ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

A refresh token should be bound to a client ID

Browse Source
This commit is contained in:
Alex Bilbie
2013-05-09 07:55:10 -07:00
parent 86a483f288
commit c0683586e2
6 changed files with 19 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/League/OAuth2/Server/Storage/SessionInterface.php
View File

@@ -91,9 +91,10 @@ interface SessionInterface
* @param int $accessTokenId The access token ID
* @param string $refreshToken The refresh token
* @param int $expireTime Unix timestamp of the refresh token expiry time
* @param string $clientId The client ID
* @return void
*/
public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime);
public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId);
/**
* Assocate an authorization code with a session
@@ -191,13 +192,14 @@ interface SessionInterface
*
* <code>
* SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE refresh_token = :refreshToken
* AND refresh_token_expires >= UNIX_TIMESTAMP(NOW())
* AND refresh_token_expires >= UNIX_TIMESTAMP(NOW()) AND client_id = :clientId
* </code>
*
* @param string $refreshToken The access token
* @param string $clientId The client ID
* @return int|bool The ID of the access token the refresh token is linked to (or false if invalid)
*/
public function validateRefreshToken($refreshToken);
public function validateRefreshToken($refreshToken, $clientId);
/**
* Get an access token by ID