ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 17:56:14 +05:30
Code Issues Packages Projects Releases Wiki Activity

ISSUE #356: added the refresh token to the mac token type response

Browse Source
This commit is contained in:
joao 2015-08-28 10:40:13 +00:00
parent f632fcc997
commit 56c73d2427
1 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/TokenType/MAC.php
View File

@ -1,14 +1,14 @@
<?php <?php
/** /**
* OAuth 2.0 MAC Token Type. * OAuth 2.0 MAC Token Type
* *
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com> * @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) Alex Bilbie * @copyright Copyright (c) Alex Bilbie
* @license http://mit-license.org/ * @license http://mit-license.org/
*
* @link https://github.com/thephpleague/oauth2-server * @link https://github.com/thephpleague/oauth2-server
*/ */
namespace League\OAuth2\Server\TokenType; namespace League\OAuth2\Server\TokenType;
use League\OAuth2\Server\Util\SecureKey; use League\OAuth2\Server\Util\SecureKey;
@ -16,7 +16,7 @@ use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
/** /**
* MAC Token Type. * MAC Token Type
*/ */
class MAC extends AbstractTokenType implements TokenTypeInterface class MAC extends AbstractTokenType implements TokenTypeInterface
{ {
@ -29,11 +29,11 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
$this->server->getMacStorage()->create($macKey, $this->getParam('access_token')); $this->server->getMacStorage()->create($macKey, $this->getParam('access_token'));
$response = [ $response = [
'access_token' => $this->getParam('access_token'), 'access_token' => $this->getParam('access_token'),
'token_type' => 'mac', 'token_type' => 'mac',
'expires_in' => $this->getParam('expires_in'), 'expires_in' => $this->getParam('expires_in'),
'mac_key' => $macKey, 'mac_key' => $macKey,
'mac_algorithm' => 'hmac-sha-256', 'mac_algorithm' => 'hmac-sha-256',
]; ];
if (!is_null($this->getParam('refresh_token'))) { if (!is_null($this->getParam('refresh_token'))) {
@ -125,11 +125,9 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
} }
/** /**
* Prevent timing attack. * Prevent timing attack
* * @param string $knownString
* @param string $knownString * @param string $userString
* @param string $userString
*
* @return bool * @return bool
*/ */
private function hash_equals($knownString, $userString) private function hash_equals($knownString, $userString)
@ -142,7 +140,7 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
} }
$len = strlen($knownString); $len = strlen($knownString);
$result = 0; $result = 0;
for ($i = 0; $i < $len; ++$i) { for ($i = 0; $i < $len; $i++) {
$result |= (ord($knownString[$i]) ^ ord($userString[$i])); $result |= (ord($knownString[$i]) ^ ord($userString[$i]));
} }
// They are only identical strings if $result is exactly 0... // They are only identical strings if $result is exactly 0...