summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2015-02-09[php5.2] Make validateRedirectUri protected to be able to overrideNiko Sams1-1/+1
Like #512 for develop branch. This change is aginst php5.2-develop. I'm not sure if this branch is still active, nevertheless I have to use it on our SLES 10 Server with Php 5.2.
2013-06-13addresses #156 - documents required user_id for authcodesBrent Shaffer1-0/+1
2013-06-13addresses #157 for php5.2Brent Shaffer1-2/+2
2013-06-11fixes #154 - adds getParameter to OAuth2_ResponseInterfaceBrent Shaffer1-0/+2
2013-06-11ensures invalid_token is returned according to ↵Brent Shaffer1-3/+3
http://tools.ietf.org/html/rfc6750#section-3.1
2013-06-01standardizes error messages by removing period on scope and redirect errorsBrent Shaffer2-2/+2
2013-06-01fixes #134 - allows for client_secret to be empty in post body if the client ↵Brent Shaffer1-2/+6
secret is an empty string
2013-06-01adds convenience getters/setters onto the server class (for real)Brent Shaffer1-0/+50
2013-06-01adds convenience getters/setters onto the server classBrent Shaffer1-1/+2
2013-05-30removes unnecessary issetBrent Shaffer1-1/+1
2013-05-30addresses #143 - adds WWW-Authenticate to 400 responses, removes error codes ↵Brent Shaffer2-23/+22
from invalid requests
2013-05-30addresses #145 - fixes status code for insufficient_scope requestsBrent Shaffer1-3/+6
2013-05-30fixes formatting from #142, fixes same issue in a different spotBrent Shaffer1-8/+18
2013-05-29adds scopeutil constructor doc blockBrent Shaffer1-0/+4
2013-05-29fixes #144 - correct mimeType parsing in headerBrent Shaffer1-1/+6
2013-05-29Fix 401 response from ResourceControllerRobbie Mackay1-3/+8
* Add missing s on %s to make sure we return realm value. * Add error and error_description to WWW-Authenticate header per http://tools.ietf.org/html/rfc6750#section-3 * Remove wrong error_uri parameter return because of extra params passed to setError()
2013-05-29adds interface methods to CompatibilityInterfaceBrent Shaffer1-1/+2
2013-05-29Merge pull request #140 from rjmackay/fix-resource-request-errorBrent Shaffer1-0/+5
Ensures resource request errors not overwritten by the insufficient_scope erro
2013-05-29Return from verifyResourceRequest() if we don't have token dataRobbie Mackay1-0/+5
This ensures any error response already set in getAccessTokenData gets returned, not overwritten by the 'insufficient_scope' error.
2013-05-28attempts to standardize documentation a little betterBrent Shaffer9-49/+41
2013-05-28** BC-BREAKING CHANGE ** - addresses #139 - makes ↵Brent Shaffer1-2/+5
OAuth2_Storage_UserCredentialsInterface::getUserDetails required to return user_id
2013-05-28** BC-BREAKING CHANGE ** - addresses #80: hardens default security by making ↵Brent Shaffer2-2/+23
'enforce_state' param in AuthorizationServer true by default
2013-05-28** BC-BREAKING CHANGE ** - addresses #80: requires exact matching of URL by ↵Brent Shaffer2-4/+14
default, rather than only matching the beginning string
2013-05-28cleans up redirect URI validationBrent Shaffer1-28/+34
2013-05-26fixes #27 - adds way to pass in custom clientassertiontype to server objectBrent Shaffer1-11/+21
2013-05-25adds ability to pass headers explicitly to Request objectBrent Shaffer1-4/+5
2013-05-25fixes #137 - allows for multiple request_uris and adds tests for thisBrent Shaffer2-3/+17
2013-05-21fixes hardcoded error message in TokenController, adds test coverage for ↵Brent Shaffer1-1/+1
error case
2013-05-16standardizes doc blocksBrent Shaffer32-67/+153
2013-05-13fixes spacing issues (psr2)Brent Shaffer1-3/+2
2013-05-13Merge pull request #125 from F21/token_controller_client_id_scope_existsBrent Shaffer2-2/+13
TokenController now passes clientId into scopeExists().
2013-05-13TokenController now passes clientId into scopeExists(). Tests have beenF212-2/+13
added for this.
2013-05-13improves documentation for addStorage functionBrent Shaffer1-3/+10
2013-05-13fixes typehint for setAuthorizeControllerBrent Shaffer1-1/+1
2013-05-09rolling back OAuth2_Server fix due to php5.2 interface incompatibilitiesBrent Shaffer1-6/+6
2013-05-09better name for variables in AuthorizeControllerBrent Shaffer1-2/+2
2013-05-09adds defaults for OAuth2_Response objects back to the server classBrent Shaffer3-20/+27
2013-05-09cherry-picks redis class大兵2-1/+196
2013-05-09fixes fatal error and adds test to catch it next timeBrent Shaffer1-1/+1
2013-05-09allows for injection of tokenType into the server objectBrent Shaffer1-26/+24
2013-05-09** BC-BREAKING CHANGES ** - changes TokenController constructor so ↵Brent Shaffer2-11/+20
ClientAssertionType is now the third parameter instead of the first, and it no longer accepts Storage_ClientCredentials, but has to be ClientAssertionTypeInterface
2013-05-09adds 'createDefault' methods for all controllers - more accurate naming of ↵Brent Shaffer1-32/+47
functions
2013-05-09adds setters for controller classes, standardises order of the controller ↵Brent Shaffer1-85/+112
classes, moves protected methods to bottom
2013-05-09** BC-BREAKING CHANGE - accessTokenResponseType parameter in server class is ↵Brent Shaffer1-22/+18
redundant. This can be derived from the responseType parameter already passed in. Getting rid of it
2013-05-09updates readme and docblocks for response refactorBrent Shaffer3-5/+10
2013-05-09fixes variable namesBrent Shaffer1-2/+2
2013-05-06fixes php 5.2 issue with interfaces sharing method namesBrent Shaffer3-6/+29
2013-05-06cleans up ResponseInterfaceBrent Shaffer4-11/+12
2013-05-06BC-BREAKING CHANGE - Updates AuthorizeControllerInterface, ResponseInterfaceBrent Shaffer11-185/+45
2013-05-05BCBREAKING CHANGE - Updates to AuthorizeControllerInterface, ↵Brent Shaffer7-55/+41
ResourceControllerInterface, TokenTypeInterface
generated by cgit v1.2.3 (git 2.39.0) at 2026-02-10 19:50:13 +0300