Merge branch '0.3'

CHANGELOG.md

@@ -1,6 +1,14 @@
 Changelog
 =========
 
+## 0.3.7 (2014-11-15)
+* Fix: `SessionStorage::save()` could throw php error,
+* Fix: `OAuthToken::isExpired()` always returned `false`,
+* Fix: `FoursquareResourceOwner`, `TwitchResourceOwner`, `SensioConnectResourceOwner`
+  not working with bearer header,
+* Fix: Don't use deprecated fields in `FacebookResourceOwner`,
+* Fix: `FOSUBUserProvider::refreshUser()` always returning old user,
+
 ## 0.3.6 (2014-06-02)
 * Fix: `InstagramResourceOwner` regression while getting user details,
 * Fix: Add smooth migration for session (de)serialization

Form/FOSUBRegistrationFormHandler.php

@@ -18,6 +18,7 @@
 use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
 use Symfony\Component\Form\Form;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\PropertyAccess\PropertyAccess;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
@@ -155,10 +156,11 @@ protected function reconstructFormHandler(Request $request, Form $form)
      */
     protected function setUserInformation(UserInterface $user, UserResponseInterface $userInformation)
     {
-        $user->setUsername($this->getUniqueUsername($userInformation->getNickname()));
+        $accessor = PropertyAccess::createPropertyAccessor();
+        $accessor->setValue($user, 'username', $this->getUniqueUserName($userInformation->getNickname()));
 
-        if (method_exists($user, 'setEmail')) {
-            $user->setEmail($userInformation->getEmail());
+        if ($accessor->isWritable($user, 'email')) {
+            $accessor->setValue($user, 'email', $userInformation->getEmail());
         }
 
         return $user;

HWIOAuthBundle.php

@@ -14,6 +14,7 @@
 use HWI\Bundle\OAuthBundle\DependencyInjection\HWIOAuthExtension;
 use HWI\Bundle\OAuthBundle\DependencyInjection\CompilerPass\SetResourceOwnerServiceNameCompilerPass;
 use HWI\Bundle\OAuthBundle\DependencyInjection\Security\Factory\OAuthFactory;
+use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\HttpKernel\Bundle\Bundle;
 
@@ -32,6 +33,7 @@ public function build(ContainerBuilder $container)
     {
         parent::build($container);
 
+        /** @var $extension SecurityExtension */
         $extension = $container->getExtension('security');
         $extension->addSecurityListenerFactory(new OAuthFactory());
 

OAuth/RequestDataStorage/SessionStorage.php

@@ -59,13 +59,13 @@ public function fetch(ResourceOwnerInterface $resourceOwner, $key, $type = 'toke
     public function save(ResourceOwnerInterface $resourceOwner, $value, $type = 'token')
     {
         if ('token' === $type) {
-            if (!isset($value['oauth_token'])) {
+            if (!is_array($value) || !isset($value['oauth_token'])) {
                 throw new \InvalidArgumentException('Invalid request token.');
             }
 
             $key = $this->generateKey($resourceOwner, $value['oauth_token'], 'token');
         } else {
-            $key = $this->generateKey($resourceOwner, is_array($value) ? current($value) : $value, $type);
+            $key = $this->generateKey($resourceOwner, is_array($value) ? reset($value) : $value, $type);
         }
 
         $this->session->set($key, $value);

OAuth/ResourceOwner/AbstractResourceOwner.php

@@ -199,7 +199,7 @@ protected function getUserResponse()
      */
     protected function normalizeUrl($url, array $parameters = array())
     {
-        $normalizedUrl  = $url;
+        $normalizedUrl = $url;
         if (!empty($parameters)) {
             $normalizedUrl .= (false !== strpos($url, '?') ? '&' : '?').http_build_query($parameters, '', '&');
         }
@@ -215,7 +215,7 @@ protected function normalizeUrl($url, array $parameters = array())
      * @param array  $headers The headers of the request
      * @param string $method  The HTTP method to use
      *
-     * @return HttpMessageInterface The response content
+     * @return HttpResponse The response content
      */
     protected function httpRequest($url, $content = null, $headers = array(), $method = null)
     {
@@ -286,15 +286,15 @@ protected function generateNonce()
      * @param string $url
      * @param array  $parameters
      *
-     * @return mixed
+     * @return HttpResponse
      */
     abstract protected function doGetTokenRequest($url, array $parameters = array());
 
     /**
      * @param string $url
      * @param array  $parameters
      *
-     * @return mixed
+     * @return HttpResponse
      */
     abstract protected function doGetUserInformationRequest($url, array $parameters = array());
 

OAuth/ResourceOwner/BoxResourceOwner.php

@@ -11,6 +11,7 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
+use Buzz\Message\RequestInterface as HttpRequestInterface;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
 /**
@@ -42,8 +43,7 @@ public function revokeToken($token)
             'token'         => $token
         );
 
