Merge pull request #96 from basz/psr-15

Psr 15

.php_cs

@@ -17,8 +17,7 @@ class Config extends PhpCsFixerConfig
             '@PSR2' => true,
             'array_syntax' => ['syntax' => 'short'],
             'binary_operator_spaces' => [
-                'align_double_arrow' => true,
-                'align_equals' => true,
+                'default' => 'single_space',
             ],
             'blank_line_after_opening_tag' => true,
             'blank_line_after_namespace' => true,
@@ -102,7 +101,7 @@ class Config extends PhpCsFixerConfig
 }
 
 $config = new Config();
-$config->getFinder()->in(__DIR__);//->exclude(['data', 'docs', 'etc', 'templates']);
+$config->getFinder()->in(__DIR__);
 
 $cacheDir = getenv('TRAVIS') ? getenv('HOME') . '/.php-cs-fixer' : __DIR__;
 

.travis.yml

@@ -6,13 +6,10 @@ cache:
     - $HOME/.php-cs-fixer
 
 matrix:
-  fast_finish: true
   include:
     - php: 7.0
     - php: 7.1
-    - php: hhvm
-  allow_failures:
-    - php: hhvm
+    - php: 7.2
 
 before_script:
   - composer self-update

composer.json

@@ -27,11 +27,11 @@
     "psr/container": "^1.0",
     "ramsey/uuid": "^3.1",
     "roave/security-advisories": "dev-master",
-    "http-interop/http-middleware": "^0.4.1"
+    "psr/http-server-middleware": "^1.0"
   },
   "require-dev": {
     "friendsofphp/php-cs-fixer": "^2.1",
-    "phpunit/phpunit": "^6.0",
+    "phpunit/phpunit": "~6.4.0",
     "satooshi/php-coveralls": "^1.0",
     "php-mock/php-mock-phpunit": "^2.0"
   },

config/config.global.php

@@ -24,13 +24,13 @@
          * Various tokens TTL
          */
         'authorization_code_ttl' => 120,
-        'access_token_ttl'       => 3600,
-        'refresh_token_ttl'      => 86400,
+        'access_token_ttl' => 3600,
+        'refresh_token_ttl' => 86400,
 
         /**
          * Rotate the refresh token option while refreshing an access token
          */
-        'rotate_refresh_tokens'  => false,
+        'rotate_refresh_tokens' => false,
 
         /**
          * Revoke the rotated refresh token while refreshing an access token
@@ -40,13 +40,13 @@
         /**
          * Registered grants for this server
          */
-        'grants'                 => [],
+        'grants' => [],
 
         /**
          * A callable used to validate the username and password when using the
          * password grant
          */
-        'owner_callable'         => null,
+        'owner_callable' => null,
 
         /**
          * Attribute that the AuthorizationRequestMiddleware expects the ZfrOAuth2\Server\Model\TokenOwnerInterface

config/dependencies.global.php

@@ -58,33 +58,33 @@
              * Middleware
              */
             AuthorizationRequestMiddleware::class => AuthorizationRequestMiddlewareFactory::class,
-            RevocationRequestMiddleware::class    => RevocationRequestMiddlewareFactory::class,
-            TokenRequestMiddleware::class         => TokenRequestMiddlewareFactory::class,
-            ResourceServerMiddleware::class       => ResourceServerMiddlewareFactory::class,
+            RevocationRequestMiddleware::class => RevocationRequestMiddlewareFactory::class,
+            TokenRequestMiddleware::class => TokenRequestMiddlewareFactory::class,
+            ResourceServerMiddleware::class => ResourceServerMiddlewareFactory::class,
 
