mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-15 09:47:46 +05:30
Updated docblocks for the two main classes
This commit is contained in:
parent
7739923273
commit
1cfe10105a
@ -1,4 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Authentication Server
|
||||||
|
*
|
||||||
|
* @package lncd/oauth2
|
||||||
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||||
|
* @copyright Copyright (c) 2013 University of Lincoln
|
||||||
|
* @license http://mit-license.org/
|
||||||
|
* @link http://github.com/lncd/oauth2
|
||||||
|
*/
|
||||||
|
|
||||||
namespace OAuth2;
|
namespace OAuth2;
|
||||||
|
|
||||||
@ -9,6 +18,9 @@ use OAuth2\Storage\ClientInterface;
|
|||||||
use OAuth2\Storage\ScopeInterface;
|
use OAuth2\Storage\ScopeInterface;
|
||||||
use OAuth2\Grant\GrantTypeInterface;
|
use OAuth2\Grant\GrantTypeInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 authentication server class
|
||||||
|
*/
|
||||||
class AuthServer
|
class AuthServer
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
@ -21,14 +33,34 @@ class AuthServer
|
|||||||
*/
|
*/
|
||||||
protected $scopeDelimeter = ',';
|
protected $scopeDelimeter = ',';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The TTL (time to live) of an access token in seconds (default: 3600)
|
||||||
|
* @var integer
|
||||||
|
*/
|
||||||
static protected $expiresIn = 3600;
|
static protected $expiresIn = 3600;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The registered grant response types
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
protected $responseTypes = array();
|
protected $responseTypes = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The client, scope and session storage classes
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
static protected $storages = array();
|
static protected $storages = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The registered grant types
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
static protected $grantTypes = array();
|
static protected $grantTypes = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The request object
|
||||||
|
* @var Util\RequestInterface
|
||||||
|
*/
|
||||||
static protected $request = null;
|
static protected $request = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -67,11 +99,24 @@ class AuthServer
|
|||||||
'invalid_refresh' => 'The refresh token is invalid.',
|
'invalid_refresh' => 'The refresh token is invalid.',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get an exception message
|
||||||
|
*
|
||||||
|
* @param string $error The error message key
|
||||||
|
* @return string The error message
|
||||||
|
*/
|
||||||
public static function getExceptionMessage($error = '')
|
public static function getExceptionMessage($error = '')
|
||||||
{
|
{
|
||||||
return self::$exceptionMessages[$error];
|
return self::$exceptionMessages[$error];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a new OAuth2 authentication server
|
||||||
|
*
|
||||||
|
* @param ClientInterface $client A class which inherits from Storage/ClientInterface
|
||||||
|
* @param SessionInterface $session A class which inherits from Storage/SessionInterface
|
||||||
|
* @param ScopeInterface $scope A class which inherits from Storage/ScopeInterface
|
||||||
|
*/
|
||||||
public function __construct(ClientInterface $client, SessionInterface $session, ScopeInterface $scope)
|
public function __construct(ClientInterface $client, SessionInterface $session, ScopeInterface $scope)
|
||||||
{
|
{
|
||||||
self::$storages = array(
|
self::$storages = array(
|
||||||
@ -81,6 +126,11 @@ class AuthServer
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable support for a grant
|
||||||
|
* @param GrantTypeInterface $grantType A grant class which conforms to Interface/GrantTypeInterface
|
||||||
|
* @param null|string $identifier An identifier for the grant (autodetected if not passed)
|
||||||
|
*/
|
||||||
public function addGrantType(GrantTypeInterface $grantType, $identifier = null)
|
public function addGrantType(GrantTypeInterface $grantType, $identifier = null)
|
||||||
{
|
{
|
||||||
if (is_null($identifier)) {
|
if (is_null($identifier)) {
|
||||||
@ -93,26 +143,49 @@ class AuthServer
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if a grant type has been enabled
|
||||||
|
* @param string $identifier The grant type identifier
|
||||||
|
* @return boolean Returns "true" if enabled, "false" if not
|
||||||
|
*/
|
||||||
public static function hasGrantType($identifier)
|
public static function hasGrantType($identifier)
|
||||||
{
|
{
|
||||||
return (array_key_exists($identifier, self::$grantTypes));
|
return (array_key_exists($identifier, self::$grantTypes));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the scope delimeter
|
||||||
|
*
|
||||||
|
* @return string The scope delimiter (default: ",")
|
||||||
|
*/
|
||||||
public function getScopeDelimeter()
|
public function getScopeDelimeter()
|
||||||
{
|
{
|
||||||
return $this->scopeDelimeter;
|
return $this->scopeDelimeter;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setScopeDelimeter($scope_delimeter)
|
/**
|
||||||
|
* Set the scope delimiter
|
||||||
|
*
|
||||||
|
* @param string $scopeDelimeter
|
||||||
|
*/
|
||||||
|
public function setScopeDelimeter($scopeDelimeter)
|
||||||
{
|
{
|
||||||
$this->scopeDelimeter = $scope_delimeter;
|
$this->scopeDelimeter = $scopeDelimeter;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the TTL for an access token
|
||||||
|
* @return int The TTL
|
||||||
|
*/
|
||||||
public static function getExpiresIn()
|
public static function getExpiresIn()
|
||||||
{
|
{
|
||||||
return self::$expiresIn;
|
return self::$expiresIn;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the TTL for an access token
|
||||||
|
* @param int $expiresIn The new TTL
|
||||||
|
*/
|
||||||
public function setExpiresIn($expiresIn)
|
public function setExpiresIn($expiresIn)
|
||||||
{
|
{
|
||||||
self::$expiresIn = $expiresIn;
|
self::$expiresIn = $expiresIn;
|
||||||
@ -121,7 +194,7 @@ class AuthServer
|
|||||||
/**
|
/**
|
||||||
* Sets the Request Object
|
* Sets the Request Object
|
||||||
*
|
*
|
||||||
* @param RequestInterface The Request Object
|
* @param Util\RequestInterface The Request Object
|
||||||
*/
|
*/
|
||||||
public function setRequest(Util\RequestInterface $request)
|
public function setRequest(Util\RequestInterface $request)
|
||||||
{
|
{
|
||||||
@ -131,7 +204,7 @@ class AuthServer
|
|||||||
/**
|
/**
|
||||||
* Gets the Request object. It will create one from the globals if one is not set.