-        /* @var $response \Buzz\Message\Response */
-        $response = $this->httpRequest($this->normalizeUrl($this->options['revoke_token_url']), $parameters, array(), 'POST');
+        $response = $this->httpRequest($this->normalizeUrl($this->options['revoke_token_url']), $parameters, array(), HttpRequestInterface::METHOD_POST);
 
         return 200 === $response->getStatusCode();
     }

OAuth/ResourceOwner/FacebookResourceOwner.php

@@ -11,6 +11,7 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
+use Buzz\Message\RequestInterface as HttpRequestInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
@@ -66,7 +67,7 @@ public function revokeToken($token)
             'client_secret' => $this->options['client_secret'],
         );
 
-        $response = $this->httpRequest($this->normalizeUrl($this->options['revoke_token_url'], array('token' => $token)), $parameters, array(), 'POST');
+        $response = $this->httpRequest($this->normalizeUrl($this->options['revoke_token_url'], array('token' => $token)), $parameters, array(), HttpRequestInterface::METHOD_POST);
         $response = $this->getResponseContent($response);
 
         return 'true' == $response;

OAuth/ResourceOwner/FoursquareResourceOwner.php

@@ -82,12 +82,14 @@ protected function configureOptions(OptionsResolverInterface $resolver)
         parent::configureOptions($resolver);
 
         $resolver->setDefaults(array(
-            'authorization_url' => 'https://foursquare.com/oauth2/authenticate',
-            'access_token_url'  => 'https://foursquare.com/oauth2/access_token',
-            'infos_url'         => 'https://api.foursquare.com/v2/users/self',
+            'authorization_url'        => 'https://foursquare.com/oauth2/authenticate',
+            'access_token_url'         => 'https://foursquare.com/oauth2/access_token',
+            'infos_url'                => 'https://api.foursquare.com/v2/users/self',
 
             // @link https://developer.foursquare.com/overview/versioning
-            'version'           => '20121206',
+            'version'                  => '20121206',
+
+            'use_bearer_authorization' => false,
 
             'use_bearer_authorization' => false,
         ));

OAuth/ResourceOwner/GenericOAuth2ResourceOwner.php

@@ -133,7 +133,6 @@ public function revokeToken($token)
             'client_secret' => $this->options['client_secret'],
         );
 
-        /* @var $response \Buzz\Message\Response */
         $response = $this->httpRequest($this->normalizeUrl($this->options['revoke_token_url'], array('token' => $token)), $parameters, array(), 'DELETE');
 
         return 200 === $response->getStatusCode();

OAuth/ResourceOwner/GitHubResourceOwner.php

@@ -11,7 +11,7 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
-use Buzz\Message\Response;
+use Buzz\Message\RequestInterface as HttpRequestInterface;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
 /**
@@ -38,12 +38,11 @@ class GitHubResourceOwner extends GenericOAuth2ResourceOwner
      */
     public function revokeToken($token)
     {
-        /* @var $response Response */
         $response = $this->httpRequest(
             sprintf($this->options['revoke_token_url'], $this->options['client_id'], $token),
             null,
             array('Authorization: Basic '.base64_encode($this->options['client_id'].':'.$this->options['client_secret'])),
-            'DELETE'
+            HttpRequestInterface::METHOD_DELETE
         );
 
         return 204 === $response->getStatusCode();

OAuth/ResourceOwner/JiraResourceOwner.php

@@ -11,6 +11,9 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
+use Buzz\Message\RequestInterface as HttpRequestInterface;
+use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
+use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
 use Symfony\Component\OptionsResolver\Options;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
@@ -25,21 +28,58 @@ class JiraResourceOwner extends GenericOAuth1ResourceOwner
      * {@inheritDoc}
      */
     protected $paths = array(
-        'identifier' => 'name',
-        'nickname'   => 'name',
-        'realname'   => 'displayName',
-        'email'      => 'emailAddress',
+        'identifier'     => 'name',
+        'nickname'       => 'name',
+        'realname'       => 'displayName',
+        'email'          => 'emailAddress',
+        'profilepicture' => 'avatarUrls.48x48',
     );
 
     /**
      * {@inheritDoc}
      */
-    protected function doGetUserInformationRequest($url, array $parameters = array())
+    public function getUserInformation(array $accessToken, array $extraParameters = array())
     {
-        $response = $this->httpRequest($this->options['base_url'].'/rest/auth/1/session', null, $parameters);
-        $data     = json_decode($response->getContent(), true);
+        $parameters = array_merge(array(
+            'oauth_consumer_key'     => $this->options['client_id'],
+            'oauth_timestamp'        => time(),
+            'oauth_nonce'            => $this->generateNonce(),
+            'oauth_version'          => '1.0',
+            'oauth_signature_method' => $this->options['signature_method'],
+            'oauth_token'            => $accessToken['oauth_token'],
+        ), $extraParameters);
 
