stable

Clone or download

Read-only

PKCE code challenge is extracted from the authorization request and saved

This challenge will be used in a future contribution when the access token is requested [0]. To test: 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_d>&scope=demo&response_type=code%20read:project&redirect_uri=<redirect_uri>&code_challenge=<BASE64URL-ENCODE(SHA256(random))>&code_challenge_method=S256 3. Accept the authorization request, the code challenge should be store in the DB This is part of story #14542: have OAuth2 flow [0] https://tools.ietf.org/html/rfc7636#section-4.6 Change-Id: I183470333bd997c0d558e1cebc4bf0bd89258e35

Modified Files

Name
M plugins/oauth2_server/db/install.sql +1 −0 Go to diff View file
A plugins/oauth2_server/db/mysql/2020/202003191100_add_pkce_code_challenge_column_oauth2_authorization_code.php +46 −0 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationCodeResponseFactory.php +10 −3 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointGetController.php +33 −8 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointPostController.php +12 −5 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormData.php +20 −5 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormPresenter.php +8 −0 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/InvalidOAuth2ScopeException.php +3 −1 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/CodeChallengeNotBase64URLEncodedException.php +31 −0 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/IncorrectSizeCodeChallengeException.php +31 −0 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/MissingMandatoryCodeChallengeException.php +33 −0 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/NotSupportedChallengeMethodException.php +31 −0 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/OAuth2PKCEInformationExtractionException.php +29 −0 Go to diff View file
A plugins/oauth2_server/include/AuthorizationServer/PKCE/PKCEInformationExtractor.php +76 −0 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreator.php +10 −4 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAO.php +8 −2 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +2 −0 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationCodeResponseFactoryTest.php +3 −1 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php +50 −7 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php +17 −0 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormPresenterBuilderTest.php +5 −2 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormRendererTest.php +1 −0 Go to diff View file
A plugins/oauth2_server/phpunit/AuthorizationServer/PKCE/PKCEInformationExtractorTest.php +108 −0 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreatorTest.php +7 −4 Go to diff View file
M plugins/oauth2_server/templates/authorization-form.mustache +1 −0 Go to diff View file
M plugins/oauth2_server/tests/integration/AccessToken/OAuth2AccessTokenDAOTest.php +4 −2 Go to diff View file
M plugins/oauth2_server/tests/integration/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAOTest.php +5 −3 Go to diff View file