lookyman / nette-oauth2-server-doctrine Goto Github PK

Hi, there is already version 7.0 of league/oauth2-server dependency out, meanwhile this library depends on version <5.1.4

Any plans to update?

Hello,

Nette 3.0 is out for a while, is there any chance you will support it? Thanks!

Hi there!

league/oauth2-server supports multiple redirect uris for each client -> https://github.com/thephpleague/oauth2-server/blob/master/src/Grant/AuthCodeGrant.php#L246

Any idea how to implement it easily? What came in my mind was changing doctrine type of $redirectUri property to simple_array, which would not cause a BC break but potentially if anyone used it with commas in url (who does that? 😄) it would stop work for him.

Another idea was to use json_array, but that would be a BC break as it would require change of data structure in db.

Maybe creating next property and pick the one which is not null?

There is no callback in handleApprove or handleDeny in ApproveControl.

Currently the user has to approve authorization on every login. Is it possible to approve authorization only once?

I only thought about adding callbacks onApprove and onDeny in ApproveControl.

Thanks in advance.

Hi, i am thinking about extending ClientEntity and i would like to know what would be the best way to do it (and basically to any other oauth related entity).

Creating own entity would not be enough, i need to wire it into repository and query service.

Is there any suggestions how to do it? I can imagine there could be config option to pass entity class name.

In versions 5.1.4+ and 6.0+ there were some changes to the setup: https://oauth2.thephpleague.com/v5-security-improvements/

specifically one has now to call

$server->setEncryptionKey('lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen');

(where the string is some random data)

before adding grants or doing anything with the server.

On the 5 series this generates a deprecation warning only (which we treat as errors in our codebase). I can pin for the lower version for now but it would be nice to have this fixed :)

Hi, i have weird problem with doctrine entities and the database diff. It always says database is not up to date.

Running bin/console orm:schema-tool:update --dump-sql results in:

 The following SQL statements will be executed:

     ALTER TABLE oauth2_auth_code CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL;
     ALTER TABLE oauth2_refresh_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL;
     ALTER TABLE oauth2_access_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL;

I checked database and the columns are exactly like this.

It would not be such a big problem, but we use a CI check if migrations are up to date.

What is weird as well is that generated migration has exactly same SQL query for up() and down() versioning (which confirms that the columns in database are exactly same as they should be according to doctrine mapping):

public function up(Schema $schema) : void
    {
        $this->addSql('ALTER TABLE oauth2_auth_code CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
        $this->addSql('ALTER TABLE oauth2_refresh_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
        $this->addSql('ALTER TABLE oauth2_access_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
    }

    public function down(Schema $schema) : void
    {
        $this->addSql('ALTER TABLE oauth2_access_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
        $this->addSql('ALTER TABLE oauth2_auth_code CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
        $this->addSql('ALTER TABLE oauth2_refresh_token CHANGE expiry_date_time expiry_date_time DATETIME NOT NULL');
    }

Do you please have any tips where to start my findings? I can ofc send a PR, but any tip will fasten up my research drastically.

Thank you!