public static function load($value, AuthorizationCode $auth_code, $issued = null, $lifetime = 3600, $is_hashed = false) { $instance = new self(); $instance->value = $value; $instance->scope = $auth_code->getScope(); $instance->client_id = $auth_code->getClientId(); $instance->user_id = $auth_code->getUserId(); $instance->auth_code = $auth_code->getValue(); $instance->audience = $auth_code->getAudience(); $instance->from_ip = $auth_code->getFromIp(); $instance->issued = $issued; $instance->lifetime = intval($lifetime); $instance->is_hashed = $is_hashed; return $instance; }
/** * @param $value * @param bool $is_hashed * @return AccessToken * @throws InvalidAccessTokenException * @throws \Exception */ public function getAccessToken($value, $is_hashed = false) { $cache_service = $this->cache_service; $lock_manager_service = $this->lock_manager_service; $configuration_service = $this->configuration_service; $this_var = $this; return $this->tx_service->transaction(function () use($this_var, $value, $is_hashed, $cache_service, $lock_manager_service, $configuration_service) { //hash the given value, bc tokens values are stored hashed on DB $hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value; $lock_name = ''; $access_token = null; try { // check cache ... if (!$cache_service->exists($hashed_value)) { // check on DB... $access_token_db = DBAccessToken::where('value', '=', $hashed_value)->first(); if (is_null($access_token_db)) { if ($cache_service->exists('access.token:void:' . $hashed_value)) { // check if its marked on cache as expired ... throw new ExpiredAccessTokenException(sprintf('Access token %s is expired!', $value)); } else { throw new InvalidGrantTypeException(sprintf("Access token %s is invalid!", $value)); } } // lock ... $lock_name = 'lock.get.accesstoken.' . $hashed_value; $lock_manager_service->acquireLock($lock_name); if ($access_token_db->isVoid()) { // invalid one ... // add to cache as expired ... $cache_service->addSingleValue('access.token:void:' . $hashed_value, 'access.token:void:' . $hashed_value); // and deleted it from db $access_token_db->delete(); throw new ExpiredAccessTokenException(sprintf('Access token %s is expired!', $value)); } //reload on cache $this_var->storesDBAccessTokenOnCache($access_token_db); //release lock $lock_manager_service->releaseLock($lock_name); } $cache_values = $cache_service->getHash($hashed_value, array('user_id', 'client_id', 'scope', 'auth_code', 'issued', 'lifetime', 'from_ip', 'audience', 'refresh_token')); // reload auth code ... $auth_code = AuthorizationCode::load($cache_values['auth_code'], intval($cache_values['user_id']) == 0 ? null : intval($cache_values['user_id']), $cache_values['client_id'], $cache_values['scope'], $cache_values['audience'], null, null, $configuration_service->getConfigValue('OAuth2.AuthorizationCode.Lifetime'), $cache_values['from_ip'], $access_type = OAuth2Protocol::OAuth2Protocol_AccessType_Online, $approval_prompt = OAuth2Protocol::OAuth2Protocol_Approval_Prompt_Auto, $has_previous_user_consent = false, $is_hashed = true); // reload access token ... $access_token = AccessToken::load($value, $auth_code, $cache_values['issued'], $cache_values['lifetime']); $refresh_token_value = $cache_values['refresh_token']; if (!empty($refresh_token_value)) { $refresh_token = $this_var->getRefreshToken($refresh_token_value, true); $access_token->setRefreshToken($refresh_token); } } catch (UnacquiredLockException $ex1) { throw new InvalidAccessTokenException("access token %s ", $value); } catch (ExpiredAccessTokenException $ex2) { if (!empty($lock_name)) { $lock_manager_service->releaseLock($lock_name); } } catch (\Exception $ex) { if (!empty($lock_name)) { $lock_manager_service->releaseLock($lock_name); } throw $ex; } return $access_token; }); }