Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Add documentation for authorization code grant #177

Open
wants to merge 4 commits into
base: v3.x
Choose a base branch
from
Open

[WIP] Add documentation for authorization code grant #177

wants to merge 4 commits into from

Conversation

v-m-i
Copy link

@v-m-i v-m-i commented Feb 25, 2020

Closes #160

@codecov-io
Copy link

codecov-io commented Feb 25, 2020
edited

Codecov Report

Merging #177 (854faf9) into v3.x (119fa85) will increase coverage by 0.59%.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff              @@
##               v3.x     #177      +/-   ##
============================================
+ Coverage     90.89%   91.48%   +0.59%     
- Complexity      367      454      +87     
============================================
  Files            56       66      +10     
  Lines          1208     1621     +413     
============================================
+ Hits           1098     1483     +385     
- Misses          110      138      +28
Impacted Files Coverage Δ Complexity Δ
OAuth2Grants.php 0.00% <0.00%> (-100.00%) 1.00% <0.00%> (ø%)
.../Exception/Oauth2AuthenticationFailedException.php 0.00% <0.00%> (-100.00%) 1.00% <0.00%> (ø%)
Model/RedirectUri.php 29.62% <0.00%> (-53.71%) 15.00% <0.00%> (+12.00%) ⬇️
Event/UserResolveEvent.php 38.46% <0.00%> (-17.10%) 5.00% <0.00%> (-4.00%)
Model/Client.php 87.17% <0.00%> (-5.93%) 19.00% <0.00%> (+7.00%) ⬇️
Security/Authentication/Token/OAuth2Token.php 91.66% <0.00%> (-3.21%) 9.00% <0.00%> (-7.00%)
Manager/InMemory/ClientManager.php 18.18% <0.00%> (-0.87%) 12.00% <0.00%> (ø%)
League/Entity/Scope.php 100.00% <0.00%> (ø) 1.00% <0.00%> (ø%)
Converter/ScopeConverter.php 100.00% <0.00%> (ø) 4.00% <0.00%> (ø%)
Command/CreateClientCommand.php 100.00% <0.00%> (ø) 8.00% <0.00%> (+4.00%)
... and 30 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 119fa85...854faf9. Read the comment docs.

@v-m-i v-m-i mentioned this pull request Feb 26, 2020
Open
okazy
okazy reviewed Feb 27, 2020
View reviewed changes
Copy link

@okazy okazy left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@v-m-i
Thanks for the great documentation.
I didn't understand the following two points, so the documentation was very helpful.

  • How to change the path of the endpoint
  • How to handle redirect before authentication

I commented on some interesting points.

I have implemented my own authorization confirmation page.

  1. login page
  2. authorization confirmation page(ex. Do you allow read permission for this application?)
  3. redirect with authorization code

I would like to know if there is a best practice on how to set the authorization confirmation page.

Here is my code implemented without documentation.
https://github.com/okazy/ec-cube/compare/f604226b42131689f763a2d87af0994173c87390...okazy:d981ba70858282c1353f36367299db04053d03ff?expand=1

docs/authorization-code-grant.md Outdated Show resolved Hide resolved
docs/authorization-code-grant.md Show resolved Hide resolved
docs/authorization-code-grant.md Show resolved Hide resolved
docs/authorization-code-grant.md Outdated Show resolved Hide resolved
docs/authorization-code-grant.md Show resolved Hide resolved
docs/authorization-code-grant.md Outdated Show resolved Hide resolved
v-m-i and others added 2 commits March 2, 2020 10:44
@v-m-i @okazy
Apply suggestions from code review
a400fc4 
Co-Authored-By: Hideki Okajima <hideki518c@gmail.com>
@v-m-i
Add listener notice and improve example
b79eeca
@v-m-i
Copy link
Author

v-m-i commented Mar 2, 2020
edited

@okazy
Thank you for your feedback, I have committed your suggestions and added some additional changes for listener example.

Regarding authorization confirmation page, I don't know best practice for creating it.

@HypeMC
What do you think, maybe open new issue for best practice of creating authorization confirmation page? Also, maybe we should open issue (or include in best practice issue) explaining what is best practice for restricting scopes on authorization server? (I don't have that use-case in my applications so I can't recommend anything)

@spideyfusion spideyfusion changed the base branch from master to v3.x March 30, 2020 13:59
@spideyfusion spideyfusion linked an issue Apr 20, 2020 that may be closed by this pull request
Permission request page #88
Open
@dluces dluces mentioned this pull request Apr 24, 2020
Open
tdutrion
tdutrion reviewed Mar 4, 2021
View reviewed changes
Copy link

@tdutrion tdutrion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi! Thanks for this PR, it has been very useful to me!

Just a couple of changes that might be interesting here :)

docs/authorization-code-grant.md Outdated

## Requirements

To use authorization code grant `enable_auth_code_grant` parameter inside `authorization_server` must be set to `true` (it is set to `true` by default).
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

[info] User Deprecated: "trikoder_oauth2.authorization_server.enable_auth_code_grant" is deprecated, use "trikoder_oauth2.authorization_server.grant_types.authorization_code.enable" instead.

This should be updated to use the new parameters.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tdutrion
Thank you for noticing this, I have updated the documentation.

docs/authorization-code-grant.md Outdated

public function onAuthorizationRequestResolve(AuthorizationRequestResolveEvent $event)
{
if (null !== $event->getUser()) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could reverse the condition (null === $event->getUser()) and just return after setting the response:

public function onAuthorizationRequestResolve(AuthorizationRequestResolveEvent $event): void
{
    if (null === $event->getUser()) {
        $event->setResponse(new Response(302, [
            'Location' => $this->urlGenerator->generate('login', [
                'returnUrl' => $this->requestStack->getMasterRequest()->getUri(),
            ]),
        ]));

        return;
    }

    $event->resolveAuthorization(AuthorizationRequestResolveEvent::AUTHORIZATION_APPROVED);
}

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tdutrion
I agree, simplifying if statements using early returns is (usually) good practice. I have updated the documentation with your example.

@smilesrg
Copy link

@trikoder maybe it's time to accept this PR?

@X-Coder264 X-Coder264 mentioned this pull request Nov 20, 2021
Closed
@X-Coder264 X-Coder264 mentioned this pull request Aug 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tdutrion tdutrion tdutrion left review comments

@okazy okazy okazy left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Document how to setup the "authorization_code" grant Permission request page
5 participants
@v-m-i @codecov-io @smilesrg @tdutrion @okazy