stable
Clone or download
In 976a0efcc05dd92504875e66c14b6580a67c32c4 the verification of this access token was done against an hardcoded one. With this contribution, each access token are specific to a user and they are dynamically retrieved from a DB table. To test you can still use the test resource that was previously introduced but you will also need to insert the access token into the DB. For example: mysql > INSERT INTO oauth2_access_token (user_id, verifier) VALUES(<user_id>, SHA2('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', 256)); shell > curl \ -H 'Authorization: Bearer tlp-oauth2-at1-<token_autogenerated_id>.6161616161616161616161616161616161616161616161616161616161616161' \ https://tuleap.example.com/plugins/oauth2_server/testendpoint This is part of story #14542: have OAuth2 flow Change-Id: I2c2129bba17f5b6c208655c18f12c85c0063b0df
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +2 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/OAuth2AccessTokenDAO.php | +36 | −0 | Go to diff View file |
| A | src/common/User/OAuth2/AccessToken/OAuth2AccessTokenMatchingUnknownUserException.php | +33 | −0 | Go to diff View file |
| M | src/common/User/OAuth2/AccessToken/OAuth2AccessTokenVerifier.php | +20 | −11 | Go to diff View file |
| M | src/db/mysql/database_structure.sql | +6 | −0 | Go to diff View file |
| A | src/db/mysql/updates/2020/202002171420_create_oauth2_access_token_table.php | +46 | −0 | Go to diff View file |
| M | tests/phpunit/common/User/OAuth2/AccessToken/OAuth2AccessTokenVerifierTest.php | +44 | −5 | Go to diff View file |