vitalif
/
oauth2-client
mirror of https://github.com/vitalif/oauth2-client
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #105 from cyk/expose-auth-state 

Expose generated state to allow for CSRF validation.
1.0
Phil Sturgeon 2014-06-08 23:27:16 +01:00
parent 0051451ce5 26adb5081b
commit 2747bf0f70
9 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Provider/AbstractProvider.php
View File

@ -16,6 +16,8 @@ abstract class AbstractProvider
public $redirectUri = '';
public $state;
public $name;
public $uidKey = 'uid';
@ -83,12 +85,12 @@ abstract class AbstractProvider
public function getAuthorizationUrl($options = array())
{
$state = md5(uniqid(rand(), true));
$this->state = md5(uniqid(rand(), true));
$params = array(
'client_id' => $this->clientId,
'redirect_uri' => $this->redirectUri,
'state' => $state,
'state' => $this->state,
'scope' => is_array($this->scopes) ? implode($this->scopeSeparator, $this->scopes) : $this->scopes,
'response_type' => isset($options['response_type']) ? $options['response_type'] : 'code',
'approval_prompt' => 'auto'

1
test/src/Provider/EventbriteTest.php
View File

@ -29,6 +29,7 @@ class EventbriteTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/FacebookTest.php
View File

@ -29,6 +29,7 @@ class FacebookTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/GithubTest.php
View File

@ -29,6 +29,7 @@ class GithubTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/GoogleTest.php
View File

@ -29,6 +29,7 @@ class GoogleTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/InstagramTest.php
View File

@ -29,6 +29,7 @@ class InstagramTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/LinkedInTest.php
View File

@ -29,6 +29,7 @@ class LinkedInTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/MicrosoftTest.php
View File

@ -29,6 +29,7 @@ class MicrosoftTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()

1
test/src/Provider/VkontakteTest.php
View File

@ -29,6 +29,7 @@ class VkontakteTest extends \PHPUnit_Framework_TestCase
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->state);
}
public function testUrlAccessToken()