mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-16 02:08:56 +05:30
Too many changes to describe
This commit is contained in:
parent
2d90a09f65
commit
0250d8d4d1
@ -6,11 +6,11 @@
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"php": ">=5.4.0",
|
||||
"symfony/http-foundation": "v2.4.*"
|
||||
"symfony/http-foundation": "2.4.*"
|
||||
},
|
||||
"require-dev": {
|
||||
"mockery/mockery": ">=0.7.2",
|
||||
"league/phpunit-coverage-listener": "~1.0"
|
||||
"league/phpunit-coverage-listener": "~1.0",
|
||||
"phpdocumentor/phpdocumentor": "2.*"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Authorization Server
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -16,6 +16,7 @@ use League\OAuth2\Server\Grant\GrantTypeInterface;
|
||||
use League\OAuth2\Server\Exception\ClientException;
|
||||
use League\OAuth2\Server\Exception\ServerException;
|
||||
use League\OAuth2\Server\Exception\InvalidGrantTypeException;
|
||||
use League\OAuth2\Server\Storage\StorageWrapper;
|
||||
use League\OAuth2\Server\Storage\ClientInterface;
|
||||
use League\OAuth2\Server\Storage\AccessTokenInterface;
|
||||
use League\OAuth2\Server\Storage\AuthCodeInterface;
|
||||
@ -231,45 +232,49 @@ class Authorization
|
||||
|
||||
/**
|
||||
* Set the client storage
|
||||
* @param ClientInterface $client
|
||||
* @param ClientInterface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function setClientStorage(ClientInterface $client)
|
||||
public function setClientStorage(ClientInterface $storage)
|
||||
{
|
||||
$this->storages['client'] = $client;
|
||||
$storage->setServer($this);
|
||||
$this->storages['client'] = $storage;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the session storage
|
||||
* @param SessionInterface $session
|
||||
* @param SessionInterface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function setSessionStorage(SessionInterface $session)
|
||||
public function setSessionStorage(SessionInterface $storage)
|
||||
{
|
||||
$this->storages['session'] = $session;
|
||||
$storage->setServer($this);
|
||||
$this->storages['session'] = $storage;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the access token storage
|
||||
* @param AccessTokenInterface $accessToken
|
||||
* @param AccessTokenInterface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function setAccessTokenStorage(AccessTokenInterface $accessToken)
|
||||
public function setAccessTokenStorage(AccessTokenInterface $storage)
|
||||
{
|
||||
$this->storages['access_token'] = $accessToken;
|
||||
$storage->setServer($this);
|
||||
$this->storages['access_token'] = $storage;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the refresh token storage
|
||||
* @param RefreshTokenInteface $refreshToken
|
||||
* @param RefreshTokenInteface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function setRefreshTokenStorage(RefreshTokenInterface $refreshToken)
|
||||
public function setRefreshTokenStorage(RefreshTokenInterface $storage)
|
||||
{
|
||||
$this->storages['refresh_token'] = $refreshToken;
|
||||
$storage->setServer($this);
|
||||
$this->storages['refresh_token'] = $storage;
|
||||
return $this;
|
||||
}
|
||||
|
||||
@ -280,18 +285,20 @@ class Authorization
|
||||
*/
|
||||
public function setAuthCodeStorage(AuthCodeInterface $authCode)
|
||||
{
|
||||
$storage->setServer($this);
|
||||
$this->storages['auth_code'] = $authCode;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the scope storage
|
||||
* @param ScopeInterface $scope
|
||||
* @param ScopeInterface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function setScopeStorage(ScopeInterface $scope)
|
||||
public function setScopeStorage(ScopeInterface $storage)
|
||||
{
|
||||
$this->storages['scope'] = $scope;
|
||||
$storage->setServer($this);
|
||||
$this->storages['scope'] = $storage;
|
||||
return $this;
|
||||
}
|
||||
|
||||
@ -359,7 +366,8 @@ class Authorization
|
||||
}
|
||||
|
||||
/**
|
||||
* Default scope to be used if none is provided and requireScopeParam is false
|
||||
* Default scope to be used if none is provided and requireScopeParam() is false
|
||||
* @param string $default Name of the default scope
|
||||
* @param self
|
||||
*/
|
||||
public function setDefaultScope($default = null)
|
||||
|
@ -1,62 +1,78 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Abstract token
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
use League\OAuth2\Server\Storage\SessionStorageInterface;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\Exception\ServerException;
|
||||
use \League\OAuth2\Server\Authorization;
|
||||
use \League\OAuth2\Server\Resource;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
|
||||
/**
|
||||
* Abstract token class
|
||||
*/
|
||||
abstract class AbstractToken
|
||||
{
|
||||
/**
|
||||
* Access token ID
|
||||
* @var string
|
||||
*/
|
||||
protected $token = null;
|
||||
protected $token;
|
||||
|
||||
/**
|
||||
* Access token storage
|
||||
* @var \League\OAuth2\Server\Storage\AccessTokenInterface
|
||||
* Session ID
|
||||
* @var string
|
||||
*/
|
||||
protected $storage = null;
|
||||
|
||||
/**
|
||||
* Session storage
|
||||
* @var \League\OAuth2\Server\Storage\SessionInterface
|
||||
*/
|
||||
protected $sessionStorage = null;
|
||||
protected $sessionId;
|
||||
|
||||
/**
|
||||
* Associated session
|
||||
* @var \League\OAuth2\Server\Session
|
||||
*/
|
||||
protected $session = null;
|
||||
protected $session;
|
||||
|
||||
/**
|
||||
* Session scopes
|
||||
* @var \Symfony\Component\HttpFoundation\ParameterBag
|
||||
*/
|
||||
protected $scopes = null;
|
||||
protected $scopes;
|
||||
|
||||
/**
|
||||
* Token expire time
|
||||
* @var int
|
||||
*/
|
||||
protected $expireTime = 0;
|
||||
|
||||
/**
|
||||
* Authorization or resource server
|
||||
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
|
||||
*/
|
||||
protected $server;
|
||||
|
||||
/**
|
||||
* __construct
|
||||
* @param mixed $storage
|
||||
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
* @return self
|
||||
*/
|
||||
public function __construct($storage)
|
||||
public function __construct($server)
|
||||
{
|
||||
$this->storage = $storage;
|
||||
$this->scopes = new ParameterBag();
|
||||
return $this;
|
||||
if (! $server instanceof Authorization && ! $server instanceof Resource) {
|
||||
throw new ServerException('No instance of Authorization or Resource server injected');
|
||||
}
|
||||
|
||||
/**
|
||||
* Get storage
|
||||
* @return AccessTokenInterface
|
||||
*/
|
||||
public function getStorage()
|
||||
{
|
||||
return $this->storage;
|
||||
$this->server = $server;
|
||||
$this->scopes = new ParameterBag();
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -76,55 +92,35 @@ abstract class AbstractToken
|
||||
*/
|
||||
public function getSession()
|
