diff --git a/composer.json b/composer.json index dd8cc94..fe830d1 100644 --- a/composer.json +++ b/composer.json @@ -1,14 +1,14 @@ { - "name": "picklesphp/pickles", + "name": "picklesphp/pickles", "description": "Pickles is a PHP framework for building kick-ass services", - "type": "library", - "keywords": ["framework", "api", "soa", "oauth"], - "homepage": "http://picklesphp.com", - "license": "MIT", + "type": "library", + "keywords": ["framework", "api", "soa", "oauth"], + "homepage": "http://picklesphp.com", + "license": "MIT", "authors": [ { - "name": "Josh Sherman", - "email": "josh@gravityblvd.com", + "name": "Josh Sherman", + "email": "josh@gravityblvd.com", "homepage": "http://joshtronic.com" } ], @@ -18,12 +18,12 @@ }, "minimum-stability" : "dev", "require-dev": { - "phpunit/phpunit": "dev-master", + "phpunit/phpunit": "dev-master", "satooshi/php-coveralls": "dev-master" }, "require": { - "php": ">=5.4", - "league/oauth2-server": "4.*" + "php": ">=5.4", + "league/oauth2-server": "4.0.x-dev" }, "autoload": { "psr-4": { diff --git a/composer.lock b/composer.lock index ff3f1b9..5adfeaf 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "76708e9b1bd8a87135b6c5b4c0e38a2a", + "hash": "f919c496ec07285f990ccb4efab8cf18", "packages": [ { "name": "league/event", @@ -1434,6 +1434,7 @@ "aliases": [], "minimum-stability": "dev", "stability-flags": { + "league/oauth2-server": 20, "phpunit/phpunit": 20, "satooshi/php-coveralls": 20 }, diff --git a/sql/oauth2.sql b/sql/oauth2.sql index 0d708e8..5c4fbc1 100644 --- a/sql/oauth2.sql +++ b/sql/oauth2.sql @@ -7,13 +7,16 @@ CREATE TABLE `oauth_clients` ( UNIQUE KEY `u_oacl_clse_clid` (`secret`,`id`) ) ENGINE=INNODB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_client_endpoints` ( +CREATE TABLE `oauth_endpoints` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `client_id` char(40) NOT NULL, `redirect_uri` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `i_oaclen_clid` (`client_id`), - CONSTRAINT `f_oaclen_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE + CONSTRAINT `f_oaclen_clid` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; CREATE TABLE `oauth_sessions` ( @@ -23,46 +26,64 @@ CREATE TABLE `oauth_sessions` ( `owner_id` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `i_uase_clid_owty_owid` (`client_id`,`owner_type`,`owner_id`), - CONSTRAINT `f_oase_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE + CONSTRAINT `f_oase_clid` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_access_tokens` ( +CREATE TABLE `oauth_access_tokens` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `session_id` int(10) unsigned NOT NULL, `access_token` char(40) NOT NULL, - `access_token_expires` int(10) unsigned NOT NULL, + `expires_at` int(10) unsigned NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `u_oaseacto_acto_seid` (`access_token`,`session_id`), KEY `f_oaseto_seid` (`session_id`), - CONSTRAINT `f_oaseto_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oaseto_seid` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_authcodes` ( +CREATE TABLE `oauth_authorization_codes` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `session_id` int(10) unsigned NOT NULL, - `auth_code` char(40) NOT NULL, - `auth_code_expires` int(10) unsigned NOT NULL, + `authorization_code` char(40) NOT NULL, + `expires_at` int(10) unsigned NOT NULL, PRIMARY KEY (`id`), KEY `session_id` (`session_id`), - CONSTRAINT `oauth_session_authcodes_ibfk_1` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE + CONSTRAINT `oauth_authorization_codes_ibfk_1` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_redirects` ( +CREATE TABLE `oauth_redirect_uris` ( `session_id` int(10) unsigned NOT NULL, `redirect_uri` varchar(255) NOT NULL, PRIMARY KEY (`session_id`), - CONSTRAINT `f_oasere_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oasere_seid` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_refresh_tokens` ( - `session_access_token_id` int(10) unsigned