init project

.github/workflows/ci.yml

@@ -0,0 +1,47 @@
+name: CI
+on: [push, pull_request]
+
+jobs:
+  tests:
+    name: PHPUnit PHP ${{ matrix.php }} ${{ matrix.dependency }} (Symfony ${{ matrix.symfony }})
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        php:
+          - '8.1'
+          - '8.2'
+          - '8.3'
+        symfony:
+          - '5.4.*'
+          - '6.4.*'
+          - '7.1.*'
+        exclude:
+          - php: '8.1'
+            symfony: '7.1.*'
+      fail-fast: true
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+
+      - name: Configure Symfony
+        run: composer config extra.symfony.require "${{ matrix.symfony }}"
+
+      - name: Update project dependencies
+        run: composer update --no-progress --ansi --prefer-stable
+
+      - name: Validate composer
+        run: composer validate --strict --no-check-lock
+
+      - name: PHP-CS-Fixer
+        run: vendor/bin/php-cs-fixer check -vv
+
+      - name: PHPStan
+        run: vendor/bin/phpstan analyse
+
+      - name: Run tests
+        run: vendor/bin/phpunit

.gitignore

@@ -0,0 +1,7 @@
+.idea
+vendor/
+composer.lock
+phpunit.xml
+.phpunit.cache
+.php_cs.cache
+.env

.php-cs-fixer.dist.php

@@ -0,0 +1,15 @@
+<?php
+
+declare(strict_types=1);
+
+$finder = PhpCsFixer\Finder::create()
+    ->in(__DIR__ . '/src')
+    ->in(__DIR__ . '/tests')
+;
+
+return Retailcrm\PhpCsFixer\Defaults::rules([
+    'declare_strict_types' => true,
+])
+    ->setFinder($finder)
+    ->setCacheFile(__DIR__ . '/.php_cs.cache/results')
+;

Makefile

@@ -0,0 +1,16 @@
+PHP=php
+
+vendor: composer.json
+	@$(PHP) composer install -o -n --no-ansi
+	@touch vendor || true
+
+phpunit: vendor
+	@$(PHP) vendor/bin/phpunit --color=always
+
+php-cs: vendor
+	@$(PHP) vendor/bin/php-cs-fixer check -vv
+
+phpstan: vendor
+	@$(PHP) vendor/bin/phpstan analyse
+
+check: php-cs phpunit

composer.json

@@ -0,0 +1,39 @@
+{
+  "name": "retailcrm/oauth-server-bundle",
+  "type": "library",
+  "license": "proprietary",
+  "description": "OAuth Server Bundle",
+  "require": {
+    "php": ">=8.1",
+    "doctrine/orm": "^2.0",
+    "symfony/config": "^5.4|^6.0|^7.0",
+    "symfony/dependency-injection": "^5.4|^6.0|^7.0",
+    "symfony/event-dispatcher": "^5.4|^6.0|^7.0",
+    "symfony/http-foundation": "^5.4|^6.0|^7.0",
+    "symfony/http-kernel": "^5.4|^6.0|^7.0",
+    "symfony/routing": "^5.4|^6.0|^7.0",
+    "symfony/security-bundle": "^5.4|^6.0|^7.0"
+  },
+  "require-dev": {
+    "friendsofphp/php-cs-fixer": "^3.59",
+    "phpstan/phpstan": "^1.11",
+    "phpunit/phpunit": "^10.0",
+    "retailcrm/php-code-style": "^1.0"
+  },
+  "autoload": {
+    "psr-4": {
+      "OAuth\\": "src"
+    }
+  },
+  "autoload-dev": {
+    "psr-4": {
+      "OAuth\\Tests\\": "tests"
+    }
+  },
+  "support": {
+    "email": "[email protected]"
+  },
+  "config": {
+    "sort-packages": true
+  }
+}

phpstan.neon

@@ -0,0 +1,6 @@
+parameters:
+    excludePaths:
+        - src/DependencyInjection/Configuration.php
+    level: 5
+    paths:
+        - src

phpunit.xml.dist

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.5/phpunit.xsd"
+         bootstrap="vendor/autoload.php"
+         cacheDirectory=".phpunit.cache"
+         executionOrder="depends,defects"
+         requireCoverageMetadata="false"
+         beStrictAboutCoverageMetadata="true"
+         beStrictAboutOutputDuringTests="true"
+         failOnRisky="true"
+         failOnWarning="true">
+    <testsuites>
+        <testsuite name="php">
+            <directory>tests</directory>
+        </testsuite>
+    </testsuites>
+
+    <source restrictDeprecations="true" restrictNotices="true" restrictWarnings="true">
+        <include>
+            <directory>src</directory>
+        </include>
+    </source>
+</phpunit>

