🛀 auth method cleanup

codemasher · codemasher · commit 0cc8591a9057 · 2019-11-06T19:22:00.000+01:00
diff --git a/README.md b/README.md
@@ -126,7 +126,9 @@ Protected properties:
 
 property | description
 -------- | -----------
-`$authMethod` | the authentication method, one of `OAuth2Interface::AUTH_METHODS_HEADER` or `OAuth2Interface::AUTH_METHODS_QUERY`
+`$authMethod` | the authentication method, `OAuth2Interface::AUTH_METHOD_HEADER` (default) or `OAuth2Interface::AUTH_METHOD_QUERY`
+`$authMethodHeader` | the name of the `Authorization` header in case `OAuth2Interface::AUTH_METHOD_HEADER` is used, defaults to `Bearer`
+`$authMethodQuery` | the name of the querystring in case `OAuth2Interface::AUTH_METHOD_QUERY` is used, defaults to `access_token`
 `$scopesDelimiter` | (optional) a delimiter string for the OAuth2 scopes, defaults to `' '` (space)
 `$refreshTokenURL` | (optional) a refresh token exchange URL, in case it differs from `$accessTokenURL`
 `$clientCredentialsTokenURL` | (optional) a client credentials token exchange URL, in case it differs from `$accessTokenURL`
@@ -166,7 +168,8 @@ class MyOauth2Provider extends Oauth2Provider implements ClientCredentials, CSRF
 
