From f855b572e8ff36d94af552bda3671413f5b023f2 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 1 Feb 2013 16:50:59 +0000 Subject: [PATCH] First commit of new refresh token grant --- src/OAuth2/Grant/RefreshToken.php | 94 +++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 src/OAuth2/Grant/RefreshToken.php diff --git a/src/OAuth2/Grant/RefreshToken.php b/src/OAuth2/Grant/RefreshToken.php new file mode 100644 index 00000000..e4e3fb51 --- /dev/null +++ b/src/OAuth2/Grant/RefreshToken.php @@ -0,0 +1,94 @@ +identifier; + } + + public function getResponseType() + { + return $this->responseType; + } + + public function completeFlow($inputParams = null, $authParams = array()) + { + // Client ID + $authParams['client_id'] = (isset($inputParams['client_id'])) ? + $inputParams['client_id'] : + AuthServer::getRequest()->post('client_id'); + + if (is_null($authParams['client_id'])) { + throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0); + } + + // Client secret + $authParams['client_secret'] = (isset($inputParams['client_secret'])) ? + $inputParams['client_secret'] : + AuthServer::getRequest()->post('client_secret'); + + if (is_null($authParams['client_secret'])) { + throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_secret'), 0); + } + + // Validate client ID and redirect URI + $clientDetails = AuthServer::getStorage('client')->get($authParams['client_id'], $authParams['client_secret']); + + if ($clientDetails === false) { + throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8); + } + + $authParams['client_details'] = $clientDetails; + + // Refresh token + $authParams['refresh_token'] = (isset($inputParams['refresh_token'])) ? + $inputParams['refresh_token'] : + AuthServer::getRequest()->post('refresh_token'); + + if (is_null($authParams['refresh_token'])) { + throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'refresh_token'), 0); + } + + // Validate refresh token + $sessionId = AuthServer::getStorage('client')->validateRefreshToken( + $params['refresh_token'], + $params['client_id'] + ); + + if ($sessionId === false) { + throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_refresh'), 0); + } + + // Generate new tokens + $accessToken = SecureKey::make(); + $refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null; + + $accessTokenExpires = time() + AuthServer::getExpiresIn(); + $accessTokenExpiresIn = AuthServer::getExpiresIn(); + + AuthServer::getStorage('session')->updateRefreshToken($sessionId, $accessToken, $refreshToken, $accessTokenExpires); + + return array( + 'access_token' => $accessToken, + 'refresh_token' => $refreshToken, + 'token_type' => 'bearer', + 'expires' => $accessTokenExpires, + 'expires_in' => $accessTokenExpiresIn + ); + } + +} \ No newline at end of file