Merging develop to master in preparation for 1.4.0

.gitignore

@@ -1,2 +1,3 @@
-composer.lock
-vendor
+.idea/
+vendor/
+phpunit.xml

.travis.yml

@@ -2,40 +2,77 @@ sudo: false
 
 language: php
 
-services:
-  - mongodb
-
 cache:
   directories:
     - $HOME/.composer/cache
+    - vendor
+
+services:
+  - mongodb
+
+env:
+  global:
+    - COMPOSER_ARGS="--no-interaction --ignore-platform-reqs"
 
 matrix:
   fast_finish: true
   include:
-    - php: 5.5
+    - php: 5.6
       env:
-        - EXECUTE_CS_CHECK=true
+        - DEPS=lowest
     - php: 5.6
       env:
-        - EXECUTE_COVERAGE=true
+        - DEPS=locked
+    - php: 5.6
+      env:
+        - DEPS=latest
     - php: 7
+      env:
+        - DEPS=lowest
+        - EXT_MONGODB=true
+    - php: 7
+      env:
+        - DEPS=locked
+        - EXT_MONGODB=true
+        - CS_CHECK=true
+    - php: 7
+      env:
+        - DEPS=latest
+        - EXT_MONGODB=true
+    - php: hhvm 
+      env:
+        - DEPS=lowest
+    - php: hhvm 
+      env:
+        - DEPS=locked
     - php: hhvm 
+      env:
+        - EXT_MONGODB=true
+        - DEPS=latest
   allow_failures:
-    - php: 7
     - php: hhvm
 
 notifications:
   irc: "irc.freenode.org#apigility-dev"
   email: false
 
 before_install:
-  - if [[ $EXECUTE_COVERAGE != 'true' ]]; then phpenv config-rm xdebug.ini || return 0 ; fi
-  - composer self-update
+  - if [[ $TEST_COVERAGE != 'true' ]]; then phpenv config-rm xdebug.ini || return 0 ; fi
+  - if [[ $EXT_MONGODB == 'true' && $TRAVIS_PHP_VERSION == '7' ]]; then echo "extension = mongodb.so" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini ; fi
+  - if [[ $EXT_MONGODB == 'true' && $TRAVIS_PHP_VERSION == 'hhvm' ]]; then echo "extension = mongodb.so" >> /etc/hhvm/php.ini ; fi
+  - if [[ $EXT_MONGODB != 'true' && $TRAVIS_PHP_VERSION != 'hhvm' ]]; then echo "extension = mongo.so" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini ; fi
+  - if [[ $EXT_MONGODB != 'true' && $TRAVIS_PHP_VERSION == 'hhvm' ]]; then echo "extension = mongo.so" >> /etc/hhvm/php.ini ; fi
+  - travis_retry composer self-update
   - chmod -R +rwX test/TestAsset
 
 install:
-  - travis_retry composer install --no-interaction --ignore-platform-reqs --prefer-source
+  - if [[ $EXT_MONGODB == 'true' ]]; then composer require --dev $COMPOSER_ARGS alcaeus/mongo-php-adapter ; fi
+  - if [[ $DEPS == 'latest' ]]; then travis_retry composer update $COMPOSER_ARGS ; fi
+  - if [[ $DEPS == 'lowest' ]]; then travis_retry composer update --prefer-lowest --prefer-stable $COMPOSER_ARGS ; fi
+  - travis_retry composer install $COMPOSER_ARGS
+  - if [[ $TRAVIS_PHP_VERSION != 'hhvm' ]]; then php -m ; fi
+  - composer show
 
 script:
-  - ./vendor/bin/phpunit
-  - if [[ $EXECUTE_CS_CHECK == 'true' ]]; then ./vendor/bin/phpcs ; fi
+  - composer test
+  - if [[ $CS_CHECK == 'true' ]]; then composer cs-check ; fi

CHANGELOG.md

@@ -2,6 +2,42 @@
 
 All notable changes to this project will be documented in this file, in reverse chronological order by release.
 
+## 1.4.0 - TBD
+
+### Added
+
+- [#149](https://github.com/zfcampus/zf-oauth2/pull/149) adds support for usage
+  of ext/mongodb with `ZF\OAuth2\Adapter\MongoAdapter`; users will need to also
+  install a compatibility package to do so:
+  `composer require alcaeus/mongo-php-adapter`
+- [#141](https://github.com/zfcampus/zf-oauth2/pull/141) and
+  [#148](https://github.com/zfcampus/zf-oauth2/pull/148) update the component to
+  allow usage with v3 releases of Zend Framework components on which it depends,
+  while maintaining backwards compatibility with v2 components.
+- [#141](https://github.com/zfcampus/zf-oauth2/pull/141) and
+  [#148](https://github.com/zfcampus/zf-oauth2/pull/148) add support for PHP 7.
+- [#122](https://github.com/zfcampus/zf-oauth2/pull/122) adds support for token
+  revocation via the `/oauth/revoke` path. The path expects a POST request as
+  either urlencoded or JSON values with the parameters:
+  - `token`, the access token to revoke
+  - `token_type_hint => access_token` to indicate an access token is being
+    revoked.
+- [#146](https://github.com/zfcampus/zf-oauth2/pull/146) updates the
+  `AuthController` to catch `ZF\ApiProblem\Exception\ProblemExceptionInterface`
+  instances thrown by the OAuth2 server and return `ApiProblemResponse`s.
+
+### Deprecated
+
+- Nothing.
+
+### Removed
+
+- [#141](https://github.com/zfcampus/zf-oauth2/pull/141) removes support for PHP 5.5.
+
+### Fixed
+
+- Nothing.
+
 ## 1.3.3 - 2016-07-07
 