 	// optional
 	protected $clientCredentialsTokenURL = 'https://example.com/oauth2/client_credentials';
-	protected $authMethod                = self::HEADER_BEARER;
+	protected $authMethod                = self::AUTH_METHOD_HEADER;
+	protected $authMethodHeader          = 'OAuth';
 	protected $scopesDelimiter           = ',';
 }
 ```
diff --git a/src/Core/OAuth2Interface.php b/src/Core/OAuth2Interface.php
@@ -16,26 +16,8 @@
 
 interface OAuth2Interface extends OAuthInterface{
 
-	const HEADER_OAUTH              = 0;
-	const HEADER_BEARER             = 1;
-	const QUERY_ACCESS_TOKEN        = 2;
-	const QUERY_OAUTH2_ACCESS_TOKEN = 3;
-	const QUERY_APIKEY              = 4;
-	const QUERY_AUTH                = 5;
-	const QUERY_OAUTH_TOKEN         = 6;
-
-	const AUTH_METHODS_HEADER = [
-		self::HEADER_OAUTH  => 'OAuth ',
-		self::HEADER_BEARER => 'Bearer ',
-	];
-
-	const AUTH_METHODS_QUERY = [
-		self::QUERY_ACCESS_TOKEN        => 'access_token',
-		self::QUERY_OAUTH2_ACCESS_TOKEN => 'oauth2_access_token',
-		self::QUERY_APIKEY              => 'apikey',
-		self::QUERY_AUTH                => 'auth',
-		self::QUERY_OAUTH_TOKEN         => 'oauth_token',
-	];
+	const AUTH_METHOD_HEADER = 1;
+	const AUTH_METHOD_QUERY  = 2;
 
 	/**
 	 * Obtains an OAuth2 access token with the given $code, verifies the $state
@@ -60,5 +42,4 @@ public function getAccessToken(string $code, string $state = null):AccessToken;
 	 */
 	public function getAuthURL(array $params = null, array $scopes = null):UriInterface;
 
-
 }
diff --git a/src/Core/OAuth2Provider.php b/src/Core/OAuth2Provider.php
@@ -16,7 +16,7 @@
 
 use Psr\Http\Message\{RequestInterface, ResponseInterface, UriInterface};
 
-use function array_key_exists, array_merge, base64_encode, date, hash_equals, http_build_query,
+use function array_merge, base64_encode, date, hash_equals, http_build_query,
 	implode, is_array, json_decode, random_bytes, sha1, sprintf;
 use function chillerlan\HTTP\Psr7\{decompress_content, merge_query};
 
@@ -27,7 +27,17 @@ abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface{
 	/**
 	 * @var int
 	 */
-	protected $authMethod = self::HEADER_BEARER;
+	protected $authMethod = self::AUTH_METHOD_HEADER;
+
+	/**
+	 * @var string
+	 */
+	protected $authMethodHeader = 'Bearer';
+
+	/**
+	 * @var string
+	 */
+	protected $authMethodQuery = 'access_token';
 
 	/**
 	 * @var string
@@ -150,19 +160,17 @@ public function getAccessToken(string $code, string $state = null):AccessToken{
 	 */
 	public function getRequestAuthorization(RequestInterface $request, AccessToken $token):RequestInterface{
 
-		if(array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_HEADER)){
-			$request = $request->withHeader('Authorization', OAuth2Interface::AUTH_METHODS_HEADER[$this->authMethod].$token->accessToken);
+		if($this->authMethod === OAuth2Interface::AUTH_METHOD_HEADER){
+			return $request->withHeader('Authorization', $this->authMethodHeader.' '.$token->accessToken);
 		}
-		elseif(array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_QUERY)){
-			$uri = merge_query((string)$request->getUri(), [OAuth2Interface::AUTH_METHODS_QUERY[$this->authMethod] => $token->accessToken]);
 
-			$request = $request->withUri($this->uriFactory->createUri($uri));
-		}
-		else{
-			throw new ProviderException('invalid auth type');
+		if($this->authMethod === OAuth2Interface::AUTH_METHOD_QUERY){
+			$uri = merge_query($request->getUri()->__toString(), [$this->authMethodQuery => $token->accessToken]);
+
+			return $request->withUri($this->uriFactory->createUri($uri));
 		}
 
-		return $request;
+		throw new ProviderException('invalid auth type');
 	}
 
 	/**
diff --git a/tests/Providers/GenericOAuth2Test.php b/tests/Providers/GenericOAuth2Test.php
@@ -32,10 +32,10 @@ protected function getProvider():OAuthInterface{
 			protected $authURL        = 'https://example.com/oauth2/authorize';
 			protected $accessTokenURL = 'https://example.com/oauth2/token';
 			protected $userRevokeURL  = 'https://account.example.com/apps/';
-			protected $endpointMap     = TestEndpoints::class;
+			protected $endpointMap    = TestEndpoints::class;
 			protected $authHeaders    = ['foo' => 'bar'];
 			protected $apiHeaders     = ['foo' => 'bar'];
-			protected $authMethod     = OAuth2Provider::QUERY_ACCESS_TOKEN;
+			protected $authMethod     = OAuth2Provider::AUTH_METHOD_QUERY;
 
 		};
 
diff --git a/tests/Providers/OAuth2ProviderTestAbstract.php b/tests/Providers/OAuth2ProviderTestAbstract.php
@@ -106,16 +106,16 @@ public function testGetRequestAuthorization(){
 		$authMethod = $this->getProperty('authMethod')->getValue($this->provider);
 
 		// header (default)
-		if(isset(OAuth2Interface::AUTH_METHODS_HEADER[$authMethod])){
+		if($authMethod === OAuth2Interface::AUTH_METHOD_HEADER){
 			$this->assertStringContainsString(
-				OAuth2Interface::AUTH_METHODS_HEADER[$authMethod].'test_token',
+				$this->getProperty('authMethodHeader')->getValue($this->provider).' test_token',
 				$this->provider->getRequestAuthorization($request, $token)->getHeaderLine('Authorization')
 			);
 		}
 		// query
-		elseif(isset(OAuth2Interface::AUTH_METHODS_QUERY[$authMethod])){
+		elseif($authMethod === OAuth2Interface::AUTH_METHOD_QUERY){
 			$this->assertStringContainsString(
-				OAuth2Interface::AUTH_METHODS_QUERY[$authMethod].'=test_token',
+				$this->getProperty('authMethodQuery')->getValue($this->provider).'=test_token',
 				$this->provider->getRequestAuthorization($request, $token)->getUri()->getQuery()
 			);
 		}
