mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-15 09:47:46 +05:30
Merge pull request #437 from juliangut/refresh_ttl
V5 - Allow refresh token TTL assign
This commit is contained in:
Alex Bilbie
commit
96620c8b3b
@ -80,6 +80,11 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
*/
|
||||
protected $pathToPublicKey;
|
||||
|
||||
/**
|
||||
* @var \DateInterval
|
||||
*/
|
||||
protected $refreshTokenTTL;
|
||||
|
||||
/**
|
||||
* @param ClientRepositoryInterface $clientRepository
|
||||
*/
|
||||
@ -128,6 +133,14 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$this->emitter = $emitter;
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)
|
||||
{
|
||||
$this->refreshTokenTTL = $refreshTokenTTL;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
@ -291,7 +304,7 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
{
|
||||
$refreshToken = new RefreshTokenEntity();
|
||||
$refreshToken->setIdentifier(SecureKey::generate());
|
||||
$refreshToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('P1M')));
|
||||
$refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));
|
||||
$refreshToken->setAccessToken($accessToken);
|
||||
|
||||
return $refreshToken;
|
||||
|
||||
@ -32,14 +32,14 @@ class ClientCredentialsGrant extends AbstractGrant
|
||||
public function respondToRequest(
|
||||
ServerRequestInterface $request,
|
||||
ResponseTypeInterface $responseType,
|
||||
\DateInterval $tokenTTL
|
||||
\DateInterval $accessTokenTTL
|
||||
) {
|
||||
// Validate request
|
||||
$client = $this->validateClient($request);
|
||||
$scopes = $this->validateScopes($request, $client);
|
||||
|
||||
// Issue and persist access token
|
||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes);
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
|
||||
// Inject access token into response type
|
||||
|
||||
@ -11,7 +11,6 @@
|
||||
|
||||
namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use DateInterval;
|
||||
use League\Event\EmitterInterface;
|
||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
||||
@ -24,6 +23,13 @@ use Psr\Http\Message\ServerRequestInterface;
|
||||
*/
|
||||
interface GrantTypeInterface
|
||||
{
|
||||
/**
|
||||
* Set refresh token TTL
|
||||
*
|
||||
* @param \DateInterval $refreshTokenTTL
|
||||
*/
|
||||
public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL);
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
*
|
||||
@ -43,14 +49,14 @@ interface GrantTypeInterface
|
||||
*
|
||||
* @param \Psr\Http\Message\ServerRequestInterface $request
|
||||
* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
|
||||
* @param \DateInterval $tokenTTL
|
||||
* @param \DateInterval $accessTokenTTL
|
||||
*
|
||||
* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
|
||||
*/
|
||||
public function respondToRequest(
|
||||
ServerRequestInterface $request,
|
||||
ResponseTypeInterface $responseType,
|
||||
DateInterval $tokenTTL
|
||||
\DateInterval $accessTokenTTL
|
||||
);
|
||||
|
||||
/**
|
||||
|
||||
@ -51,6 +51,8 @@ class PasswordGrant extends AbstractGrant
|
||||
) {
|
||||
$this->userRepository = $userRepository;
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
|
||||
$this->refreshTokenTTL = new \DateInterval('P1M');
|
||||
}
|
||||
|
||||
/**
|
||||
@ -59,7 +61,7 @@ class PasswordGrant extends AbstractGrant
|
||||
public function respondToRequest(
|
||||
ServerRequestInterface $request,
|
||||
ResponseTypeInterface $responseType,
|
||||
\DateInterval $tokenTTL
|
||||
\DateInterval $accessTokenTTL
|
||||
) {
|
||||
// Validate request
|
||||
$client = $this->validateClient($request);
|
||||
@ -67,7 +69,7 @@ class PasswordGrant extends AbstractGrant
|
||||
$scopes = $this->validateScopes($request, $client);
|
||||
|
||||
// Issue and persist new tokens
|
||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes);
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
|
||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
|
||||
@ -42,6 +42,8 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
RefreshTokenRepositoryInterface $refreshTokenRepository
|
||||
) {
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
|
||||
$this->refreshTokenTTL = new \DateInterval('P1M');
|
||||
}
|
||||
|
||||
/**
|
||||
@ -50,8 +52,9 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
