Tests completed.

Author: tegaphilip

.dockerignore

@@ -1,10 +1,2 @@
 .idea/
-app/logs/*.log
-composer.lock
-db/sql/data.txt
-db/sql/out.txt
-public/requests.log
-tests/_output/
-.DS_Store
-deploy/servers.yml
-.env.testing
+.DS_Store

.gitignore

@@ -1,13 +1,10 @@
 .idea/
 vendor/
 app/logs/*.log
-db/sql/data.txt
-db/sql/out.txt
 public/requests.log
 tests/_output/
 .DS_Store
-deploy/servers.yml
-tests/_support/_generated/ApiTesterActions.php
 app/env/.env
 app/env/.env.test
-app/env/.env.staging
+keys/public.key
+keys/private.key

CHANGELOG.md

@@ -0,0 +1,2 @@
+# [1.0.0](https://github.com/tegaphilip/padlock/releases/tag/v1.0.0) (2018-08-10)
+- Initial release

CONDUCT.md

@@ -0,0 +1,22 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic addresses, without explicit permission
+* Other unethical or unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. By adopting this Code of Conduct, project maintainers commit themselves to fairly and consistently applying these principles to every aspect of managing this project. Project maintainers who do not follow or enforce the Code of Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community in a direct capacity. Personal views, beliefs and values of individuals do not necessarily reflect those of the organisation or affiliated individuals and organisations.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers.
+
+This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0, available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)

CONTRIBUTING.md

@@ -0,0 +1,32 @@
+# Contributing
+
+Contributions are **welcome** and will be fully **credited**.
+
+We accept contributions via Pull Requests on [Github](https://github.com/cottacush/phalcon-utils).
+
+
+## Pull Requests
+
+- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).
+
+- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
+
+- **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.
+
+- **Consider our release cycle** - We try to follow [SemVer v2.0.0](http://semver.org/). Randomly breaking public APIs is not an option.
+
+- **Create feature branches** - Don't ask us to pull from your master branch.
+
+- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
+
+- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](http://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.
+
+
+## Running Tests
+
+``` bash
+$ composer test
+```
+
+
+**Happy coding**!

Dockerfile

@@ -2,7 +2,7 @@ FROM mileschou/phalcon:7.0-apache
 
 MAINTAINER Tega Oghenekohwo <[email protected]>
 
-COPY /docker/php/php.ini /usr/local/etc/php/
+#COPY /docker/php/php.ini /usr/local/etc/php/
 
 COPY /docker/php/000-default.conf /etc/apache2/sites-available/000-default.conf
 
@@ -11,18 +11,18 @@ RUN a2enmod rewrite
 
 RUN apt-get update && apt-get install -y zlib1g-dev git && \
     docker-php-ext-install zip pdo_mysql && \
-
 #Download composer
     curl -sS https://getcomposer.org/installer | php && \
     mv composer.phar /usr/local/bin/composer && \
-    mkdir -p /var/www/html/hocaboo-auth
+    mkdir -p /var/www/html/padlock
 
+#included for running mysql command line scripts during tests
 RUN DEBIAN_FRONTEND=noninteractive apt-get -y install mysql-server
 
 # Copy Source Code
-COPY . /var/www/html/hocaboo-auth/
+COPY . /var/www/html/padlock/
 
-WORKDIR /var/www/html/hocaboo-auth
+WORKDIR /var/www/html/padlock
 
 #install composer dependencies
 RUN composer install

README.md

@@ -1,94 +1,140 @@
-ELECTION APP
-===========
-Election App
+# Padlock, Phalcon Authentication Server
 
-Features
---------
-* ...
+[![Latest Version on Packagist][ico-version]][link-packagist]
+[![Software License][ico-license]](LICENSE.md)
+[![Total Downloads][ico-downloads]][link-downloads]
 
+Padlock is a docker-based phalcon authentication server built on top of the [PHP OAuth 2.0 Server](https://github.com/thephpleague/oauth2-server) 
 
