Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

An authorization code is generated each time the user approve the requested permissions

Download Browse

For now the generated authorization is not linked to a specific app and always is always linked to the scope 'Demo' whatever the requested scopes are. To test, you need to: 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_d>&scope=demo&response_type=code&redirect_uri=<redirect_uri> 3. Qucikly retrieve (it is valid only 1 minute) the authorization code from the URL 4. Exchange the authorization code for an access token: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&code=<authorization_code> \ https://tuleap.example.com/oauth2/token 5. The retrieved access token can be used to access the demo endpoint This is part of story #14542: have OAuth2 flow Change-Id: Ieb64ae41d90b33b720398748b5652fbc9b0608a5

+532 −33
Thomas Gerbet (tgerbet) 2020-03-10 15:37
Thomas Gerbet (tgerbet) 2020-03-10 15:55
080ee89511f1ee6b69a2b41bcb85eff214a77b73
eef8aa856b90e3f3b0b0fc658483597144021552
git #tuleap/stable/080ee89511f1ee6b69a2b41bcb85eff214a77b73

Modified Files

Side by side diff
Inline diff
Name
M plugins/oauth2_server/db/install.sql +8 −0 Go to diff View file
A plugins/oauth2_server/db/mysql/2020/202003101430_create_authorization_code_table.php +48 −0 Go to diff View file
M plugins/oauth2_server/db/uninstall.sql +1 −0 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointPostController.php +12 −5 Go to diff View file
A plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthCodeExpiredException.php +34 −0 Go to diff View file
A plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthCodeMatchingUnknownUserException.php +33 −0 Go to diff View file
A plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreator.php +77 −0 Go to diff View file
A plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAO.php +53 −0 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeVerifier.php +50 −16 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +11 −1 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php +21 −5 Go to diff View file
A plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreatorTest.php +101 −0 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeVerifierTest.php +83 −6 Go to diff View file