diff --git a/CHANGELOG.md b/CHANGELOG.md index bceb11f6a..f511374af 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +## [7.3.2] - released 2018-11-21 + +- Revert setting keys on response type to be inside `getResponseType()` function instead of AuthorizationServer constructor (PR #969) + ## [7.3.1] - released 2018-11-15 ### Fixed @@ -427,7 +431,8 @@ Version 5 is a complete code rewrite. - First major release -[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.3.1...HEAD +[Unreleased]: https://github.com/thephpleague/oauth2-server/compare/7.3.2...HEAD +[7.3.2]: https://github.com/thephpleague/oauth2-server/compare/7.3.1...7.3.2 [7.3.1]: https://github.com/thephpleague/oauth2-server/compare/7.3.0...7.3.1 [7.3.0]: https://github.com/thephpleague/oauth2-server/compare/7.2.0...7.3.0 [7.2.0]: https://github.com/thephpleague/oauth2-server/compare/7.1.1...7.2.0 diff --git a/src/AuthorizationServer.php b/src/AuthorizationServer.php index e96ce04f9..bde97d6eb 100644 --- a/src/AuthorizationServer.php +++ b/src/AuthorizationServer.php @@ -114,12 +114,6 @@ public function __construct( $responseType = clone $responseType; } - if ($responseType instanceof AbstractResponseType) { - $responseType->setPrivateKey($this->privateKey); - } - - $responseType->setEncryptionKey($this->encryptionKey); - $this->responseType = $responseType; } @@ -219,7 +213,15 @@ public function respondToAccessTokenRequest(ServerRequestInterface $request, Res */ protected function getResponseType() { - return clone $this->responseType; + $responseType = clone $this->responseType; + + if ($responseType instanceof AbstractResponseType) { + $responseType->setPrivateKey($this->privateKey); + } + + $responseType->setEncryptionKey($this->encryptionKey); + + return $responseType; } /** diff --git a/tests/AuthorizationServerTest.php b/tests/AuthorizationServerTest.php index 73f84a61c..0a8bf6d1b 100644 --- a/tests/AuthorizationServerTest.php +++ b/tests/AuthorizationServerTest.php @@ -110,6 +110,43 @@ public function testGetResponseType() $this->assertInstanceOf(BearerTokenResponse::class, $method->invoke($server)); } + public function testGetResponseTypeExtended() + { + $clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); + $privateKey = 'file://' . __DIR__ . '/Stubs/private.key'; + $encryptionKey = 'file://' . __DIR__ . '/Stubs/public.key'; + + $server = new class($clientRepository, $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(), $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(), $privateKey, $encryptionKey) extends AuthorizationServer { + protected function getResponseType() + { + $this->responseType = new class extends BearerTokenResponse { + /* @return null|CryptKey */ + public function getPrivateKey() + { + return $this->privateKey; + } + + public function getEncryptionKey() + { + return $this->encryptionKey; + } + }; + + return parent::getResponseType(); + } + }; + + $abstractGrantReflection = new \ReflectionClass($server); + $method = $abstractGrantReflection->getMethod('getResponseType'); + $method->setAccessible(true); + $responseType = $method->invoke($server); + + $this->assertInstanceOf(BearerTokenResponse::class, $responseType); + // generated instances should have keys setup + $this->assertSame($privateKey, $responseType->getPrivateKey()->getKeyPath()); + $this->assertSame($encryptionKey, $responseType->getEncryptionKey()); + } + public function testMultipleRequestsGetDifferentResponseTypeInstances() { $privateKey = 'file://' . __DIR__ . '/Stubs/private.key';