ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

ISSUE #356: added the refresh token to the mac token type response

Browse Source
This commit is contained in:
joao
2015-08-28 10:38:45 +00:00
parent 2496653968
commit f632fcc997
1 changed files with 19 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/TokenType/MAC.php
View File

@@ -1,14 +1,14 @@
<?php <?php
/** /**
* OAuth 2.0 MAC Token Type * OAuth 2.0 MAC Token Type.
* *
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com> * @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) Alex Bilbie * @copyright Copyright (c) Alex Bilbie
* @license http://mit-license.org/ * @license http://mit-license.org/
*
* @link https://github.com/thephpleague/oauth2-server * @link https://github.com/thephpleague/oauth2-server
*/ */
namespace League\OAuth2\Server\TokenType; namespace League\OAuth2\Server\TokenType;
use League\OAuth2\Server\Util\SecureKey; use League\OAuth2\Server\Util\SecureKey;
@@ -16,7 +16,7 @@ use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
/** /**
* MAC Token Type * MAC Token Type.
*/ */
class MAC extends AbstractTokenType implements TokenTypeInterface class MAC extends AbstractTokenType implements TokenTypeInterface
{ {
@@ -29,13 +29,17 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
$this->server->getMacStorage()->create($macKey, $this->getParam('access_token')); $this->server->getMacStorage()->create($macKey, $this->getParam('access_token'));
$response = [ $response = [
'access_token' => $this->getParam('access_token'), 'access_token' => $this->getParam('access_token'),
'token_type' => 'mac', 'token_type' => 'mac',
'expires_in' => $this->getParam('expires_in'), 'expires_in' => $this->getParam('expires_in'),
'mac_key' => $macKey, 'mac_key' => $macKey,
'mac_algorithm' => 'hmac-sha-256', 'mac_algorithm' => 'hmac-sha-256',
]; ];
if (!is_null($this->getParam('refresh_token'))) {
$response['refresh_token'] = $this->getParam('refresh_token');
}
return $response; return $response;
} }
@@ -121,9 +125,11 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
} }
/** /**
* Prevent timing attack * Prevent timing attack.
* @param string $knownString *
* @param string $userString * @param string $knownString
* @param string $userString
*
* @return bool * @return bool
*/ */
private function hash_equals($knownString, $userString) private function hash_equals($knownString, $userString)
@@ -136,7 +142,7 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
} }
$len = strlen($knownString); $len = strlen($knownString);
$result = 0; $result = 0;
for ($i = 0; $i < $len; $i++) { for ($i = 0; $i < $len; ++$i) {
$result |= (ord($knownString[$i]) ^ ord($userString[$i])); $result |= (ord($knownString[$i]) ^ ord($userString[$i]));
} }
// They are only identical strings if $result is exactly 0... // They are only identical strings if $result is exactly 0...