feat: allow configuring revocation of refresh tokens

[fschmtt]

adds a configuration for disabling revocation of refresh token after they were used. this configuration applies to all grant types that will be enabled.

complies with league/oauth2-server: https://github.com/thephpleague/oauth2-server/blob/master/src/AuthorizationServer.php#L209-L215

# config/packages/league_oauth2_server.yaml

league_oauth2_server:
    authorization_server:
        revoke_refresh_tokens: false

[chalasr]

Can you rebase your PR and add a test case for this?

[fschmtt]

Yes, will do. Please allow me some days to get back to this! 😄

[chalasr]

Of course, thank you.

[fschmtt]

Hey @chalasr I'm honestly struggling to execute the PHPUnit tests locally.

Any tips, guide or README I can consult?

[chalasr]

@fschmtt Here you go, https://github.com/thephpleague/oauth2-server-bundle/blob/master/CONTRIBUTING.md#testing.
Please tell me if it's not enough

[fschmtt]

Hey thanks for your reply. I got the local setup for running the tests working.

I suppose you'd like me to to test that setting the option in the YAML configuration properly configures the AuthorizationServer, am I correct?

I'm not super familiar with testing a bundle or its configuration and couldn't find a similar test case, so I'm a bit at loss how and where to start 😅 I'd appreciate a helping hand if possible.

[fschmtt]

Oh wait, I overlooked the ExtensionTest, which seems what I should have been looking for!

[chalasr]

Thank you @fschmtt.