Scope一覧はScopeManagerから取得する

Form/Type/Admin/ClientType.php

@@ -19,9 +19,8 @@
 use Eccube\Form\FormEvent;
 use Eccube\Form\Type\AbstractType;
 use Eccube\Validator\Constraints as Assert;
-use GraphQL\Type\Definition\ObjectType;
 use League\Bundle\OAuth2ServerBundle\OAuth2Grants;
-use Plugin\Api42\GraphQL\Types;
+use Plugin\Api42\Service\ScopeManager;
 use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
 use Symfony\Component\Form\Extension\Core\Type\TextType;
 
@@ -31,7 +30,8 @@ class ClientType extends AbstractType
      * @var EccubeConfig
      */
     protected $eccubeConfig;
-    private Types $types;
+
+    private ScopeManager $scopeManager;
 
     /**
      * ClientType constructor.
@@ -40,10 +40,10 @@ class ClientType extends AbstractType
      */
     public function __construct(
         EccubeConfig $eccubeConfig,
-        Types $types
+        ScopeManager $scopeManager
     ) {
         $this->eccubeConfig = $eccubeConfig;
-        $this->types = $types;
+        $this->scopeManager = $scopeManager;
     }
 
     /**
@@ -53,21 +53,11 @@ public function __construct(
      */
     public function buildForm(FormBuilder $builder, array $options)
     {
-        $allTypes = array_filter($this->types->getAll(), function (ObjectType $type) {
-            return !empty($type->getFields());
-        });
-        asort($allTypes);
-        $scopes = array_reduce(
-            $allTypes,
-            function ($acc, $type) {
-                $read = 'read:'.$type->name;
-                $write = 'write:'.$type->name;
-                $acc[$read] = $read;
-                $acc[$write] = $write;
-
-                return $acc;
-            },
-            []);
+        $scopes = array_reduce($this->scopeManager->getScopes(), function ($acc, $val) {
+            $scope = (string) $val;
+            $acc[$scope] = $scope;
+            return $acc;
+        }, []);
 
         $builder
             ->add('identifier', TextType::class, [

Service/ScopeManager.php

@@ -54,4 +54,9 @@ public function save(Scope $scope): void
     {
         // NOP
     }
+
+    public function getScopes(): array
+    {
+        return $this->scopes;
+    }
 }

Tests/Web/Admin/OAuth2Bundle/AuthorizationControllerTest.php

@@ -46,7 +46,7 @@ public function testRoutingAdminOauth2Authorize_ログインしている場合
                                        'client_id' => $Client->getIdentifier(),
                                        'redirect_uri' => (string) current($Client->getRedirectUris()),
                                        'response_type' => 'code',
-                                       'scope' => 'read',
+                                       'scope' => 'read:Product',
                                        'state' => 'xxx',
                                    ]
                                )
@@ -69,7 +69,7 @@ public function testRoutingAdminOauth2Authorize_権限移譲を許可()
                 'client_id' => $Client->getIdentifier(),
                 'redirect_uri' => (string) current($Client->getRedirectUris()),
                 'response_type' => 'code',
-                'scope' => 'read',
+                'scope' => 'read:Product',
                 'state' => 'xxx',
             ]
         );
@@ -82,7 +82,7 @@ public function testRoutingAdminOauth2Authorize_権限移譲を許可()
                 'client_secret' => $Client->getSecret(),
                 'redirect_uri' => current($Client->getRedirectUris()),
                 'response_type' => 'code',
-                'scope' => 'read',
+                'scope' => 'read:Product',
                 'state' => 'xxx',
                 'approve' => '',
                 Constant::TOKEN_NAME => 'dummy',
@@ -114,7 +114,7 @@ public function testRoutingAdminOauth2Authorize_権限移譲を許可しない()
                 'client_id' => $Client->getIdentifier(),
                 'redirect_uri' => (string) current($Client->getRedirectUris()),
                 'response_type' => 'code',
-                'scope' => 'read',
+                'scope' => 'read:Product',
                 'state' => 'xxx',
             ]
         );
@@ -127,7 +127,7 @@ public function testRoutingAdminOauth2Authorize_権限移譲を許可しない()
                 'client_secret' => $Client->getSecret(),
                 'redirect_uri' => current($Client->getRedirectUris()),
                 'response_type' => 'code',
-                'scope' => 'read',
+                'scope' => 'read:Product',
                 'state' => 'xxx',
                 'deny' => '',
                 Constant::TOKEN_NAME => 'dummy',
@@ -187,7 +187,7 @@ private function createOAuth2Client(): Client
         $client_secret = hash('sha256', random_bytes(32));
         $Client = new Client('', $client_id, $client_secret);
         $Client
-            ->setScopes(new Scope('read'))
+            ->setScopes(new Scope('read:Product'))
             ->setRedirectUris(new RedirectUri('http://127.0.0.1:8000/'))
             ->setGrants(
                 new Grant(OAuth2Grants::AUTHORIZATION_CODE),

Tests/Web/OAuth2Bundle/TokenControllerWithROPCTest.php

@@ -46,7 +46,7 @@ public function testGetInstance()
                 'client_id' => $this->OAuth2Client->getIdentifier(),
                 'username' => $this->Customer->getEmail(),
                 'password' => 'password',
-                'scope' => 'read write'
+                'scope' => 'read:Product write:Product'
             ]
         );
 
@@ -73,8 +73,8 @@ protected function createOAuth2Client(): Client
         $Client = new Client('', $client_id, null); // public client
         $Client
             ->setScopes(
-                new Scope('read'),
-                new Scope('write')
+                new Scope('read:Product'),
+                new Scope('write:Product')
             )
             ->setRedirectUris(new RedirectUri('http://127.0.0.1:8000/'))
             ->setGrants(