upgrade to passport 4

moeen-basra · Sep 30, 2017 · 83912c8 · 83912c8
1 parent 80efe9e
commit 83912c8
Show file tree

Hide file tree

Showing 41 changed files with 562 additions and 295 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
+.idea
 /vendor
 composer.phar
 composer.lock

diff --git a/composer.json b/composer.json
@@ -11,7 +11,7 @@
     ],
     "require": {
         "php": ">=5.6.4",
-        "firebase/php-jwt": "~3.0|~4.0",
+        "firebase/php-jwt": "~3.0|~4.0|~5.0",
         "guzzlehttp/guzzle": "~6.0",
         "illuminate/auth": "~5.4",
         "illuminate/console": "~5.4",
@@ -22,9 +22,9 @@
         "illuminate/http": "~5.4",
         "illuminate/support": "~5.4",
         "league/oauth2-server": "^6.0",
+        "phpseclib/phpseclib": "^2.0",
         "symfony/psr-http-message-bridge": "~1.0",
-        "zendframework/zend-diactoros": "~1.0",
-        "phpseclib/phpseclib": "^2.0"
+        "zendframework/zend-diactoros": "~1.0"
     },
     "require-dev": {
         "mockery/mockery": "~0.9",
@@ -37,7 +37,12 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "1.0-dev"
+            "dev-master": "3.0-dev"
+        },
+        "laravel": {
+            "providers": [
+                "MoeenBasra\\LaravelPassportMongoDB\\PassportServiceProvider"
+            ]
         }
     },
     "minimum-stability": "dev",

diff --git a/src/ApiTokenCookieFactory.php b/src/ApiTokenCookieFactory.php
@@ -13,22 +13,22 @@ class ApiTokenCookieFactory
     /**
      * The configuration repository implementation.
      *
-     * @var Config
+     * @var \Illuminate\Contracts\Config\Repository
      */
     protected $config;
 
     /**
      * The encrypter implementation.
      *
-     * @var Encrypter
+     * @var \Illuminate\Contracts\Encryption\Encrypter
      */
     protected $encrypter;
 
     /**
      * Create an API token cookie factory instance.
      *
-     * @param  Config  $config
-     * @param  Encrypter  $encrypter
+     * @param  \Illuminate\Contracts\Config\Repository  $config
+     * @param  \Illuminate\Contracts\Encryption\Encrypter  $encrypter
      * @return void
      */
     public function __construct(Config $config, Encrypter $encrypter)
@@ -42,7 +42,7 @@ public function __construct(Config $config, Encrypter $encrypter)
      *
      * @param  mixed  $userId
      * @param  string  $csrfToken
-     * @return Cookie
+     * @return \Symfony\Component\HttpFoundation\Cookie
      */
     public function make($userId, $csrfToken)
     {
@@ -66,7 +66,7 @@ public function make($userId, $csrfToken)
      *
      * @param  mixed  $userId
      * @param  string  $csrfToken
-     * @param  Carbon  $expiration
+     * @param  \Carbon\Carbon  $expiration
      * @return string
      */
     protected function createToken($userId, $csrfToken, Carbon $expiration)

diff --git a/src/AuthCode.php b/src/AuthCode.php
@@ -41,10 +41,10 @@ class AuthCode extends Model
     /**
      * Get the client that owns the authentication code.
      *
-     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     * @return \Jenssegers\Mongodb\Relations\BelongsTo
      */
     public function client()
     {
-        return $this->hasMany(Client::class);
+        return $this->belongTo(Client::class);
     }
 }
diff --git a/src/Bridge/AccessTokenRepository.php b/src/Bridge/AccessTokenRepository.php
@@ -3,7 +3,7 @@
 namespace MoeenBasra\LaravelPassportMongoDB\Bridge;
 
 use DateTime;
-use Illuminate\Database\Connection;
+use MoeenBasra\LaravelPassportMongoDB\TokenRepository;
 use Illuminate\Contracts\Events\Dispatcher;
 use MoeenBasra\LaravelPassportMongoDB\Events\AccessTokenCreated;
 use League\OAuth2\Server\Entities\ClientEntityInterface;
@@ -15,29 +15,29 @@ class AccessTokenRepository implements AccessTokenRepositoryInterface
     use FormatsScopesForStorage;
 
     /**
-     * The database connection.
+     * The token repository instance.
      *
-     * @var \Illuminate\Database\Connection
+     * @var \MoeenBasra\LaravelPassportMongoDB\TokenRepository
      */
-    protected $database;
+    protected $tokenRepository;
 
     /**
      * The event dispatcher instance.
      *
-     * @var \Illuminate\Events\Dispatcher
+     * @var \Illuminate\Contracts\Events\Dispatcher
      */
     private $events;
 