 ### Added

CONDUCT.md

@@ -0,0 +1,43 @@
+# Contributor Code of Conduct
+
+The Zend Framework project adheres to [The Code Manifesto](http://codemanifesto.com)
+as its guidelines for contributor interactions.
+
+## The Code Manifesto
+
+We want to work in an ecosystem that empowers developers to reach their
+potential — one that encourages growth and effective collaboration. A space that
+is safe for all.
+
+A space such as this benefits everyone that participates in it. It encourages
+new developers to enter our field. It is through discussion and collaboration
+that we grow, and through growth that we improve.
+
+In the effort to create such a place, we hold to these values:
+
+1. **Discrimination limits us.** This includes discrimination on the basis of
+   race, gender, sexual orientation, gender identity, age, nationality, technology
+   and any other arbitrary exclusion of a group of people.
+2. **Boundaries honor us.** Your comfort levels are not everyone’s comfort
+   levels. Remember that, and if brought to your attention, heed it.
+3. **We are our biggest assets.** None of us were born masters of our trade.
+   Each of us has been helped along the way. Return that favor, when and where
+   you can.
+4. **We are resources for the future.** As an extension of #3, share what you
+   know. Make yourself a resource to help those that come after you.
+5. **Respect defines us.** Treat others as you wish to be treated. Make your
+   discussions, criticisms and debates from a position of respectfulness. Ask
+   yourself, is it true? Is it necessary? Is it constructive? Anything less is
+   unacceptable.
+6. **Reactions require grace.** Angry responses are valid, but abusive language
+   and vindictive actions are toxic. When something happens that offends you,
+   handle it assertively, but be respectful. Escalate reasonably, and try to
+   allow the offender an opportunity to explain themselves, and possibly correct
+   the issue.
+7. **Opinions are just that: opinions.** Each and every one of us, due to our
+   background and upbringing, have varying opinions. The fact of the matter, is
+   that is perfectly acceptable. Remember this: if you respect your own
+   opinions, you should respect the opinions of others.
+8. **To err is human.** You might not intend it, but mistakes do happen and
+   contribute to build experience. Tolerate honest mistakes, and don't hesitate
+   to apologize if you make one yourself.

CONTRIBUTING.md

@@ -50,25 +50,31 @@ First, use [Composer](https://getcomposer.org) to install all dependencies:
 $ composer install
 ```
 
-To run tests, use the PHPUnit executable installed by Composer:
+To run tests:
 
 ```console
-$ ./vendor/bin/phpunit
+$ composer test
 ```
 
 ## CODING STANDARDS
 
 While Apigility uses Zend Framework 2 coding standards, in practice, we check
-standards using [php-cs-fixer](https://github.com/fabpot/PHP-CS-Fixer) (which is
-installed via Composer with other dependencies). To check for CS issues:
+standards against PSR-1/2. To check for CS issues:
 
 ```console
-$ ./vendor/bin/php-cs-fixer fix . --dry-run
+$ composer cs-check
 ```
 
-This will report CS issues. Alternately, you can have the tool fix them for you
-by omitting the `--dry-run` switch:
+This will report CS issues. You can also attempt to fix many reported errors
+automatically:
 
 ```console
-$ ./vendor/bin/php-cs-fixer fix .
+$ composer cs-fix
 ```
+
+If you use `cs-fix` to fix issues, make certain you add and commit any files
+changed!
+
+## Conduct
+
+Please see our [CONDUCT.md](CONDUCT.md) to understand expected behavior when interacting with others in the project.

LICENSE.md

@@ -0,0 +1,28 @@
+Copyright (c) 2014-2016, Zend Technologies USA, Inc.
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+- Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer.
+
+- Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+- Neither the name of Zend Technologies USA, Inc. nor the names of its
+  contributors may be used to endorse or promote products derived from this
+  software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -19,23 +19,34 @@ Installation
 You can install using:
 
 ```bash
-curl -s https://getcomposer.org/installer | php
-php composer.phar install
+$ composer require zfcampus/zf-oauth2
 ```
 
-You can import the `zf-oauth2` module into an existing application by adding `zfcampus/zf-oauth2` to
-your `composer.json` "require" section. You should also add the following modules to your
-application's configuration:
+If you are using ext/mongodb, you will also need to install a compatibility
+package:
+
+```bash
+$ composer require alcaeus/mongo-php-adapter
+```
+
+Finally, you will need to add the following modules to your application's
+configuration:
 
 ```php
-'modules' => array (
-    ...
+'modules' => [
+    /* ... */
     'ZF\ApiProblem',
     'ZF\ContentNegotiation',
     'ZF\OAuth2',
-),
+],
 ```
 
+> ### zf-component-installer
+>
+> If you use [zf-component-installer](https://github.com/zendframework/zf-component-installer),
+> that plugin will install zf-oauth2 and its other Apigility dependencies as
+> modules for you.
+
 Configuration
 -------------
 
@@ -335,6 +346,19 @@ var parseQueryString = function( queryString ) {
 var tokenParams = parseQueryString(window.location.hash.substr(1));
 ```
 
+REVOKE (code)
+-------------
+
+Starting with version 1.4.0, you can revoke access tokens. By default, revocation
+happens via a POST request to the path `/oauth/revoke`, which expects a payload
+with:
+
+- `token`, the OAuth2 access token to revoke.
+- `token_type_hint => 'access_token'`, indicating that an access token is being
+  revoked.
+
+The payload may be delivered as `application/x-www-form-urlencoded` or as JSON.
+
 Access a test resource
 ----------------------