stable

Clone or download

Read-only

Access tokens have the scopes requested at the authorization

Until now, the acccess tokens were always delivered with the demo scope. To test: 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_d>&scope=demo&response_type=code%20read:project&redirect_uri=<redirect_uri> 3. Quickly retrieve (it is valid only 1 minute) the authorization code from the URL 4. Exchange the authorization code for an access token: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&redirect_uri=<redirect_uri>&code=<authorization_code>' \ https://tuleap.example.com/oauth2/token 5. Use this access token to query the demo resource or the REST endpoint GET /projects This is part of story #14542: have OAuth2 flow Change-Id: I8d1834e28e3af81f52e30216f93661860fa59590

Modified Files

Name
A plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthCodeNoValidScopeFound.php +36 −0 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCode.php +7 −3 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeVerifier.php +18 −5 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/Scope/OAuth2AuthorizationCodeScopeDAO.php +12 −0 Go to diff View file
A plugins/oauth2_server/include/Grant/AuthorizationCode/Scope/OAuth2AuthorizationCodeScopeRetriever.php +68 −0 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +3 −6 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AccessTokenGrantControllerTest.php +4 −2 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthorizationCode/AuthorizationCodeGrantResponseBuilderTest.php +4 −2 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeTest.php +6 −4 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeVerifierTest.php +37 −4 Go to diff View file
A plugins/oauth2_server/phpunit/Grant/AuthorizationCode/Scope/OAuth2AuthorizationCodeScopeRetrieverTest.php +98 −0 Go to diff View file
M plugins/oauth2_server/tests/integration/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAOTest.php +6 −0 Go to diff View file