||||
{
|
||||
if ($this->session instanceof Session) {
|
||||
return $this->session;
|
||||
}
|
||||
|
||||
if ($this->sessionId !== null) {
|
||||
$session = $this->server->getStorage('session')->getSession($this->sessionId);
|
||||
}
|
||||
|
||||
throw new ServerException('No session ID set for this token');
|
||||
}
|
||||
|
||||
/**
|
||||
* Set token TTL
|
||||
* @param integer $ttl TTL in seconds
|
||||
* Set the expire time of the token
|
||||
* @param integer $expireTime Unix time stamp
|
||||
* @return self
|
||||
*/
|
||||
public function setTTL($ttl = 0)
|
||||
public function setExpireTime($expireTime)
|
||||
{
|
||||
$this->ttl = $ttl;
|
||||
$this->expireTime = $expireTime;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get token TTL
|
||||
* @return integer
|
||||
*/
|
||||
public function getTTL()
|
||||
{
|
||||
return $this->ttl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the creation timestamp
|
||||
* @param integer $timestamp Unix timestamp
|
||||
* @return self
|
||||
*/
|
||||
public function setTimestamp($timestamp = 0)
|
||||
{
|
||||
$this->timestamp = $timestamp;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get access token creation timestamp
|
||||
* @return integer Unix timestamp
|
||||
*/
|
||||
public function getTimestamp()
|
||||
{
|
||||
return $this->timestamp;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return creation timestamp + TTL
|
||||
* Return token expire time
|
||||
* @return int
|
||||
*/
|
||||
public function getExpireTime()
|
||||
{
|
||||
return $this->getTimestamp() + $this->getTTL();
|
||||
return $this->expireTime;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -181,8 +177,14 @@ abstract class AbstractToken
|
||||
}
|
||||
|
||||
/**
|
||||
* Save the token to the database
|
||||
* @return self
|
||||
* Expire the token
|
||||
* @return void
|
||||
*/
|
||||
abstract function save();
|
||||
abstract public function expire();
|
||||
|
||||
/**
|
||||
* Save the token
|
||||
* @return void
|
||||
*/
|
||||
abstract public function save();
|
||||
}
|
||||
|
@ -1,28 +1,33 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Access token entity
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
use League\OAuth2\Server\Storage\SessionStorageInterface;
|
||||
use League\OAuth2\Server\Storage\AccessTokenInterface;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\Exception\InvalidAccessTokenException;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
|
||||
/**
|
||||
* Access token entity class
|
||||
*/
|
||||
class AccessToken extends AbstractToken
|
||||
{
|
||||
/**
|
||||
* __construct
|
||||
* @param AccessTokenInterface $storage
|
||||
* @return self
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function __construct(AccessTokenInterface $storage)
|
||||
{
|
||||
parent::__construct($storage);
|
||||
}
|
||||
|
||||
public function save()
|
||||
{
|
||||
$this->getStorage()->createAccessToken(
|
||||
$this->server->getStorage('access_token')->createAccessToken(
|
||||
$this->getToken(),
|
||||
$this->getExpireTime(),
|
||||
$this->getSession()->getId()
|
||||
@ -30,7 +35,7 @@ class AccessToken extends AbstractToken
|
||||
|
||||
// Associate the scope with the token
|
||||
foreach ($this->getScopes() as $scope) {
|
||||
$this->getStorage()->associateScope($this->getToken(), $scope->getId());
|
||||
$this->server->getStorage('access_token')->associateScope($this->getToken(), $scope->getId());
|
||||
}
|
||||
|
||||
return $this;
|
||||
|
@ -1,56 +1,142 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Client entity
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
use League\OAuth2\Server\Exception\ServerException;
|
||||
use League\OAuth2\Server\Authorization;
|
||||
use League\OAuth2\Server\Resource;
|
||||
|
||||
/**
|
||||
* Client entity class
|
||||
*/
|
||||
class Client
|
||||
{
|
||||
/**
|
||||
* Client identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $id = null;
|
||||
|
||||
/**
|
||||
* Client secret
|
||||
* @var string
|
||||
*/
|
||||
protected $secret = null;
|
||||
|
||||
/**
|
||||
* Client name
|
||||
* @var string
|
||||
*/
|
||||
protected $name = null;
|
||||
|
||||
/**
|
||||
* Client redirect URI
|
||||
* @var string
|
||||
*/
|
||||
protected $redirectUri = null;
|
||||
|
||||
/**
|
||||
* Authorization or resource server
|
||||
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
|
||||
*/
|
||||
protected $server;
|
||||
|
||||
/**
|
||||
* __construct
|
||||
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
* @return self
|
||||
*/
|
||||
public function __construct($server)
|
||||
{
|
||||
if (! $server instanceof Authorization && ! $server instanceof Resource) {
|
||||
throw new ServerException('No instance of Authorization or Resource server injected');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the client identifier
|
||||
* @param string $id
|
||||
* @return self
|
||||
*/
|
||||
public function setId($id)
|
||||
{
|
||||
$this->id = $id;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the client identifier
|
||||
* @return string
|
||||
*/
|
||||
public function getId()
|
||||
{
|
||||
return $this->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the client secret
|
||||
* @param string $secret
|
||||
* @return self
|
||||
*/
|
||||
public function setSecret($secret)
|
||||
{
|
||||
$this->secret = $secret;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the client secret
|
||||
* @return string
|
||||
*/
|
||||
public function getSecret()
|
||||
{
|
||||
return $this->secret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the client name
|
||||
* @param string $name
|
||||
* @return self
|
||||
*/
|
||||
public function setName($name)
|
||||
{
|
||||
$this->name = $name;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the client name
|
||||
* @return string
|
||||
*/
|
||||
public function getName()
|
||||
{
|
||||
return $this->name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the client redirect URI
|
||||
* @param string $redirectUri
|
||||
* @return self
|
||||
*/
|
||||
public function setRedirectUri($redirectUri)
|
||||
{
|
||||
$this->redirectUri = $redirectUri;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returnt the client redirect URI
|
||||
* @return string
|
||||
*/
|
||||
public function getRedirectUri()
|
||||
{
|
||||
return $this->redirectUri;
|
||||
|
@ -1,30 +1,36 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Refresh token entity
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
use League\OAuth2\Server\Storage\SessionStorageInterface;
|
||||
use League\OAuth2\Server\Storage\RefreshTokenInterface;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\Exception\InvalidAccessTokenException;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
