/** * handle */ public function handle() { $clientRepository = new ClientRepository(); $scopeRepository = new ScopeRepository(); $accessTokenRepository = new AccessTokenRepository(); $userRepository = new UserRepository(); $refreshTokenRepository = new RefreshTokenRepository(); $config = Yii::$container->get(ConfigInterface::class); $privateKey = $config->get('privateKeyPath'); $publicKey = $config->get('publicKeyPath'); $server = new AuthorizationServer($clientRepository, $accessTokenRepository, $scopeRepository, $privateKey, $publicKey); $refreshTokenTTL = $config->get('refreshTokenTTL', 'P1M'); $accessTokenTTL = $config->get('accessTokenTTL', 'PT1H'); $grant = new PasswordGrant($userRepository, $refreshTokenRepository); $grant->setRefreshTokenTTL(new \DateInterval($refreshTokenTTL)); $server->enableGrantType($grant, new \DateInterval($accessTokenTTL)); return $server; }
}, true); $di->setShared('authorizationServer', function () use($di) { $config = $di->getShared('config'); $server = new AuthorizationServer(new ClientRepository(), new AccessTokenRepository(), new ScopeRepository(), 'file://' . __DIR__ . '/' . $config->oauth['private'], 'file://' . __DIR__ . '/' . $config->oauth['public']); $userRepository = new UserRepository(); $refreshTokenRepository = new RefreshTokenRepository(); $authCodeRepository = new AuthCodeRepository(); $accessTokenLifetime = new \DateInterval($config->oauth['accessTokenLifetime']); $refreshTokenLifetime = new \DateInterval($config->oauth['refreshTokenLifetime']); $authorizationCodeLifetime = new \DateInterval($config->oauth['authorizationCodeLifetime']); /** * Using client_id & client_secret & username & password * */ $passwordGrant = new PasswordGrant($userRepository, $refreshTokenRepository); $passwordGrant->setRefreshTokenTTL($refreshTokenLifetime); $server->enableGrantType($passwordGrant, $accessTokenLifetime); /** * Using client_id & client_secret */ $clientCredentialsGrant = new ClientCredentialsGrant(); $server->enableGrantType($clientCredentialsGrant, $accessTokenLifetime); /** * Using client_id & client_secret */ $refreshTokenGrant = new RefreshTokenGrant($refreshTokenRepository); $refreshTokenGrant->setRefreshTokenTTL($refreshTokenLifetime); $server->enableGrantType($refreshTokenGrant, $accessTokenLifetime); /** * Using response_type=code & client_id & redirect_uri & state */
/** * enable PasswordGrant. * * @param $options * * @return PasswordGrant */ public function enablePasswordGrant($options) { // Init our repositories $userRepository = new UserRepository(); // instance of UserRepositoryInterface $refreshTokenRepository = new RefreshTokenRepository(); // instance of RefreshTokenRepositoryInterface $grant = new PasswordGrant($userRepository, $refreshTokenRepository); $grant->setRefreshTokenTTL($this->getDateInterval($options['refresh_token_ttl'])); // Enable the password grant on the server $this->authorizationServer->enableGrantType($grant, $this->getDateInterval($options['access_token_ttl'])); return $grant; }