779,10 @@ public function testImplicitRequestWithInvalidScope(): void 'scope' => 'non_existing', ]); - $response = $this->handleAuthorizationRequest($request); + $response = $this->handleAuthorizationRequest($request, true, true); $this->assertSame(302, $response->getStatusCode()); $responseData = []; - parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_QUERY), $responseData); + parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_FRAGMENT), $responseData); // Response assertions. $this->assertSame('invalid_scope', $responseData['error']); @@ -798,7 +798,7 @@ public function testImplicitRequestWithInvalidRedirectUri(): void 'redirect_uri' => 'https://example.org/oauth2/other-uri', ]); - $response = $this->handleAuthorizationRequest($request); + $response = $this->handleAuthorizationRequest($request, true, true); $this->assertSame(401, $response->getStatusCode()); $responseData = json_decode((string) $response->getBody(), true); @@ -814,10 +814,10 @@ public function testDeniedImplicitRequest(): void 'client_id' => 'foo', ]); - $response = $this->handleAuthorizationRequest($request, false); + $response = $this->handleAuthorizationRequest($request, false, true); $this->assertSame(302, $response->getStatusCode()); $responseData = []; - parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_QUERY), $responseData); + parse_str(parse_url($response->getHeaderLine('Location'), \PHP_URL_FRAGMENT), $responseData); // Response assertions. $this->assertSame('access_denied', $responseData['error']); @@ -832,7 +832,7 @@ public function testImplicitRequestWithMissingClient(): void 'client_id' => 'yolo', ]); - $response = $this->handleAuthorizationRequest($request, false); + $response = $this->handleAuthorizationRequest($request, false, true); $this->assertSame(401, $response->getStatusCode()); $responseData = json_decode((string) $response->getBody(), true); @@ -848,7 +848,7 @@ public function testImplicitRequestWithInactiveClient(): void 'client_id' => 'baz_inactive', ]); - $response = $this->handleAuthorizationRequest($request, false); + $response = $this->handleAuthorizationRequest($request, false, true); $this->assertSame(401, $response->getStatusCode()); $responseData = json_decode((string) $response->getBody(), true); @@ -864,7 +864,7 @@ public function testImplicitRequestWithRestrictedGrantClient(): void 'client_id' => 'qux_restricted', ]); - $response = $this->handleAuthorizationRequest($request, false); + $response = $this->handleAuthorizationRequest($request, false, true); $this->assertSame(401, $response->getStatusCode()); $responseData = json_decode((string) $response->getBody(), true); diff --git a/tests/Unit/ExtensionTest.php b/tests/Unit/ExtensionTest.php index 316ab051..15b0df9d 100644 --- a/tests/Unit/ExtensionTest.php +++ b/tests/Unit/ExtensionTest.php @@ -70,7 +70,7 @@ public function grantsProvider(): iterable */ public function testAuthCodeGrantDisableRequireCodeChallengeForPublicClientsConfig( ?bool $requireCodeChallengeForPublicClients, - bool $shouldTheRequirementBeDisabled + bool $shouldTheRequirementBeDisabled, ): void { $container = new ContainerBuilder();