Set authorizer request in middleware

vinkla · vinkla · commit 8e40ece92db6 · 2015-08-04T08:47:09.000+02:00
This closes #496
diff --git a/src/Middleware/CheckAuthCodeRequestMiddleware.php b/src/Middleware/CheckAuthCodeRequestMiddleware.php
@@ -48,6 +48,8 @@ public function __construct(Authorizer $authorizer)
      */
     public function handle($request, Closure $next)
     {
+        $this->authorizer->setRequest($request);
+
         $this->authorizer->checkAuthCodeRequest();
 
         return $next($request);
diff --git a/src/Middleware/OAuthClientOwnerMiddleware.php b/src/Middleware/OAuthClientOwnerMiddleware.php
@@ -51,6 +51,8 @@ public function __construct(Authorizer $authorizer)
      */
     public function handle($request, Closure $next)
     {
+        $this->authorizer->setRequest($request);
+
         if ($this->authorizer->getResourceOwnerType() !== 'client') {
             throw new AccessDeniedException();
         }
diff --git a/src/Middleware/OAuthMiddleware.php b/src/Middleware/OAuthMiddleware.php
@@ -67,6 +67,8 @@ public function handle($request, Closure $next, $scopesString = null)
             $scopes = explode('+', $scopesString);
         }
 
+        $this->authorizer->setRequest($request);
+
         $this->authorizer->validateAccessToken($this->httpHeadersOnly);
         $this->validateScopes($scopes);
 
diff --git a/src/Middleware/OAuthUserOwnerMiddleware.php b/src/Middleware/OAuthUserOwnerMiddleware.php
@@ -51,6 +51,8 @@ public function __construct(Authorizer $authorizer)
      */
     public function handle($request, Closure $next)
     {
+        $this->authorizer->setRequest($request);
+
         if ($this->authorizer->getResourceOwnerType() !== 'user') {
             throw new AccessDeniedException();
         }
diff --git a/tests/unit/LucaDegasperi/OAuth2Server/Middleware/CheckAuthCodeRequestMiddlewareSpec.php b/tests/unit/LucaDegasperi/OAuth2Server/Middleware/CheckAuthCodeRequestMiddlewareSpec.php
@@ -40,6 +40,7 @@ public function it_is_initializable()
     public function it_calls_the_next_middleware_on_success(Request $request, Authorizer $authorizer)
     {
         $authorizer->checkAuthCodeRequest()->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new MiddlewareException('Called execution of $next'))
             ->during('handle', [$request, $this->next]);
@@ -48,6 +49,7 @@ public function it_calls_the_next_middleware_on_success(Request $request, Author
     public function it_exits_on_error(Request $request, Authorizer $authorizer)
     {
         $authorizer->checkAuthCodeRequest()->willThrow(new InvalidRequestException('client_id'))->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldNotThrow(new MiddlewareException('Called execution of $next'))
                 ->during('handle', [$request, $this->next]);
diff --git a/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthClientOwnerMiddlewareSpec.php b/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthClientOwnerMiddlewareSpec.php
@@ -45,6 +45,7 @@ public function it_is_initializable()
     public function it_passes_if_resource_owners_are_allowed(Request $request, Authorizer $authorizer)
     {
         $authorizer->getResourceOwnerType()->willReturn('client')->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new MiddlewareException('Called execution of $next'))
             ->during('handle', [$request, $this->next]);
@@ -53,6 +54,7 @@ public function it_passes_if_resource_owners_are_allowed(Request $request, Autho
     public function it_blocks_if_resource_owners_are_not_allowed(Request $request, Authorizer $authorizer)
     {
         $authorizer->getResourceOwnerType()->willReturn('user')->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new AccessDeniedException())
             ->during('handle', [$request, $this->next]);
diff --git a/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthMiddlewareSpec.php b/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthMiddlewareSpec.php
@@ -41,6 +41,7 @@ public function it_is_initializable()
     public function it_blocks_invalid_access_tokens(Request $request, Authorizer $authorizer)
     {
         $authorizer->validateAccessToken(false)->willThrow(new AccessDeniedException())->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldNotThrow(new MiddlewareException('Called execution of $next'))
                 ->during('handle', [$request, $this->next]);
@@ -49,6 +50,7 @@ public function it_blocks_invalid_access_tokens(Request $request, Authorizer $au
     public function it_passes_with_valid_access_token(Request $request, Authorizer $authorizer)
     {
         $authorizer->validateAccessToken(false)->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new MiddlewareException('Called execution of $next'))
                 ->during('handle', [$request, $this->next]);
@@ -57,6 +59,7 @@ public function it_passes_with_valid_access_token(Request $request, Authorizer $
     public function it_block_invalid_scopes(Request $request, Authorizer $authorizer)
     {
         $authorizer->validateAccessToken(false)->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
         $authorizer->hasScope(['baz'])->willReturn(false)->shouldBeCalled();
 
         $this->shouldThrow(new InvalidScopeException('baz'))
@@ -69,6 +72,7 @@ public function it_block_invalid_scopes(Request $request, Authorizer $authorizer
     public function it_passes_with_valid_scopes(Request $request, Authorizer $authorizer)
     {
         $authorizer->validateAccessToken(false)->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
         $authorizer->hasScope(['baz'])->willReturn(true)->shouldBeCalled();
 