-        return $this->httpRequest($this->normalizeUrl($url, array('username' => $data['name'])), null, $parameters);
+        $parameters['oauth_signature'] = OAuthUtils::signRequest(
+            HttpRequestInterface::METHOD_GET,
+            $this->options['infos_session_url'],
+            $parameters,
+            $this->options['client_secret'],
+            $accessToken['oauth_token_secret'],
+            $this->options['signature_method']
+        );
+
+        $content = $this->getResponseContent($this->doGetUserInformationRequest($this->options['infos_session_url'], $parameters));
+        $url     = $this->normalizeUrl($this->options['infos_url'], array('username' => $content['name']));
+
+        // Regenerate nonce & signature as URL was changed
+        $parameters['oauth_nonce']     = $this->generateNonce();
+        $parameters['oauth_signature'] = OAuthUtils::signRequest(
+            HttpRequestInterface::METHOD_GET,
+            $url,
+            $parameters,
+            $this->options['client_secret'],
+            $accessToken['oauth_token_secret'],
+            $this->options['signature_method']
+        );
+
+        $content = $this->doGetUserInformationRequest($url, $parameters)->getContent();
+
+        $response = $this->getUserResponse();
+        $response->setResponse($content);
+        $response->setResourceOwner($this);
+        $response->setOAuthToken(new OAuthToken($accessToken));
+
+        return $response;
     }
 
     /**
@@ -50,15 +90,21 @@ protected function configureOptions(OptionsResolverInterface $resolver)
         parent::configureOptions($resolver);
 
         $resolver->setDefaults(array(
-            'base_url'          => '',
             'authorization_url' => '{base_url}/plugins/servlet/oauth/authorize',
             'request_token_url' => '{base_url}/plugins/servlet/oauth/request-token',
             'access_token_url'  => '{base_url}/plugins/servlet/oauth/access-token',
+
+            // JIRA API requires to first know the username to be able to ask for user details
+            'infos_session_url' => '{base_url}/rest/auth/1/session',
             'infos_url'         => '{base_url}/rest/api/2/user',
 
             'signature_method'  => 'RSA-SHA1',
         ));
 
+        $resolver->setRequired(array(
+            'base_url',
+        ));
+
         $normalizer = function (Options $options, $value) {
             return str_replace('{base_url}', $options['base_url'], $value);
         };
@@ -67,6 +113,7 @@ protected function configureOptions(OptionsResolverInterface $resolver)
             'authorization_url' => $normalizer,
             'request_token_url' => $normalizer,
             'access_token_url'  => $normalizer,
+            'infos_session_url' => $normalizer,
             'infos_url'         => $normalizer,
         ));
     }

OAuth/ResourceOwner/SalesforceResourceOwner.php

@@ -11,7 +11,6 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
-use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
 /**

OAuth/ResourceOwner/SensioConnectResourceOwner.php

@@ -45,13 +45,15 @@ protected function configureOptions(OptionsResolverInterface $resolver)
         parent::configureOptions($resolver);
 
         $resolver->setDefaults(array(
-            'authorization_url'   => 'https://connect.sensiolabs.com/oauth/authorize',
-            'access_token_url'    => 'https://connect.sensiolabs.com/oauth/access_token',
-            'infos_url'           => 'https://connect.sensiolabs.com/api',
+            'authorization_url'        => 'https://connect.sensiolabs.com/oauth/authorize',
+            'access_token_url'         => 'https://connect.sensiolabs.com/oauth/access_token',
+            'infos_url'                => 'https://connect.sensiolabs.com/api',
 
-            'user_response_class' => '\HWI\Bundle\OAuthBundle\OAuth\Response\SensioConnectUserResponse',
+            'user_response_class'      => '\HWI\Bundle\OAuthBundle\OAuth\Response\SensioConnectUserResponse',
 
-            'response_type'       => 'code',
+            'response_type'            => 'code',
+
+            'use_bearer_authorization' => false,
 
             'use_bearer_authorization' => false,
         ));

OAuth/ResourceOwner/TwitterResourceOwner.php

@@ -24,9 +24,10 @@ class TwitterResourceOwner extends GenericOAuth1ResourceOwner
      * {@inheritDoc}
      */
     protected $paths = array(
-        'identifier' => 'id_str',
-        'nickname'   => 'screen_name',
-        'realname'   => 'name',
+        'identifier'     => 'id_str',
+        'nickname'       => 'screen_name',
+        'realname'       => 'name',
+        'profilepicture' => 'profile_image_url_https',
     );
 
     /**

OAuth/ResourceOwner/WordpressResourceOwner.php

@@ -11,7 +11,6 @@
 
 namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
 
-use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
 
 /**
@@ -32,21 +31,6 @@ class WordpressResourceOwner extends GenericOAuth2ResourceOwner
         'profilepicture' => 'avatar_URL',
     );
 
-    /**
-     * {@inheritDoc}
-     */
-    public function getUserInformation(array $accessToken, array $extraParameters = array())
-    {
-        $content = $this->httpRequest($this->normalizeUrl($this->options['infos_url']), null, array('Authorization: Bearer '.$accessToken['access_token']))->getContent();
-
-        $response = $this->getUserResponse();
-        $response->setResponse($content);
-        $response->setResourceOwner($this);
-        $response->setOAuthToken(new OAuthToken($accessToken));
-
-        return $response;
-    }
-
     /**
      * {@inheritDoc}
      */