             /**
              * Services
              */
-            AuthorizationServerInterface::class   => AuthorizationServerFactory::class,
-            ResourceServerInterface::class        => ResourceServerFactory::class,
-            ClientService::class                  => ClientServiceFactory::class,
-            ScopeService::class                   => ScopeServiceFactory::class,
-            AuthorizationCodeService::class       => AuthorizationCodeServiceFactory::class,
-            AccessTokenService::class             => AccessTokenServiceFactory::class,
-            RefreshTokenService::class            => RefreshTokenServiceFactory::class,
+            AuthorizationServerInterface::class => AuthorizationServerFactory::class,
+            ResourceServerInterface::class => ResourceServerFactory::class,
+            ClientService::class => ClientServiceFactory::class,
+            ScopeService::class => ScopeServiceFactory::class,
+            AuthorizationCodeService::class => AuthorizationCodeServiceFactory::class,
+            AccessTokenService::class => AccessTokenServiceFactory::class,
+            RefreshTokenService::class => RefreshTokenServiceFactory::class,
 
             /**
              * Grant Services
              */
-            ClientCredentialsGrant::class         => ClientCredentialsGrantFactory::class,
-            PasswordGrant::class                  => PasswordGrantFactory::class,
-            AuthorizationGrant::class             => AuthorizationGrantFactory::class,
-            RefreshTokenGrant::class              => RefreshTokenGrantFactory::class,
+            ClientCredentialsGrant::class => ClientCredentialsGrantFactory::class,
+            PasswordGrant::class => PasswordGrantFactory::class,
+            AuthorizationGrant::class => AuthorizationGrantFactory::class,
+            RefreshTokenGrant::class => RefreshTokenGrantFactory::class,
 
             /**
              * Utils
              */
-            ServerOptions::class                  => ServerOptionsFactory::class,
+            ServerOptions::class => ServerOptionsFactory::class,
         ],
     ],
 ];

src/AuthorizationServer.php

@@ -83,8 +83,8 @@ public function __construct(
         AccessTokenService $accessTokenService,
         RefreshTokenService $refreshTokenService
     ) {
-        $this->clientService       = $clientService;
-        $this->accessTokenService  = $accessTokenService;
+        $this->clientService = $clientService;
+        $this->accessTokenService = $accessTokenService;
         $this->refreshTokenService = $refreshTokenService;
 
         foreach ($grants as $grant) {
@@ -161,15 +161,15 @@ public function handleAuthorizationRequest(
         TokenOwnerInterface $owner = null
     ): ResponseInterface {
         try {
-            $queryParams  = $request->getQueryParams();
+            $queryParams = $request->getQueryParams();
             $responseType = $queryParams['response_type'] ?? null;
 
             if (null === $responseType) {
                 throw OAuth2Exception::invalidRequest('No grant response type was found in the request');
             }
 
             $responseType = $this->getResponseType((string) $responseType);
-            $client       = $this->getClient($request, $responseType->allowPublicClients());
+            $client = $this->getClient($request, $responseType->allowPublicClients());
 
             if (null === $client) {
                 throw OAuth2Exception::invalidClient('No client could be authenticated');
@@ -199,7 +199,7 @@ public function handleTokenRequest(
                 throw OAuth2Exception::invalidRequest('No grant type was found in the request');
             }
 
-            $grant  = $this->getGrant((string) $grant);
+            $grant = $this->getGrant((string) $grant);
             $client = $this->getClient($request, $grant->allowPublicClients());
 
             $response = $grant->createTokenResponse($request, $client, $owner);
@@ -222,7 +222,7 @@ public function handleRevocationRequest(ServerRequestInterface $request): Respon
     {
         $postParams = $request->getParsedBody();
 
-        $token     = $postParams['token'] ?? null;
+        $token = $postParams['token'] ?? null;
         $tokenHint = $postParams['token_type_hint'] ?? null;
 
         if (null === $token || null === $tokenHint) {
@@ -317,7 +317,7 @@ private function getClient(ServerRequestInterface $request, bool $allowPublicCli
     private function createResponseFromOAuthException(OAuth2Exception $exception): ResponseInterface
     {
         $payload = [
-            'error'             => $exception->getCode(),
+            'error' => $exception->getCode(),
             'error_description' => $exception->getMessage(),
         ];
 