|
* Gets the Request object. It will create one from the globals if one is not set.
|
||||||
*
|
*
|
||||||
* @return RequestInterface
|
* @return Util\RequestInterface
|
||||||
*/
|
*/
|
||||||
public static function getRequest()
|
public static function getRequest()
|
||||||
{
|
{
|
||||||
@ -145,6 +218,11 @@ class AuthServer
|
|||||||
return self::$request;
|
return self::$request;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return a storage class
|
||||||
|
* @param string $obj The class required
|
||||||
|
* @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface
|
||||||
|
*/
|
||||||
public static function getStorage($obj)
|
public static function getStorage($obj)
|
||||||
{
|
{
|
||||||
return self::$storages[$obj];
|
return self::$storages[$obj];
|
||||||
@ -153,8 +231,8 @@ class AuthServer
|
|||||||
/**
|
/**
|
||||||
* Check authorise parameters
|
* Check authorise parameters
|
||||||
*
|
*
|
||||||
* @access public
|
|
||||||
* @param array $inputParams Optional array of parsed $_GET keys
|
* @param array $inputParams Optional array of parsed $_GET keys
|
||||||
|
* @throws \OAuth2\Exception\ClientException
|
||||||
* @return array Authorise request parameters
|
* @return array Authorise request parameters
|
||||||
*/
|
*/
|
||||||
public function checkAuthoriseParams($inputParams = array())
|
public function checkAuthoriseParams($inputParams = array())
|
||||||
@ -236,10 +314,10 @@ class AuthServer
|
|||||||
/**
|
/**
|
||||||
* Parse a new authorise request
|
* Parse a new authorise request
|
||||||
*
|
*
|
||||||
* @param string $type The session owner's type
|
* @param string $type The session owner's type
|
||||||
* @param string $typeId The session owner's ID
|
* @param string $typeId The session owner's ID
|
||||||
* @param array $authoriseParams The authorise request $_GET parameters
|
* @param array $authParams The authorise request $_GET parameters
|
||||||
* @return string An authorisation code
|
* @return string An authorisation code
|
||||||
*/
|
*/
|
||||||
public function newAuthoriseRequest($type, $typeId, $authParams = array())
|
public function newAuthoriseRequest($type, $typeId, $authParams = array())
|
||||||
{
|
{
|
||||||
@ -264,7 +342,6 @@ class AuthServer
|
|||||||
/**
|
/**
|
||||||
* Issue an access token
|
* Issue an access token
|
||||||
*
|
*
|
||||||
* @access public
|
|
||||||
* @param array $inputParams Optional array of parsed $_POST keys
|
* @param array $inputParams Optional array of parsed $_POST keys
|
||||||
* @return array Authorise request parameters
|
* @return array Authorise request parameters
|
||||||
*/
|
*/
|
||||||
@ -287,6 +364,11 @@ class AuthServer
|
|||||||
return $this->getGrantType($authParams['grant_type'])->completeFlow($inputParams, $authParams);
|
return $this->getGrantType($authParams['grant_type'])->completeFlow($inputParams, $authParams);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return a grant type class
|
||||||
|
* @param string $grantType The grant type identifer
|
||||||
|
* @return class
|
||||||
|
*/
|
||||||
protected function getGrantType($grantType)
|
protected function getGrantType($grantType)
|
||||||
{
|
{
|
||||||
return self::$grantTypes[$grantType];
|
return self::$grantTypes[$grantType];
|
||||||
|
@ -1,4 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Resource Server
|
||||||
|
*
|
||||||
|
* @package lncd/oauth2
|
||||||
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||||
|
* @copyright Copyright (c) 2013 University of Lincoln
|
||||||
|
* @license http://mit-license.org/
|
||||||
|
* @link http://github.com/lncd/oauth2
|
||||||
|
*/
|
||||||
|
|
||||||
namespace OAuth2;
|
namespace OAuth2;
|
||||||
|
|
||||||
@ -8,29 +17,63 @@ use OAuth2\Storage\SessionScopeInterface;
|
|||||||
use OAuth2\Util\RequestInterface;
|
use OAuth2\Util\RequestInterface;
|
||||||
use OAuth2\Util\Request;
|
use OAuth2\Util\Request;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Resource Server
|
||||||
|
*/
|
||||||
class ResourceServer
|
class ResourceServer
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* The access token
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
protected $accessToken = null;
|
protected $accessToken = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The session ID
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
protected $sessionId = null;
|
protected $sessionId = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The type of the owner of the access token
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
protected $ownerType = null;
|
protected $ownerType = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The ID of the owner of the access token
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
protected $ownerId = null;
|
