public static function createFromRefreshToken(RefreshToken $refresh_token, $scope = null, $lifetime = 3600) { $instance = new self(); $instance->value = Rand::getString($instance->len, OAuth2Protocol::VsChar, true); $instance->scope = $scope; $instance->from_ip = $refresh_token->getFromIp(); $instance->user_id = $refresh_token->getUserId(); $instance->client_id = $refresh_token->getClientId(); $instance->auth_code = null; $instance->refresh_token = $refresh_token; $instance->audience = $refresh_token->getAudience(); $instance->lifetime = intval($lifetime); $instance->is_hashed = false; return $instance; }
/** * Get a refresh token by its value * @param $value refresh token value * @param $is_hashed * @return RefreshToken * @throws \oauth2\exceptions\ReplayAttackException * @throws \oauth2\exceptions\InvalidGrantTypeException */ public function getRefreshToken($value, $is_hashed = false) { //hash the given value, bc tokens values are stored hashed on DB $hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value; $refresh_token_db = DBRefreshToken::where('value', '=', $hashed_value)->first(); if (is_null($refresh_token_db)) { throw new InvalidGrantTypeException(sprintf("Refresh token %s does not exists!", $value)); } if ($refresh_token_db->void) { throw new ReplayAttackException($value, sprintf("Refresh token %s is void", $value)); } //check is refresh token is stills alive... (ZERO is infinite lifetime) if ($refresh_token_db->isVoid()) { throw new InvalidGrantTypeException(sprintf("Refresh token %s is expired!", $value)); } $client = $refresh_token_db->client()->first(); $refresh_token = RefreshToken::load(array('value' => $value, 'scope' => $refresh_token_db->scope, 'client_id' => $client->client_id, 'user_id' => $refresh_token_db->user_id, 'audience' => $refresh_token_db->audience, 'from_ip' => $refresh_token_db->from_ip, 'issued' => $refresh_token_db->created_at, 'is_hashed' => $is_hashed), intval($refresh_token_db->lifetime)); return $refresh_token; }