public function getResponseData() { $refreshToken = $this->getRefreshToken(); $acessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => $refreshToken->user_id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $refreshToken->scope]); $refreshToken->delete(); $refreshToken = \conquer\oauth2\models\RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => $refreshToken->user_id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $refreshToken->scope]); return ['access_token' => $acessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $refreshToken->scope, 'refresh_token' => $refreshToken->refresh_token]; }
public function getResponseData() { $accessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $this->scope]); $fragment = ['access_token' => $accessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope]; if (!empty($this->state)) { $fragment['state'] = $this->state; } return ['fragment' => http_build_query($fragment)]; }
public function getResponseData() { $accessToken = \conquer\oauth2\models\AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $this->scope]); $refreshToken = \conquer\oauth2\models\RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $this->scope]); $fragment = ['access_token' => $accessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope, 'refresh_token' => $refreshToken->refresh_token]; if (!empty($this->state)) { $fragment['state'] = $this->state; } return ['fragment' => $fragment]; }
public function getResponseData() { $authCode = $this->getAuthCode(); $acessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => $authCode->user_id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $authCode->scope]); $refreshToken = RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => $authCode->user_id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $authCode->scope]); /** * The client MUST NOT use the authorization code more than once. * @link https://tools.ietf.org/html/rfc6749#section-4.1.2 */ $authCode->delete(); return ['access_token' => $acessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope, 'refresh_token' => $refreshToken->refresh_token]; }
public function actionClear() { AuthorizationCode::deleteAll(['<', 'expires', time()]); RefreshToken::deleteAll(['<', 'expires', time()]); AccessToken::deleteAll(['<', 'expires', time()]); }
/** * * @throws Exception * @return \conquer\oauth2\models\AccessToken */ protected function getAccessToken() { if (is_null($this->_accessToken)) { $request = \Yii::$app->request; $authHeader = $request->getHeaders()->get('Authorization'); $postToken = $request->post('access_token'); $getToken = $request->get('access_token'); // Check that exactly one method was used $methodsCount = isset($authHeader) + isset($postToken) + isset($getToken); if ($methodsCount > 1) { throw new Exception('Only one method may be used to authenticate at a time (Auth header, POST or GET).'); } elseif ($methodsCount == 0) { throw new Exception('The access token was not found.'); } // HEADER: Get the access token from the header if ($authHeader) { if (preg_match("/^Bearer\\s+(.*?)\$/", $authHeader, $matches)) { $token = $matches[1]; } else { throw new Exception('Malformed auth header.'); } } else { // POST: Get the token from POST data if ($postToken) { if (!$request->isPost) { throw new Exception('When putting the token in the body, the method must be POST.'); } // IETF specifies content-type. NB: Not all webservers populate this _SERVER variable if ($request->contentType != 'application/x-www-form-urlencoded') { throw new Exception('The content type for POST requests must be "application/x-www-form-urlencoded"'); } $token = $postToken; } else { $token = $getToken; } } if (!($accessToken = AccessToken::findOne(['access_token' => $token]))) { throw new Exception('The access token provided is invalid.', Exception::INVALID_GRANT); } if ($accessToken->expires < time()) { throw new Exception('The access token provided has expired.', Exception::INVALID_GRANT); } $this->_accessToken = $accessToken; } return $this->_accessToken; }
/** * @return \yii\db\ActiveQuery */ public function getAccessTokens() { return $this->hasMany(AccessToken::className(), ['client_id' => 'client_id']); }