ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

ISSUE #356: added the refresh token to the mac token type response

Browse Source
This commit is contained in:
joao
2015-08-28 10:40:13 +00:00
parent f632fcc997
commit 56c73d2427
1 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/TokenType/MAC.php
View File

@@ -1,14 +1,14 @@
<?php
/**
* OAuth 2.0 MAC Token Type.
* OAuth 2.0 MAC Token Type
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) Alex Bilbie
* @license http://mit-license.org/
*
* @link https://github.com/thephpleague/oauth2-server
*/
namespace League\OAuth2\Server\TokenType;
use League\OAuth2\Server\Util\SecureKey;
@@ -16,7 +16,7 @@ use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Request;
/**
* MAC Token Type.
* MAC Token Type
*/
class MAC extends AbstractTokenType implements TokenTypeInterface
{
@@ -29,11 +29,11 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
$this->server->getMacStorage()->create($macKey, $this->getParam('access_token'));
$response = [
'access_token' => $this->getParam('access_token'),
'token_type' => 'mac',
'expires_in' => $this->getParam('expires_in'),
'mac_key' => $macKey,
'mac_algorithm' => 'hmac-sha-256',
'access_token' => $this->getParam('access_token'),
'token_type' => 'mac',
'expires_in' => $this->getParam('expires_in'),
'mac_key' => $macKey,
'mac_algorithm' => 'hmac-sha-256',
];
if (!is_null($this->getParam('refresh_token'))) {
@@ -125,11 +125,9 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
}
/**
* Prevent timing attack.
*
* @param string $knownString
* @param string $userString
*
* Prevent timing attack
* @param string $knownString
* @param string $userString
* @return bool
*/
private function hash_equals($knownString, $userString)
@@ -142,7 +140,7 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
}
$len = strlen($knownString);
$result = 0;
for ($i = 0; $i < $len; ++$i) {
for ($i = 0; $i < $len; $i++) {
$result |= (ord($knownString[$i]) ^ ord($userString[$i]));
}
// They are only identical strings if $result is exactly 0...