Merge pull request #12 from npr/features/hostnames-plus

Authorization Service hostname change, plus other breaking changes

Author: xiehan

.travis.yml

@@ -1,10 +1,10 @@
 sudo: false
 language: php
 php:
-- '5.5'
 - '5.6'
 - '7.0'
 - '7.1'
+- '7.2'
 - hhvm
 notifications:
   email: false

CONTRIBUTING.md

@@ -68,7 +68,7 @@ This project includes tests which can be executed with PHPUnit.
 
 - `./vendor/bin/phpunit`: runs all unit tests
 
-PHPUnit is configured to generate coverage reports in a `coverage` folder under `test-results` in the root of the project. Overall test coverage can viewed by opening `test-results/coverage/index.html`. (N.B. These coverage reports are purposely excluded from source control.) Note that [Xdebug must be enabled](https://xdebug.org/docs/install) in order for code coverage to be generated.
+PHPUnit is configured to generate coverage reports in a `coverage` folder under `test-results` in the root of the project. (N.B. These coverage reports are purposely excluded from source control.) Note that [Xdebug must be enabled](https://xdebug.org/docs/install) in order for code coverage to be generated.
 
 XML files are also generated for reporting test results and coverage on a CI server; again, those can be found under `test-results`.
 

README.md

@@ -1,7 +1,7 @@
 {
     "name": "npr/npr-one-backend-proxy",
     "description": "A server-side proxy for interacting with the NPR One API's authorization server",
-    "version": "1.1.2",
+    "version": "2.0.0",
     "keywords": [
         "npr",
         "oauth",
@@ -38,11 +38,11 @@
     },
     "autoload": {
         "psr-4": {
-            "NPR\\": "src/"
+            "NPR\\One\\": "src/"
         }
     },
     "require": {
-        "php": ">=5.5.0",
+        "php": ">=5.6.0",
         "guzzlehttp/guzzle": "~6.0",
         "php-di/php-di": "^5.2"
     },

composer.json

@@ -66,14 +66,14 @@ grant type. Currently, client credentials tokens never expire, so hard-coding it
 
 
 
-### getNprApiHost
+### getNprAuthorizationServiceHost
 
-    string NPR\One\Interfaces\ConfigInterface::getNprApiHost()
-
-Returns the NPR One API Hostname, useful for testing on staging environments. Most consumers will want to
-hard-code this to always return `https://api.npr.org`. Please do not include a trailing slash.
+    string NPR\One\Interfaces\ConfigInterface::getNprAuthorizationServiceHost()
 
+Returns the NPR One Authorization Service hostname, useful for testing on staging environments.
 
+Most consumers will want to hard-code this to always return `https://authorization.api.npr.org`.
+Please do not include a trailing slash.
 
 * Visibility: **public**
 

docs/NPR-One-Interfaces-ConfigInterface.md

@@ -35,9 +35,9 @@ public function getClientCredentialsToken()
     /**
      * @inheritdoc
      */
-    public function getNprApiHost()
+    public function getNprAuthorizationServiceHost()
     {
-        return 'https://api.npr.org';
+        return 'https://authorization.api.npr.org';
     }
 
     /**

examples/ConfigProvider.php

@@ -23,7 +23,6 @@
         </whitelist>
     </filter>
     <logging>
-        <log type="coverage-html" target="test-results/coverage" lowUpperBound="35" highLowerBound="70"/>
         <log type="coverage-clover" target="test-results/coverage.xml"/>
         <log type="junit" target="test-results/junit.xml" logIncompleteSkipped="false"/>
     </logging>

phpunit.xml

@@ -3,14 +3,14 @@
 namespace NPR\One\Controllers;
 
 use GuzzleHttp\Client;
-use GuzzleHttp\Psr7\Response;
 use NPR\One\DI\DI;
 use NPR\One\Exceptions\ApiException;
 use NPR\One\Interfaces\ConfigInterface;
 use NPR\One\Interfaces\EncryptionInterface;
 use NPR\One\Interfaces\StorageInterface;
 use NPR\One\Models\AccessTokenModel;
 use NPR\One\Providers\CookieProvider;
+use NPR\One\Providers\EncryptionProvider;
 use NPR\One\Providers\SecureCookieProvider;
 
 
@@ -54,8 +54,8 @@ public function __construct()
                 'X-Longitude' => $_SERVER['GEOIP_LONGITUDE']
             ];
         }
-        $this->encryption = DI::container()->get('NPR\One\Providers\EncryptionProvider');
-        $this->secureStorage = DI::container()->get('NPR\One\Providers\SecureCookieProvider');
+        $this->encryption = DI::container()->get(EncryptionProvider::class);
+        $this->secureStorage = DI::container()->get(SecureCookieProvider::class);
         $this->secureStorage->setEncryptionProvider($this->encryption);
     }
 
@@ -211,6 +211,8 @@ final protected function validateScopes(array $scopes)
      * @return AccessTokenModel
      * @throws \InvalidArgumentException
      * @throws ApiException
+     * @throws \Exception
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     final protected function createAccessToken($grantType, $additionalParams = [])
     {
@@ -222,8 +224,8 @@ final protected function createAccessToken($grantType, $additionalParams = [])
         $this->ensureExternalProvidersExist();
 
         /** @var Client $client */
-        $client = DI::container()->get('GuzzleHttp\Client');
-        $response = $client->request('POST', $this->config->getNprApiHost() . '/authorization/v2/token', [
+        $client = DI::container()->get(Client::class);
+        $response = $client->request('POST', $this->config->getNprAuthorizationServiceHost() . '/v2/token', [
             'headers'     => $this->headers,
             'form_params' => array_merge([
                 'client_id'     => $this->config->getClientId(),

src/One/Controllers/AbstractOAuth2Controller.php renamed to src/Controllers/AbstractOAuth2Controller.php

