diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 490ecf4c..c6ffc760 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -80,6 +80,11 @@ abstract class AbstractGrant implements GrantTypeInterface */ protected $pathToPublicKey; + /** + * @var \DateInterval + */ + protected $refreshTokenTTL; + /** * @param ClientRepositoryInterface $clientRepository */ @@ -128,6 +133,14 @@ abstract class AbstractGrant implements GrantTypeInterface $this->emitter = $emitter; } + /** + * @inheritdoc + */ + public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL) + { + $this->refreshTokenTTL = $refreshTokenTTL; + } + /** * {@inheritdoc} */ @@ -291,7 +304,7 @@ abstract class AbstractGrant implements GrantTypeInterface { $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier(SecureKey::generate()); - $refreshToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('P1M'))); + $refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL)); $refreshToken->setAccessToken($accessToken); return $refreshToken; diff --git a/src/Grant/ClientCredentialsGrant.php b/src/Grant/ClientCredentialsGrant.php index 03c6c721..918586f9 100644 --- a/src/Grant/ClientCredentialsGrant.php +++ b/src/Grant/ClientCredentialsGrant.php @@ -32,14 +32,14 @@ class ClientCredentialsGrant extends AbstractGrant public function respondToRequest( ServerRequestInterface $request, ResponseTypeInterface $responseType, - \DateInterval $tokenTTL + \DateInterval $accessTokenTTL ) { // Validate request $client = $this->validateClient($request); $scopes = $this->validateScopes($request, $client); // Issue and persist access token - $accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes); + $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes); $this->accessTokenRepository->persistNewAccessToken($accessToken); // Inject access token into response type diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php index 5bc9bf08..a6a5c63a 100644 --- a/src/Grant/GrantTypeInterface.php +++ b/src/Grant/GrantTypeInterface.php @@ -11,7 +11,6 @@ namespace League\OAuth2\Server\Grant; -use DateInterval; use League\Event\EmitterInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; @@ -24,6 +23,13 @@ use Psr\Http\Message\ServerRequestInterface; */ interface GrantTypeInterface { + /** + * Set refresh token TTL + * + * @param \DateInterval $refreshTokenTTL + */ + public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL); + /** * Return the identifier * @@ -43,14 +49,14 @@ interface GrantTypeInterface * * @param \Psr\Http\Message\ServerRequestInterface $request * @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType - * @param \DateInterval $tokenTTL + * @param \DateInterval $accessTokenTTL * * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface */ public function respondToRequest( ServerRequestInterface $request, ResponseTypeInterface $responseType, - DateInterval $tokenTTL + \DateInterval $accessTokenTTL ); /** diff --git a/src/Grant/PasswordGrant.php b/src/Grant/PasswordGrant.php index 50593ef3..9f4f41e8 100644 --- a/src/Grant/PasswordGrant.php +++ b/src/Grant/PasswordGrant.php @@ -51,6 +51,8 @@ class PasswordGrant extends AbstractGrant ) { $this->userRepository = $userRepository; $this->refreshTokenRepository = $refreshTokenRepository; + + $this->refreshTokenTTL = new \DateInterval('P1M'); } /** @@ -59,7 +61,7 @@ class PasswordGrant extends AbstractGrant public function respondToRequest( ServerRequestInterface $request, ResponseTypeInterface $responseType, - \DateInterval $tokenTTL + \DateInterval $accessTokenTTL ) { // Validate request $client = $this->validateClient($request); @@ -67,7 +69,7 @@ class PasswordGrant extends AbstractGrant $scopes = $this->validateScopes($request, $client); // Issue and persist new tokens - $accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes); + $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes); $refreshToken = $this->issueRefreshToken($accessToken); $this->accessTokenRepository->persistNewAccessToken($accessToken); $this->refreshTokenRepository->persistNewRefreshToken($refreshToken); diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php index d8348d25..cf3286c8 