@@ -339,7 +339,7 @@ private function extractClientCredentials(ServerRequestInterface $request): arra
         } else {
             $postParams = $request->getParsedBody();
 
-            $id     = $postParams['client_id'] ?? null;
+            $id = $postParams['client_id'] ?? null;
             $secret = $postParams['client_secret'] ?? null;
         }
 

src/Container/AuthorizationRequestMiddlewareFactory.php

@@ -37,7 +37,7 @@ public function __invoke(ContainerInterface $container): AuthorizationRequestMid
         /** @var AuthorizationServerInterface $authorizationServer */
         $authorizationServer = $container->get(AuthorizationServerInterface::class);
         /** @var ServerOptions $serverOptions */
-        $serverOptions       = $container->get(ServerOptions::class);
+        $serverOptions = $container->get(ServerOptions::class);
 
         return new AuthorizationRequestMiddleware($authorizationServer, $serverOptions->getOwnerRequestAttribute());
     }

src/Container/ResourceServerMiddlewareFactory.php

@@ -37,7 +37,7 @@ public function __invoke(ContainerInterface $container): ResourceServerMiddlewar
         /** @var ResourceServerInterface $resourceServer */
         $resourceServer = $container->get(ResourceServerInterface::class);
         /** @var ServerOptions $serverOptions */
-        $serverOptions  = $container->get(ServerOptions::class);
+        $serverOptions = $container->get(ServerOptions::class);
 
         return new ResourceServerMiddleware($resourceServer, $serverOptions->getTokenRequestAttribute());
     }

src/Container/ServerOptionsFactory.php

@@ -32,7 +32,7 @@ class ServerOptionsFactory
 {
     public function __invoke(ContainerInterface $container): ServerOptions
     {
-        $config  = $container->get('config');
+        $config = $container->get('config');
         $options = $config['zfr_oauth2_server'] ?? [];
 
         return ServerOptions::fromArray($options);

src/Exception/InvalidAccessTokenException.php

@@ -35,8 +35,8 @@ class InvalidAccessTokenException extends InvalidArgumentException implements Ex
      */
     public function __construct(string $message, string $code)
     {
-        $this->message = (string) $message;
-        $this->code    = (string) $code;
+        parent::__construct($message);
+        $this->code = $code;
     }
 
     public static function invalidToken(string $description): InvalidAccessTokenException

src/Exception/OAuth2Exception.php

@@ -40,8 +40,8 @@ class OAuth2Exception extends Exception implements ExceptionInterface
      */
     public function __construct(string $message, string $code)
     {
-        $this->message = (string) $message;
-        $this->code    = (string) $code;
+        parent::__construct($message);
+        $this->code = $code;
     }
 
     /**

src/Grant/AbstractGrant.php

@@ -50,15 +50,15 @@ protected function prepareTokenResponse(
         RefreshToken $refreshToken = null,
         bool $useRefreshTokenScopes = false
     ): ResponseInterface {
-        $owner  = $accessToken->getOwner();
+        $owner = $accessToken->getOwner();
         $scopes = $useRefreshTokenScopes ? $refreshToken->getScopes() : $accessToken->getScopes();
 
         $responseBody = [
             'access_token' => $accessToken->getToken(),
-            'token_type'   => 'Bearer',
-            'expires_in'   => $accessToken->getExpiresIn(),
-            'scope'        => implode(' ', $scopes),
-            'owner_id'     => $owner ? $owner->getTokenOwnerId() : null,
+            'token_type' => 'Bearer',
+            'expires_in' => $accessToken->getExpiresIn(),
+            'scope' => implode(' ', $scopes),
+            'owner_id' => $owner ? $owner->getTokenOwnerId() : null,
         ];
 
         if (null !== $refreshToken) {

src/Grant/AuthorizationGrant.php

@@ -40,7 +40,7 @@
  */
 class AuthorizationGrant extends AbstractGrant implements AuthorizationServerAwareInterface
 {
-    const GRANT_TYPE          = 'authorization_code';
+    const GRANT_TYPE = 'authorization_code';
     const GRANT_RESPONSE_TYPE = 'code';
 
