Loading classes/TokenExchanger.php +5 −0 Original line number Diff line number Diff line Loading @@ -59,6 +59,7 @@ class TokenExchanger { if ($params['resource'] !== null) { $claims['resource'] = $params['resource']; $claims['jti'] = uniqid(); } if ($params['audience'] !== null) { $claims['aud'] = $this->getAudienceClaim($params['audience']); Loading @@ -66,6 +67,9 @@ class TokenExchanger { if ($params['scope'] !== null) { $claims['scope'] = $params['scope']; } if ($params['expires_in'] !== null) { $claims['exp'] = time() + intval($params['expires_in']); } $accessToken = $this->locator->getTokenBuilder()->generateToken($claims); Loading @@ -74,6 +78,7 @@ class TokenExchanger { $data['access_token'] = $accessToken; $data['issued_token_type'] = "urn:ietf:params:oauth:token-type:jwt"; $data['token_type'] = 'Bearer'; $data['expires_in'] = $params['expires_in'] !== null ? $params['expires_in'] : 3600; return $data; } Loading include/front-controller.php +1 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ Flight::route('POST /auth/oauth2/token', function() { // For token exchange "resource" => filter_input(INPUT_POST, "resource", FILTER_SANITIZE_STRING), "audience" => filter_input(INPUT_POST, "audience", FILTER_SANITIZE_STRING), "expires_in" => filter_input(INPUT_POST, "expires_in", FILTER_SANITIZE_NUMBER_INT), "subject_token" => filter_input(INPUT_POST, "subject_token", FILTER_SANITIZE_STRING), "subject_token_type" => filter_input(INPUT_POST, "subject_token_type", FILTER_SANITIZE_STRING) ]; Loading tests/TokenExchangerTest.php 0 → 100644 +40 −0 Original line number Diff line number Diff line <?php use PHPUnit\Framework\TestCase; final class TokenExchangerTest extends TestCase { public function testExchange() { $clientAuthCheckerStub = $this->createMock(\RAP\ClientAuthChecker::class); $tokenCheckerStub = $this->createMock(\RAP\TokenChecker::class); $tokenCheckerStub->method('getValidTokenObject')->willReturn((object) [ "sub" => "user_id" ]); $tokenBuilderStub = $this->createMock(\RAP\TokenBuilder::class); $tokenBuilderStub->method('generateToken')->willReturn("new_token"); $locatorStub = $this->createMock(\RAP\Locator::class); $locatorStub->method('getClientAuthChecker')->willReturn($clientAuthCheckerStub); $locatorStub->method('getTokenChecker')->willReturn($tokenCheckerStub); $locatorStub->method('getTokenBuilder')->willReturn($tokenBuilderStub); $tokenExchanger = new \RAP\TokenExchanger($locatorStub); $params = [ "subject_token" => "subject_token", "subject_token_type" => "Bearer", "resource" => "resource", "audience" => "audience", "scope" => "scope", "expires_in" => 1800 ]; $result = $tokenExchanger->exchangeToken($params, []); $this->assertEquals("new_token", $result['access_token']); } } Loading
classes/TokenExchanger.php +5 −0 Original line number Diff line number Diff line Loading @@ -59,6 +59,7 @@ class TokenExchanger { if ($params['resource'] !== null) { $claims['resource'] = $params['resource']; $claims['jti'] = uniqid(); } if ($params['audience'] !== null) { $claims['aud'] = $this->getAudienceClaim($params['audience']); Loading @@ -66,6 +67,9 @@ class TokenExchanger { if ($params['scope'] !== null) { $claims['scope'] = $params['scope']; } if ($params['expires_in'] !== null) { $claims['exp'] = time() + intval($params['expires_in']); } $accessToken = $this->locator->getTokenBuilder()->generateToken($claims); Loading @@ -74,6 +78,7 @@ class TokenExchanger { $data['access_token'] = $accessToken; $data['issued_token_type'] = "urn:ietf:params:oauth:token-type:jwt"; $data['token_type'] = 'Bearer'; $data['expires_in'] = $params['expires_in'] !== null ? $params['expires_in'] : 3600; return $data; } Loading
include/front-controller.php +1 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ Flight::route('POST /auth/oauth2/token', function() { // For token exchange "resource" => filter_input(INPUT_POST, "resource", FILTER_SANITIZE_STRING), "audience" => filter_input(INPUT_POST, "audience", FILTER_SANITIZE_STRING), "expires_in" => filter_input(INPUT_POST, "expires_in", FILTER_SANITIZE_NUMBER_INT), "subject_token" => filter_input(INPUT_POST, "subject_token", FILTER_SANITIZE_STRING), "subject_token_type" => filter_input(INPUT_POST, "subject_token_type", FILTER_SANITIZE_STRING) ]; Loading
tests/TokenExchangerTest.php 0 → 100644 +40 −0 Original line number Diff line number Diff line <?php use PHPUnit\Framework\TestCase; final class TokenExchangerTest extends TestCase { public function testExchange() { $clientAuthCheckerStub = $this->createMock(\RAP\ClientAuthChecker::class); $tokenCheckerStub = $this->createMock(\RAP\TokenChecker::class); $tokenCheckerStub->method('getValidTokenObject')->willReturn((object) [ "sub" => "user_id" ]); $tokenBuilderStub = $this->createMock(\RAP\TokenBuilder::class); $tokenBuilderStub->method('generateToken')->willReturn("new_token"); $locatorStub = $this->createMock(\RAP\Locator::class); $locatorStub->method('getClientAuthChecker')->willReturn($clientAuthCheckerStub); $locatorStub->method('getTokenChecker')->willReturn($tokenCheckerStub); $locatorStub->method('getTokenBuilder')->willReturn($tokenBuilderStub); $tokenExchanger = new \RAP\TokenExchanger($locatorStub); $params = [ "subject_token" => "subject_token", "subject_token_type" => "Bearer", "resource" => "resource", "audience" => "audience", "scope" => "scope", "expires_in" => 1800 ]; $result = $tokenExchanger->exchangeToken($params, []); $this->assertEquals("new_token", $result['access_token']); } }