|
||||
/**
|
||||
* Refresh token entity class
|
||||
*/
|
||||
class RefreshToken extends AbstractToken
|
||||
{
|
||||
/**
|
||||
* Access token associated to refresh token
|
||||
* @var \League\OAuth2\Server\Entities\AccessToken
|
||||
*/
|
||||
protected $accessToken;
|
||||
|
||||
/**
|
||||
* __construct
|
||||
* @param RefreshTokenInterface $storage
|
||||
* @return self
|
||||
*/
|
||||
public function __construct(RefreshTokenInterface $storage)
|
||||
{
|
||||
parent::__construct($storage);
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate an access token
|
||||
* @param AccessToken $accessToken
|
||||
* @param \League\OAuth2\Server\Entities\AccessToken $accessToken
|
||||
* @return self
|
||||
*/
|
||||
public function setAccessToken(AccessToken $accessToken)
|
||||
@ -43,11 +49,11 @@ class RefreshToken extends AbstractToken
|
||||
}
|
||||
|
||||
/**
|
||||
* (@inheritdoc)
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function save()
|
||||
{
|
||||
$this->getStorage()->createAccessToken(
|
||||
$this->server->getStorage('refresh_token')->createAccessToken(
|
||||
$this->getToken(),
|
||||
$this->getExpireTime(),
|
||||
$this->getAccessToken()->getToken()
|
||||
@ -55,7 +61,7 @@ class RefreshToken extends AbstractToken
|
||||
|
||||
// Associate the scope with the token
|
||||
foreach ($this->getScopes() as $scope) {
|
||||
$this->getStorage()->associateScope($this->getToken(), $scope->getId());
|
||||
$this->server->getStorage('refresh_token')->associateScope($this->getToken(), $scope->getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,30 +1,87 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 scope entity
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
/**
|
||||
* Scope entity class
|
||||
*/
|
||||
class Scope
|
||||
{
|
||||
protected $id = null;
|
||||
/**
|
||||
* Scope identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $id;
|
||||
|
||||
protected $description = null;
|
||||
/**
|
||||
* Scope description
|
||||
* @var string
|
||||
*/
|
||||
protected $description;
|
||||
|
||||
/**
|
||||
* Authorization or resource server
|
||||
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
|
||||
*/
|
||||
protected $server;
|
||||
|
||||
/**
|
||||
* __construct
|
||||
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
* @return self
|
||||
*/
|
||||
public function __construct($server)
|
||||
{
|
||||
if (! $server instanceof Authorization && ! $server instanceof Resource) {
|
||||
throw new ServerException('No instance of Authorization or Resource server injected');
|
||||
}
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the scope identifer
|
||||
* @param string $id The scope identifier
|
||||
* @return self
|
||||
*/
|
||||
public function setId($id)
|
||||
{
|
||||
$this->id = $id;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the scope identifer
|
||||
* @return string
|
||||
*/
|
||||
public function getId()
|
||||
{
|
||||
return $this->id;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the scope's descripton
|
||||
* @param string $description
|
||||
* @return self
|
||||
*/
|
||||
public function setDescription($description)
|
||||
{
|
||||
$this->description = $description;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the scope's description
|
||||
* @return string
|
||||
*/
|
||||
public function getDescription()
|
||||
{
|
||||
return $this->description;
|
||||
|
@ -1,71 +1,112 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 session entity
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Entities;
|
||||
|
||||
use OutOfBoundsException;
|
||||
use League\OAuth2\Server\Exception\OAuth2Exception;
|
||||
use League\OAuth2\Server\Storage\SessionInterface;
|
||||
use League\OAuth2\Server\Exception\ServerException;
|
||||
use League\OAuth2\Server\Authorization;
|
||||
use League\OAuth2\Server\Resource;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
|
||||
/**
|
||||
* Session entity grant
|
||||
*/
|
||||
class Session
|
||||
{
|
||||
/**
|
||||
* Session ID
|
||||
* Session identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $id = null;
|
||||
|
||||
protected $clientId = null;
|
||||
|
||||
protected $ownerId = null;
|
||||
|
||||
protected $ownerType = null;
|
||||
|
||||
protected $authCode = null;
|
||||
|
||||
protected $accessToken = null;
|
||||
|
||||
protected $refreshToken = null;
|
||||
protected $id;
|
||||
|
||||
/**
|
||||
* Session storage
|
||||
* @var \League\OAuth2\Server\Storage\SessionInterface
|
||||
* Client identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $storage = null;
|
||||
protected $clientId;
|
||||
|
||||
/**
|
||||
* Session owner identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $ownerId;
|
||||
|
||||
/**
|
||||
* Session owner type (e.g. "user")
|
||||
* @var string
|
||||
*/
|
||||
protected $ownerType;
|
||||
|
||||
/**
|
||||
* Auth code
|
||||
* @var \League\OAuth2\Server\Entities\AuthCode
|
||||
*/
|
||||
protected $authCode;
|
||||
|
||||
/**
|
||||
* Access token
|
||||
* @var \League\OAuth2\Server\Entities\AccessToken
|
||||
*/
|
||||
protected $accessToken;
|
||||
|
||||
/**
|
||||
* Refresh token
|
||||
* @var \League\OAuth2\Server\Entities\RefreshToken
|
||||
*/
|
||||
protected $refreshToken;
|
||||
|
||||
/**
|
||||
* Session scopes
|
||||
* @var \Symfony\Component\HttpFoundation\ParameterBag
|
||||
*/
|
||||
protected $scopes = null;
|
||||
protected $scopes;
|
||||
|
||||
/**
|
||||
* Constuctor
|
||||
* @param SessionInterface $storage
|
||||
* Authorization or resource server
|
||||
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
|
||||
*/
|
||||
protected $server;
|
||||
|
||||
/**
|
||||
* __construct
|
||||
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
* @return self
|
||||
*/
|
||||
public function __construct(SessionInterface $storage)
|
||||
public function __construct($server)
|
||||
{
|
||||
$this->storage = $storage;
|
||||
if (! $server instanceof Authorization && ! $server instanceof Resource) {
|
||||
throw new ServerException('No instance of Authorization or Resource server injected');
|
||||
}
|
||||
|
||||
$this->scopes = new ParameterBag();
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get storage
|
||||
* @return SessionInterface
|
||||
* Set the session identifier
|
||||
* @param string $id
|
||||
* @return self
|
||||
*/
|
||||
public function getStorage()
|
||||
{
|
||||
return $this->storage;
|
||||
}
|
||||
|
||||
public function setId($id)
|
||||
{
|
||||
$this->id = $id;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the session identifier
|
||||
* @return string
|
||||
*/
|
||||
public function getId()
|
||||
{
|
||||
return $this->id;
|
||||
@ -95,41 +136,62 @@ class Session
|
||||