protected $ownerId = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The scopes associated with the access token
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
protected $sessionScopes = array();
|
protected $sessionScopes = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The client, scope and session storage classes
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
protected $storages = array();
|
protected $storages = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The request object
|
||||||
|
* @var Util\RequestInterface
|
||||||
|
*/
|
||||||
protected $request = null;
|
protected $request = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The query string key which is used by clients to present the access token (default: oauth_token)
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
protected $tokenKey = 'oauth_token';
|
protected $tokenKey = 'oauth_token';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets up the Resource
|
* Sets up the Resource
|
||||||
*
|
*
|
||||||
* @param SessionInterface The Session Storage Object
|
* @param SessionInterface The Session Storage Object
|
||||||
* @param SessionScopeInterface The Session Scope Storage Object
|
|
||||||
*/
|
*/
|
||||||
public function __construct(SessionInterface $session)
|
public function __construct(SessionInterface $session)
|
||||||
{
|
{
|
||||||
@ -50,7 +93,7 @@ class ResourceServer
|
|||||||
/**
|
/**
|
||||||
* Gets the Request object. It will create one from the globals if one is not set.
|
* Gets the Request object. It will create one from the globals if one is not set.
|
||||||
*
|
*
|
||||||
* @return RequestInterface
|
* @return Util\RequestInterface
|
||||||
*/
|
*/
|
||||||
public function getRequest()
|
public function getRequest()
|
||||||
{
|
{
|
||||||
@ -63,20 +106,30 @@ class ResourceServer
|
|||||||
return $this->request;
|
return $this->request;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the query string key for the access token.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
public function getTokenKey()
|
public function getTokenKey()
|
||||||
{
|
{
|
||||||
return $this->tokenKey;
|
return $this->tokenKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the query string key for the access token.
|
||||||
|
*
|
||||||
|
* @param $key The new query string key
|
||||||
|
*/
|
||||||
public function setTokenKey($key)
|
public function setTokenKey($key)
|
||||||
{
|
{
|
||||||
$this->tokenKey = $key;
|
$this->tokenKey = $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the Owner ID.
|
* Gets the access token owner ID.
|
||||||
*
|
*
|
||||||
* @return int
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getOwnerId()
|
public function getOwnerId()
|
||||||
{
|
{
|
||||||
@ -84,9 +137,9 @@ class ResourceServer
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the Owner Type.
|
* Gets the owner type.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getOwnerType()
|
public function getOwnerType()
|
||||||
{
|
{
|
||||||
@ -94,9 +147,9 @@ class ResourceServer
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the Access Token.
|
* Gets the access token.
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getAccessToken()
|
public function getAccessToken()
|
||||||
{
|
{
|
||||||
@ -104,8 +157,9 @@ class ResourceServer
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks if the Access Token is valid or not.
|
* Checks if the access token is valid or not.
|
||||||
*
|
*
|
||||||
|
* @throws Exception\InvalidAccessTokenException Thrown if the presented access token is not valid
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function isValid()
|
public function isValid()
|
||||||
@ -129,9 +183,10 @@ class ResourceServer
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks if the current session has the given scope(s).
|
* Checks if the presented access token has the given scope(s).
|
||||||
*
|
*
|
||||||
* @param array
|
* @param array|string An array of scopes or a single scope as a string
|
||||||
|
* @return bool Returns bool if all scopes are found, false if any fail
|
||||||
*/
|
*/
|
||||||
public function hasScope($scopes)
|
public function hasScope($scopes)
|
||||||
{
|
{
|
||||||
@ -153,10 +208,10 @@ class ResourceServer
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Reads in the Access Token from the headers.
|
* Reads in the access token from the headers.
|
||||||
*
|
*
|
||||||
|
* @throws Exception\MissingAccessTokenException Thrown if there is no access token presented
|
||||||
* @return string
|
* @return string
|
||||||
* @throws Exception\MissingAccessTokenException
|
|
||||||
*/
|
*/
|
||||||
protected function determineAccessToken()
|
protected function determineAccessToken()
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user