public static function load($value, AuthorizationCode $auth_code, $issued = null, $lifetime = 3600, $is_hashed = false)
{
$instance = new self();
$instance->value = $value;
$instance->scope = $auth_code->getScope();
$instance->client_id = $auth_code->getClientId();
$instance->user_id = $auth_code->getUserId();
$instance->auth_code = $auth_code->getValue();
$instance->audience = $auth_code->getAudience();
$instance->from_ip = $auth_code->getFromIp();
$instance->issued = $issued;
$instance->lifetime = intval($lifetime);
$instance->is_hashed = $is_hashed;
return $instance;
}
/**
* @param $value
* @param bool $is_hashed
* @return AccessToken
* @throws InvalidAccessTokenException
* @throws \Exception
*/
public function getAccessToken($value, $is_hashed = false)
{
$cache_service = $this->cache_service;
$lock_manager_service = $this->lock_manager_service;
$configuration_service = $this->configuration_service;
$this_var = $this;
return $this->tx_service->transaction(function () use($this_var, $value, $is_hashed, $cache_service, $lock_manager_service, $configuration_service) {
//hash the given value, bc tokens values are stored hashed on DB
$hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value;
$lock_name = '';
$access_token = null;
try {
// check cache ...
if (!$cache_service->exists($hashed_value)) {
// check on DB...
$access_token_db = DBAccessToken::where('value', '=', $hashed_value)->first();
if (is_null($access_token_db)) {
if ($cache_service->exists('access.token:void:' . $hashed_value)) {
// check if its marked on cache as expired ...
throw new ExpiredAccessTokenException(sprintf('Access token %s is expired!', $value));
} else {
throw new InvalidGrantTypeException(sprintf("Access token %s is invalid!", $value));
}
}
// lock ...
$lock_name = 'lock.get.accesstoken.' . $hashed_value;
$lock_manager_service->acquireLock($lock_name);
if ($access_token_db->isVoid()) {
// invalid one ...
// add to cache as expired ...
$cache_service->addSingleValue('access.token:void:' . $hashed_value, 'access.token:void:' . $hashed_value);
// and deleted it from db
$access_token_db->delete();
throw new ExpiredAccessTokenException(sprintf('Access token %s is expired!', $value));
}
//reload on cache
$this_var->storesDBAccessTokenOnCache($access_token_db);
//release lock
$lock_manager_service->releaseLock($lock_name);
}
$cache_values = $cache_service->getHash($hashed_value, array('user_id', 'client_id', 'scope', 'auth_code', 'issued', 'lifetime', 'from_ip', 'audience', 'refresh_token'));
// reload auth code ...
$auth_code = AuthorizationCode::load($cache_values['auth_code'], intval($cache_values['user_id']) == 0 ? null : intval($cache_values['user_id']), $cache_values['client_id'], $cache_values['scope'], $cache_values['audience'], null, null, $configuration_service->getConfigValue('OAuth2.AuthorizationCode.Lifetime'), $cache_values['from_ip'], $access_type = OAuth2Protocol::OAuth2Protocol_AccessType_Online, $approval_prompt = OAuth2Protocol::OAuth2Protocol_Approval_Prompt_Auto, $has_previous_user_consent = false, $is_hashed = true);
// reload access token ...
$access_token = AccessToken::load($value, $auth_code, $cache_values['issued'], $cache_values['lifetime']);
$refresh_token_value = $cache_values['refresh_token'];
if (!empty($refresh_token_value)) {
$refresh_token = $this_var->getRefreshToken($refresh_token_value, true);
$access_token->setRefreshToken($refresh_token);
}
} catch (UnacquiredLockException $ex1) {
throw new InvalidAccessTokenException("access token %s ", $value);
} catch (ExpiredAccessTokenException $ex2) {
if (!empty($lock_name)) {
$lock_manager_service->releaseLock($lock_name);
}
} catch (\Exception $ex) {
if (!empty($lock_name)) {
$lock_manager_service->releaseLock($lock_name);
}
throw $ex;
}
return $access_token;
});
}
