Esempio n. 1
0
 /**
  * Return the Random Access Token.
  * The access method should be POST.
  * The POST body should include 'client_id', 'client_secret', 'grant_type', 'code' and 'redirect_uri' used before.
  * The 'grant_type' must be 'authorization_code';
  * The 'client_id' and 'client_secret' are registered in developer's center.
  * @return array AccessToken array if above parameters are valid, or error No. and message.
  */
 public function run()
 {
     GrantType::checkGrantType(Yii::$app->request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE);
     Client::checkClientSecret(Client::checkClientId(Yii::$app->request->post('client_id')), Yii::$app->request->post('client_secret'));
     AuthorizationCode::checkAuthorizationCode(Yii::$app->request->post('code'), Yii::$app->request->post('redirect_uri'));
     return AccessToken::createAccessToken(Yii::$app->request->post('client_id'), Yii::$app->request->post('code'));
 }
Esempio n. 2
0
 /**
  * 创建访问令牌。
  * 需要客户端ID和授权码,意即该客户端已经取得用户的授权。授权码仅用于创建
  * 访问令牌,使用一次后即失效。
  * 访问令牌的有效期可以在全局参数中设置,通常为 86400 秒。
  * @param string $client_id
  * @param string $authorization_code
  * @return string The generated access token.
  * @throws \yii\web\ServerErrorHttpException 设置访问令牌未成功时抛出。正常
  * 情况下不会抛出该异常,如果客户端收到该错误,则应检查服务器故障。
  */
 public static function createAccessToken($client_id, $authorization_code)
 {
     $token = ["access_token" => self::generateAccessToken(), "expires_in" => Yii::$app->params['access_lifetime']];
     $setResult = self::setAccessToken($client_id, $authorization_code, $token['access_token'], $token['expires_in']);
     $code = OauthAuthorizationCode::findOne(['authorization_code' => $authorization_code]);
     if ($code) {
         AuthorizationCode::expireAuthorizationCode($code);
     }
     if (!$setResult) {
         throw new \yii\web\ServerErrorHttpException('Access Token Failed to Issue.', 10013);
     }
     return $token;
 }
Esempio n. 3
0
 /**
  * Loads the number of allowed requests and the corresponding timestamp from a persistent storage.
  * @param Request $request the current request
  * @param Action $action the action to be executed
  * @return array an array of two elements. The first element is the number of allowed requests,
  * and the second element is the corresponding UNIX timestamp.
  */
 public function loadAllowance($request, $action)
 {
     GrantType::check($request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE);
     Client::checkSecret(Client::checkId($request->post('client_id')), $request->post('client_secret'));
     AuthorizationCode::check($request->post('code'), $request->post('redirect_uri'));
 }