Skip to content

Commit

Permalink
Got rid of Symfony dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
@Jampire
Jampire committed Dec 12, 2019
1 parent 6a51433 commit 1d5c509
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 162 deletions.
35 changes: 18 additions & 17 deletions docs/FrameworkIntegration/Symfony/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# Symfony Framework Integration

**TODO: review this documentation for v2 version.**

Full documentation for adding providers is available at [KnpUOAuth2ClientBundle](https://github.com/knpuniversity/oauth2-client-bundle).
This example is based on [Symfony v4.3](https://symfony.com).

Expand Down Expand Up @@ -27,33 +29,32 @@ security:
# config/packages/knpu_oauth2_client.yaml
knpu_oauth2_client:
clients:
appid_main:
appid:
type: generic
provider_class: Jampire\OAuth2\Client\Provider\AppIdProvider

# optional: a class that extends OAuth2Client
client_class: App\Security\AppIdClient

provider_options: {base_auth_uri: '%env(appid_base_auth_uri)%',
tenant_id: '%env(appid_tenant_id)%',
redirect_route: '%env(appid_redirect_route)%',
idp: '%env(appid_idp)%'}
provider_options: {baseAuthUri: '%env(OAUTH_APPID_BASE_AUTH_URI)%',
tenantId: '%env(OAUTH_APPID_TENANT_ID)%',
idp: '%env(OAUTH_APPID_IDP)%'}