return $this->scopes->has($scope);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return all scopes associated with the session
|
||||
* @return array Array of \League\OAuth2\Server\Entities\Scope
|
||||
*/
|
||||
public function getScopes()
|
||||
{
|
||||
return $this->scopes;
|
||||
}
|
||||
|
||||
public function associateAccessToken(AccessToken $accessToken)
|
||||
{
|
||||
$this->accessToken = $accessToken;
|
||||
}
|
||||
|
||||
public function associateRefreshToken(RefreshToken $refreshToken)
|
||||
{
|
||||
$this->refreshToken = $refreshToken;
|
||||
}
|
||||
|
||||
public function associateAuthCode(AuthCode $authCode)
|
||||
{
|
||||
$this->authCode = $authCode;
|
||||
return $this->scopes->all();
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate a client
|
||||
* @param League\OAuth2\Server\Client $client The client
|
||||
* Associate an access token with the session
|
||||
* @param \League\OAuth2\Server\Entities\AccessToken $accessToken
|
||||
* @return self
|
||||
*/
|
||||
public function associateAccessToken(AccessToken $accessToken)
|
||||
{
|
||||
$this->accessToken = $accessToken;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate a refresh token with the session
|
||||
* @param \League\OAuth2\Server\Entities\RefreshToken $refreshToken
|
||||
* @return self
|
||||
*/
|
||||
public function associateRefreshToken(RefreshToken $refreshToken)
|
||||
{
|
||||
$this->refreshToken = $refreshToken;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate an authorization code with the session
|
||||
* @param \League\OAuth2\Server\Entities\AuthCode $authCode
|
||||
* @return self
|
||||
*/
|
||||
public function associateAuthCode(AuthCode $authCode)
|
||||
{
|
||||
$this->authCode = $authCode;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Associate a client with the session
|
||||
* @param League\OAuth2\Server\Entities\Client $client The client
|
||||
* @return self
|
||||
*/
|
||||
public function associateClient(Client $client)
|
||||
{
|
||||
$this->client = $client;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return client
|
||||
* @return League\OAuth2\Server\Client
|
||||
* Return the session client
|
||||
* @return League\OAuth2\Server\Entities\Client
|
||||
*/
|
||||
public function getClient()
|
||||
{
|
||||
@ -139,7 +201,7 @@ class Session
|
||||
/**
|
||||
* Set the session owner
|
||||
* @param string $type The type of the owner (e.g. user, app)
|
||||
* @param string $id The ID of the owner
|
||||
* @param string $id The identifier of the owner
|
||||
* @return self
|
||||
*/
|
||||
public function setOwner($type, $id)
|
||||
@ -151,7 +213,7 @@ class Session
|
||||
}
|
||||
|
||||
/**
|
||||
* Return session owner ID
|
||||
* Return session owner identifier
|
||||
* @return string
|
||||
*/
|
||||
public function getOwnerId()
|
||||
@ -168,10 +230,14 @@ class Session
|
||||
return $this->ownerType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Save the session
|
||||
* @return void
|
||||
*/
|
||||
public function save()
|
||||
{
|
||||
// Save the session and get an ID
|
||||
$id = $this->getStorage()->createSession(
|
||||
// Save the session and get an identifier
|
||||
$id = $this->server->getStorage('session')->createSession(
|
||||
$this->getOwnerType(),
|
||||
$this->getOwnerId(),
|
||||
$this->getClient()->getId(),
|
||||
@ -182,7 +248,7 @@ class Session
|
||||
|
||||
// Associate the scope with the session
|
||||
foreach ($this->getScopes() as $scope) {
|
||||
$this->getStorage()->associateScope($this->getId(), $scope->getId());
|
||||
$this->server->getStorage('session')->associateScope($this->getId(), $scope->getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Client Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Invalid Access Token Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Invalid Grant Type Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Base Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Server Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -1,10 +1,10 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Client credentials grant
|
||||
* OAuth 2.0 Abstract grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -12,16 +12,42 @@
|
||||
namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use League\OAuth2\Server\Authorization;
|
||||
|
||||
trait GrantTrait {
|
||||
use League\OAuth2\Server\Entities\Scope;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @return void
|
||||
* Abstract grant class
|
||||
*/
|
||||
public function __construct()
|
||||
abstract class AbstractGrant implements GrantTypeInterface
|
||||
{
|
||||
}
|
||||
/**
|
||||
* Grant identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $identifier = '';
|
||||
|
||||
/**
|
||||
* Response type
|
||||
* @var string
|
||||
*/
|
||||
protected $responseType = null;
|
||||
|
||||
/**
|
||||
* Callback to authenticate a user's name and password
|
||||
* @var function
|
||||
*/
|
||||
protected $callback = null;
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $server = null;
|
||||
|
||||
/**
|
||||
* Access token expires in override
|
||||
* @var int
|
||||
*/
|
||||
protected $accessTokenTTL = null;
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
@ -74,6 +100,12 @@ trait GrantTrait {
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Given a list of scopes, validate them and return an arrary of Scope entities
|
||||
* @param string $scopeParam A string of scopes (e.g. "profile email birthday")
|
||||
* @return array
|
||||
* @throws ClientException If scope is invalid, or no scopes passed when required
|
||||
*/
|
||||
public function validateScopes($scopeParam = '')
|
||||
{
|
||||
$scopesList = explode($this->server->getScopeDelimeter(), $scopeParam);
|
||||
@ -100,24 +132,37 @@ trait GrantTrait {
|
||||
$scopes = [];
|
||||
|
||||
foreach ($scopesList as $scopeItem) {
|
||||
$scopeDetails = $this->server->getStorage('scope')->getScope(
|
||||
$scope = $this->server->getStorage('scope')->getScope(
|
||||
$scopeItem,
|
||||
$client->getId(),
|
||||
$this->getIdentifier()
|
||||
);
|
||||
|
||||
if ($scopeDetails === false) {
|
||||
if (($scope instanceof Scope) === false) {
|
||||
throw new ClientException(sprintf($this->server->getExceptionMessage('invalid_scope'), $scopeItem), 4);
|
||||
}
|
||||
|
||||
$scope = new Scope($this->server->getStorage('scope'));
|
||||
$scope->setId($scopeDetails['id']);
|
||||
$scope->setName($scopeDetails['name']);
|
||||
|
||||
$scopes[] = $scope;
|
||||
}
|
||||
|
||||
return $scopes;
|
||||
}
|
||||
|
||||
/**
|
||||
* Complete the grant flow
|
||||
*
|
||||
* Example response:
|
||||
* <pre>
|
||||
* array(
|
||||
* 'access_token' => (string), // The access token
|
||||
* 'refresh_token' => (string), // The refresh token (only set if the refresh token grant is enabled)
|
||||