-Contributors
+Setting Up
 ------------
-* Tega Oghenekohwo <[email protected]>
+* Add the entries `padlock.local` and `padlock-test.local` and map to `127.0.0.1` in your `/etc/hosts` file
 
+* Ensure you have docker installed
 
-Requirements
-------------
-* [Phalcon 3.3](https://docs.phalconphp.com/en/latest/reference/install.html)
-* [Composer](https://getcomposer.org/doc/00-intro.md#using-composer)
+* Make a copy of `.env.sample` to `.env` in the `app/env/` directory and replace the values.
+
+* You can generate the `ENCRYPTION_KEY` environment variable by running 
+`php -r "echo base64_encode(random_bytes(40)) . PHP_EOL;"` on the command line
+
+* cd into the `keys` directory and generate your public and private keys like so: `openssl genrsa -out private.key 2048` 
+then  `openssl rsa -in private.key -pubout -out public.key`. These are needed for encrypting and decrypting tokens
+
+* Feel free to change the port mappings in `docker-compose.yml` if you already have services running on ports `8899` for
+the phalcon app and `33066` for the mysql server
+
+* Run the app like this `./bin/start.sh` or run `docker-compose up -d`
+
+* Login to mysql using the credentials host:127.0.0.1, username: root, password:root, port: 33066
+
+* Create two databases: `padlock_db` and `padlock_test_db` and import the sql file found in `app/db/padlock.sql` into 
+both databases
+
+Try it out
+==========
+
+Requesting a Token
+------------------
+
+1. Password Grant Flow: Send a `POST` request to `http://padlock.local/api/v1/oauth/token` with the following parameters:
+    - client_id: test
+    - client_secret: secret
+    - grant_type: password
+    - username: abc
+    - password: abc
+    
+    NOTE: This grant returns an access token and a refresh token
+    
+2. Client Credentials Grant Flow: Send a `POST` request to `http://padlock.local/api/v1/oauth/token` with the following parameters:
+    - client_id: test
+    - client_secret: secret
+    - grant_type: client_credentials
+    
+    NOTE: This grant returns only an access token
+
+3. Refresh Token Grant: Send a `POST` request to `http://padlock.local/api/v1/oauth/token` with the following parameters:
+    - client_id: test
+    - client_secret: secret
+    - grant_type: refresh_token
+    - refresh_token: value gotten from any flow that returns a refresh token (e.g password grant flow)
+    
+    NOTE: This grant returns another access token and refresh token and invalidates/revokes the previous ones
+    
+4. Implicit Grant: Send a `GET` request to `http://padlock.local/api/v1/oauth/authorize` with the following parameters:
+    - client_id: test
+    - response_type: token
+    - state: a random string (optional)
+    - redirect_uri: http://www.test.com (optional)
+    
+    NOTE: This grant returns an access token immediately. It does not return a refresh token. 
+    
+5. Authorization Code Grant: Send a `GET` request to `http://padlock.local/api/v1/oauth/authorize` with the following parameters:
+    - client_id: test
+    - response_type: code
+    - state: a random string (optional)
+    - redirect_uri: http://www.test.com (optional)
+    
+    NOTE: This grant returns an authorization code that is then used to request for a token by sending a `POST`
+    request to the endpoint `http://padlock.local/api/v1/oauth/token` with the following parameters:
+    - client_id: test
+    - client_secret: secret
+    - grant_type: authorization_code
+    - code: value gotten from the get request
+    - redirect_uri: http://www.test.com (optional)
+    
+Validating a Token
+------------------
+Send a `POST` request to `http://padlock.local/api/v1/oauth/token/validate` with an `Authorization` header whose value is
+`Bearer {access_token}`
+  
 
+Running Tests
+-------------
 
-Installation
-------------
+* Make a copy of `.env.sample` to `.env.test` in the `app/env/` directory and replace the values.
 