NOT NULL, +CREATE TABLE `oauth_refresh_tokens` ( + `access_token_id` int(10) unsigned NOT NULL, `refresh_token` char(40) NOT NULL, - `refresh_token_expires` int(10) unsigned NOT NULL, + `expires_at` int(10) unsigned NOT NULL, `client_id` char(40) NOT NULL, - PRIMARY KEY (`session_access_token_id`), + PRIMARY KEY (`access_token_id`), KEY `client_id` (`client_id`), - CONSTRAINT `oauth_session_refresh_tokens_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE, - CONSTRAINT `f_oasetore_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `oauth_refresh_tokens_ibfk_1` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE, + CONSTRAINT `f_oasetore_setoid` + FOREIGN KEY (`access_token_id`) + REFERENCES `oauth_access_tokens` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; CREATE TABLE `oauth_scopes` ( @@ -74,22 +95,35 @@ CREATE TABLE `oauth_scopes` ( UNIQUE KEY `u_oasc_sc` (`scope`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_token_scopes` ( +CREATE TABLE `oauth_access_token_scopes` ( `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, - `session_access_token_id` int(10) unsigned DEFAULT NULL, + `access_token_id` int(10) unsigned DEFAULT NULL, `scope_id` smallint(5) unsigned NOT NULL, PRIMARY KEY (`id`), - UNIQUE KEY `u_setosc_setoid_scid` (`session_access_token_id`,`scope_id`), + UNIQUE KEY `u_setosc_setoid_scid` (`access_token_id`,`scope_id`), KEY `f_oasetosc_scid` (`scope_id`), - CONSTRAINT `f_oasetosc_scid` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, - CONSTRAINT `f_oasetosc_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oasetosc_scid` + FOREIGN KEY (`scope_id`) + REFERENCES `oauth_scopes` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION, + CONSTRAINT `f_oasetosc_setoid` + FOREIGN KEY (`access_token_id`) + REFERENCES `oauth_access_tokens` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_authcode_scopes` ( - `oauth_session_authcode_id` int(10) unsigned NOT NULL, +CREATE TABLE `oauth_authorization_code_scopes` ( + `authorization_code_id` int(10) unsigned NOT NULL, `scope_id` smallint(5) unsigned NOT NULL, - KEY `oauth_session_authcode_id` (`oauth_session_authcode_id`), + KEY `authorization_code_id` (`authorization_code_id`), KEY `scope_id` (`scope_id`), - CONSTRAINT `oauth_session_authcode_scopes_ibfk_2` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE, - CONSTRAINT `oauth_session_authcode_scopes_ibfk_1` FOREIGN KEY (`oauth_session_authcode_id`) REFERENCES `oauth_session_authcodes` (`id`) ON DELETE CASCADE + CONSTRAINT `oauth_authorization_code_scopes_ibfk_2` + FOREIGN KEY (`scope_id`) + REFERENCES `oauth_scopes` (`id`) + ON DELETE CASCADE, + CONSTRAINT `oauth_authorization_code_scopes_ibfk_1` + FOREIGN KEY (`authorization_code_id`) + REFERENCES `oauth_authorization_codes` (`id`) + ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; + diff --git a/src/OAuth2/AccessTokenStorage.php b/src/OAuth2/AccessTokenStorage.php index d6af720..04d8dc0 100644 --- a/src/OAuth2/AccessTokenStorage.php +++ b/src/OAuth2/AccessTokenStorage.php @@ -3,6 +3,7 @@ namespace Pickles\OAuth2; use \League\OAuth2\Server\Entity\AbstractTokenEntity; +use \League\OAuth2\Server\Entity\AccessTokenEntity; use \League\OAuth2\Server\Entity\ScopeEntity; use \League\OAuth2\Server\Storage\AccessTokenInterface; @@ -10,27 +11,74 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface { public function get($token) { + $sql = 'SELECT oauth_access_tokens.