Example #1
0
 public function getResponseData()
 {
     $refreshToken = $this->getRefreshToken();
     $acessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => $refreshToken->user_id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $refreshToken->scope]);
     $refreshToken->delete();
     $refreshToken = \conquer\oauth2\models\RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => $refreshToken->user_id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $refreshToken->scope]);
     return ['access_token' => $acessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $refreshToken->scope, 'refresh_token' => $refreshToken->refresh_token];
 }
Example #2
0
 public function getResponseData()
 {
     $accessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $this->scope]);
     $fragment = ['access_token' => $accessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope];
     if (!empty($this->state)) {
         $fragment['state'] = $this->state;
     }
     return ['fragment' => http_build_query($fragment)];
 }
Example #3
0
 public function getResponseData()
 {
     $accessToken = \conquer\oauth2\models\AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $this->scope]);
     $refreshToken = \conquer\oauth2\models\RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => \Yii::$app->user->id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $this->scope]);
     $fragment = ['access_token' => $accessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope, 'refresh_token' => $refreshToken->refresh_token];
     if (!empty($this->state)) {
         $fragment['state'] = $this->state;
     }
     return ['fragment' => $fragment];
 }
Example #4
0
 public function getResponseData()
 {
     $authCode = $this->getAuthCode();
     $acessToken = AccessToken::createAccessToken(['client_id' => $this->client_id, 'user_id' => $authCode->user_id, 'expires' => $this->accessTokenLifetime + time(), 'scope' => $authCode->scope]);
     $refreshToken = RefreshToken::createRefreshToken(['client_id' => $this->client_id, 'user_id' => $authCode->user_id, 'expires' => $this->refreshTokenLifetime + time(), 'scope' => $authCode->scope]);
     /**
      * The client MUST NOT use the authorization code more than once.
      * @link https://tools.ietf.org/html/rfc6749#section-4.1.2
      */
     $authCode->delete();
     return ['access_token' => $acessToken->access_token, 'expires_in' => $this->accessTokenLifetime, 'token_type' => $this->tokenType, 'scope' => $this->scope, 'refresh_token' => $refreshToken->refresh_token];
 }
Example #5
0
 public function actionClear()
 {
     AuthorizationCode::deleteAll(['<', 'expires', time()]);
     RefreshToken::deleteAll(['<', 'expires', time()]);
     AccessToken::deleteAll(['<', 'expires', time()]);
 }
Example #6
0
 /**
  *
  * @throws Exception
  * @return \conquer\oauth2\models\AccessToken
  */
 protected function getAccessToken()
 {
     if (is_null($this->_accessToken)) {
         $request = \Yii::$app->request;
         $authHeader = $request->getHeaders()->get('Authorization');
         $postToken = $request->post('access_token');
         $getToken = $request->get('access_token');
         // Check that exactly one method was used
         $methodsCount = isset($authHeader) + isset($postToken) + isset($getToken);
         if ($methodsCount > 1) {
             throw new Exception('Only one method may be used to authenticate at a time (Auth header, POST or GET).');
         } elseif ($methodsCount == 0) {
             throw new Exception('The access token was not found.');
         }
         // HEADER: Get the access token from the header
         if ($authHeader) {
             if (preg_match("/^Bearer\\s+(.*?)\$/", $authHeader, $matches)) {
                 $token = $matches[1];
             } else {
                 throw new Exception('Malformed auth header.');
             }
         } else {
             // POST: Get the token from POST data
             if ($postToken) {
                 if (!$request->isPost) {
                     throw new Exception('When putting the token in the body, the method must be POST.');
                 }
                 // IETF specifies content-type. NB: Not all webservers populate this _SERVER variable
                 if ($request->contentType != 'application/x-www-form-urlencoded') {
                     throw new Exception('The content type for POST requests must be "application/x-www-form-urlencoded"');
                 }
                 $token = $postToken;
             } else {
                 $token = $getToken;
             }
         }
         if (!($accessToken = AccessToken::findOne(['access_token' => $token]))) {
             throw new Exception('The access token provided is invalid.', Exception::INVALID_GRANT);
         }
         if ($accessToken->expires < time()) {
             throw new Exception('The access token provided has expired.', Exception::INVALID_GRANT);
         }
         $this->_accessToken = $accessToken;
     }
     return $this->_accessToken;
 }
Example #7
0
 /**
  * @return \yii\db\ActiveQuery
  */
 public function getAccessTokens()
 {
     return $this->hasMany(AccessToken::className(), ['client_id' => 'client_id']);
 }