     /**
@@ -75,8 +75,8 @@ public function __construct(
         RefreshTokenService $refreshTokenService
     ) {
         $this->authorizationCodeService = $authorizationCodeService;
-        $this->accessTokenService       = $accessTokenService;
-        $this->refreshTokenService      = $refreshTokenService;
+        $this->accessTokenService = $accessTokenService;
+        $this->refreshTokenService = $refreshTokenService;
     }
 
     /**
@@ -110,14 +110,14 @@ public function createAuthorizationResponse(
         }
 
         // Scope and state allow to perform additional validation
-        $scope  = $queryParams['scope'] ?? null;
-        $state  = $queryParams['state'] ?? null;
+        $scope = $queryParams['scope'] ?? null;
+        $state = $queryParams['state'] ?? null;
         $scopes = is_string($scope) ? explode(' ', $scope) : [];
 
         $authorizationCode = $this->authorizationCodeService->createToken($redirectUri, $owner, $client, $scopes);
 
         $uri = http_build_query(array_filter([
-            'code'  => $authorizationCode->getToken(),
+            'code' => $authorizationCode->getToken(),
             'state' => $state,
         ]));
 

src/Grant/ClientCredentialsGrant.php

@@ -40,7 +40,7 @@
  */
 class ClientCredentialsGrant extends AbstractGrant
 {
-    const GRANT_TYPE          = 'client_credentials';
+    const GRANT_TYPE = 'client_credentials';
     const GRANT_RESPONSE_TYPE = '';
 
     /**
@@ -80,7 +80,7 @@ public function createTokenResponse(
         $postParams = $request->getParsedBody();
 
         // Everything is okey, we can start tokens generation!
-        $scope  = $postParams['scope'] ?? null;
+        $scope = $postParams['scope'] ?? null;
         $scopes = is_string($scope) ? explode(' ', $scope) : [];
 
         /** @var AccessToken $accessToken */

src/Grant/GrantInterface.php

@@ -42,7 +42,7 @@ interface GrantInterface
     /**
      * Constants that need to be overridden for each grant
      */
-    const GRANT_TYPE          = '';
+    const GRANT_TYPE = '';
     const GRANT_RESPONSE_TYPE = '';
 
     /**

src/Grant/PasswordGrant.php

@@ -42,7 +42,7 @@
  */
 class PasswordGrant extends AbstractGrant implements AuthorizationServerAwareInterface
 {
-    const GRANT_TYPE          = 'password';
+    const GRANT_TYPE = 'password';
     const GRANT_RESPONSE_TYPE = '';
 
     /**
@@ -81,9 +81,9 @@ public function __construct(
         RefreshTokenService $refreshTokenService,
         callable $callback
     ) {
-        $this->accessTokenService  = $accessTokenService;
+        $this->accessTokenService = $accessTokenService;
         $this->refreshTokenService = $refreshTokenService;
-        $this->callback            = $callback;
+        $this->callback = $callback;
     }
 
     /**
@@ -110,15 +110,15 @@ public function createTokenResponse(
         // Validate the user using its username and password
         $username = $postParams['username'] ?? null;
         $password = $postParams['password'] ?? null;
-        $scope    = $postParams['scope'] ?? null;
-        $scopes   = is_string($scope) ? explode(' ', $scope) : [];
+        $scope = $postParams['scope'] ?? null;
+        $scopes = is_string($scope) ? explode(' ', $scope) : [];
 
         if (null === $username || null === $password) {
             throw OAuth2Exception::invalidRequest('Username and/or password is missing');
         }
 
         $callback = $this->callback;
-        $owner    = $callback($username, $password);
+        $owner = $callback($username, $password);
 
         if (! $owner instanceof TokenOwnerInterface) {
             throw OAuth2Exception::accessDenied('Either username or password are incorrect');