# now, all the normal options!
client_id: '%env(appid_client_id)%'
client_secret: '%env(appid_client_secret)%'
redirect_route: '%env(appid_redirect_route)%'
client_id: '%env(OAUTH_APPID_CLIENT_ID)%'
client_secret: '%env(OAUTH_APPID_CLIENT_SECRET)%'
redirect_route: '%env(OAUTH_APPID_REDIRECT_ROUTE)%'
redirect_params: {}
```
Add your credentials in env
```dotenv
appid_base_auth_uri=https://xxx.appid.cloud.ibm.com/oauth/v4
appid_redirect_route=connect_check_appid
appid_idp=saml
appid_tenant_id=xxxxxxxxxxxxxxxxxxxxxxxxxx
appid_client_id=xxxxxxxxxxxxxxxxxxxxxxxxxx
appid_client_secret=xxxxxxxxxxxxxxxxxxxxxx
OAUTH_APPID_BASE_AUTH_URI=https://xxx.appid.cloud.ibm.com/oauth/v4
OAUTH_APPID_REDIRECT_ROUTE=connect_appid_check
OAUTH_APPID_IDP=saml
OAUTH_APPID_TENANT_ID=xxxxxxxxxxxxxxxxxxxxxxxxxx
OAUTH_APPID_CLIENT_ID=xxxxxxxxxxxxxxxxxxxxxxxxxx
OAUTH_APPID_CLIENT_SECRET=xxxxxxxxxxxxxxxxxxxxxx
```

### Step 2 - Add the client controller
Expand Down Expand Up @@ -92,11 +93,11 @@ class AppIdController extends AbstractController
*/
public function connect(ClientRegistry $clientRegistry): RedirectResponse
{
return $clientRegistry->getClient('appid_main')->redirect();
return $clientRegistry->getClient('appid')->redirect();
}

/**
* @Route("/connect/check", name="connect_check_appid")
* @Route("/connect/check", name="connect_appid_check")
*
* Callback route
*
Expand Down Expand Up @@ -218,7 +219,7 @@ class AppIdAuthenticator extends SocialAuthenticator
*/
private function getClient(): OAuth2ClientInterface
{
return $this->clientRegistry->getClient('appid_main');
return $this->clientRegistry->getClient('appid');
}

/**
Expand Down
12 changes: 6 additions & 6 deletions docs/examples/authorization.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?php

require_once __DIR__ . '/../vendor/autoload.php';
require_once __DIR__ . '/../../vendor/autoload.php';

use Jampire\OAuth2\Client\Provider\AppIdProvider;
use Jampire\OAuth2\Client\Provider\AppIdException;
Expand All @@ -9,8 +9,8 @@

try {
$provider = new AppIdProvider([
'base_auth_uri' => '',
'tenant_id' => '',
'baseAuthUri' => '',
'tenantId' => '',
'clientId' => '',
'clientSecret' => '',
'redirectUri' => '',
Expand Down Expand Up @@ -53,9 +53,9 @@
// We have an access token, which we may use in authenticated
// requests against the service provider's API.
echo '<b>Access Token:</b> ', $accessToken->getToken(), '<br>';
echo '<b>Refresh Token:</b> ' , $accessToken->getRefreshToken(), '<br>';
echo '<b>Expired in:</b> ' , $accessToken->getExpires(), '<br>';
echo '<b>Already expired?</b> ' , ($accessToken->hasExpired() ? 'expired' : 'not expired'), '<br>';
echo '<b>Refresh Token:</b> ', $accessToken->getRefreshToken(), '<br>';
echo '<b>Expired in:</b> ', $accessToken->getExpires(), '<br>';
echo '<b>Already expired?</b> ', ($accessToken->hasExpired() ? 'expired' : 'not expired'), '<br>';

// Using the access token, we may look up details about the
// resource owner.
Expand Down
6 changes: 3 additions & 3 deletions docs/examples/index.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?php

require_once __DIR__ . '/../vendor/autoload.php';
require_once __DIR__ . '/../../vendor/autoload.php';

use Jampire\OAuth2\Client\Provider\AppIdProvider;
use Jampire\OAuth2\Client\Provider\AppIdResourceOwner;
Expand All @@ -10,8 +10,8 @@

try {
$provider = new AppIdProvider([
'base_auth_uri' => '',
'tenant_id' => '',
'baseAuthUri' => '',
'tenantId' => '',
'clientId' => '',
'clientSecret' => '',
'redirectUri' => '',
Expand Down
2 changes: 1 addition & 1 deletion phpunit.xml.dist
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
<log type="coverage-html"
target="./build/coverage/html"
lowUpperBound="35"
highLowerBound="100"/>
highLowerBound="80"/>
<log type="coverage-clover"
target="./build/coverage/log/coverage.xml"/>
<log type="junit" target="./build/junit-report.xml"/>
Expand Down
106 changes: 9 additions & 97 deletions src/Provider/AppIdProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,21 +22,15 @@ class AppIdProvider extends AbstractProvider
use BearerAuthorizationTrait;

public const IDP_SAML = 'saml';
public const IDP_ANON = 'appid_anon';
public const IDP_FACEBOOK = 'facebook';
public const IDP_GOOGLE = 'google';

/** @var string */
private $baseAuthUri;
protected $baseAuthUri;

/** @var string */
private $tenantId;
protected $tenantId;

/** @var string */
private $redirectRouteName;

/** @var string */
private $idp;
protected $idp;

/**
* AppIdProvider constructor.
Expand All @@ -48,22 +42,14 @@ class AppIdProvider extends AbstractProvider
*/
public function __construct(array $options = [], array $collaborators = [])
{
if (empty($options['base_auth_uri']) || empty($options['tenant_id'])) {
throw new AppIdException('Required fields (base_auth_uri or tenant_id) are missing.');
if (empty($options['baseAuthUri']) || empty($options['tenantId'])) {
throw new AppIdException('Required fields ("baseAuthUri" or "tenantId") are missing.');
}

