/** * {@inheritdoc} */ public function createInitialAccessToken(UserAccountInterface $resource_owner, array $token_type_parameters) { $initial_access_token = $this->createEmptyInitialAccessToken(); $initial_access_token->setExpiresAt($this->getInitialAccessTokenLifetime()); $initial_access_token->setUserAccountPublicId($resource_owner->getPublicId()); foreach ($token_type_parameters as $key => $value) { $initial_access_token->setParameter($key, $value); } $this->saveInitialAccessToken($initial_access_token); return $initial_access_token; }
/** * @param \OAuth2\Client\ClientInterface $client * @param \OAuth2\UserAccount\UserAccountInterface $user_account * @param string $redirect_uri * * @return string */ protected function calculateSubjectIdentifier(ClientInterface $client, UserAccountInterface $user_account, $redirect_uri) { $sub = $user_account->getPublicId(); if (false === $this->isPairwiseSubjectIdentifierSupported()) { return $sub; } if ($client->has('subject_type') && ('pairwise' === $client->get('subject_type') || true === $this->isPairwiseSubjectDefault())) { $sector_identifier_host = $this->getSectorIdentifierHost($client, $redirect_uri); return $this->pairwise_algorithm->calculateSubjectIdentifier($user_account, $sector_identifier_host); } return $sub; }
/** * {@inheritdoc} */ public function createAuthCode(ClientInterface $client, UserAccountInterface $resource_owner, array $query_params, $redirectUri, array $scope = [], $issueRefreshToken = false) { $auth_code = $this->createEmptyAuthorizationCode(); $auth_code->setScope($scope); $auth_code->setResourceOwnerPublicId($resource_owner->getUserPublicId()); $auth_code->setUserAccountPublicId($resource_owner->getPublicId()); $auth_code->setClientPublicId($client->getPublicId()); $auth_code->setExpiresAt(time() + $this->getLifetime($client)); $auth_code->setToken($this->generateAuthorizationCode()); $auth_code->setIssueRefreshToken($issueRefreshToken); $auth_code->setQueryParams($query_params); $auth_code->setMetadata('redirect_uri', $redirectUri); $this->updateAuthCode($auth_code); $this->saveAuthorizationCode($auth_code); return $auth_code; }
/** * {@inheritdoc} */ public function calculateSubjectIdentifier(BaseUserAccountInterface $user_account, $sector_identifier_host) { $prepared = sprintf('%s:%s:%s', $sector_identifier_host, $user_account->getPublicId(), $this->salt); return Base64Url::encode(openssl_encrypt($prepared, $this->algorithm, $this->pairwise_encryption_key, OPENSSL_RAW_DATA, $this->iv)); }
/** * {@inheritdoc} */ public function calculateSubjectIdentifier(BaseUserAccountInterface $user_account, $sector_identifier_host) { $prepared = sprintf('%s%s%s', $sector_identifier_host, $user_account->getPublicId(), $this->salt); return Base64Url::encode(hash_hmac($this->algorithm, $prepared, $this->pairwise_hash_key, true)); }