Added Introspect and Revoke endpoints

Bumped version number
mobilejazz-contrib · May 4, 2017 · 2770631 · 2770631
1 parent 156daae
commit 2770631
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@ php composer.phar require --prefer-dist mobilejazz/yii2-oauth2-server "*"
 or add
 
 ```json
-"mobilejazz/yii2-oauth2-server": "~2.0"
+"mobilejazz/yii2-oauth2-server": "~2.1"
 ```
 
 to the require section of your composer.json.
@@ -27,7 +27,6 @@ To use this extension,  simply add the following code in your application config
 ```php
 'oauth2' => [
     'class' => 'mobilejazz\yii2\oauth2server\Module',
-    'class' => 'filsh\yii2\oauth2server\Module',
     'tokenParamName' => 'accessToken',
     'tokenAccessLifetime' => 3600 * 24,
     'storageMap' => [

diff --git a/composer.json b/composer.json
@@ -6,7 +6,7 @@
     "type": "yii2-extension",
     "license": "MIT",
     "support": {
-        "email": "mtorruella@mobilejazz.com",
+        "email": "info@mobilejazz.com",
         "source": "https://github.com/mobilejazz/yii2-oauth2-server"
     },
     "authors": [
@@ -15,18 +15,18 @@
             "email": "[email protected]"
         },
         {
-            "name": "MobileJazz",
-            "email": "mtorruella@mobilejazz.com"
+            "name": "Mobile Jazz",
+            "email": "info@mobilejazz.com"
         }
     ],
     "require": {
         "yiisoft/yii2": "*",
-        "bshaffer/oauth2-server-php": "v1.6"
+        "bshaffer/oauth2-server-php": "v1.9"
     },
     "autoload": {
         "psr-4": {
             "mobilejazz\\yii2\\oauth2server\\": ""
         }
     },
-    "version":"2.0.2"
+    "version":"2.1.0"
 }
diff --git a/controllers/DefaultController.php b/controllers/DefaultController.php
@@ -2,6 +2,8 @@
 
 namespace mobilejazz\yii2\oauth2server\controllers;
 
+use mobilejazz\yii2\oauth2server\filters\auth\CompositeAuth;
+use mobilejazz\yii2\oauth2server\models\OauthAccessTokens;
 use Yii;
 use yii\helpers\ArrayHelper;
 use mobilejazz\yii2\oauth2server\filters\ErrorToExceptionFilter;
@@ -13,11 +15,18 @@ class DefaultController extends \yii\rest\Controller
      */
     public function behaviors()
     {
-        return ArrayHelper::merge(parent::behaviors(), [
+		$behaviors = ArrayHelper::merge(parent::behaviors(), [
 									  'exceptionFilter' => [
 										  'class' => ErrorToExceptionFilter::className()
 									  ],
         ]);
+
+		$behaviors['authenticator'] = [
+			'class' => CompositeAuth::className(),
+			'except' => ['token'],
+		];
+
+		return $behaviors;
     }
 
     public function actionToken()
@@ -33,4 +42,44 @@ public function actionToken()
 
 		return $response->getParameters();
     }
+
+    public function actionRevoke()
+    {
+        $server = $this->module->getServer();
+        $request = $this->module->getRequest();
+        $response = $server->handleRevokeRequest($request);
+
+        return $response->getParameters();
+    }
+
+
+    public function actionIntrospect()
+    {
+    	if (!Yii::$app->request->post('token'))
+		{
+			$message = Yii::t('oauth2server', 'Missing parameter: "token" is required');
+			if($message === null) {
+				$message = Yii::t('yii', 'An internal server error occurred.');
+			}
+			throw new \yii\web\HttpException(400, $message);
+
+		}
+
+    	$response["active"] = false;
+
+        $token = OauthAccessTokens::findOne(["access_token"=>Yii::$app->request->post('token')]);
+		if ($token)
+		{
+			$expires = strtotime($token->expires);
+			if (time() < $expires)
+				$response["active"] = true;
+			$response["scope"] = $token->scope;
+			$response["user_id"] = $token->user_id;
+			$response["client_id"] = $token->client_id;
+			$response["exp"] = $expires;
+		}
+
+        return $response;
+    }
+
 }
diff --git a/messages/en/oauth2server.php b/messages/en/oauth2server.php
@@ -49,7 +49,7 @@
     'This application requires you specify a scope parameter' => 'This application requires you specify a scope parameter',
     'This client is invalid or must authenticate using a client secret' => 'This client is invalid or must authenticate using a client secret',
     'Unable to retrieve user information' => 'Unable to retrieve user information',
-    'Unable to retrieve user information' => 'Unable to retrieve user information',
     'When putting the token in the body, the method must be POST' => 'When putting the token in the body, the method must be POST',
     'you must set the user_id on the array returned by getUserDetails' => 'you must set the user_id on the array returned by getUserDetails',
+	'Missing parameter: "token" is required' => 'Missing parameter: "token" is required',
 ];