public static function createFromRefreshToken(RefreshToken $refresh_token, $scope = null, $lifetime = 3600)
{
$instance = new self();
$instance->value = Rand::getString($instance->len, OAuth2Protocol::VsChar, true);
$instance->scope = $scope;
$instance->from_ip = $refresh_token->getFromIp();
$instance->user_id = $refresh_token->getUserId();
$instance->client_id = $refresh_token->getClientId();
$instance->auth_code = null;
$instance->refresh_token = $refresh_token;
$instance->audience = $refresh_token->getAudience();
$instance->lifetime = intval($lifetime);
$instance->is_hashed = false;
return $instance;
}
/**
* Get a refresh token by its value
* @param $value refresh token value
* @param $is_hashed
* @return RefreshToken
* @throws \oauth2\exceptions\ReplayAttackException
* @throws \oauth2\exceptions\InvalidGrantTypeException
*/
public function getRefreshToken($value, $is_hashed = false)
{
//hash the given value, bc tokens values are stored hashed on DB
$hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value;
$refresh_token_db = DBRefreshToken::where('value', '=', $hashed_value)->first();
if (is_null($refresh_token_db)) {
throw new InvalidGrantTypeException(sprintf("Refresh token %s does not exists!", $value));
}
if ($refresh_token_db->void) {
throw new ReplayAttackException($value, sprintf("Refresh token %s is void", $value));
}
//check is refresh token is stills alive... (ZERO is infinite lifetime)
if ($refresh_token_db->isVoid()) {
throw new InvalidGrantTypeException(sprintf("Refresh token %s is expired!", $value));
}
$client = $refresh_token_db->client()->first();
$refresh_token = RefreshToken::load(array('value' => $value, 'scope' => $refresh_token_db->scope, 'client_id' => $client->client_id, 'user_id' => $refresh_token_db->user_id, 'audience' => $refresh_token_db->audience, 'from_ip' => $refresh_token_db->from_ip, 'issued' => $refresh_token_db->created_at, 'is_hashed' => $is_hashed), intval($refresh_token_db->lifetime));
return $refresh_token;
}
