From 56b8b7c64e4632506bd7269c5f37fc77228920e0 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Wed, 8 May 2013 10:38:16 -0700 Subject: [PATCH] Updated associateRefreshToken to use expire time --- src/OAuth2/Storage/PDO/Session.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/OAuth2/Storage/PDO/Session.php b/src/OAuth2/Storage/PDO/Session.php index a5121074..850b256e 100644 --- a/src/OAuth2/Storage/PDO/Session.php +++ b/src/OAuth2/Storage/PDO/Session.php @@ -104,16 +104,18 @@ class Session implements SessionInterface * Associate a refresh token with a session * @param int $accessTokenId The access token ID * @param string $refreshToken The refresh token + * @param int $expireTime Unix timestamp of the refresh token expiry time * @return void */ - public function associateRefreshToken($accessTokenId, $refreshToken) + public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime) { $db = \ezcDbInstance::get(); - $stmt = $db->prepare('INSERT INTO oauth_session_refresh_tokens (session_access_token_id, refresh_token) VALUE - (:accessTokenId, :refreshToken)'); + $stmt = $db->prepare('INSERT INTO oauth_session_refresh_tokens (session_access_token_id, refresh_token, refresh_token_expires) VALUE + (:accessTokenId, :refreshToken, :expireTime)'); $stmt->bindValue(':accessTokenId', $accessTokenId); $stmt->bindValue(':refreshToken', $refreshToken); + $stmt->bindValue(':expireTime', $expireTime); $stmt->execute(); } @@ -207,7 +209,7 @@ class Session implements SessionInterface $db = \ezcDbInstance::get(); $stmt = $db->prepare('SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE - refresh_token = :refreshToken'); + refresh_token = :refreshToken AND refresh_token_expires >= ' . time()); $stmt->bindValue(':refreshToken', $refreshToken); $stmt->execute();