stable
Clone or download
In order to progressively implements the whole OAuth2 flow, a test resource is created at '/plugins/oauth2_server/testendpoint'. Once the implementation is done, this resource will be removed. You need to provide a valid OAuth2 access token as a Bearer token [0] to access it. For now there is only one valid hardcoded access token: 'tlp-oauth2-at1-1.6161616161616161616161616161616161616161616161616161616161616161'. The access token is not yet associated with the notion of scopes. The middleware does not yet properly sets the WWW-Authenticate header when the OAuth2 access token can not be validated. To test it, you can use curl as follow: curl \ -H 'Authorization: Bearer tlp-oauth2-at1-1.6161616161616161616161616161616161616161616161616161616161616161' \ https://tuleap.example.com/plugins/oauth2_server/testendpoint This is part of story #14542: have OAuth2 flow [0] RFC6750: https://tools.ietf.org/html/rfc6750 Change-Id: If21bbd0edd36b8d535722e3283223844d108ec54
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/git/include/gitPlugin.php | +1 | −2 | Go to diff View file |
| A | plugins/oauth2_server/include/TestEndpointController.php | +67 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +40 | −1 | Go to diff View file |
| A | plugins/oauth2_server/phpunit/TestEndpointControllerTest.php | +51 | −0 | Go to diff View file |
| M | src/common/Authentication/SplitToken/IncorrectSizeVerificationStringException.php | +1 | −1 | Go to diff View file |
| A | src/common/Authentication/SplitToken/PrefixSplitTokenForSerialization.php | +31 | −0 | Go to diff View file |
| R | src/common/User/AccessKey/AccessKeySerializer.php | Go to diff View file | ||
| M | src/common/Cryptography/ConcealedString.php | +3 | −0 | Go to diff View file |
| M | src/common/REST/UserManager.class.php | +3 | −2 | Go to diff View file |
| M | src/common/User/AccessKey/AccessKeyCreationController.php | +2 | −1 | Go to diff View file |
| A | src/common/User/AccessKey/PrefixAccessKey.php | +36 | −0 | Go to diff View file |
| M | src/common/User/AccessKey/REST/AccessKeyResource.php | +4 | −3 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/InvalidOAuth2AccessTokenException.php | +33 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/OAuth2AccessTokenNotFoundException.php | +33 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/OAuth2AccessTokenVerifier.php | +66 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/PrefixOAuth2AccessToken.php | +36 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/BearerTokenHeaderParser.php | +46 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/OAuth2Exception.php | +27 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/ResourceServer/OAuth2ResourceServerMiddleware.php | +100 | −0 | Go to diff View file |
| M | src/www/account/index.php | +1 | −1 | Go to diff View file |
| A | tests/phpunit/common/Authentication/SplitToken/PrefixedSplitTokenSerializerTest.php | +110 | −0 | Go to diff View file |
| D | tests/phpunit/common/User/AccessKey/AccessKeySerializerTest.php | +0 | −82 | Go to diff View file |
| A | tests/phpunit/common/User/AccessKey/PrefixAccessKeyTest.php | +34 | −0 | Go to diff View file |
| A | tests/phpunit/common/User/OAuth2/AccessToken/OAuth2AccessTokenVerifierTest.php | +85 | −0 | Go to diff View file |
| A | tests/phpunit/common/User/OAuth2/AccessToken/PrefixOAuth2AccessTokenTest.php | +35 | −0 | Go to diff View file |
| A | tests/phpunit/common/User/OAuth2/BearerTokenHeaderParserTest.php | +70 | −0 | Go to diff View file |
| A | tests/phpunit/common/User/OAuth2/ResourceServer/OAuth2ResourceServerMiddlewareTest.php | +178 | −0 | Go to diff View file |