* 'token_type' => 'bearer', // Almost always "bearer" (exceptions: JWT, SAML)
|
||||
* 'expires' => (int), // The timestamp of when the access token will expire
|
||||
* 'expires_in' => (int) // The number of seconds before the access token will expire
|
||||
* )
|
||||
* </pre>
|
||||
*
|
||||
* @return array An array of parameters to be passed back to the client
|
||||
*/
|
||||
abstract public function completeFlow();
|
||||
|
||||
}
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Auth code grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Client credentials grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -25,10 +25,8 @@ use League\OAuth2\Server\Storage\ScopeInterface;
|
||||
/**
|
||||
* Client credentials grant class
|
||||
*/
|
||||
class ClientCredentials implements GrantTypeInterface
|
||||
class ClientCredentials extends AbstractGrant
|
||||
{
|
||||
use GrantTrait;
|
||||
|
||||
/**
|
||||
* Grant identifier
|
||||
* @var string
|
||||
@ -78,35 +76,30 @@ class ClientCredentials implements GrantTypeInterface
|
||||
}
|
||||
|
||||
// Validate client ID and client secret
|
||||
$clientDetails = $this->server->getStorage('client')->getClient(
|
||||
$client = $this->server->getStorage('client')->getClient(
|
||||
$clientId,
|
||||
$clientSecret,
|
||||
null,
|
||||
$this->getIdentifier()
|
||||
);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
if (($client instanceof Client) === false) {
|
||||
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$client = new Client;
|
||||
$client->setId($clientDetails['id']);
|
||||
$client->setSecret($clientDetails['secret']);
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scopeParam = $this->server->getRequest()->request->get('scope', '');
|
||||
$scopes = $this->validateScopes($scopeParam);
|
||||
|
||||
// Create a new session
|
||||
$session = new Session($this->server->getStorage('session'));
|
||||
$session = new Session();
|
||||
$session->setOwner('client', $client->getId());
|
||||
$session->associateClient($client);
|
||||
|
||||
// Generate an access token
|
||||
$accessToken = new AccessToken($this->server->getStorage('access_token'));
|
||||
$accessToken->setId(SecureKey::make());
|
||||
$accessToken->setTimestamp(time());
|
||||
$accessToken->setTTL($this->server->getAccessTokenTTL());
|
||||
$accessToken = new AccessToken();
|
||||
$accessToken->setToken(SecureKey::make());
|
||||
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
|
||||
|
||||
// Associate scopes with the session and access token
|
||||
foreach ($scopes as $scope) {
|
||||
@ -115,18 +108,17 @@ class ClientCredentials implements GrantTypeInterface
|
||||
}
|
||||
|
||||
// Save everything
|
||||
$session->save();
|
||||
$session->save($this->server->getStorage('session'));
|
||||
$accessToken->setSession($session);
|
||||
$accessToken->save();
|
||||
$accessToken->save($this->server->getStorage('access_token'));
|
||||
|
||||
$response = [
|
||||
'access_token' => $accessToken->getId(),
|
||||
'access_token' => $accessToken->getToken(),
|
||||
'token_type' => 'Bearer',
|
||||
'expires' => $accessToken->getExpireTime(),
|
||||
'expires_in' => $accessToken->getTTL()
|
||||
'expires_in' => $this->server->getAccessTokenTTL()
|
||||
];
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Grant type interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -19,30 +19,14 @@ use League\OAuth2\Server\Storage\SessionInterface;
|
||||
use League\OAuth2\Server\Storage\ClientInterface;
|
||||
use League\OAuth2\Server\Storage\ScopeInterface;
|
||||
|
||||
/**
|
||||
* Grant type interface
|
||||
*/
|
||||
interface GrantTypeInterface
|
||||
{
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct();
|
||||
|
||||
/**
|
||||
* Complete the grant flow
|
||||
*
|
||||
* Example response:
|
||||
* <code>
|
||||
* array(
|
||||
* 'access_token' => (string), // The access token
|
||||
* 'refresh_token' => (string), // The refresh token (only set if the refresh token grant is enabled)
|
||||
* 'token_type' => 'bearer', // Almost always "bearer" (exceptions: JWT, SAML)
|
||||
* 'expires' => (int), // The timestamp of when the access token will expire
|
||||
* 'expires_in' => (int) // The number of seconds before the access token will expire
|
||||
* )
|
||||
* </code>
|
||||
*
|
||||
* @return array An array of parameters to be passed back to the client
|
||||
* @return array
|
||||
*/
|
||||
public function completeFlow();
|
||||
}
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 implicit grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -52,10 +52,9 @@ class Implicit implements GrantTypeInterface {
|
||||
|
||||
/**
|
||||
* Complete the client credentials grant
|
||||
* @param null|array $inputParams
|
||||
* @return array
|
||||
*/
|
||||
public function completeFlow($authParams = null)
|
||||
public function completeFlow()
|
||||
{
|
||||
// Remove any old sessions the user might have
|
||||
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $authParams['user_id']);
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Password grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -27,10 +27,8 @@ use League\OAuth2\Server\Storage\ScopeInterface;
|
||||
/**
|
||||
* Password grant class
|
||||
*/
|
||||
class Password implements GrantTypeInterface {
|
||||
|
||||
use GrantTrait;
|
||||
|
||||
class Password extends AbstractGrant
|
||||
{
|
||||
/**
|
||||
* Grant identifier
|
||||
* @var string
|
||||
@ -109,23 +107,17 @@ class Password implements GrantTypeInterface {
|
||||
}
|
||||
|
||||
// Validate client ID and client secret
|
||||
$clientDetails = $this->server->getStorage('client')->getClient(
|
||||
$client = $this->server->getStorage('client')->getClient(
|
||||
$clientId,
|
||||
$clientSecret,
|
||||
null,
|
||||
$this->getIdentifier()
|
||||
);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
if (($client instanceof Client) === false) {
|
||||
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$client = new Client;
|
||||
$client->setId($clientDetails['id']);
|
||||
$client->setSecret($clientDetails['secret']);
|
||||
|
||||
|
||||
|
||||
$username = $this->server->getRequest()->request->get('username', null);
|
||||
if (is_null($username)) {
|
||||
throw new ClientException(
|
||||
@ -146,7 +138,7 @@ class Password implements GrantTypeInterface {
|
||||
$userId = call_user_func($this->getVerifyCredentialsCallback(), $username, $password);
|
||||
|
||||
if ($userId === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_credentials'), 0);
|
||||
throw new ClientException($this->server->getExceptionMessage('invalid_credentials'), 0);
|
||||
}
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
@ -154,15 +146,14 @@ class Password implements GrantTypeInterface {
|
||||
$scopes = $this->validateScopes($scopeParam);
