c

xtwoend · xtwoend · commit c4e8967083dd · 2021-11-15T16:22:53.000+07:00
diff --git a/src/Middleware/BasicMiddleware.php b/src/Middleware/BasicMiddleware.php
@@ -0,0 +1,63 @@
+<?php
+
+namespace OAuthServer\Middleware;
+
+use Psr\Http\Message\ResponseInterface;
+use League\OAuth2\Server\ResourceServer;
+use Psr\Http\Server\MiddlewareInterface;
+use OAuthServer\Middleware\ValidateScopeTrait;
+use OAuthServer\Repositories\ClientRepository;
+use OAuthServer\Exception\AuthenticationException;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Psr\Http\Server\RequestHandlerInterface as Handler;
+use League\OAuth2\Server\Exception\OAuthServerException;
+
+class ClientMiddleware implements MiddlewareInterface
+{
+    use ValidateScopeTrait;
+
+    protected $repository;
+    protected $server;
+    protected $client;
+
+    public function __construct(ClientRepository $repository, ResourceServer $server)
+    {
+        $this->repository = $repository;
+        $this->server = $server;
+    }
+
+    public function process(Request $request, Handler $handler): ResponseInterface
+    {
+        try {
+            $request = $this->server->validateAuthenticatedRequest($request);
+        } catch (OAuthServerException $exception) {
+            throw new AuthenticationException("Unauthorize: {$exception->getMessage()}");
+        } catch (\Exception $exception) {
+            throw new AuthenticationException("Unauthorize: {$exception->getMessage()}");
+        }
+
+        $dispatched = $request->getAttribute(\Hyperf\HttpServer\Router\Dispatched::class);
+        $scopes = $dispatched->handler->options['scopes']?? [];
+
+        $this->validate($request, $scopes);
+
+        $request = $request->withAttribute('client', $this->client);
+
+        return $handler->handle($request);
+    }
+
+    protected function validate($request, $scopes)
+    {
+        $client = $this->repository->findActive($request->getAttribute('oauth_client_id'));
+
+        if (is_null($client)) {
+            throw new AuthenticationException("Unauthorize.");
+        }
+
+        $this->client = $client;
+
+        $tokenScope = $request->getAttribute('oauth_scopes')?? [];
+
+        $this->validateScopes($tokenScope, $scopes);
+    }
+}
diff --git a/src/Middleware/ClientMiddleware.php b/src/Middleware/ClientMiddleware.php
@@ -53,6 +53,10 @@ protected function validate($request, $scopes)
         if (is_null($client)) {
             throw new AuthenticationException("Unauthorize.");
         }
+        
+        if($client->password_client) {
+            throw new AuthenticationException("Unauthorize.");
+        }
 
         $this->client   = $client;
 

Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,10 @@ protected function validate($request, $scopes)`
`53`	`53`	`if (is_null($client)) {`
`54`	`54`	`throw new AuthenticationException("Unauthorize.");`
`55`	`55`	`}`
	`56`	`+`
	`57`	`+ if($client->password_client) {`
	`58`	`+ throw new AuthenticationException("Unauthorize.");`
	`59`	`+ }`
`56`	`60`
`57`	`61`	`$this->client = $client;`
`58`	`62`