     /**
      * Create a new repository instance.
      *
-     * @param  \Illuminate\Database\Connection  $database
-     * @return void
+     * @param  \MoeenBasra\LaravelPassportMongoDB\TokenRepository  $tokenRepository
+     * @param  \Illuminate\Contracts\Events\Dispatcher  $events
      */
-    public function __construct(Connection $database, Dispatcher $events)
+    public function __construct(TokenRepository $tokenRepository, Dispatcher $events)
     {
         $this->events = $events;
-        $this->database = $database;
+        $this->tokenRepository = $tokenRepository;
     }
 
     /**
@@ -53,35 +53,37 @@ public function getNewToken(ClientEntityInterface $clientEntity, array $scopes,
      */
     public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEntity)
     {
-        $this->database->table('oauth_access_tokens')->insert([
-            'id' => $id = $accessTokenEntity->getIdentifier(),
-            'user_id' => $userId = $accessTokenEntity->getUserIdentifier(),
-            'client_id' => $clientId = $accessTokenEntity->getClient()->getIdentifier(),
-            'scopes' => $this->formatScopesForStorage($accessTokenEntity->getScopes()),
+        $this->tokenRepository->create([
+            '_id' => $accessTokenEntity->getIdentifier(),
+            'user_id' => $accessTokenEntity->getUserIdentifier(),
+            'client_id' => $accessTokenEntity->getClient()->getIdentifier(),
+            'scopes' => $this->scopesToArray($accessTokenEntity->getScopes()),
             'revoked' => false,
             'created_at' => new DateTime,
             'updated_at' => new DateTime,
             'expires_at' => $accessTokenEntity->getExpiryDateTime(),
         ]);
 
-        $this->events->fire(new AccessTokenCreated($id, $userId, $clientId));
+        $this->events->dispatch(new AccessTokenCreated(
+            $accessTokenEntity->getIdentifier(),
+            $accessTokenEntity->getUserIdentifier(),
+            $accessTokenEntity->getClient()->getIdentifier()
+        ));
     }
 
     /**
      * {@inheritdoc}
      */
     public function revokeAccessToken($tokenId)
     {
-        $this->database->table('oauth_access_tokens')
-                    ->where('id', $tokenId)->update(['revoked' => true]);
+        $this->tokenRepository->revokeAccessToken($tokenId);
     }
 
     /**
      * {@inheritdoc}
      */
     public function isAccessTokenRevoked($tokenId)
     {
-        return ! $this->database->table('oauth_access_tokens')
-                    ->where('id', $tokenId)->where('revoked', false)->exists();
+        return $this->tokenRepository->isAccessTokenRevoked($tokenId);
     }
 }
diff --git a/src/Bridge/AuthCode.php b/src/Bridge/AuthCode.php
@@ -4,8 +4,8 @@
 
 use League\OAuth2\Server\Entities\Traits\EntityTrait;
 use League\OAuth2\Server\Entities\Traits\AuthCodeTrait;
-use League\OAuth2\Server\Entities\Traits\TokenEntityTrait;
 use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
+use League\OAuth2\Server\Entities\Traits\TokenEntityTrait;
 
 class AuthCode implements AuthCodeEntityInterface
 {

diff --git a/src/Bridge/Client.php b/src/Bridge/Client.php
@@ -23,6 +23,6 @@ public function __construct($identifier, $name, $redirectUri)
         $this->setIdentifier($identifier);
 
         $this->name = $name;
-        $this->redirectUri = $redirectUri;
+        $this->redirectUri = explode(',', $redirectUri);
     }
 }
diff --git a/src/Bridge/FormatsScopesForStorage.php b/src/Bridge/FormatsScopesForStorage.php
@@ -12,8 +12,19 @@ trait FormatsScopesForStorage
      */
     public function formatScopesForStorage(array $scopes)
     {
-        return json_encode(array_map(function ($scope) {
+        return json_encode($this->scopesToArray($scopes));
+    }
+
+    /**
+     * Get an array of scope identifiers for storage.
+     *
+     * @param  array  $scopes
+     * @return array
+     */
+    public function scopesToArray(array $scopes)
+    {
+        return array_map(function ($scope) {
             return $scope->getIdentifier();
-        }, $scopes));
+        }, $scopes);
     }
 }
diff --git a/src/Bridge/RefreshTokenRepository.php b/src/Bridge/RefreshTokenRepository.php
@@ -2,37 +2,49 @@
 
 namespace MoeenBasra\LaravelPassportMongoDB\Bridge;
 
