Merge branch '1.6' into merge-1.6

# Conflicts:
#	.travis.yml
#	Command/CleanCommand.php
#	Command/CreateClientCommand.php
#	Controller/AuthorizeController.php
#	DependencyInjection/Configuration.php
#	DependencyInjection/FOSOAuthServerExtension.php
#	Security/Authentication/Provider/OAuthProvider.php
#	Security/EntryPoint/OAuthEntryPoint.php
#	Storage/OAuthStorage.php
#	Tests/Command/CleanCommandTest.php
#	Tests/Command/CreateClientCommandTest.php
#	Tests/Controller/AuthorizeControllerTest.php
#	Tests/DependencyInjection/FOSOAuthServerExtensionTest.php
#	Tests/Functional/BootTest.php
#	composer.json

Author: dkarlovi

.travis.yml

@@ -13,7 +13,7 @@ matrix:
   fast_finish: true
   include:
     - php: 7.1
-      env: SYMFONY_VERSION=3.0.*
+      env: SYMFONY_VERSION=3.4.*
     - php: 7.2
       env: SYMFONY_VERSION=4.0.*
     - php: 7.2

Command/CleanCommand.php

@@ -15,17 +15,35 @@
 
 use FOS\OAuthServerBundle\Model\AuthCodeManagerInterface;
 use FOS\OAuthServerBundle\Model\TokenManagerInterface;
-use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
+use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Output\OutputInterface;
 
-class CleanCommand extends ContainerAwareCommand
+class CleanCommand extends Command
 {
+    private $accessTokenManager;
+    private $refreshTokenManager;
+    private $authCodeManager;
+
+    public function __construct(
+        TokenManagerInterface $accessTokenManager,
+        TokenManagerInterface $refreshTokenManager,
+        AuthCodeManagerInterface $authCodeManager)
+    {
+        parent::__construct();
+
+        $this->accessTokenManager = $accessTokenManager;
+        $this->refreshTokenManager = $refreshTokenManager;
+        $this->authCodeManager = $authCodeManager;
+    }
+
     /**
      * {@inheritdoc}
      */
     protected function configure()
     {
+        parent::configure();
+
         $this
             ->setName('fos:oauth-server:clean')
             ->setDescription('Clean expired tokens')
@@ -43,19 +61,9 @@ protected function configure()
      */
     protected function execute(InputInterface $input, OutputInterface $output)
     {
-        $services = [
-            'fos_oauth_server.access_token_manager' => 'Access token',
-            'fos_oauth_server.refresh_token_manager' => 'Refresh token',
-            'fos_oauth_server.auth_code_manager' => 'Auth code',
-        ];
-
-        foreach ($services as $service => $name) {
-            /** @var TokenManagerInterface $instance */
-            $instance = $this->getContainer()->get($service);
-            if ($instance instanceof TokenManagerInterface || $instance instanceof AuthCodeManagerInterface) {
-                $result = $instance->deleteExpired();
-                $output->writeln(sprintf('Removed <info>%d</info> items from <comment>%s</comment> storage.', $result, $name));
-            }
+        foreach ([$this->accessTokenManager, $this->refreshTokenManager, $this->authCodeManager] as $service) {
+            $result = $service->deleteExpired();
+            $output->writeln(sprintf('Removed <info>%d</info> items from <comment>%s</comment> storage.', $result, get_class($service)));
         }
     }
 }

Command/CreateClientCommand.php

@@ -13,20 +13,32 @@
 
 namespace FOS\OAuthServerBundle\Command;
 
+use Symfony\Component\Console\Command\Command;
 use FOS\OAuthServerBundle\Model\ClientManagerInterface;
 use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Console\Output\OutputInterface;
 use Symfony\Component\Console\Style\SymfonyStyle;
 
-class CreateClientCommand extends ContainerAwareCommand
+class CreateClientCommand extends Command
 {
+    private $clientManager;
+
+    public function __construct(ClientManagerInterface $clientManager)
+    {
+        parent::__construct();
+
+        $this->clientManager = $clientManager;
+    }
+
     /**
      * {@inheritdoc}
      */
     protected function configure()
     {
+        parent::configure();
+
         $this
             ->setName('fos:oauth-server:create-client')
             ->setDescription('Creates a new client')
@@ -63,18 +75,14 @@ protected function execute(InputInterface $input, OutputInterface $output)
 
         $io->title('Client Credentials');
 
-        // Get the client manager
-        /** @var ClientManagerInterface $clientManager */
-        $clientManager = $this->getContainer()->get('fos_oauth_server.client_manager.default');
-
         // Create a new client
-        $client = $clientManager->createClient();
+        $client = $this->clientManager->createClient();
 
         $client->setRedirectUris($input->getOption('redirect-uri'));
         $client->setAllowedGrantTypes($input->getOption('grant-type'));
 
         // Save the client
-        $clientManager->updateClient($client);
+        $this->clientManager->updateClient($client);
 
         // Give the credentials back to the user
         $headers = ['Client ID', 'Client Secret'];