|
||||
|
||||
// Create a new session
|
||||
$session = new Session($this->server->getStorage('session'));
|
||||
$session = new Session($this->server);
|
||||
$session->setOwner('user', $userId);
|
||||
$session->associateClient($client);
|
||||
|
||||
// Generate an access token
|
||||
$accessToken = new AccessToken($this->server->getStorage('access_token'));
|
||||
$accessToken->setId(SecureKey::make());
|
||||
$accessToken->setTimestamp(time());
|
||||
$accessToken->setTTL($this->server->getAccessTokenTTL());
|
||||
$accessToken = new AccessToken($this->server);
|
||||
$accessToken->setToken(SecureKey::make());
|
||||
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
|
||||
|
||||
// Associate scopes with the session and access token
|
||||
foreach ($scopes as $scope) {
|
||||
@ -171,29 +162,28 @@ class Password implements GrantTypeInterface {
|
||||
}
|
||||
|
||||
$response = [
|
||||
'access_token' => $accessToken->getId(),
|
||||
'access_token' => $accessToken->getToken(),
|
||||
'token_type' => 'Bearer',
|
||||
'expires' => $accessToken->getExpireTime(),
|
||||
'expires_in' => $accessToken->getTTL()
|
||||
'expires_in' => $this->server->getAccessTokenTTL()
|
||||
];
|
||||
|
||||
// Associate a refresh token if set
|
||||
if ($this->server->hasGrantType('refresh_token')) {
|
||||
$refreshToken = new RefreshToken($this->server->getStorage('refresh_token'));
|
||||
$refreshToken->setId(SecureKey::make());
|
||||
$refreshToken->setTimestamp(time());
|
||||
$refreshToken->setTTL($this->server->getGrantType('refresh_token')->getRefreshTokenTTL());
|
||||
$response['refresh_token'] = $refreshToken->getId();
|
||||
$refreshToken = new RefreshToken($this->server);
|
||||
$refreshToken->setToken(SecureKey::make());
|
||||
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
|
||||
$response['refresh_token'] = $refreshToken->getToken();
|
||||
}
|
||||
|
||||
// Save everything
|
||||
$session->save();
|
||||
$session->save($this->server->getStorage('session'));
|
||||
$accessToken->setSession($session);
|
||||
$accessToken->save();
|
||||
$accessToken->save($this->server->getStorage('access_token'));
|
||||
|
||||
if ($this->server->hasGrantType('refresh_token')) {
|
||||
$refreshToken->setAccessToken($accessToken);
|
||||
$refreshToken->save();
|
||||
$refreshToken->save($this->server->getStorage('refresh_token'));
|
||||
}
|
||||
|
||||
return $response;
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Refresh token grant
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -18,50 +18,27 @@ use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\Storage\SessionInterface;
|
||||
use League\OAuth2\Server\Storage\ClientInterface;
|
||||
use League\OAuth2\Server\Storage\ScopeInterface;
|
||||
use League\OAuth2\Server\Entities\RefreshToken as RT;
|
||||
use League\OAuth2\Server\Entities\AccessToken;
|
||||
use League\OAuth2\Server\Entities\Session;
|
||||
use League\OAuth2\Server\Exception\ClientException;
|
||||
|
||||
/**
|
||||
* Referesh token grant
|
||||
*/
|
||||
class RefreshToken implements GrantTypeInterface {
|
||||
|
||||
use GrantTrait;
|
||||
|
||||
class RefreshToken extends AbstractGrant
|
||||
{
|
||||
/**
|
||||
* Grant identifier
|
||||
* @var string
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
protected $identifier = 'refresh_token';
|
||||
|
||||
/**
|
||||
* Response type
|
||||
* @var string
|
||||
*/
|
||||
protected $responseType = null;
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Access token expires in override
|
||||
* @var int
|
||||
*/
|
||||
protected $accessTokenTTL = null;
|
||||
|
||||
/**
|
||||
* Refresh token TTL
|
||||
* Refresh token TTL (default = 604800 | 1 week)
|
||||
* @var integer
|
||||
*/
|
||||
protected $refreshTokenTTL = 604800;
|
||||
|
||||
/**
|
||||
* Rotate refresh tokens
|
||||
* @var boolean
|
||||
*/
|
||||
protected $rotateRefreshTokens = false;
|
||||
|
||||
/**
|
||||
* Set the TTL of the refresh token
|
||||
* @param int $refreshTokenTTL
|
||||
@ -82,126 +59,110 @@ class RefreshToken implements GrantTypeInterface {
|
||||
}
|
||||
|
||||
/**
|
||||
* When a new access is token, expire the refresh token used and issue a new one.
|
||||
* @param boolean $rotateRefreshTokens Set to true to enable (default = false)
|
||||
* @return void
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function rotateRefreshTokens($rotateRefreshTokens = false)
|
||||
public function completeFlow()
|
||||
{
|
||||
$this->rotateRefreshTokens = $rotateRefreshTokens;
|
||||
$clientId = $this->server->getRequest()->request->get('client_id', null);
|
||||
if (is_null($clientId)) {
|
||||
throw new Exception\ClientException(
|
||||
sprintf($this->server->getExceptionMessage('invalid_request'), 'client_id'),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Complete the refresh token grant
|
||||
* @param null|array $inputParams
|
||||
* @return array
|
||||
*/
|
||||
public function completeFlow($inputParams = null)
|
||||
{
|
||||
// Get the required params
|
||||
$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'refresh_token', 'scope'), 'post', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['client_secret'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
$clientSecret = $this->server->getRequest()->request->get('client_secret', null);
|
||||
if (is_null($clientSecret)) {
|
||||
throw new Exception\ClientException(
|
||||
sprintf($this->server->getExceptionMessage('invalid_request'), 'client_secret'),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
// Validate client ID and client secret
|
||||
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], null, $this->identifier);
|
||||
$client = $this->server->getStorage('client')->getClient(
|
||||
$clientId,
|
||||
$clientSecret,
|
||||
null,
|
||||
$this->getIdentifier()
|
||||
);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
|
||||
if ($client === null) {
|
||||
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
if (is_null($authParams['refresh_token'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'refresh_token'), 0);
|
||||
$oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null);
|
||||
if ($oldRefreshTokenParam === null) {
|
||||
throw new Exception\ClientException(
|
||||
sprintf($this->server->getExceptionMessage('invalid_request'), 'refresh_token'),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
// Validate refresh token
|
||||
$accessTokenId = $this->authServer->getStorage('session')->validateRefreshToken($authParams['refresh_token'], $authParams['client_id']);
|
||||
$oldRefreshToken = $this->server->getStorage('refresh_token')->getToken($oldRefreshTokenParam);
|
||||
|
||||
if ($accessTokenId === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_refresh'), 0);
|
||||
