Beispiel #1
0
 public static function createFromRefreshToken(RefreshToken $refresh_token, $scope = null, $lifetime = 3600)
 {
     $instance = new self();
     $instance->value = Rand::getString($instance->len, OAuth2Protocol::VsChar, true);
     $instance->scope = $scope;
     $instance->from_ip = $refresh_token->getFromIp();
     $instance->user_id = $refresh_token->getUserId();
     $instance->client_id = $refresh_token->getClientId();
     $instance->auth_code = null;
     $instance->refresh_token = $refresh_token;
     $instance->audience = $refresh_token->getAudience();
     $instance->lifetime = intval($lifetime);
     $instance->is_hashed = false;
     return $instance;
 }
Beispiel #2
0
 /**
  * Get a refresh token by its value
  * @param  $value refresh token value
  * @param $is_hashed
  * @return RefreshToken
  * @throws \oauth2\exceptions\ReplayAttackException
  * @throws \oauth2\exceptions\InvalidGrantTypeException
  */
 public function getRefreshToken($value, $is_hashed = false)
 {
     //hash the given value, bc tokens values are stored hashed on DB
     $hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value;
     $refresh_token_db = DBRefreshToken::where('value', '=', $hashed_value)->first();
     if (is_null($refresh_token_db)) {
         throw new InvalidGrantTypeException(sprintf("Refresh token %s does not exists!", $value));
     }
     if ($refresh_token_db->void) {
         throw new ReplayAttackException($value, sprintf("Refresh token %s is void", $value));
     }
     //check is refresh token is stills alive... (ZERO is infinite lifetime)
     if ($refresh_token_db->isVoid()) {
         throw new InvalidGrantTypeException(sprintf("Refresh token %s is expired!", $value));
     }
     $client = $refresh_token_db->client()->first();
     $refresh_token = RefreshToken::load(array('value' => $value, 'scope' => $refresh_token_db->scope, 'client_id' => $client->client_id, 'user_id' => $refresh_token_db->user_id, 'audience' => $refresh_token_db->audience, 'from_ip' => $refresh_token_db->from_ip, 'issued' => $refresh_token_db->created_at, 'is_hashed' => $is_hashed), intval($refresh_token_db->lifetime));
     return $refresh_token;
 }