/**
  * Take the provided authorization code values and store them somewhere.
  *
  * This function should be the storage counterpart to getAuthCode().
  *
  * If storage fails for some reason, we're not currently checking for
  * any sort of success/failure, so you should bail out of the script
  * and provide a descriptive fail message.
  *
  * Required for OAuth2::GRANT_TYPE_AUTH_CODE.
  *
  * @param string        $code
  * Authorization code string to be stored.
  * @param IOAuth2Client $client
  * The client associated with this authorization code.
  * @param mixed         $data
  * Application data to associate with this authorization code, such as a User object.
  * @param string        $redirect_uri
  * Redirect URI to be stored.
  * @param int           $expires
  * The timestamp when the authorization code will expire.
  * @param string        $scope
  * (optional) Scopes to be stored in space-separated string.
  *
  * @ingroup oauth2_section_4
  */
 public function createAuthCode($code_str, IOAuth2Client $client, $data, $redirect_uri, $expires, $scope = null)
 {
     $code_bean = $this->redbean->dispense($this->tables['code']);
     $code = new Code($code_bean);
     $code->code = $code_str;
     $code->client_id = $client->getPublicId();
     $code->data = $data;
     $code->redirect_uri = $redirect_uri;
     $code->expires_in = $expires;
     $code->has_expired = false;
     $this->redbean->store($code->getBean());
 }
 /**
  * Store the supplied access token values to storage.
  *
  * We need to store access token data as we create and verify tokens.
  *
  * @param string        $oauth_token
  * The access token string to be stored.
  * @param IOAuth2Client $client
  * The client associated with this refresh token.
  * @param mixed         $data
  * Application data associated with the refresh token, such as a User object.
  * @param int           $expires
  * The timestamp when the refresh token will expire.
  * @param string        $scope
  * (optional) Scopes to be stored in space-separated string.
  *
  * @ingroup oauth2_section_4
  */
 public function createAccessToken($oauth_token, IOAuth2Client $client, $data, $expires, $scope = null)
 {
     $access_token_bean = $this->redbean->dispense($this->tables['access_token']);
     $access_token = new AccessToken($access_token_bean);
     $access_token->token = $oauth_token;
     $access_token->client_id = $client->getPublicId();
     $access_token->data = $data;
     $access_token->expires_in = $expires;
     $access_token->has_expired = false;
     $access_token->scope = $scope;
     $this->redbean->store($access_token->getBean());
 }
Beispiel #3
0
 /**
  * @param IOAuth2Client $client
  * @param array         $input
  *
  * @return array
  * @throws OAuth2ServerException
  */
 protected function grantAccessTokenRefreshToken(IOAuth2Client $client, array $input)
 {
     if (!$this->storage instanceof IOAuth2RefreshTokens) {
         throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_UNSUPPORTED_GRANT_TYPE);
     }
     if (!$input["refresh_token"]) {
         throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_INVALID_REQUEST, 'No "refresh_token" parameter found');
     }
     $token = $this->storage->getRefreshToken($input["refresh_token"]);
     if ($token === null || $client->getPublicId() !== $token->getClientId()) {
         throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_INVALID_GRANT, 'Invalid refresh token', 470);
     }
     if ($token->hasExpired()) {
         throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_INVALID_GRANT, 'Refresh token has expired', 471);
     }
     // store the refresh token locally so we can delete it when a new refresh token is generated
     $this->oldRefreshToken = $token->getToken();
     return array('scope' => $token->getScope(), 'data' => $token->getData());
 }
 public function createAuthCode($code, IOAuth2Client $client, $data, $redirectUri, $expires, $scope = null)
 {
     $token = new OAuth2AuthCode($client->getPublicId(), $code, $expires, $scope, $data, $redirectUri);
     $this->authCodes[$code] = $token;
 }
 public function createRefreshToken($refreshToken, IOAuth2Client $client, $data, $expires, $scope = null)
 {
     $token = new OAuth2RefreshToken($client->getPublicId(), $refreshToken, $expires, $scope, $data);
     $this->refreshToken[$refreshToken] = $token;
 }
 /**
  * Grant access tokens for basic user credentials.
  *
  * Check the supplied username and password for validity.
  * You can also use the $client param to do any checks required based on a client, if you need that.
  * Required for OAuth2::GRANT_TYPE_USER_CREDENTIALS.
  *
  * @param IOAuth2Client $client   Client to check.
  * @param string        $username Username to check.
  * @param string        $password Password to check.
  *
  * @return bool|array Returns true if the username and password are valid or false if they aren't.
  * Moreover, if the username and password are valid, and you want to
  * verify the scope of a user's access, return an associative array
  * with the scope values as below. We'll check the scope you provide
  * against the requested scope before providing an access token:
  * @code
  * return array(
  *     'scope' => <stored scope values (space-separated string)>,
  * );
  * @endcode
  *
  * @see     http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4.3
  *
  * @ingroup oauth2_section_4
  */
 public function checkUserCredentials(IOAuth2Client $client, $username, $password)
 {
     try {
         $clientId = $client->getPublicId();
         $sql = 'SELECT id, password FROM ' . self::TABLE_USERS . ' WHERE username = :username';
         $stmt = $this->db->prepare($sql);
         $stmt->bindParam(':username', $username, \PDO::PARAM_STR);
         $stmt->execute();
         $result = $stmt->fetch(\PDO::FETCH_ASSOC);
         if (false === password_verify($password, $result['password'])) {
             return false;
         }
         return array('scope' => '', 'data' => $result['id']);
     } catch (PDOException $e) {
         $this->handleException($e);
     }
 }
Beispiel #7
0
 public function createAccessToken($oauth_token, IOAuth2Client $client, $data, $expires, $scope = NULL)
 {
     $token = new OAuth2AccessToken($client->getPublicId(), $oauth_token, $expires, $scope, $data);
     $this->accessTokens[$oauth_token] = $token;
 }