src/Command/CleanCommand.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OAuth\Command;
+
+use OAuth\Server\Storage\AccessTokenStorageInterface;
+use OAuth\Server\Storage\AuthCodeStorageInterface;
+use OAuth\Server\Storage\DeleteExpiredStorageInterface;
+use OAuth\Server\Storage\RefreshTokenStorageInterface;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+#[AsCommand(
+    name: 'oauth-server:clean',
+    description: 'Clean expired tokens.',
+)]
+class CleanCommand extends Command
+{
+    public function __construct(
+        private readonly AccessTokenStorageInterface $accessTokenStorage,
+        private readonly RefreshTokenStorageInterface $refreshTokenStorage,
+        private readonly AuthCodeStorageInterface $authCodeStorage
+    ) {
+        parent::__construct();
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        foreach ([$this->accessTokenStorage, $this->refreshTokenStorage, $this->authCodeStorage] as $service) {
+            if (!$service instanceof DeleteExpiredStorageInterface) {
+                throw new \LogicException(sprintf('The service "%s" must implement "%s".', $service::class, DeleteExpiredStorageInterface::class));
+            }
+
+            $result = $service->deleteExpired();
+            $output->writeln(sprintf('Removed <info>%d</info> items from <comment>%s</comment> storage.', $result, $service::class));
+        }
+
+        return Command::SUCCESS;
+    }
+}

src/Command/CreateClientCommand.php

@@ -0,0 +1,68 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OAuth\Command;
+
+use OAuth\Server\Storage\ClientStorageInterface;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+
+#[AsCommand(
+    name: 'oauth-server:create-client',
+    description: 'Creates a new client.',
+)]
+class CreateClientCommand extends Command
+{
+    public function __construct(
+        private readonly ClientStorageInterface $clientStorage,
+    ) {
+        parent::__construct();
+    }
+
+    protected function configure(): void
+    {
+        parent::configure();
+
+        $this
+            ->addOption(
+                'redirect-uri',
+                null,
+                InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY,
+                'Sets redirect uri for client. Use this option multiple times to set multiple redirect URIs.',
+                null
+            )
+            ->addOption(
+                'grant-type',
+                null,
+                InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY,
+                'Sets allowed grant type for client. Use this option multiple times to set multiple grant types..',
+                null
+            )
+        ;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io = new SymfonyStyle($input, $output);
+
+        $io->title('Client Credentials');
+
+        $client = $this->clientStorage->createClient();
+
+        $client->setRedirectUris($input->getOption('redirect-uri'));
+        $client->setGrantTypes($input->getOption('grant-type'));
+
+        $this->clientStorage->updateClient($client);
+
+        $io->table(['Client ID', 'Client Secret'], [
+            [$client->getPublicId(), $client->getSecret()],
+        ]);
+
+        return 0;
+    }
+}

src/Controller/TokenController.php

@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OAuth\Controller;
+
+use OAuth\Exception\OAuthServerException;
+use OAuth\Server\Handler;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class TokenController
+{
+    public function __construct(private readonly Handler $handler)
+    {
+    }
+
+    public function token(Request $request): Response
+    {
+        try {
+            return $this->handler->grantAccessToken($request);
+        } catch (OAuthServerException $exception) {
+            return $exception->getHttpResponse();
+        }
+    }
+}

src/DependencyInjection/Compiler/GrantExtensionsCompilerPass.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OAuth\DependencyInjection\Compiler;
+
+use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\DependencyInjection\Exception\InvalidArgumentException;
+use Symfony\Component\DependencyInjection\Reference;
+
+class GrantExtensionsCompilerPass implements CompilerPassInterface
+{
+    public function process(ContainerBuilder $container): void
+    {
+        $customGrantDefinition = $container->findDefinition('oauth_server.grant_extension.custom');
+
+        foreach ($container->findTaggedServiceIds('oauth_server.grant_extension') as $id => $tags) {
+            foreach ($tags as $tag) {
+                if (empty($tag['uri'])) {
+                    throw new InvalidArgumentException(sprintf('Service "%s" must define the "uri" attribute on "oauth_server.grant_extension" tags.', $id));
+                }
+
+                $customGrantDefinition->addMethodCall('addExtension', [$tag['uri'], new Reference($id)]);
+            }
+        }
+    }
+}