$this->setBaseAuthUri($options['base_auth_uri']);
$this->setTenantId($options['tenant_id']);

if (!empty($options['redirect_route'])) {
$this->setRedirectRouteName($options['redirect_route']);
if (empty($options['idp'])) {
$options['idp'] = self::IDP_SAML;
}

$idp = empty($options['idp']) ? self::IDP_SAML : $options['idp'];
$this->setIdp($idp);

unset($options['base_auth_uri'], $options['tenant_id'], $options['redirect_route'], $options['idp'], $idp);

$collaborators['optionProvider'] = new HttpBasicAuthOptionProvider();

parent::__construct($options, $collaborators);
Expand Down Expand Up @@ -179,15 +165,6 @@ public function getTenantId(): string
return $this->tenantId;
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @return string
*/
public function getRedirectRouteName(): string
{
return $this->redirectRouteName;
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @return string
Expand Down Expand Up @@ -303,78 +280,13 @@ protected function fetchRevoke(AccessToken $token): string
/**
* @inheritDoc
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @throws AppIdException
*/
protected function getAuthorizationParameters(array $options): array
{
if (!empty($options['idp'])) {
$this->setIdp($options['idp']);
if (empty($options['idp'])) {
$options['idp'] = $this->idp = self::IDP_SAML;
}

$options['idp'] = $this->getIdp();

return parent::getAuthorizationParameters($options);
}

/**
* @param string $baseUri
*
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @return self
*/
private function setBaseAuthUri(string $baseUri): self
{
$this->baseAuthUri = $baseUri;

return $this;
}

/**
* @param string $tenantId
*
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @return self
*/
private function setTenantId(string $tenantId): self
{
$this->tenantId = $tenantId;

return $this;
}

/**
* @param string $redirectRouteName
*
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @return self
*/
private function setRedirectRouteName(string $redirectRouteName): self
{
$this->redirectRouteName = $redirectRouteName;

return $this;
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
* @param string $idp
*
* @throws AppIdException
* @return self
*/
private function setIdp(string $idp): self
{
if (!in_array($idp, [
self::IDP_SAML,
self::IDP_ANON,
self::IDP_FACEBOOK,
self::IDP_GOOGLE,
], true)) {
throw new AppIdException('IDP "' . $idp . '" is not supported.');
}

$this->idp = $idp;

return $this;
}
}
41 changes: 3 additions & 38 deletions tests/src/Provider/AppIdProviderTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,6 @@ class AppIdProviderTest extends MockeryTestCase
/** @var string */
protected $tenantId = 'mock_tenant_id';

/** @var string */
protected $redirectRoute = 'mock_redirect_route';

/** @var string */
protected $clientId = 'mock_client_id';

Expand All @@ -46,9 +43,8 @@ class AppIdProviderTest extends MockeryTestCase
public function setUp(): void
{
$this->provider = new AppIdProvider([
'base_auth_uri' => $this->baseAuthUri,
'tenant_id' => $this->tenantId,
'redirect_route' => $this->redirectRoute,
'baseAuthUri' => $this->baseAuthUri,
'tenantId' => $this->tenantId,
'clientId' => $this->clientId,
'clientSecret' => $this->clientSecret,
'redirectUri' => $this->redirectUri,
Expand Down Expand Up @@ -165,14 +161,6 @@ public function testGetRevokeUrl(): void
$this->assertEquals($this->baseAuthUri . '/' . $this->tenantId . '/revoke', $uri['path']);
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
*/
public function testGetRedirectRouteName(): void
{
$this->assertEquals($this->redirectRoute, $this->provider->getRedirectRouteName());
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
*/
Expand Down Expand Up @@ -612,37 +600,14 @@ public function testDefaultIdp(): void
$this->assertEquals(AppIdProvider::IDP_SAML, $query['idp']);
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
*/
public function testAllowedIdp(): void
{
$url = $this->provider->getAuthorizationUrl(['idp' => AppIdProvider::IDP_GOOGLE]);
$uri = parse_url($url);
parse_str($uri['query'], $query);

$this->assertEquals(AppIdProvider::IDP_GOOGLE, $query['idp']);
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
*/
public function testDisallowedIdp(): void
{
$this->expectException(AppIdException::class);
$this->expectExceptionMessage('IDP "not_allowed" is not supported.');
$this->provider->getAuthorizationUrl(['idp' => 'not_allowed']);
}

/**
* @author Dzianis Kotau <jampire.blr@gmail.com>
*/
public function testErrorInitialization(): void
{
$this->expectException(AppIdException::class);
$this->expectExceptionMessage('Required fields (base_auth_uri or tenant_id) are missing.');
$this->expectExceptionMessage('Required fields ("baseAuthUri" or "tenantId") are missing.');
$provider = new AppIdProvider([
'redirect_route' => $this->redirectRoute,
'clientId' => $this->clientId,
'clientSecret' => $this->clientSecret,
'redirectUri' => $this->redirectUri,
Expand Down

0 comments on commit 1d5c509

Please sign in to comment.