stable
Clone or download
This contribution introduces a minimal verification when requesting a new access token. An authorization code must be provided but for now this authorization code is hardcoded and can be used multiple times. This is one part of the full implementation of RFC6749 section 4.1.3 [0]. The only valid hardcoded authorization code is: 'tlp-oauth2-ac1-1.6161616161616161616161616161616161616161616161616161616161616161'. To test, you need to: 1. Create a new OAuth2 app in a project administration 2. Access the access token endpoint, '<client_id>', '<client_secret>' and '<authorization_code>' must be replaced: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&code=<authorization_code> \ https://tuleap.example.com/oauth2/token This is part of story #14542: have OAuth2 flow [0] https://tools.ietf.org/html/rfc6749#section-4.1.3 Change-Id: I06b2d7e3b7554815a8f234e2e2ee1e93e7288f8c
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/oauth2_server/include/Grant/AuthCodeGrantController.php | +33 | −8 | Go to diff View file |
| A | plugins/oauth2_server/include/Grant/InvalidOAuth2AuthCodeException.php | +33 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/Grant/OAuth2AuthCodeNotFoundException.php | +33 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/Grant/OAuth2AuthorizationCodeVerifier.php | +67 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/Grant/PrefixOAuth2AuthCode.php | +36 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +7 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/AuthCodeGrantControllerTest.php | +62 | −7 | Go to diff View file |
| A | plugins/oauth2_server/phpunit/Grant/OAuth2AuthorizationCodeVerifierTest.php | +92 | −0 | Go to diff View file |
| A | plugins/oauth2_server/phpunit/Grant/PrefixOAuth2AuthCodeTest.php | +35 | −0 | Go to diff View file |