if (($oldRefreshToken instanceof RT) === false) {
|
||||
throw new Exception\ClientException($this->server->getExceptionMessage('invalid_refresh'), 0);
|
||||
}
|
||||
|
||||
// Get the existing access token
|
||||
$accessTokenDetails = $this->authServer->getStorage('session')->getAccessToken($accessTokenId);
|
||||
$oldAccessToken = $oldRefreshToken->getAccessToken();
|
||||
|
||||
// Get the scopes for the existing access token
|
||||
$scopes = $this->authServer->getStorage('session')->getScopes($accessTokenDetails['access_token']);
|
||||
// Get the scopes for the original session
|
||||
$session = $oldAccessToken->getSession();
|
||||
$scopes = $session->getScopes();
|
||||
|
||||
// Generate new tokens and associate them to the session
|
||||
$accessToken = SecureKey::make();
|
||||
$accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getAccessTokenTTL();
|
||||
$accessTokenExpires = time() + $accessTokenExpiresIn;
|
||||
// Get and validate any requested scopes
|
||||
$requestedScopesString = $this->server->getRequest()->request->get('scope', '');
|
||||
$requestedScopes = $this->validateScopes($requestedScopesString);
|
||||
|
||||
// Associate the new access token with the session
|
||||
$newAccessTokenId = $this->authServer->getStorage('session')->associateAccessToken($accessTokenDetails['session_id'], $accessToken, $accessTokenExpires);
|
||||
// If no new scopes are requested then give the access token the original session scopes
|
||||
if (count($requestedScopes) === 0) {
|
||||
$newScopes = $scopes;
|
||||
} else {
|
||||
// The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure
|
||||
// the request doesn't include any new scopes
|
||||
|
||||
if ($this->rotateRefreshTokens === true) {
|
||||
foreach ($requestedScopes as $requestedScope) {
|
||||
// if ()
|
||||
}
|
||||
|
||||
$newScopes = $requestedScopes;
|
||||
}
|
||||
|
||||
// Generate a new access token and assign it the correct sessions
|
||||
$newAccessToken = new AccessToken();
|
||||
$newAccessToken->setToken(SecureKey::make());
|
||||
$newAccessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
|
||||
$newAccessToken->setSession($session);
|
||||
|
||||
foreach ($newScopes as $newScope) {
|
||||
$newAccessToken->associateScope($newScope);
|
||||
}
|
||||
|
||||
// Expire the old token and save the new one
|
||||
$oldAccessToken->expire($this->server->getStorage('access_token'));
|
||||
$newAccessToken->save($this->server->getStorage('access_token'));
|
||||
|
||||
$response = [
|
||||
'access_token' => $newAccessToken->getToken(),
|
||||
'token_type' => 'Bearer',
|
||||
'expires' => $newAccessToken->getExpireTime(),
|
||||
'expires_in' => $this->server->getAccessTokenTTL()
|
||||
];
|
||||
|
||||
// Expire the old refresh token
|
||||
$oldRefreshToken->expire($this->server->getStorage('refresh_token'));
|
||||
|
||||
// Generate a new refresh token
|
||||
$refreshToken = SecureKey::make();
|
||||
$refreshTokenExpires = time() + $this->getRefreshTokenTTL();
|
||||
$newRefreshToken = new RT();
|
||||
$newRefreshToken->setToken(SecureKey::make());
|
||||
$newRefreshToken->setExpireTime($this->getRefreshTokenTTL() + time());
|
||||
$newRefreshToken->setAccessToken($newAccessToken);
|
||||
$newRefreshToken->save($this->server->getStorage('refresh_token'));
|
||||
|
||||
// Revoke the old refresh token
|
||||
$this->authServer->getStorage('session')->removeRefreshToken($authParams['refresh_token']);
|
||||
|
||||
// Associate the new refresh token with the new access token
|
||||
$this->authServer->getStorage('session')->associateRefreshToken($newAccessTokenId, $refreshToken, $refreshTokenExpires, $authParams['client_id']);
|
||||
}
|
||||
|
||||
// There isn't a request for reduced scopes so assign the original ones (or we're not rotating scopes)
|
||||
if ( ! isset($authParams['scope'])) {
|
||||
|
||||
foreach ($scopes as $scope) {
|
||||
$this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scope['id']);
|
||||
}
|
||||
|
||||
} elseif ( isset($authParams['scope']) && $this->rotateRefreshTokens === true) {
|
||||
|
||||
// The request is asking for reduced scopes and rotate tokens is enabled
|
||||
$reqestedScopes = explode($this->authServer->getScopeDelimeter(), $authParams['scope']);
|
||||
|
||||
for ($i = 0; $i < count($reqestedScopes); $i++) {
|
||||
$reqestedScopes[$i] = trim($reqestedScopes[$i]);
|
||||
if ($reqestedScopes[$i] === '') unset($reqestedScopes[$i]); // Remove any junk scopes
|
||||
}
|
||||
|
||||
// Check that there aren't any new scopes being included
|
||||
$existingScopes = array();
|
||||
foreach ($scopes as $s) {
|
||||
$existingScopes[] = $s['scope'];
|
||||
}
|
||||
|
||||
foreach ($reqestedScopes as $reqScope) {
|
||||
if ( ! in_array($reqScope, $existingScopes)) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
|
||||
}
|
||||
|
||||
// Associate with the new access token
|
||||
$scopeDetails = $this->authServer->getStorage('scope')->getScope($reqScope, $authParams['client_id'], $this->identifier);
|
||||
$this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scopeDetails['id']);
|
||||
}
|
||||
}
|
||||
|
||||
$response = array(
|
||||
'access_token' => $accessToken,
|
||||
'token_type' => 'bearer',
|
||||
'expires' => $accessTokenExpires,
|
||||
'expires_in' => $accessTokenExpiresIn
|
||||
);
|
||||
|
||||
if ($this->rotateRefreshTokens === true) {
|
||||
$response['refresh_token'] = $refreshToken;
|
||||
}
|
||||
$response['refresh_token'] = $newRefreshToken->getToken();
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Resource Server
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -257,9 +257,7 @@ class Resource
|
||||
|
||||
/**
|
||||
* Checks if the presented access token has the given scope(s)
|
||||
*
|
||||
* @param array|string An array of scopes or a single scope as a string
|
||||
*
|
||||
* @param array|string $scopes An array of scopes or a single scope as a string
|
||||
* @return bool Returns bool if all scopes are found, false if any fail
|
||||
*/
|
||||
public function hasScope($scopes)
|
||||
|
@ -1,24 +1,56 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* OAuth 2.0 Access token storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Access token interface
|
||||
*/
|
||||
interface AccessTokenInterface
|
||||
{
|
||||
/**
|
||||
* Get an instance of Entites\AccessToken
|
||||
* @param string $token The access token
|
||||
* @return \League\OAuth2\Server\Entities\AccessToken
|
||||
*/
|
||||
public function getToken($token);
|
||||
|
||||
/**
|
||||
* Get the scopes for an access token
|
||||
* @param string $token The access token
|
||||
* @return array Array of \League\OAuth2\Server\Entities\Scope
|
||||
*/
|
||||
public function getTokenScopes($token);
|
||||
|
||||
/**
|
||||
* Creates a new access token
|
||||
