mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-05 19:43:56 +05:30
Updated storage interfaces
This commit is contained in:
parent
7a38187076
commit
e62bc4e98d
24
src/League/OAuth2/Server/Storage/AccessTokenInterface.php
Normal file
24
src/League/OAuth2/Server/Storage/AccessTokenInterface.php
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Access token storage interface
|
||||||
|
*
|
||||||
|
* @package php-loep/oauth2-server
|
||||||
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||||
|
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||||
|
* @license http://mit-license.org/
|
||||||
|
* @link http://github.com/php-loep/oauth2-server
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace League\OAuth2\Server\Storage;
|
||||||
|
|
||||||
|
interface AccessTokenInterface
|
||||||
|
{
|
||||||
|
public function getToken($token);
|
||||||
|
|
||||||
|
public function getTokenScopes($token);
|
||||||
|
|
||||||
|
public function createAccessToken($token, $expireTime, $sessionId);
|
||||||
|
|
||||||
|
public function associateScope($token, $scopeId);
|
||||||
|
}
|
18
src/League/OAuth2/Server/Storage/AuthCodeInterface.php
Normal file
18
src/League/OAuth2/Server/Storage/AuthCodeInterface.php
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Refresh token storage interface
|
||||||
|
*
|
||||||
|
* @package php-loep/oauth2-server
|
||||||
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||||
|
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||||
|
* @license http://mit-license.org/
|
||||||
|
* @link http://github.com/php-loep/oauth2-server
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace League\OAuth2\Server\Storage;
|
||||||
|
|
||||||
|
interface AuthCodeInterface
|
||||||
|
{
|
||||||
|
public function getCode($code);
|
||||||
|
}
|
@ -20,21 +20,22 @@ interface ClientInterface
|
|||||||
*
|
*
|
||||||
* <code>
|
* <code>
|
||||||
* # Client ID + redirect URI
|
* # Client ID + redirect URI
|
||||||
* SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name,
|
* SELECT oauth_clients.id, oauth_clients.secret, oauth_endpoints.redirect_uri, oauth_clients.name
|
||||||
* oauth_clients.auto_approve
|
* FROM oauth_clients
|
||||||
* FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id
|
* LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id
|
||||||
* WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri
|
* WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri
|
||||||
*
|
*
|
||||||
* # Client ID + client secret
|
* # Client ID + client secret
|
||||||
* SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients
|
* SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name
|
||||||
* WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret
|
* FROM oauth_clients
|
||||||
|
* WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret
|
||||||
*
|
*
|
||||||
* # Client ID + client secret + redirect URI
|
* # Client ID + client secret + redirect URI
|
||||||
* SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name,
|
* SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name
|
||||||
* oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints
|
* FROM oauth_clients LEFT JOIN oauth_client_endpoints
|
||||||
* ON oauth_client_endpoints.client_id = oauth_clients.id
|
* ON oauth_client_endpoints.client_id = oauth_clients.id
|
||||||
* WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND
|
* WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND
|
||||||
* oauth_client_endpoints.redirect_uri = :redirectUri
|
* oauth_client_endpoints.redirect_uri = :redirectUri
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* Response:
|
* Response:
|
||||||
@ -42,11 +43,10 @@ interface ClientInterface
|
|||||||
* <code>
|
* <code>
|
||||||
* Array
|
* Array
|
||||||
* (
|
* (
|
||||||
* [client_id] => (string) The client ID
|
* [id] => (string) The client ID
|
||||||
* [client secret] => (string) The client secret
|
* [secret] => (string) The client secret
|
||||||
* [redirect_uri] => (string) The redirect URI used in this request
|
* [redirect_uri] => (string) The redirect URI used in this request
|
||||||
* [name] => (string) The name of the client
|
* [name] => (string) The name of the client
|
||||||
* [auto_approve] => (bool) Whether the client should auto approve
|
|
||||||
* )
|
* )
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
|
18
src/League/OAuth2/Server/Storage/RefreshTokenInterface.php
Normal file
18
src/League/OAuth2/Server/Storage/RefreshTokenInterface.php
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OAuth 2.0 Refresh token storage interface
|
||||||
|
*
|
||||||
|
* @package php-loep/oauth2-server
|
||||||
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||||
|
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||||
|
* @license http://mit-license.org/
|
||||||
|
* @link http://github.com/php-loep/oauth2-server
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace League\OAuth2\Server\Storage;
|
||||||
|
|
||||||
|
interface RefreshTokenInterface
|
||||||
|
{
|
||||||
|
public function getToken($token, $clientId);
|
||||||
|
}
|
@ -1,4 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* OAuth 2.0 Session storage interface
|
* OAuth 2.0 Session storage interface
|
||||||
*
|
*
|
||||||
@ -13,320 +14,47 @@ namespace League\OAuth2\Server\Storage;
|
|||||||
|
|
||||||
interface SessionInterface
|
interface SessionInterface
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* Get a session
|
||||||
|
*
|
||||||
|
* Response:
|
||||||
|
* <code>
|
||||||
|
*
|
||||||
|
* </code>
|
||||||
|
*
|
||||||
|
* @param int $sessionId
|
||||||
|
* @return array (As described above)
|
||||||
|
*/
|
||||||
|
public function getSession($sessionId);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a session's scopes