100644 --- a/src/Grant/RefreshTokenGrant.php +++ b/src/Grant/RefreshTokenGrant.php @@ -42,6 +42,8 @@ class RefreshTokenGrant extends AbstractGrant RefreshTokenRepositoryInterface $refreshTokenRepository ) { $this->refreshTokenRepository = $refreshTokenRepository; + + $this->refreshTokenTTL = new \DateInterval('P1M'); } /** @@ -50,8 +52,9 @@ class RefreshTokenGrant extends AbstractGrant public function respondToRequest( ServerRequestInterface $request, ResponseTypeInterface $responseType, - \DateInterval $tokenTTL + \DateInterval $accessTokenTTL ) { + // Validate request $client = $this->validateClient($request); $oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier()); $scopes = $this->validateScopes($request, $client); @@ -75,9 +78,9 @@ class RefreshTokenGrant extends AbstractGrant $this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']); $this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']); - $accessToken = $this->issueAccessToken($tokenTTL, $client, $oldRefreshToken['user_id'], $scopes); + // Issue and persist new tokens + $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes); $refreshToken = $this->issueRefreshToken($accessToken); - $this->accessTokenRepository->persistNewAccessToken($accessToken); $this->refreshTokenRepository->persistNewRefreshToken($refreshToken); diff --git a/src/Server.php b/src/Server.php index a62e8b32..adb6936d 100644 --- a/src/Server.php +++ b/src/Server.php @@ -7,6 +7,7 @@ use League\Event\EmitterAwareInterface; use League\Event\EmitterAwareTrait; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Grant\GrantTypeInterface; +use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; @@ -26,11 +27,6 @@ class Server implements EmitterAwareInterface */ protected $enabledGrantTypes = []; - /** - * @var ResponseTypeInterface[] - */ - protected $grantResponseTypes = []; - /** * @var DateInterval[] */ @@ -92,47 +88,23 @@ class Server implements EmitterAwareInterface $this->responseType = $responseType; } - /** - * Get the token type that grants will return in the HTTP response - * - * @return ResponseTypeInterface - */ - public function getResponseType() - { - if (!$this->responseType instanceof ResponseTypeInterface) { - $this->responseType = new BearerTokenResponse( - $this->privateKeyPath, - $this->publicKeyPath, - $this->accessTokenRepository - ); - } - - return $this->responseType; - } - /** * Enable a grant type on the server * * @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType * @param DateInterval $accessTokenTTL */ - public function enableGrantType( - GrantTypeInterface $grantType, - \DateInterval $accessTokenTTL - ) { + public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL) + { $grantType->setAccessTokenRepository($this->accessTokenRepository); $grantType->setClientRepository($this->clientRepository); $grantType->setScopeRepository($this->scopeRepository); $grantType->setPathToPrivateKey($this->privateKeyPath); $grantType->setPathToPublicKey($this->publicKeyPath); - $grantType->setEmitter($this->getEmitter()); + $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType; - // Set grant response type - $this->grantResponseTypes[$grantType->getIdentifier()] = $this->getResponseType(); - - // Set grant access token TTL $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL; } @@ -160,7 +132,7 @@ class Server implements EmitterAwareInterface if ($grantType->canRespondToRequest($request)) { $tokenResponse = $grantType->respondToRequest( $request, - $this->grantResponseTypes[$grantType->getIdentifier()], + $this->getResponseType(), $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] ); } @@ -172,4 +144,22 @@ class Server implements EmitterAwareInterface return $tokenResponse->generateHttpResponse($response); } + + /** + * Get the token type that grants will return in the HTTP response + * + * @return ResponseTypeInterface + */ + public function getResponseType() + { + if (!$this->responseType instanceof ResponseTypeInterface) { + $this->responseType = new BearerTokenResponse( + $this->privateKeyPath, + $this->publicKeyPath, + $this->accessTokenRepository + ); + } + + return $this->responseType; + } }