*' + . ' FROM oauth_access_tokens' + . ' WHERE access_token = ?' + . ' AND expires_at >= ?;'; + $results = $this->db->fetch($sql, [$token, time()]); + + if (count($results) === 1) + { + return (new AccessTokenEntity($this->server)) + ->setId($results[0]['access_token']) + ->setExpireTime($results[0]['expires_at']); + } + + return null; } public function getScopes(AbstractTokenEntity $token) { + $sql = 'SELECT oauth_scopes.id, oauth_scopes.description' + . ' FROM oauth_access_token_scopes' + . ' INNER JOIN oauth_scopes' + . ' ON oauth_access_token_scopes.scope_id = oauth_scopes.id' + . ' WHERE oauth_access_token_scopes.access_token_id = ?;'; + $results = $this->db->fetch($sql, [$token->getId()]); + $response = []; + + if (count($results) > 0) + { + foreach ($results as $row) + { + $response[] = (new ScopeEntity($this->server))->hydrate([ + 'id' => $row['id'], + 'description' => $row['description'] + ]); + } + } + + return $response; } public function create($token, $expiration, $session_id) { + $sql = 'INSERT INTO oauth_access_tokens' + . ' (access_token, session_id, expires_at)' + . ' VALUES' + . ' (?, ?, ?);'; + $this->db->execute($sql, [$token, $session_id, $expiration]); } public function associateScope(AbstractTokenEntity $token, ScopeEntity $scope) { + $sql = 'INSERT INTO oauth_access_token_scopes' + . ' (access_token, scope)' + . ' VALUES' + . ' (?, ?);'; + $this->db->execute($sql, [$token->getId(), $scope->getId()]); } public function delete(AbstractTokenEntity $token) { + $sql = 'DELETE FROM oauth_access_token_scopes' + . ' WHERE access_token = ?;'; + $this->db->execute($sql, [$token->getId()]); } } diff --git a/src/OAuth2/ClientStorage.php b/src/OAuth2/ClientStorage.php index fe02603..1a32583 100644 --- a/src/OAuth2/ClientStorage.php +++ b/src/OAuth2/ClientStorage.php @@ -16,8 +16,8 @@ class ClientStorage extends StorageAdapter implements ClientInterface if ($redirect_uri) { $sql .= ', oauth_client_redirect_uris.*' - . ' INNER JOIN oauth_client_redirect_uris' - . ' ON oauth_clients.id = oauth_client_redirect_uris.client_id'; + . ' INNER JOIN oauth_redirect_uris' + . ' ON oauth_clients.id = oauth_redirect_uris.client_id'; } $sql .= ' FROM oauth_clients WHERE oauth_clients.id = ?'; @@ -32,7 +32,7 @@ class ClientStorage extends StorageAdapter implements ClientInterface if ($redirect_uri) { - $sql .= 'AND oauth_client_redirect_uris.redirect_uri = ?'; + $sql .= 'AND oauth_redirect_uris.redirect_uri = ?'; $parameters[] = $redirect_uri; } @@ -55,25 +55,27 @@ class ClientStorage extends StorageAdapter implements ClientInterface public function getBySession(SessionEntity $session) { - /* - $result = Capsule::table('oauth_clients') - ->select(['oauth_clients.id', 'oauth_clients.name']) - ->join('oauth_sessions', 'oauth_clients.id', '=', 'oauth_sessions.client_id') - ->where('oauth_sessions.id', $session->getId()) - ->get(); + $sql = 'SELECT oauth_clients.id, oauth_clients.name' + . ' FROM oauth_clients' + . ' INNER JOIN oauth_sessions' + . ' ON oauth_clients.id = oauth_sessions.client_id' + . ' WHERE oauth_sessions.id = ?'; - if (count($result) === 1) { + $results = $this->db->fetch($sql, [$session->getId()]); + + if (count($results) === 1) + { $client = new ClientEntity($this->server); + $client->hydrate([ - 'id' => $result[0]['id'], - 'name' => $result[0]['name'] + 'id' => $results[0]['id'], + 'name' => $results[0]['name'] ]); return $client; } return null; - */ } } diff --git a/src/OAuth2/RefreshTokenStorage.php b/src/OAuth2/RefreshTokenStorage.php new file mode 100644 index 0000000..4bd6182 --- /dev/null +++ b/src/OAuth2/RefreshTokenStorage.php @@ -0,0 +1,56 @@ += ?;'; + + $results = $this->db->fetch($sql, [$token, time()]); + + if (count($results) === 1) + { + return (new RefreshTokenEntity($this->server)) + ->setId($result[0]['refresh_token']) + ->setExpireTime($result[0]['expires_at']) + ->setAccessTokenId($result[0]['access_token_id']); + } + + return null; + } + + public function create($token, $expiration, $access_token) + { + $sql = 'SELECT id FROM oauth_access_tokens WHERE access_token = ?;'; + $results = $this->db->fetch($sql, [$access_token]); + $token_id = $results[0]['id']; + + $sql = 'INSERT INTO oauth_refresh_tokens' + . ' (refresh_token, access_token_id, expires_at, client_id)' + . ' VALUES' + . ' (?, ?, ?, ?);'; + + $this->db->execute($sql, [ + $token, + $token_id, + $expiration, + $this->server->getRequest()->request->get('client_id', null), + ]); + } + + public function delete(RefreshTokenEntity $token) + { + $sql = 'DELETE FROM oauth_refresh_tokens WHERE refresh_token = ?;'; + + $this->db->execute($sql, [$token->getId()]); + } +} + diff --git a/src/OAuth2/Resource.php b/src/OAuth2/Resource.php index 7f949b9..e34b9b8 100644 --- a/src/OAuth2/Resource.php +++ b/src/OAuth2/Resource.php @@ -4,14 +4,14 @@ namespace Pickles\OAuth2; use \League\OAuth2\Server\AuthorizationServer; use \League\OAuth2\Server\Grant\PasswordGrant; +use \League\OAuth2\Server\Grant\RefreshTokenGrant; use \Pickles\App\Models\User; +use \Pickles\Config; class Resource extends \Pickles\Resource { - public function __construct() + public function POST() { - parent::__construct(); - if (!isset($this->config['oauth'][$_SERVER['__version']])) { throw new \Exception('Forbidden.', 403); @@ -28,6 +28,7 @@ class Resource extends \Pickles\Resource $server->setAccessTokenStorage(new AccessTokenStorage); $server->setClientStorage(new ClientStorage); $server->setScopeStorage(new ScopeStorage); + $server->setRefreshTokenStorage(new RefreshTokenStorage); switch ($_REQUEST['grant_type']) { @@ -45,10 +46,16 @@ class Resource extends \Pickles\Resource case 'password': $grant = new PasswordGrant; + $grant->setAccessTokenTTL(3600); + // @todo ^^^ check config and use that value $grant->setVerifyCredentialsCallback(function ($username, $password) { - $user = new User(['email' => $username]); + $user = new User([ + 'conditions' => [ + 'email' => $username, + ], + ]); return $user->count() && password_verify($password, $user->record['password']); @@ -63,7 +70,12 @@ class Resource extends \Pickles\Resource $server->addGrantType($grant); + $refreshTokenGrant = new RefreshTokenGrant; + $server->addGrantType($refreshTokenGrant); + $response = $server->issueAccessToken(); + + return $response; } catch (\Exception $e) { diff --git a/src/OAuth2/ScopeStorage.php b/src/OAuth2/ScopeStorage.php index 6cf7532..c614eb7 100644 --- a/src/OAuth2/ScopeStorage.php +++ b/src/OAuth2/ScopeStorage.php @@ -9,7 +9,18 @@ class ScopeStorage extends StorageAdapter implements ScopeInterface { public function get($scope, $grant_type = null, $client_id = null) { + $sql = 'SELECT * FROM oauth_scopes WHERE id = ?;'; + $results = $this->db->fetch($sql, [$scope]); + if (count($results) === 0) + { + return null; + } + + return (new ScopeEntity($this->server))->hydrate([ + 'id' => $result[0]['id'], + 'description' => $result[0]['description'], + ]); } } diff --git a/src/OAuth2/SessionStorage.php b/src/OAuth2/SessionStorage.php index 17b1639..2754b1d 100644 --- a/src/OAuth2/SessionStorage.php +++ b/src/OAuth2/SessionStorage.php @@ -13,27 +13,94 @@ class SessionStorage extends StorageAdapter implements SessionInterface { public function getByAccessToken(AccessTokenEntity $access_token) { + $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,' + . ' oauth_sessions.owner_id, oauth_sessions.client_id,' + . ' oauth_sessions.client_redirect_uri' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_access_tokens' + . ' ON oauth_access_tokens.session_id = oauth_sessions.id' + . ' WHERE oauth_access_tokens.access_token = ?;'; + $results = $this->db->fetch($sql, [$access_token->getId()]); + + if (count($results) === 1) + { + $session = new SessionEntity($this->server); + $session->setId($result[0]['id']); + $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); + + return $session; + } + + return null; } public function getByAuthCode(AuthCodeEntity $auth_code) { + $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,' + . ' oauth_sessions.owner_id, oauth_sessions.client_id,' + . ' oauth_sessions.client_redirect_uri' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_authorization_codes' + . ' ON oauth_authorization_codes.session_id = oauth_sessions.id' + . ' WHERE oauth_authorization_codes.authorization_code = ?;'; + $results = $this->db->fetch($sql, [$auth_code->getId()]); + + if (count($results) === 1) + { + $session = new SessionEntity($this->server); + $session->setId($result[0]['id']); + $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); + + return $session; + } + + return null; } public function getScopes(SessionEntity $session) { + $sql = 'SELECT oauth_sessions.*' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_access_token_scopes' + . ' ON oauth_sessions.id = oauth_access_token_scopes.access_token_id' + . ' INNER JOIN oauth_scopes' + . ' ON oauth_scopes.id = oauth_access_token_scopes.scope_id' + . ' WHERE oauth_sessions.id = ?;'; + $results = $this->db->fetch($sql, [$session->getId()]); + $scopes = []; + + foreach ($results as $scope) + { + $scopes[] = (new ScopeEntity($this->server))->hydrate([ + 'id' => $scope['id'], + 'description' => $scope['description'], + ]); + } + + return $scopes; } public function create($owner_type, $owner_id, $client_id, $client_redirect_uri = null) { + $sql = 'INSERT INTO oauth_sessions' + . ' (owner_type, owner_id, client_id)' + . ' VALUES' + . ' (?, ?, ?);'; + return $this->db->execute($sql, [$owner_type, $owner_id, $client_id]); } public function associateScope(SessionEntity $session, ScopeEntity $scope) { + $sql = 'INSERT INTO oauth_access_token_scopes' + . ' (access_token_id, scope_id)' + . ' VALUES' + . ' (?, ?);'; + $this->db->execute($sql, [$session->getId(), $scope->getId()]); } } diff --git a/src/Resource.php b/src/Resource.php index 9857cb2..4ca265f 100644 --- a/src/Resource.php +++ b/src/Resource.php @@ -14,6 +14,12 @@ namespace Pickles; +use \League\OAuth2\Server\ResourceServer; +use Pickles\OAuth2\AccessTokenStorage; +use Pickles\OAuth2\ClientStorage; +use Pickles\OAuth2\ScopeStorage; +use Pickles\OAuth2\SessionStorage; + /** * Resource Class * @@ -26,15 +32,6 @@ namespace Pickles; */ class Resource extends Object { - /** - * HTTPS - * - * Whether or not the page should be loaded via HTTP Secure. - * - * @var boolean defaults to false - */ - public $https = false; - /** * Filter * @@ -83,25 +80,28 @@ class Resource extends Object try { - // Determines if we need to serve over HTTP or HTTPS - if (($this->https === true - || (isset($this->https[$method]) && $this->https[$method])) - && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == false)) - { - throw new \Exception('HTTPS is required.', 400); - } - - // Check auth if flag is explicitly true or is true for the method + // Checks if auth flag is explicity true or true for the method if ($this->auth === true || (isset($this->auth[$method]) && $this->auth[$method])) { - if (!isset($this->config['oauth2'][$_SERVER['__version']])) + if (isset($this->config['oauth'][$_SERVER['__version']])) + { + $server = new ResourceServer( + new SessionStorage, + new AccessTokenStorage, + new ClientStorage, + new ScopeStorage + ); + + $server->isValidRequest(); + } + else { throw new \Exception('Authentication is not configured properly.', 401); } } - // Hack together some new globals + // Hacks together some new globals if (in_array($method, ['PUT', 'DELETE'])) { $GLOBALS['_' . $method] = []; @@ -337,7 +337,7 @@ class Resource extends Object { http_response_code($this->status); header('Content-Type: application/json'); - header('X-Powered-By: Pickles v2 - https://picklesphp.com'); + header('X-Powered-By: Pickles (http://picklesphp.com)'); $meta = [ 'status' => $this->status, diff --git a/src/Router.php b/src/Router.php index c41baf7..c9b0a90 100644 --- a/src/Router.php +++ b/src/Router.php @@ -39,6 +39,12 @@ class Router extends Object try { + // Secure by default + if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == false) + { + throw new \Exception('HTTPS is required.', 400); + } + // Grabs the requested page $request = $_REQUEST['request']; $components = explode('/', $request);