         $this->shouldNotThrow(new InvalidScopeException('baz'))
diff --git a/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthUserOwnerMiddlewareSpec.php b/tests/unit/LucaDegasperi/OAuth2Server/Middleware/OAuthUserOwnerMiddlewareSpec.php
@@ -45,6 +45,7 @@ public function it_is_initializable()
     public function it_passes_if_resource_owners_are_allowed(Request $request, Authorizer $authorizer)
     {
         $authorizer->getResourceOwnerType()->willReturn('user')->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new MiddlewareException('Called execution of $next'))
             ->during('handle', [$request, $this->next]);
@@ -53,6 +54,7 @@ public function it_passes_if_resource_owners_are_allowed(Request $request, Autho
     public function it_blocks_if_resource_owners_are_not_allowed(Request $request, Authorizer $authorizer)
     {
         $authorizer->getResourceOwnerType()->willReturn('client')->shouldBeCalled();
+        $authorizer->setRequest($request)->shouldBeCalled();
 
         $this->shouldThrow(new AccessDeniedException())
             ->during('handle', [$request, $this->next]);

Original file line number	Diff line number	Diff line change
`@@ -48,6 +48,8 @@ public function __construct(Authorizer $authorizer)`
`48`	`48`	`*/`
`49`	`49`	`public function handle($request, Closure $next)`
`50`	`50`	`{`
	`51`	`+ $this->authorizer->setRequest($request);`
	`52`	`+`
`51`	`53`	`$this->authorizer->checkAuthCodeRequest();`
`52`	`54`
`53`	`55`	`return $next($request);`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,8 @@ public function __construct(Authorizer $authorizer)`
`51`	`51`	`*/`
`52`	`52`	`public function handle($request, Closure $next)`
`53`	`53`	`{`
	`54`	`+ $this->authorizer->setRequest($request);`
	`55`	`+`
`54`	`56`	`if ($this->authorizer->getResourceOwnerType() !== 'client') {`
`55`	`57`	`throw new AccessDeniedException();`
`56`	`58`	`}`
Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,8 @@ public function handle($request, Closure $next, $scopesString = null)`
`67`	`67`	`$scopes = explode('+', $scopesString);`
`68`	`68`	`}`
`69`	`69`
	`70`	`+ $this->authorizer->setRequest($request);`
	`71`	`+`
`70`	`72`	`$this->authorizer->validateAccessToken($this->httpHeadersOnly);`
`71`	`73`	`$this->validateScopes($scopes);`
`72`	`74`
Original file line number	Diff line number	Diff line change
`@@ -40,6 +40,7 @@ public function it_is_initializable()`
`40`	`40`	`public function it_calls_the_next_middleware_on_success(Request $request, Authorizer $authorizer)`
`41`	`41`	`{`
`42`	`42`	`$authorizer->checkAuthCodeRequest()->shouldBeCalled();`
	`43`	`+ $authorizer->setRequest($request)->shouldBeCalled();`
`43`	`44`
`44`	`45`	`$this->shouldThrow(new MiddlewareException('Called execution of $next'))`
`45`	`46`	`->during('handle', [$request, $this->next]);`
`@@ -48,6 +49,7 @@ public function it_calls_the_next_middleware_on_success(Request $request, Author`
`48`	`49`	`public function it_exits_on_error(Request $request, Authorizer $authorizer)`
`49`	`50`	`{`
`50`	`51`	`$authorizer->checkAuthCodeRequest()->willThrow(new InvalidRequestException('client_id'))->shouldBeCalled();`
	`52`	`+ $authorizer->setRequest($request)->shouldBeCalled();`
`51`	`53`
`52`	`54`	`$this->shouldNotThrow(new MiddlewareException('Called execution of $next'))`
`53`	`55`	`->during('handle', [$request, $this->next]);`
Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ public function it_is_initializable()`
`45`	`45`	`public function it_passes_if_resource_owners_are_allowed(Request $request, Authorizer $authorizer)`
`46`	`46`	`{`
`47`	`47`	`$authorizer->getResourceOwnerType()->willReturn('client')->shouldBeCalled();`
	`48`	`+ $authorizer->setRequest($request)->shouldBeCalled();`
`48`	`49`
`49`	`50`	`$this->shouldThrow(new MiddlewareException('Called execution of $next'))`
`50`	`51`	`->during('handle', [$request, $this->next]);`
`@@ -53,6 +54,7 @@ public function it_passes_if_resource_owners_are_allowed(Request $request, Autho`
`53`	`54`	`public function it_blocks_if_resource_owners_are_not_allowed(Request $request, Authorizer $authorizer)`
`54`	`55`	`{`
`55`	`56`	`$authorizer->getResourceOwnerType()->willReturn('user')->shouldBeCalled();`
	`57`	`+ $authorizer->setRequest($request)->shouldBeCalled();`
`56`	`58`
`57`	`59`	`$this->shouldThrow(new AccessDeniedException())`
`58`	`60`	`->during('handle', [$request, $this->next]);`