|
||||||
|
*
|
||||||
|
* Response:
|
||||||
|
* <code>
|
||||||
|
*
|
||||||
|
* </code>
|
||||||
|
*
|
||||||
|
* @param int $sessionId
|
||||||
|
* @return array (As described aboce)
|
||||||
|
*/
|
||||||
|
public function getSessionScopes($sessionId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a new session
|
* Create a new session
|
||||||
*
|
* @param string $ownerType Session owner's type (user, client)
|
||||||
* Example SQL query:
|
* @param string $ownerId Session owner's ID
|
||||||
*
|
* @param string $clientId Client ID
|
||||||
* <code>
|
* @param string $clientRedirectUri Client redirect URI (default = null)
|
||||||
* INSERT INTO oauth_sessions (client_id, owner_type, owner_id)
|
* @return int Session ID
|
||||||
* VALUE (:clientId, :ownerType, :ownerId)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $clientId The client ID
|
|
||||||
* @param string $ownerType The type of the session owner (e.g. "user")
|
|
||||||
* @param string $ownerId The ID of the session owner (e.g. "123")
|
|
||||||
* @return int The session ID
|
|
||||||
*/
|
*/
|
||||||
public function createSession($clientId, $ownerType, $ownerId);
|
public function createSession($ownerType, $ownerId, $clientId, $clientRedirectUri = null);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Delete a session
|
* Associate a scope with a session
|
||||||
*
|
* @param int $sessionId
|
||||||
* Example SQL query:
|
* @param int|string $scopeId The scopes ID might be an integer or string
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* DELETE FROM oauth_sessions WHERE client_id = :clientId AND owner_type = :type AND owner_id = :typeId
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $clientId The client ID
|
|
||||||
* @param string $ownerType The type of the session owner (e.g. "user")
|
|
||||||
* @param string $ownerId The ID of the session owner (e.g. "123")
|
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function deleteSession($clientId, $ownerType, $ownerId);
|
public function associateScope($sessionId, $scopeId);
|
||||||
|
|
||||||
/**
|
|
||||||
* Associate a redirect URI with a session
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO oauth_session_redirects (session_id, redirect_uri) VALUE (:sessionId, :redirectUri)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $sessionId The session ID
|
|
||||||
* @param string $redirectUri The redirect URI
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function associateRedirectUri($sessionId, $redirectUri);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Associate an access token with a session
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO oauth_session_access_tokens (session_id, access_token, access_token_expires)
|
|
||||||
* VALUE (:sessionId, :accessToken, :accessTokenExpire)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $sessionId The session ID
|
|
||||||
* @param string $accessToken The access token
|
|
||||||
* @param int $expireTime Unix timestamp of the access token expiry time
|
|
||||||
* @return int The access token ID
|
|
||||||
*/
|
|
||||||
public function associateAccessToken($sessionId, $accessToken, $expireTime);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Associate a refresh token with a session
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO oauth_session_refresh_tokens (session_access_token_id, refresh_token, refresh_token_expires,
|
|
||||||
* client_id) VALUE (:accessTokenId, :refreshToken, :expireTime, :clientId)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $accessTokenId The access token ID
|
|
||||||
* @param string $refreshToken The refresh token
|
|
||||||
* @param int $expireTime Unix timestamp of the refresh token expiry time
|
|
||||||
* @param string $clientId The client ID
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Assocate an authorization code with a session
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO oauth_session_authcodes (session_id, auth_code, auth_code_expires)
|
|
||||||
* VALUE (:sessionId, :authCode, :authCodeExpires)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $sessionId The session ID
|
|
||||||
* @param string $authCode The authorization code
|
|
||||||
* @param int $expireTime Unix timestamp of the access token expiry time
|
|
||||||
* @return int The auth code ID
|
|
||||||
*/
|
|
||||||
public function associateAuthCode($sessionId, $authCode, $expireTime);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Remove an associated authorization token from a session
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* DELETE FROM oauth_session_authcodes WHERE session_id = :sessionId
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $sessionId The session ID
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function removeAuthCode($sessionId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate an authorization code
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT oauth_sessions.id AS session_id, oauth_session_authcodes.id AS authcode_id FROM oauth_sessions
|
|
||||||
* JOIN oauth_session_authcodes ON oauth_session_authcodes.`session_id` = oauth_sessions.id
|
|
||||||
* JOIN oauth_session_redirects ON oauth_session_redirects.`session_id` = oauth_sessions.id WHERE
|
|
||||||
* oauth_sessions.client_id = :clientId AND oauth_session_authcodes.`auth_code` = :authCode
|
|
||||||
* AND `oauth_session_authcodes`.`auth_code_expires` >= :time AND
|
|
||||||
* `oauth_session_redirects`.`redirect_uri` = :redirectUri
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* Expected response:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* array(
|
|
||||||
* 'session_id' => (int)
|
|
||||||