-use Illuminate\Database\Connection;
+use Jenssegers\Mongodb\Connection;
 use Illuminate\Contracts\Events\Dispatcher;
 use MoeenBasra\LaravelPassportMongoDB\Events\RefreshTokenCreated;
 use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 
 class RefreshTokenRepository implements RefreshTokenRepositoryInterface
 {
+    /**
+     * The access token repository instance.
+     *
+     * @var \MoeenBasra\LaravelPassportMongoDB\Bridge\AccessTokenRepository
+     */
+    protected $tokens;
+
     /**
      * The database connection.
      *
-     * @var \Illuminate\Database\Connection
+     * @var \Jenssegers\Mongodb\Connection
      */
     protected $database;
 
     /**
      * The event dispatcher instance.
      *
-     * @var \Illuminate\Events\Dispatcher
+     * @var \Illuminate\Contracts\Events\Dispatcher
      */
-    private $events;
+    protected $events;
 
     /**
      * Create a new repository instance.
      *
-     * @param  \Illuminate\Database\Connection  $database
+     * @param  \MoeenBasra\LaravelPassportMongoDB\Bridge\AccessTokenRepository  $tokens
+     * @param  \Jenssegers\Mongodb\Connection  $database
+     * @param  \Illuminate\Contracts\Events\Dispatcher  $events
      * @return void
      */
-    public function __construct(Connection $database, Dispatcher $events)
+    public function __construct(AccessTokenRepository $tokens,
+                                Connection $database,
+                                Dispatcher $events)
     {
         $this->events = $events;
+        $this->tokens = $tokens;
         $this->database = $database;
     }
 
@@ -50,7 +62,7 @@ public function getNewRefreshToken()
     public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntity)
     {
         $this->database->table('oauth_refresh_tokens')->insert([
-            'id' => $id = $refreshTokenEntity->getIdentifier(),
+            '_id' => $id = $refreshTokenEntity->getIdentifier(),
             'access_token_id' => $accessTokenId = $refreshTokenEntity->getAccessToken()->getIdentifier(),
             'revoked' => false,
             'expires_at' => $refreshTokenEntity->getExpiryDateTime(),
@@ -65,15 +77,23 @@ public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshToken
     public function revokeRefreshToken($tokenId)
     {
         $this->database->table('oauth_refresh_tokens')
-                    ->where('id', $tokenId)->update(['revoked' => true]);
+                    ->where('_id', $tokenId)->update(['revoked' => true]);
     }
 
     /**
      * {@inheritdoc}
      */
     public function isRefreshTokenRevoked($tokenId)
     {
-        return $this->database->table('oauth_refresh_tokens')
-                    ->where('id', $tokenId)->where('revoked', true)->exists();
+        $refreshToken = $this->database->table('oauth_refresh_tokens')
+                    ->where('_id', $tokenId)->first();
+
+        if ($refreshToken === null || $refreshToken->revoked) {
+            return true;
+        }
+
+        return $this->tokens->isAccessTokenRevoked(
+            $refreshToken->access_token_id
+        );
     }
 }
diff --git a/src/Bridge/UserRepository.php b/src/Bridge/UserRepository.php
@@ -32,8 +32,10 @@ public function __construct(Hasher $hasher)
      */
     public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity)
     {
-        if (is_null($model = config('auth.providers.users.model'))) {
-            throw new RuntimeException('Unable to determine user model from configuration.');
+        $provider = config('auth.guards.api.provider');
+
+        if (is_null($model = config('auth.providers.'.$provider.'.model'))) {
+            throw new RuntimeException('Unable to determine authentication model from configuration.');
         }
 
         if (method_exists($model, 'findForPassport')) {
@@ -42,14 +44,13 @@ public function getUserEntityByUserCredentials($username, $password, $grantType,
             $user = (new $model)->where('email', $username)->first();
         }
 
-
-        if (! $user ) {
+        if (! $user) {
             return;
         } elseif (method_exists($user, 'validateForPassportPasswordGrant')) {
             if (! $user->validateForPassportPasswordGrant($password)) {
                 return;
             }
-        } elseif (! $this->hasher->check($password, $user->password)) {
+        } elseif (! $this->hasher->check($password, $user->getAuthPassword())) {
             return;
         }
 

diff --git a/src/Client.php b/src/Client.php
@@ -43,21 +43,21 @@ class Client extends Model
     /**
      * Get all of the authentication codes for the client.
      *
-     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     * @return \Jenssegers\Mongodb\Relations\HasMany
      */
     public function authCodes()
     {
-        return $this->hasMany(AuthCode::class);
+        return $this->hasMany(AuthCode::class, 'client_id');
     }
 
     /**
      * Get all of the tokens that belong to the client.
      *
-     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     * @return \Jenssegers\Mongodb\Relations\HasMany
      */
     public function tokens()
     {
-        return $this->hasMany(Token::class);
+        return $this->hasMany(Token::class, 'client_id');
     }
 
     /**