stable
Clone or download
Read-only
This challenge will be used in a future contribution when the access token is requested [0]. To test: 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_d>&scope=demo&response_type=code%20read:project&redirect_uri=<redirect_uri>&code_challenge=<BASE64URL-ENCODE(SHA256(random))>&code_challenge_method=S256 3. Accept the authorization request, the code challenge should be store in the DB This is part of story #14542: have OAuth2 flow [0] https://tools.ietf.org/html/rfc7636#section-4.6 Change-Id: I183470333bd997c0d558e1cebc4bf0bd89258e35
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/oauth2_server/db/install.sql | +1 | −0 | Go to diff View file |
| A | plugins/oauth2_server/db/mysql/2020/202003191100_add_pkce_code_challenge_column_oauth2_authorization_code.php | +46 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationCodeResponseFactory.php | +10 | −3 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointGetController.php | +33 | −8 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointPostController.php | +12 | −5 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormData.php | +20 | −5 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormPresenter.php | +8 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/AuthorizationServer/InvalidOAuth2ScopeException.php | +3 | −1 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/CodeChallengeNotBase64URLEncodedException.php | +31 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/IncorrectSizeCodeChallengeException.php | +31 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/MissingMandatoryCodeChallengeException.php | +33 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/NotSupportedChallengeMethodException.php | +31 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/OAuth2PKCEInformationExtractionException.php | +29 | −0 | Go to diff View file |
| A | plugins/oauth2_server/include/AuthorizationServer/PKCE/PKCEInformationExtractor.php | +76 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreator.php | +10 | −4 | Go to diff View file |
| M | plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAO.php | +8 | −2 | Go to diff View file |
| M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +2 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationCodeResponseFactoryTest.php | +3 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php | +50 | −7 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php | +17 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormPresenterBuilderTest.php | +5 | −2 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormRendererTest.php | +1 | −0 | Go to diff View file |
| A | plugins/oauth2_server/phpunit/AuthorizationServer/PKCE/PKCEInformationExtractorTest.php | +108 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreatorTest.php | +7 | −4 | Go to diff View file |
| M | plugins/oauth2_server/templates/authorization-form.mustache | +1 | −0 | Go to diff View file |
| M | plugins/oauth2_server/tests/integration/AccessToken/OAuth2AccessTokenDAOTest.php | +4 | −2 | Go to diff View file |
| M | plugins/oauth2_server/tests/integration/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAOTest.php | +5 | −3 | Go to diff View file |