Skip to content

Commit

Permalink
Stop propagation on resolved request
Browse files Browse the repository at this point in the history 
Call `Event::stopPropagation` when an event listener sets a response, or
resolves the authorization request, so the event listeners with higher
priority wins.
  • Loading branch information
@ajgarlag
ajgarlag committed May 24, 2019
1 parent 268a073 commit 1fd1f3e
Show file tree
Hide file tree
Showing 3 changed files with 77 additions and 13 deletions.
2 changes: 0 additions & 2 deletions Controller/AuthorizationController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,6 @@ public function indexAction(ServerRequestInterface $serverRequest, ResponseFacto
return $event->getResponse();
}

$authRequest->setAuthorizationApproved($event->getAuthorizationResolution());

return $this->server->completeAuthorizationRequest($authRequest, $serverResponse);
} catch (OAuthServerException $e) {
return $e->generateHttpResponse($serverResponse);
Expand Down
14 changes: 3 additions & 11 deletions Event/AuthorizationRequestResolveEvent.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,25 +27,16 @@ final class AuthorizationRequestResolveEvent extends Event
*/
private $response;

/**
* @var bool
*/
private $authorizationResolution = self::AUTHORIZATION_DENIED;

public function __construct(AuthorizationRequest $authorizationRequest)
{
$this->authorizationRequest = $authorizationRequest;
}

public function getAuthorizationResolution(): bool
{
return $this->authorizationResolution;
}

public function resolveAuthorization(bool $authorizationResolution): void
{
$this->authorizationResolution = $authorizationResolution;
$this->authorizationRequest->setAuthorizationApproved($authorizationResolution);
$this->response = null;
$this->stopPropagation();
}

public function hasResponse(): bool
Expand All @@ -65,6 +56,7 @@ public function getResponse(): ResponseInterface
public function setResponse(ResponseInterface $response): void
{
$this->response = $response;
$this->stopPropagation();
}

public function getGrantTypeId(): string
Expand Down
74 changes: 74 additions & 0 deletions Tests/Acceptance/AuthorizationEndpointTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,80 @@ public function testCodeRequestRedirectToResolutionUri()
$this->assertEquals('/authorize/consent', $redirectUri);
}

public function testAuthorizationRequestEventIsStoppedAfterSettingAResponse()
{
$eventDispatcher = $this->client
->getContainer()
->get('event_dispatcher');
$eventDispatcher->addListener(OAuth2Events::AUTHORIZATION_REQUEST_RESOLVE, function (AuthorizationRequestResolveEvent $event) {
$event->resolveAuthorization(AuthorizationRequestResolveEvent::AUTHORIZATION_APPROVED);
}, 100);
$eventDispatcher->addListener(OAuth2Events::AUTHORIZATION_REQUEST_RESOLVE, function (AuthorizationRequestResolveEvent $event) {
$response = (new Response())->withStatus(302)->withHeader('Location', '/authorize/consent');
$event->setResponse($response);
}, 200);

timecop_freeze(new DateTime());

$this->client->request(
'GET',
'/authorize',
[
'client_id' => FixtureFactory::FIXTURE_CLIENT_FIRST,
'response_type' => 'code',
'state' => 'foobar',
]
);

timecop_return();

$response = $this->client->getResponse();

$this->assertSame(302, $response->getStatusCode());
$redirectUri = $response->headers->get('Location');
$this->assertEquals('/authorize/consent', $redirectUri);
}

public function testAuthorizationRequestEventIsStoppedAfterResolution()
{
$eventDispatcher = $this->client
->getContainer()
->get('event_dispatcher');
$eventDispatcher->addListener(OAuth2Events::AUTHORIZATION_REQUEST_RESOLVE, function (AuthorizationRequestResolveEvent $event) {
$event->resolveAuthorization(AuthorizationRequestResolveEvent::AUTHORIZATION_APPROVED);
}, 200);
$eventDispatcher->addListener(OAuth2Events::AUTHORIZATION_REQUEST_RESOLVE, function (AuthorizationRequestResolveEvent $event) {
$response = (new Response())->withStatus(302)->withHeader('Location', '/authorize/consent');
$event->setResponse($response);
}, 100);

timecop_freeze(new DateTime());

$this->client->request(
'GET',
'/authorize',
[
'client_id' => FixtureFactory::FIXTURE_CLIENT_FIRST,
'response_type' => 'code',
'state' => 'foobar',
]
);

timecop_return();

$response = $this->client->getResponse();

$this->assertSame(302, $response->getStatusCode());
$redirectUri = $response->headers->get('Location');

$this->assertStringStartsWith(FixtureFactory::FIXTURE_CLIENT_FIRST_REDIRECT_URI, $redirectUri);
$query = [];
parse_str(parse_url($redirectUri, PHP_URL_QUERY), $query);
$this->assertArrayHasKey('code', $query);
$this->assertArrayHasKey('state', $query);
$this->assertEquals('foobar', $query['state']);
}

public function testFailedCodeRequestRedirectWithFakedRedirectUri()
{
$this->client
Expand Down

0 comments on commit 1fd1f3e

Please sign in to comment.