* @param string $token The access token
|
||||
* @param integer $expireTime The expire time expressed as a unix timestamp
|
||||
* @param string|integer $sessionId The session ID
|
||||
* @return \League\OAuth2\Server\Entities\AccessToken
|
||||
*/
|
||||
public function createAccessToken($token, $expireTime, $sessionId);
|
||||
|
||||
public function associateScope($token, $scopeId);
|
||||
/**
|
||||
* Associate a scope with an acess token
|
||||
* @param string $token The access token
|
||||
* @param string $scope The scope
|
||||
* @return void
|
||||
*/
|
||||
public function associateScope($token, $scope);
|
||||
|
||||
/**
|
||||
* Delete an access token
|
||||
* @param string $token The access token to delete
|
||||
* @return void
|
||||
*/
|
||||
public function delete($token);
|
||||
}
|
||||
|
43
src/League/OAuth2/Server/Storage/Adapter.php
Normal file
43
src/League/OAuth2/Server/Storage/Adapter.php
Normal file
@ -0,0 +1,43 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 storage adapter
|
||||
*
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Storage adapter class
|
||||
*/
|
||||
class Adapter
|
||||
{
|
||||
/**
|
||||
* Server
|
||||
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
*/
|
||||
protected $server;
|
||||
|
||||
/**
|
||||
* Set the server
|
||||
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
|
||||
*/
|
||||
public function setServer($server)
|
||||
{
|
||||
$this->server = $server;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the server
|
||||
* @return \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
|
||||
*/
|
||||
protected function getServer()
|
||||
{
|
||||
return $this->server;
|
||||
}
|
||||
}
|
@ -1,18 +1,25 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* OAuth 2.0 Refresh token storage interface
|
||||
* OAuth 2.0 Auth code storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Auth code storage interface
|
||||
*/
|
||||
interface AuthCodeInterface
|
||||
{
|
||||
/**
|
||||
* Get the auth code
|
||||
* @param string $code
|
||||
* @return \League\OAuth2\Server\Entities\AuthCode
|
||||
*/
|
||||
public function getCode($code);
|
||||
}
|
||||
|
@ -2,15 +2,18 @@
|
||||
/**
|
||||
* OAuth 2.0 Client storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Client storage interface
|
||||
*/
|
||||
interface ClientInterface
|
||||
{
|
||||
/**
|
||||
@ -38,23 +41,11 @@ interface ClientInterface
|
||||
* oauth_client_endpoints.redirect_uri = :redirectUri
|
||||
* </code>
|
||||
*
|
||||
* Response:
|
||||
*
|
||||
* <code>
|
||||
* Array
|
||||
* (
|
||||
* [id] => (string) The client ID
|
||||
* [secret] => (string) The client secret
|
||||
* [redirect_uri] => (string) The redirect URI used in this request
|
||||
* [name] => (string) The name of the client
|
||||
* )
|
||||
* </code>
|
||||
*
|
||||
* @param string $clientId The client's ID
|
||||
* @param string $clientSecret The client's secret (default = "null")
|
||||
* @param string $redirectUri The client's redirect URI (default = "null")
|
||||
* @param string $grantType The grant type used in the request (default = "null")
|
||||
* @return bool|array Returns false if the validation fails, array on success
|
||||
* @return League\OAuth2\Server\Entities\Client|null
|
||||
*/
|
||||
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null);
|
||||
}
|
||||
|
@ -1,18 +1,41 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* OAuth 2.0 Refresh token storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Refresh token interface
|
||||
*/
|
||||
interface RefreshTokenInterface
|
||||
{
|
||||
public function getToken($token, $clientId);
|
||||
/**
|
||||
* Return a new instance of \League\OAuth2\Server\Entities\RefreshToken
|
||||
* @param string $token
|
||||
* @return \League\OAuth2\Server\Entities\RefreshToken
|
||||
*/
|
||||
public function getToken($token);
|
||||
|
||||
/**
|
||||
* Create a new refresh token_name
|
||||
* @param string $token
|
||||
* @param integer $expireTime
|
||||
* @param string $accessToken
|
||||
* @return \League\OAuth2\Server\Entities\RefreshToken
|
||||
*/
|
||||
public function createRefreshToken($token, $expireTime, $accessToken);
|
||||
|
||||
/**
|
||||
* Delete the refresh token
|
||||
* @param string $token
|
||||
* @return void
|
||||
*/
|
||||
public function delete($token);
|
||||
}
|
||||
|
@ -2,15 +2,18 @@
|
||||
/**
|
||||
* OAuth 2.0 Scope storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Scope interface
|
||||
*/
|
||||
interface ScopeInterface
|
||||
{
|
||||
/**
|
||||
@ -22,22 +25,9 @@ interface ScopeInterface
|
||||
* SELECT * FROM oauth_scopes WHERE scope = :scope
|
||||
* </code>
|
||||
*
|
||||
* Response:
|
||||
*
|
||||
* <code>
|
||||
* Array
|
||||
* (
|
||||
* [id] => (int) The scope's ID
|
||||
* [scope] => (string) The scope itself
|
||||
* [name] => (string) The scope's name
|
||||
* [description] => (string) The scope's description
|
||||
* )
|
||||
* </code>
|
||||
*
|
||||
* @param string $scope The scope
|
||||
* @param string $clientId The client ID (default = "null")
|
||||
* @param string $grantType The grant type used in the request (default = "null")
|
||||
* @return bool|array If the scope doesn't exist return false
|
||||
*/
|
||||
public function getScope($scope, $clientId = null, $grantType = null);
|
||||
public function getScope($scope, $grantType = null);
|
||||
}
|
||||
|
@ -1,27 +1,24 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* OAuth 2.0 Session storage interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Storage;
|
||||
|
||||
/**
|
||||
* Session storage interface
|
||||
*/
|
||||
interface SessionInterface
|
||||
{
|
||||
/**
|
||||
* Get a session
|
||||
*
|
||||
* Response:
|
||||
* <code>
|
||||
*
|
||||
* </code>
|
||||
*
|
||||
* @param int $sessionId
|
||||
* @return array (As described above)
|
||||
*/
|
||||
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Redirect URI generator
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
@ -1,29 +0,0 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Request class interface
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Util;
|
||||
|
||||
interface RequestInterface
|
||||
{
|
||||
|
||||
public function get($index = null);
|
||||
|
||||
public function post($index = null);
|
||||
|
||||
public function cookie($index = null);
|
||||
|
||||
public function file($index = null);
|
||||
|
||||
public function server($index = null);
|
||||
|
||||
public function header($index = null);
|
||||
|
||||
}
|
@ -2,9 +2,9 @@
|
||||
/**
|
||||
* OAuth 2.0 Secure key generator
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @package league/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @copyright Copyright (c) PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user