-Setup Environment Variables
----------------------------
-Make a copy of .env.sample to .env in the env directory and replace the values.
+* Login to the app container using `./bin/login.sh` or run `docker exec -it padlock_app bash`
 
+* Execute unit tests  `./unit-test.sh` (uses [PHPUnit](https://phpunit.de/))
 
-Set Up Using Docker
--------------------------------
+* Run integration tests using `./integration-test.sh` (uses [Codeception](https://codeception.com/)) 
 
-* `php vendor/bin/phinx migrate`
+## Install
 
-* Ensure you have docker installed
+Via Composer
 
-* Create a clone of the `.env.testing.sample` file and name it `.env` and replace the values of the variables
+``` bash
+$ composer require tegaphilip/padlock
+```
 
-* Login to mysql using the credentials host:127.0.0.1, username: root, password:root, port: 32800
+## Change log
 
-* Create two databases: `election_app` and `election_app_test`
+Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.
 
-* Run migrations `php vendor/bin/phinx migrate`
 
-Run the following to import states, etc from Excel File (If any of the scripts fail, try without the underscore)
+## Contributing
 
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php states_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php lgas_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php wards_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php stations_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php inec_lgas_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php inec_wards_import import`
-* `DB_HOST=mysql DB_USER=root DB_PASSWORD=root DB_NAME=election_app php app/cli.php inec_stations_import import`
+Please see [CONTRIBUTING](CONTRIBUTING.md) and [CONDUCT](CONDUCT.md) for details.
 
-Running Tests
--------------
+## Security
+
+If you discover any security related issues, please email <[email protected]> instead of using the issue tracker.
+
+## Credits
+
+- [Tega Oghenekohwo](https://github.com/tegaphilip)
+- [Adeyemi Olaoye](https://github.com/yemexx1)
+- [All Contributors][link-contributors]
+
+
+[ico-version]: https://img.shields.io/packagist/v/tegaphilip/padlock.svg?style=flat-square
+[ico-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square
+[ico-downloads]: https://img.shields.io/packagist/dt/tegaphilip/padlock.svg?style=flat-square
+
+[link-packagist]: https://packagist.org/packages/tegaphilip/padlock
+[link-code-quality]: https://scrutinizer-ci.com/g/tegaphilip/padlock
+[link-downloads]: https://packagist.org/packages/tegaphilip/padlock
+[link-contributors]: ../../contributors
 
-Create a clone of the `.env.testing.sample` file and name it `.env.testing` and replace the values of the variables
-
-* Create a test database `election_app_test`
-
-* Execute tests using  `./runtest.sh` to run all tests or `./runtest.sh {testName}` to run a particular test. E.g `./runtest.sh UserCest`
-
-php vendor/bin/phinx create StateMigration
-
-Deploying on Staging
---------------------
-* sudo apt-get update
-* Install apache with `sudo apt-get install apache2`
-* Get phalcon repository with `curl -s https://packagecloud.io/install/repositories/phalcon/stable/script.deb.sh | sudo bash`
-* Install phalcon with `sudo apt-get install php7.0-phalcon`
-* Check Phalcon Version with `php -r "echo Phalcon\Version::get();"`
-* sudo apt-get install php7.0-mbstring
-* sudo apt-get install php7.0-curl
-* sudo apt-get install php7.0-xml
-* sudo apt-get install php7.0-mysql
-* sudo apt-get install php7.1-phalcon
-* https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04
-* https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04
-* extensions /usr/lib/php/20160303
-* INI APACHE cat /etc/php/7.1/apache2/php.ini
-* ADDITIONAL INI APACHE ls -al /etc/php/7.1/apache2/conf.d
-* INI CLI cat /etc/php/7.1/cli/php.ini
-* ADDITIONAL INI CLI ls -al /etc/php/7.1/cli/conf.d
-* sudo find  / -iname 'phalcon.so' -exec rm -f {} \; // remove
-* sudo find  / -iname 'phalcon.so'
-
-sudo apt-get install -y php7.1 libapache2-mod-php7.1 php7.1-cli php7.1-common php7.1-mbstring php7.1-gd php7.1-intl php7.1-xml php7.1-mysql php7.1-mcrypt php7.1-zip
-sudo apt-get install -y php7.1-curl
-
-* For some reason addExistence Validation causes things to fail on staging server (AWS, DO, etc)
-
-* Run import tasks