public function respondToRequest(
|
||||
ServerRequestInterface $request,
|
||||
ResponseTypeInterface $responseType,
|
||||
\DateInterval $tokenTTL
|
||||
\DateInterval $accessTokenTTL
|
||||
) {
|
||||
// Validate request
|
||||
$client = $this->validateClient($request);
|
||||
$oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
|
||||
$scopes = $this->validateScopes($request, $client);
|
||||
@ -75,9 +78,9 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
|
||||
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
|
||||
|
||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
|
||||
// Issue and persist new tokens
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
|
||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
||||
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
|
||||
|
||||
@ -7,6 +7,7 @@ use League\Event\EmitterAwareInterface;
|
||||
use League\Event\EmitterAwareTrait;
|
||||
use League\OAuth2\Server\Exception\OAuthServerException;
|
||||
use League\OAuth2\Server\Grant\GrantTypeInterface;
|
||||
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
|
||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
||||
@ -26,11 +27,6 @@ class Server implements EmitterAwareInterface
|
||||
*/
|
||||
protected $enabledGrantTypes = [];
|
||||
|
||||
/**
|
||||
* @var ResponseTypeInterface[]
|
||||
*/
|
||||
protected $grantResponseTypes = [];
|
||||
|
||||
/**
|
||||
* @var DateInterval[]
|
||||
*/
|
||||
@ -92,47 +88,23 @@ class Server implements EmitterAwareInterface
|
||||
$this->responseType = $responseType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the token type that grants will return in the HTTP response
|
||||
*
|
||||
* @return ResponseTypeInterface
|
||||
*/
|
||||
public function getResponseType()
|
||||
{
|
||||
if (!$this->responseType instanceof ResponseTypeInterface) {
|
||||
$this->responseType = new BearerTokenResponse(
|
||||
$this->privateKeyPath,
|
||||
$this->publicKeyPath,
|
||||
$this->accessTokenRepository
|
||||
);
|
||||
}
|
||||
|
||||
return $this->responseType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Enable a grant type on the server
|
||||
*
|
||||
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
|
||||
* @param DateInterval $accessTokenTTL
|
||||
*/
|
||||
public function enableGrantType(
|
||||
GrantTypeInterface $grantType,
|
||||
\DateInterval $accessTokenTTL
|
||||
) {
|
||||
public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL)
|
||||
{
|
||||
$grantType->setAccessTokenRepository($this->accessTokenRepository);
|
||||
$grantType->setClientRepository($this->clientRepository);
|
||||
$grantType->setScopeRepository($this->scopeRepository);
|
||||
$grantType->setPathToPrivateKey($this->privateKeyPath);
|
||||
$grantType->setPathToPublicKey($this->publicKeyPath);
|
||||
|
||||
$grantType->setEmitter($this->getEmitter());
|
||||
|
||||
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
|
||||
|
||||
// Set grant response type
|
||||
$this->grantResponseTypes[$grantType->getIdentifier()] = $this->getResponseType();
|
||||
|
||||
// Set grant access token TTL
|
||||
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
|
||||
}
|
||||
|
||||
@ -160,7 +132,7 @@ class Server implements EmitterAwareInterface
|
||||
if ($grantType->canRespondToRequest($request)) {
|
||||
$tokenResponse = $grantType->respondToRequest(
|
||||
$request,
|
||||
$this->grantResponseTypes[$grantType->getIdentifier()],
|
||||
$this->getResponseType(),
|
||||
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
|
||||
);
|
||||
}
|
||||
@ -172,4 +144,22 @@ class Server implements EmitterAwareInterface
|
||||
|
||||
return $tokenResponse->generateHttpResponse($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the token type that grants will return in the HTTP response
|
||||
*
|
||||
* @return ResponseTypeInterface
|
||||
*/
|
||||
public function getResponseType()
|
||||
{
|
||||
if (!$this->responseType instanceof ResponseTypeInterface) {
|
||||
$this->responseType = new BearerTokenResponse(
|
||||
$this->privateKeyPath,
|
||||
$this->publicKeyPath,
|
||||
$this->accessTokenRepository
|
||||
);
|
||||
}
|
||||
|
||||
return $this->responseType;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user