Support complete_verification_uri

thephpleague · Jan 31, 2024 · 4e9de6e · 4e9de6e
1 parent 15c214d
commit 4e9de6e
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 16 deletions.
diff --git a/src/Entities/DeviceCodeEntityInterface.php b/src/Entities/DeviceCodeEntityInterface.php
@@ -24,6 +24,8 @@ public function getVerificationUri(): string;
 
     public function setVerificationUri(string $verificationUri): void;
 
+    public function getVerificationUriComplete(): string;
+
     public function getLastPolledAt(): ?DateTimeImmutable;
 
     public function setLastPolledAt(DateTimeImmutable $lastPolledAt): void;
@@ -34,7 +36,7 @@ public function setInterval(int $interval): void;
 
     public function getIntervalInAuthResponse(): bool;
 
-    public function setIntervalInAuthResponse(bool $intervalInAuthResponse): bool;
+    public function setIntervalInAuthResponse(bool $intervalInAuthResponse): void;
 
     public function getUserApproved(): bool;
 

diff --git a/src/Entities/Traits/DeviceCodeTrait.php b/src/Entities/Traits/DeviceCodeTrait.php
@@ -20,6 +20,7 @@ trait DeviceCodeTrait
 {
     private bool $userApproved = false;
     private bool $intervalInAuthResponse = false;
+    private bool $includeVerificationUriComplete = false;
     private int $interval = 5;
     private string $userCode;
     private string $verificationUri;
@@ -45,6 +46,11 @@ public function setVerificationUri(string $verificationUri): void
         $this->verificationUri = $verificationUri;
     }
 
+    public function getVerificationUriComplete(): string
+    {
+        return $this->verificationUri . '?user_code=' . $this->userCode;
+    }
+
     abstract public function getClient(): ClientEntityInterface;
 
     abstract public function getExpiryDateTime(): DateTimeImmutable;
@@ -81,9 +87,9 @@ public function getIntervalInAuthResponse(): bool
         return $this->intervalInAuthResponse;
     }
 
-    public function setIntervalInAuthResponse(bool $intervalInAuthResponse): bool
+    public function setIntervalInAuthResponse(bool $intervalInAuthResponse): void
     {
-        return $this->intervalInAuthResponse = $intervalInAuthResponse;
+        $this->intervalInAuthResponse = $intervalInAuthResponse;
     }
 
     public function getUserApproved(): bool
@@ -95,4 +101,14 @@ public function setUserApproved(bool $userApproved): void
     {
         $this->userApproved = $userApproved;
     }
+
+    public function getVerificationUriCompleteInAuthResponse(): bool
+    {
+        return $this->includeVerificationUriComplete;
+    }
+
+    public function setVerificationUriCompleteInAuthResponse(bool $includeVerificationUriComplete): void
+    {
+        $this->includeVerificationUriComplete = $includeVerificationUriComplete;
+    }
 }
diff --git a/src/Grant/DeviceCodeGrant.php b/src/Grant/DeviceCodeGrant.php
@@ -26,7 +26,6 @@
 use League\OAuth2\Server\Repositories\DeviceCodeRepositoryInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 use League\OAuth2\Server\RequestEvent;
-use League\OAuth2\Server\RequestTypes\DeviceAuthorizationRequestInterface;
 use League\OAuth2\Server\ResponseTypes\DeviceCodeResponse;
 use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
 use LogicException;
@@ -48,6 +47,7 @@
 class DeviceCodeGrant extends AbstractGrant
 {
     protected DeviceCodeRepositoryInterface $deviceCodeRepository;
+    private bool $includeVerificationUriComplete = false;
     private bool $intervalVisibility = false;
     private string $verificationUri;
 
@@ -100,7 +100,7 @@ public function respondToDeviceAuthorizationRequest(ServerRequestInterface $requ
             $scopes
         );
 
-        // TODO: Check payload generation
+        // TODO: Check payload generation. Is this the best way to handle things?
         $payload = [
             'device_code_id' => $deviceCode->getIdentifier(),
             'user_code' => $deviceCode->getUserCode(),
@@ -110,9 +110,15 @@ public function respondToDeviceAuthorizationRequest(ServerRequestInterface $requ
             'scopes' => $deviceCode->getScopes(),
         ];
 
+        $response = new DeviceCodeResponse();
+
+        if ($this->includeVerificationUriComplete === true) {
+            $response->includeVerificationUriComplete();
+            $payload['verification_uri_complete'] = $deviceCode->getVerificationUriComplete();
+        }
+
         $jsonPayload = json_encode($payload, JSON_THROW_ON_ERROR);
 
-        $response = new DeviceCodeResponse();
         $response->setDeviceCode($deviceCode);
         $response->setPayload($this->encrypt($jsonPayload));
 
@@ -187,9 +193,7 @@ public function respondToAccessTokenRequest(
     }
 
     /**
-     *
      * @throws OAuthServerException
-     *
      */
     protected function validateDeviceCode(ServerRequestInterface $request, ClientEntityInterface $client): DeviceCodeEntityInterface
     {
@@ -240,9 +244,7 @@ private function deviceCodePolledTooSoon(?DateTimeImmutable $lastPoll): bool
     }
 
     /**
-     *
      * @throws OAuthServerException
-     *
      */
     protected function decodeDeviceCode(string $encryptedDeviceCode): stdClass
     {
@@ -255,7 +257,6 @@ protected function decodeDeviceCode(string $encryptedDeviceCode): stdClass
 