@@ -36,7 +36,7 @@ class AuthCodeController extends AbstractOAuth2Controller
     public function __construct()
     {
         parent::__construct();
-        $this->cookies = DI::container()->get('NPR\One\Providers\CookieProvider');
+        $this->cookies = DI::container()->get(CookieProvider::class);
     }
 
     /**
@@ -111,7 +111,7 @@ public function startAuthorizationGrant(array $scopes)
             'scope'         => join(' ', $scopes)
         ];
 
-        return $this->getConfigProvider()->getNprApiHost() . '/authorization/v2/authorize?' . http_build_query($queryParams);
+        return $this->getConfigProvider()->getNprAuthorizationServiceHost() . '/v2/authorize?' . http_build_query($queryParams);
     }
 
     /**
@@ -123,6 +123,7 @@ public function startAuthorizationGrant(array $scopes)
      * @return AccessTokenModel - useful for debugging
      * @throws \InvalidArgumentException
      * @throws \Exception when state param is invalid
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     public function completeAuthorizationGrant($authorizationCode, $state)
     {

src/One/Controllers/AuthCodeController.php renamed to src/Controllers/AuthCodeController.php

@@ -27,6 +27,7 @@ class DeviceCodeController extends AbstractOAuth2Controller
      * @return DeviceCodeModel
      * @throws \InvalidArgumentException
      * @throws \Exception
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     public function startDeviceCodeGrant(array $scopes)
     {
@@ -48,6 +49,7 @@ public function startDeviceCodeGrant(array $scopes)
      * @api
      * @return AccessTokenModel
      * @throws \Exception
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     public function pollDeviceCodeGrant()
     {
@@ -76,12 +78,14 @@ public function pollDeviceCodeGrant()
      * @param string[] $scopes
      * @return DeviceCodeModel
      * @throws ApiException
+     * @throws \Exception
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     private function createDeviceCode(array $scopes)
     {
         /** @var Client $client */
-        $client = DI::container()->get('GuzzleHttp\Client');
-        $response = $client->request('POST', $this->getConfigProvider()->getNprApiHost() . '/authorization/v2/device', [
+        $client = DI::container()->get(Client::class);
+        $response = $client->request('POST', $this->getConfigProvider()->getNprAuthorizationServiceHost() . '/v2/device', [
             'headers'     => $this->getHeaders(),
             'form_params' => [
                 'client_id'     => $this->getConfigProvider()->getClientId(),

src/One/Controllers/DeviceCodeController.php renamed to src/Controllers/DeviceCodeController.php

@@ -26,6 +26,7 @@ class LogoutController extends AbstractOAuth2Controller
      * @api
      * @param string|null $accessToken
      * @throws \Exception if no access token is passed in and no refresh token is found in the secure storage layer
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     public function deleteAccessAndRefreshTokens($accessToken = null)
     {
@@ -55,6 +56,7 @@ public function deleteAccessAndRefreshTokens($accessToken = null)
      * @param string $token
      * @param bool $isRefreshToken
      * @throws ApiException
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     private function revokeToken($token, $isRefreshToken = false)
     {
@@ -72,8 +74,8 @@ private function revokeToken($token, $isRefreshToken = false)
         }
 
         /** @var Client $client */
-        $client = DI::container()->get('GuzzleHttp\Client');
-        $response = $client->request('POST', $this->getConfigProvider()->getNprApiHost() . '/authorization/v2/token/revoke', [
+        $client = DI::container()->get(Client::class);
+        $response = $client->request('POST', $this->getConfigProvider()->getNprAuthorizationServiceHost() . '/v2/token/revoke', [
             'headers'     => [
                 'Authorization' => 'Bearer ' . $this->getConfigProvider()->getClientCredentialsToken()
             ],

src/One/Controllers/LogoutController.php renamed to src/Controllers/LogoutController.php

@@ -22,6 +22,7 @@ class RefreshTokenController extends AbstractOAuth2Controller
      * @api
      * @return AccessTokenModel
      * @throws \Exception
+     * @throws \GuzzleHttp\Exception\GuzzleException
      */
     public function generateNewAccessTokenFromRefreshToken()
     {

src/One/Controllers/RefreshTokenController.php renamed to src/Controllers/RefreshTokenController.php

@@ -42,12 +42,13 @@ public function getClientSecret();
     public function getClientCredentialsToken();
 
     /**
-     * Returns the NPR One API Hostname, useful for testing on staging environments. Most consumers will want to
-     * hard-code this to always return `https://api.npr.org`. Please do not include a trailing slash.
+     * Returns the NPR One Authorization Service hostname, useful for testing on staging environments.
+     * Most consumers will want to hard-code this to always return `https://authorization.api.npr.org`.
+     * Please do not include a trailing slash.
      *
      * @return string
      */
-    public function getNprApiHost();
+    public function getNprAuthorizationServiceHost();
 
     /**
      * Returns the host (or path) of the NPR One application (the client/frontend). This is where the `authorization_code`

src/One/DI/DI.php renamed to src/DI/DI.php

@@ -39,6 +39,7 @@ public function isValid()
 
     /**
      * {@inheritdoc}
+     * @throws \Exception
      */
     public function encrypt($value)
     {
@@ -68,6 +69,7 @@ public function encrypt($value)
 
     /**
      * {@inheritdoc}
+     * @throws \Exception
      */
     public function decrypt($value)
     {