Controller/AuthorizeController.php

@@ -23,6 +23,8 @@
 use Symfony\Component\DependencyInjection\ContainerAwareInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Bundle\FrameworkBundle\Templating\EngineInterface;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\Form\Form;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RequestStack;
@@ -39,7 +41,7 @@
  *
  * @author Chris Jones <leeked@gmail.com>
  */
-class AuthorizeController implements ContainerAwareInterface
+class AuthorizeController
 {
     /**
      * @var ContainerInterface
@@ -107,25 +109,23 @@ class AuthorizeController implements ContainerAwareInterface
 
     /**
      * This controller had been made as a service due to support symfony 4 where all* services are private by default.
-     * Thus, there is considered a bad practice to fetch services directly from container.
+     * Thus, this is considered a bad practice to fetch services directly from container.
      *
-     * @todo This controller could be refactored to do not rely on so many dependencies
+     * @todo This controller could be refactored to not rely on so many dependencies
      *
-     * @param RequestStack             $requestStack
-     * @param SessionInterface         $session
-     * @param Form                     $authorizeForm
-     * @param AuthorizeFormHandler     $authorizeFormHandler
-     * @param OAuth2                   $oAuth2Server
-     * @param EngineInterface          $templating
-     * @param TokenStorageInterface    $tokenStorage
-     * @param UrlGeneratorInterface    $router
-     * @param ClientManagerInterface   $clientManager
-     * @param EventDispatcherInterface $eventDispatcher
-     * @param string                   $templateEngineType
+     * @param RequestStack           $requestStack
+     * @param  Form                   $authorizeForm
+     * @param AuthorizeFormHandler   $authorizeFormHandler
+     * @param OAuth2                 $oAuth2Server
+     * @param EngineInterface        $templating
+     * @param TokenStorageInterface  $tokenStorage
+     * @param UrlGeneratorInterface  $router
+     * @param ClientManagerInterface $clientManager
+     * @param EventDispatcherInterface        $eventDispatcher* @param SessionInterface         $session
+     * @param string                 $templateEngineType
      */
     public function __construct(
         RequestStack $requestStack,
-        SessionInterface $session,
         Form $authorizeForm,
         AuthorizeFormHandler $authorizeFormHandler,
         OAuth2 $oAuth2Server,
@@ -134,6 +134,7 @@ public function __construct(
         UrlGeneratorInterface $router,
         ClientManagerInterface $clientManager,
         EventDispatcherInterface $eventDispatcher,
+        SessionInterface $session = null,
         $templateEngineType = 'twig'
     ) {
         $this->requestStack = $requestStack;
@@ -170,7 +171,7 @@ public function authorizeAction(Request $request)
             throw new AccessDeniedException('This user does not have access to this section.');
         }
 
-        if (true === $this->session->get('_fos_oauth_server.ensure_logout')) {
+        if ($this->session && true === $this->session->get('_fos_oauth_server.ensure_logout')) {
             $this->session->invalidate(600);
             $this->session->set('_fos_oauth_server.ensure_logout', true);
         }
@@ -211,7 +212,7 @@ public function authorizeAction(Request $request)
      */
     protected function processSuccess(UserInterface $user, AuthorizeFormHandler $formHandler, Request $request)
     {
-        if (true === $this->session->get('_fos_oauth_server.ensure_logout')) {
+        if ($this->session && true === $this->session->get('_fos_oauth_server.ensure_logout')) {
             $this->tokenStorage->setToken(null);
             $this->session->invalidate();
         }

DependencyInjection/Configuration.php

@@ -34,9 +34,34 @@ public function getConfigTreeBuilder()
         /** @var ArrayNodeDefinition $rootNode */
         $rootNode = $treeBuilder->root('fos_oauth_server');
 
-        $supportedDrivers = ['orm', 'mongodb', 'propel'];
+        $supportedDrivers = ['orm', 'mongodb', 'propel', 'custom'];
 
         $rootNode
+            ->validate()
+                ->always(function($v) {
+                    if ('custom' !== $v['db_driver']) {
+                        return $v;
+                    }
+
+                    if (empty($v['service']['client_manager']) || $v['service']['client_manager'] === 'fos_oauth_server.client_manager.default') {
+                        throw new \InvalidArgumentException('The service client_manager must be set explicitly for custom db_driver.');
+                    }
+
+                    if (empty($v['service']['access_token_manager']) || $v['service']['access_token_manager'] === 'fos_oauth_server.access_token_manager.default') {
+                        throw new \InvalidArgumentException('The service access_token_manager must be set explicitly for custom db_driver.');
+                    }
+
+                    if (empty($v['service']['refresh_token_manager']) || $v['service']['refresh_token_manager'] === 'fos_oauth_server.refresh_token_manager.default') {
+                        throw new \InvalidArgumentException('The service refresh_token_manager must be set explicitly for custom db_driver.');
+                    }
+
+                    if (empty($v['service']['auth_code_manager']) || $v['service']['auth_code_manager'] === 'fos_oauth_server.auth_code_manager.default') {
+                        throw new \InvalidArgumentException('The service auth_code_manager must be set explicitly for custom db_driver.');
+                    }
+
+                    return $v;
+                })
+            ->end()
             ->children()
                 ->scalarNode('db_driver')
                     ->validate()

