vierbergenlars / authserver Goto Github PK

View Code? Open in Web Editor NEW

2.0 2.0 2.0 1.15 MB

:closed_lock_with_key: An OAuth2-based single-signon authentication provider written in PHP

License: GNU Affero General Public License v3.0

HTML 12.53% PHP 83.49% JavaScript 0.24% CSS 0.13% Shell 3.62%

authentication authorization groups identity oauth php registration user-management user-profile

authserver's People

Contributors

Stargazers

Watchers

Forkers

studentenraad kovankerckhoven

authserver's Issues

Properly generate prev & next links in API

Example: /admin/groups.xml?q[name]=*
Actual result

<result page="1" total="11">
    <entry name="ind_members_2014" display_name="Industria members 2014 - 2015">
        <link rel="self" href="/admin/groups/ind_members_2014"/>
    </entry>
    <... />
    <entry name="praesidium" display_name="Current praesidium">
        <link rel="self" href="/admin/groups/praesidium"/>
    </entry>
    <link rel="next" href="/admin/groups?page=2"/>
</result>

Expected result:

<result page="1" total="11">
    <entry name="ind_members_2014" display_name="Industria members 2014 - 2015">
        <link rel="self" href="/admin/groups/ind_members_2014"/>
    </entry>
    <... />
    <entry name="praesidium" display_name="Current praesidium">
        <link rel="self" href="/admin/groups/praesidium"/>
    </entry>
    <link rel="next" href="/admin/groups?q[name]=*&page=2"/>
</result>

Cannot delete users that have authorized oauth apps

Error message: An exception occurred while executing 'DELETE FROM auth_users WHERE id = ?' with params [54]: SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`industria_idp`.`AccessToken`, CONSTRAINT `FK_B39617F5A76ED395` FOREIGN KEY (`user_id`) REFERENCES `auth_users` (`id`))

Removing OAuth clients fails

Error message: An exception occurred while executing 'DELETE FROM Client WHERE id = ?' with params [1]: SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`industria_idp`.`user_oauthclient`, CONSTRAINT `FK_6364CB4D19EB6921` FOREIGN KEY (`client_id`) REFERENCES `Client` (`id`))

Allow OAuth2 requests without scope parameter

Issuing an OAuth2 authorization request without a scope parameter present results in a allowed scope exceeded error, preventing the authorization from completing.

[2018-05-24 18:34:11] request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\BadRequestHttpException: "Client requested scopes outside its allowed scope." at authserver-v0.11.5/src/App/EventListener/OAuthPreAuthorizationEventListener.php line 77 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\BadRequestHttpException(code: 0): Client requested scopes outside its allowed scope. at authserver-v0.11.5/src/App/EventListener/OAuthPreAuthorizationEventListener.php:77)"} []

Invalid foreach argument with emails

When a user without e-mail address is present, User.php throws:
Warning: Invalid argument supplied for foreach()

[1] Symfony\Component\Debug\Exception\ContextErrorException: Warning: Invalid argument supplied for foreach()
    at n/a
        in /var/www/src/App/Entity/User.php line 412

    at Symfony\Component\Debug\ErrorHandler->handleError('2', 'Invalid argument supplied for foreach()', '/var/www/src/App/Entity/User.php', '412', array())
        in /var/www/src/App/Entity/User.php line 412

    at App\Entity\User->getPrimaryEmailAddress()
        in /var/www/src/App/Entity/User.php line 168

    at App\Entity\User->serialize()
        in  line 

    at serialize(array(object(User), false, array(object(Role)), array()))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php line 156

    at Symfony\Component\Security\Core\Authentication\Token\AbstractToken->serialize()
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php line 96

    at Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken->serialize()
        in  line 

    at serialize(array(object(User), true, array(object(Role), object(SwitchUserRole)), array()))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php line 156

    at Symfony\Component\Security\Core\Authentication\Token\AbstractToken->serialize()
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php line 96

    at Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken->serialize()
        in  line 

    at serialize(object(UsernamePasswordToken))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/ContextListener.php line 129

    at Symfony\Component\Security\Http\Firewall\ContextListener->onKernelResponse(object(FilterResponseEvent), 'kernel.response', object(TraceableEventDispatcher))
        in  line 

    at call_user_func(array(object(ContextListener), 'onKernelResponse'), object(FilterResponseEvent), 'kernel.response', object(TraceableEventDispatcher))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php line 61

    at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object(FilterResponseEvent), 'kernel.response', object(ContainerAwareEventDispatcher))
        in  line 

    at call_user_func(object(WrappedListener), object(FilterResponseEvent), 'kernel.response', object(ContainerAwareEventDispatcher))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php line 158

    at Symfony\Component\EventDispatcher\EventDispatcher->doDispatch(array(object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener)), 'kernel.response', object(FilterResponseEvent))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php line 46

    at Symfony\Component\EventDispatcher\EventDispatcher->dispatch('kernel.response', object(FilterResponseEvent))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php line 124

    at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch('kernel.response', object(FilterResponseEvent))
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php line 179

    at Symfony\Component\HttpKernel\HttpKernel->filterResponse(object(Response), object(Request), '1')
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php line 161

    at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), '1')
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php line 62

    at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), '1', true)
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/DependencyInjection/ContainerAwareHttpKernel.php line 69

    at Symfony\Component\HttpKernel\DependencyInjection\ContainerAwareHttpKernel->handle(object(Request), '1', true)
        in /var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php line 184

    at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
        in /var/www/web/app_dev.php line 15

Fix position of OAuth application remove button

Groups starting with % should not be accessible over API

All groups starting with a % sign are only accessible by users with local ROLE_ADMIN, and are not accessible through the admin API.
These groups are for administration purposes and are used to provide super-user access to systems. No applications with admin API keys should have access to these groups.

Bug introduced in 1a7d6fc

User joinable groups

Add groups that users can make themselves member of.
Also expose an OAuth authenticated API endpoint for managing memberships.
Useful for managing subscriptions without using the private admin API

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.