     /**
      * Set the verification uri
-     *
      */
     public function setVerificationUri(string $verificationUri): void
     {
@@ -288,7 +289,7 @@ protected function issueDeviceCode(
         DateInterval $deviceCodeTTL,
         ClientEntityInterface $client,
         string $verificationUri,
-        array $scopes = []
+        array $scopes = [],
     ): DeviceCodeEntityInterface {
         $maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
 
@@ -354,6 +355,7 @@ protected function generateUniqueUserCode(int $length = 8): string
         // @codeCoverageIgnoreEnd
     }
 
+    // TODO: Check interface 
     public function setIntervalVisibility(bool $intervalVisibility): void
     {
         $this->intervalVisibility = $intervalVisibility;
@@ -363,4 +365,9 @@ public function getIntervalVisibility(): bool
     {
         return $this->intervalVisibility;
     }
+
+    public function setIncludeVerificationUriComplete(bool $includeVerificationUriComplete): void
+    {
+        $this->includeVerificationUriComplete = $includeVerificationUriComplete;
+    }
 }
diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php
@@ -94,8 +94,6 @@ public function canRespondToDeviceAuthorizationRequest(ServerRequestInterface $r
      */
     public function respondToDeviceAuthorizationRequest(ServerRequestInterface $request): DeviceCodeResponse;
 
-    // TODO: Check DeviceAuthorizationRequest
-
     /**
      * If the grant can respond to a device authorization request this method should be called to validate the parameters of
      * the request.

diff --git a/src/ResponseTypes/DeviceCodeResponse.php b/src/ResponseTypes/DeviceCodeResponse.php
@@ -25,6 +25,7 @@ class DeviceCodeResponse extends AbstractResponseType
 {
     protected DeviceCodeEntityInterface $deviceCode;
     protected string $payload;
+    private bool $includeVerificationUriComplete = false;
 
     /**
      * {@inheritdoc}
@@ -38,8 +39,11 @@ public function generateHttpResponse(ResponseInterface $response): ResponseInter
             'user_code' => $this->deviceCode->getUserCode(),
             'verification_uri' => $this->deviceCode->getVerificationUri(),
             'expires_in'   => $expireDateTime - time(),
-            // TODO: Potentially add in verification_uri_complete - it is optional
         ];
+
+        if ($this->includeVerificationUriComplete === true) {
+            $responseParams['verification_uri_complete'] = $this->deviceCode->getVerificationUriComplete();
+        }
 
         if ($this->deviceCode->getIntervalInAuthResponse() === true) {
             $responseParams['interval'] = $this->deviceCode->getInterval();
@@ -75,6 +79,11 @@ public function setDeviceCode(DeviceCodeEntityInterface $deviceCode): void
         $this->deviceCode = $deviceCode;
     }
 
+    public function includeVerificationUriComplete(): void
+    {
+        $this->includeVerificationUriComplete = true;
+    }
+
     /**
      * Add custom fields to your Bearer Token response here, then override
      * AuthorizationServer::getResponseType() to pull in your version of

diff --git a/tests/Grant/DeviceCodeGrantTest.php b/tests/Grant/DeviceCodeGrantTest.php
@@ -119,6 +119,53 @@ public function testRespondToDeviceAuthorizationRequest(): void
         self::assertEquals('http://foo/bar', $responseJson->verification_uri);
     }
 
+    public function testRespondToDeviceAuthorizationRequestWithVerificationUriComplete(): void
+    {
+        $client = new ClientEntity();
+        $client->setIdentifier('foo');
+
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $deviceCodeRepository = $this->getMockBuilder(DeviceCodeRepositoryInterface::class)->getMock();
+        $deviceCodeRepository->method('getNewDeviceCode')->willReturn(new DeviceCodeEntity());
+
+        $scope = new ScopeEntity();
+        $scope->setIdentifier('basic');
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
+
+        $grant = new DeviceCodeGrant(
+            $deviceCodeRepository,
+            $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
+            new DateInterval('PT10M'),
+            "http://foo/bar"
+        );
+
+        $grant->setIncludeVerificationUriComplete(true);
+
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setDefaultScope(self::DEFAULT_SCOPE);
+        $grant->setEncryptionKey($this->cryptStub->getKey());
+        $grant->setScopeRepository($scopeRepositoryMock);
+
+        $request = (new ServerRequest())->withParsedBody([
+            'client_id' => 'foo',
+            'scope' => 'basic',
+        ]);
+
+        $deviceCodeResponse = $grant->respondToDeviceAuthorizationRequest($request);
+
+        $responseJson = json_decode($deviceCodeResponse->generateHttpResponse(new Response())->getBody()->__toString());
+
+        self::assertObjectHasProperty('device_code', $responseJson);
+        self::assertObjectHasProperty('user_code', $responseJson);
+        self::assertObjectHasProperty('verification_uri', $responseJson);
+        self::assertObjectHasProperty('verification_uri_complete', $responseJson);
+        self::assertEquals('http://foo/bar', $responseJson->verification_uri);
+        self::assertEquals('http://foo/bar?user_code=' . $responseJson->user_code, $responseJson->verification_uri_complete);
+    }
+
     public function testValidateDeviceAuthorizationRequestMissingClient(): void
     {
         $client = new ClientEntity();
@@ -287,7 +334,6 @@ public function testDeviceAuthorizationResponse(): void
         $this::assertObjectHasProperty('device_code', $responseObject);
         $this::assertObjectHasProperty('user_code', $responseObject);
         $this::assertObjectHasProperty('verification_uri', $responseObject);
-        // TODO: $this->assertObjectHasAttribute('verification_uri_complete', $responseObject);
         $this::assertObjectHasProperty('expires_in', $responseObject);
         // TODO: $this->assertObjectHasAttribute('interval', $responseObject);
     }