DependencyInjection/FOSOAuthServerExtension.php

@@ -36,7 +36,10 @@ public function load(array $configs, ContainerBuilder $container)
         $config = $processor->processConfiguration($configuration, $configs);
 
         $loader = new XmlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
-        $loader->load(sprintf('%s.xml', $config['db_driver']));
+
+        if ('custom' !== $config['db_driver']) {
+            $loader->load(sprintf('%s.xml', $config['db_driver']));
+        }
 
         foreach (['oauth', 'security'] as $basename) {
             $loader->load(sprintf('%s.xml', $basename));
@@ -92,12 +95,12 @@ public function load(array $configs, ContainerBuilder $container)
 
         if (!empty($config['authorize'])) {
             $this->loadAuthorize($config['authorize'], $container, $loader);
-        }
 
-        // Authorize form factory definition
-        // TODO: Go back to xml configuration when bumping the requirement to Symfony >=2.6
-        $authorizeFormDefinition = $container->getDefinition('fos_oauth_server.authorize.form');
-        $authorizeFormDefinition->setFactory([new Reference('form.factory'), 'createNamed']);
+            // Authorize form factory definition
+            // TODO: Go back to xml configuration when bumping the requirement to Symfony >=2.6
+            $authorizeFormDefinition = $container->getDefinition('fos_oauth_server.authorize.form');
+            $authorizeFormDefinition->setFactory([new Reference('form.factory'), 'createNamed']);
+        }
     }
 
     /**

Resources/config/authorize.xml

@@ -25,7 +25,6 @@
 
         <service id="fos_oauth_server.controller.authorize" class="FOS\OAuthServerBundle\Controller\AuthorizeController" public="true">
             <argument type="service" id="request_stack" />
-            <argument type="service" id="session" />
             <argument type="service" id="fos_oauth_server.authorize.form" />
             <argument type="service" id="fos_oauth_server.authorize.form.handler" />
             <argument type="service" id="fos_oauth_server.server" />
@@ -34,6 +33,7 @@
             <argument type="service" id="router" />
             <argument type="service" id="fos_oauth_server.client_manager" />
             <argument type="service" id="event_dispatcher" />
+            <argument type="service" id="session" on-invalid="null" />
             <argument>%fos_oauth_server.template.engine%</argument>
         </service>
     </services>

Resources/config/couchdb.xml

@@ -28,6 +28,11 @@
         <service id="fos_user.document_manager" factory-service="doctrine_couchdb" factory-method="getObjectManager" class="Doctrine\ODM\CouchDB\DocumentManager" public="false">
             <argument>%fos_oauth_server.model_manager_name%</argument>
         </service>
+
+        <service id="FOS\OAuthServerBundle\Model\ClientManagerInterface" alias="fos_oauth_server.client_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\AccessTokenManagerInterface" alias="fos_oauth_server.access_token_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\RefreshTokenManagerInterface" alias="fos_oauth_server.refresh_token_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\AuthCodeManagerInterface" alias="fos_oauth_server.auth_code_manager.default" />
     </services>
 
 </container>

Resources/config/mongodb.xml

@@ -24,6 +24,11 @@
             <argument type="service" id="fos_oauth_server.document_manager" />
             <argument>%fos_oauth_server.model.refresh_token.class%</argument>
         </service>
+
+        <service id="FOS\OAuthServerBundle\Model\ClientManagerInterface" alias="fos_oauth_server.client_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\AccessTokenManagerInterface" alias="fos_oauth_server.access_token_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\RefreshTokenManagerInterface" alias="fos_oauth_server.refresh_token_manager.default" />
+        <service id="FOS\OAuthServerBundle\Model\AuthCodeManagerInterface" alias="fos_oauth_server.auth_code_manager.default" />
     </services>
 
 </container>

Resources/config/oauth.xml

@@ -23,9 +23,22 @@
             <argument>%fos_oauth_server.server.options%</argument>
         </service>
 
-        <service id="FOS\OAuthServerBundle\Controller\TokenController">
+        <service id="FOS\OAuthServerBundle\Controller\TokenController" class="FOS\OAuthServerBundle\Controller\TokenController">
             <argument type="service" id="fos_oauth_server.server" />
         </service>
+
         <service id="fos_oauth_server.controller.token" alias="FOS\OAuthServerBundle\Controller\TokenController" public="true" />
+
+        <service id="fos_oauth_server.clean_command" class="FOS\OAuthServerBundle\Command\CleanCommand">
+            <argument type="service" id="fos_oauth_server.access_token_manager" />
+            <argument type="service" id="fos_oauth_server.refresh_token_manager" />
+            <argument type="service" id="fos_oauth_server.auth_code_manager" />
+            <tag name="console.command" />
+        </service>
+
+        <service id="fos_oauth_server.create_client_command" class="FOS\OAuthServerBundle\Command\CreateClientCommand">
+            <argument type="service" id="fos_oauth_server.client_manager" />
+            <tag name="console.command" />
+        </service>
     </services>
 </container>