* 'authcode_id' => (int)
|
|
||||||
* )
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $clientId The client ID
|
|
||||||
* @param string $redirectUri The redirect URI
|
|
||||||
* @param string $authCode The authorization code
|
|
||||||
* @return array|bool False if invalid or array as above
|
|
||||||
*/
|
|
||||||
public function validateAuthCode($clientId, $redirectUri, $authCode);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate an access token
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT session_id, oauth_sessions.`client_id`, oauth_sessions.`owner_id`, oauth_sessions.`owner_type`
|
|
||||||
* FROM `oauth_session_access_tokens` JOIN oauth_sessions ON oauth_sessions.`id` = session_id WHERE
|
|
||||||
* access_token = :accessToken AND access_token_expires >= UNIX_TIMESTAMP(NOW())
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* Expected response:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* array(
|
|
||||||
* 'session_id' => (int),
|
|
||||||
* 'client_id' => (string),
|
|
||||||
* 'owner_id' => (string),
|
|
||||||
* 'owner_type' => (string)
|
|
||||||
* )
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $accessToken The access token
|
|
||||||
* @return array|bool False if invalid or an array as above
|
|
||||||
*/
|
|
||||||
public function validateAccessToken($accessToken);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Removes a refresh token
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* DELETE FROM `oauth_session_refresh_tokens` WHERE refresh_token = :refreshToken
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $refreshToken The refresh token to be removed
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function removeRefreshToken($refreshToken);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate a refresh token
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE refresh_token = :refreshToken
|
|
||||||
* AND refresh_token_expires >= UNIX_TIMESTAMP(NOW()) AND client_id = :clientId
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $refreshToken The access token
|
|
||||||
* @param string $clientId The client ID
|
|
||||||
* @return int|bool The ID of the access token the refresh token is linked to (or false if invalid)
|
|
||||||
*/
|
|
||||||
public function validateRefreshToken($refreshToken, $clientId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get an access token by ID
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT * FROM `oauth_session_access_tokens` WHERE `id` = :accessTokenId
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* Expected response:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* array(
|
|
||||||
* 'id' => (int),
|
|
||||||
* 'session_id' => (int),
|
|
||||||
* 'access_token' => (string),
|
|
||||||
* 'access_token_expires' => (int)
|
|
||||||
* )
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $accessTokenId The access token ID
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function getAccessToken($accessTokenId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Associate scopes with an auth code (bound to the session)
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO `oauth_session_authcode_scopes` (`oauth_session_authcode_id`, `scope_id`) VALUES
|
|
||||||
* (:authCodeId, :scopeId)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $authCodeId The auth code ID
|
|
||||||
* @param int $scopeId The scope ID
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function associateAuthCodeScope($authCodeId, $scopeId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the scopes associated with an auth code
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* Expected response:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* array(
|
|
||||||
* array(
|
|
||||||
* 'scope_id' => (int)
|
|
||||||
* ),
|
|
||||||
* array(
|
|
||||||
* 'scope_id' => (int)
|
|
||||||
* ),
|
|
||||||
* ...
|
|
||||||
* )
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $oauthSessionAuthCodeId The session ID
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function getAuthCodeScopes($oauthSessionAuthCodeId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Associate a scope with an access token
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* INSERT INTO `oauth_session_token_scopes` (`session_access_token_id`, `scope_id`) VALUE (:accessTokenId, :scopeId)
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param int $accessTokenId The ID of the access token
|
|
||||||
* @param int $scopeId The ID of the scope
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function associateScope($accessTokenId, $scopeId);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get all associated access tokens for an access token
|
|
||||||
*
|
|
||||||
* Example SQL query:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* SELECT oauth_scopes.* FROM oauth_session_token_scopes JOIN oauth_session_access_tokens
|
|
||||||
* ON oauth_session_access_tokens.`id` = `oauth_session_token_scopes`.`session_access_token_id`
|
|
||||||
* JOIN oauth_scopes ON oauth_scopes.id = `oauth_session_token_scopes`.`scope_id`
|
|
||||||
* WHERE access_token = :accessToken
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* Expected response:
|
|
||||||
*
|
|
||||||
* <code>
|
|
||||||
* array (
|
|
||||||
* array(
|
|
||||||
* 'id' => (int),
|
|
||||||
* 'scope' => (string),
|
|
||||||
* 'name' => (string),
|
|
||||||
* 'description' => (string)
|
|
||||||
* ),
|
|
||||||
* ...
|
|
||||||
* ...
|
|
||||||
* )
|
|
||||||
* </code>
|
|
||||||
*
|
|
||||||
* @param string $accessToken The access token
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function getScopes($accessToken);
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user