Exemplo n.º 1
0
 /**
  * Handle the creation of access token, also issue refresh token if support.
  *
  * This belongs in a separate factory, but to keep it simple, I'm just
  * keeping it here.
  *
  * @param $client_id
  * Client identifier related to the access token.
  * @param $scope
  * (optional) Scopes to be stored in space-separated string.
  *
  * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-5
  * @ingroup oauth2_section_5
  */
 protected function createAccessToken($client_id, $user_id, $scope = NULL)
 {
     $token = array("access_token" => $this->genAccessToken(), "expires_in" => $this->getVariable(self::CONFIG_ACCESS_LIFETIME), "token_type" => $this->getVariable(self::CONFIG_TOKEN_TYPE), "scope" => $scope);
     $this->storage->setAccessToken($token["access_token"], $client_id, $user_id, time() + $this->getVariable(self::CONFIG_ACCESS_LIFETIME), $scope);
     // Issue a refresh token also, if we support them
     if ($this->storage instanceof IOAuth2RefreshTokens) {
         $token["refresh_token"] = $this->genAccessToken();
         $this->storage->setRefreshToken($token["refresh_token"], $client_id, $user_id, time() + $this->getVariable(self::CONFIG_REFRESH_LIFETIME), $scope);
         // If we've granted a new refresh token, expire the old one
         if ($this->oldRefreshToken) {
             $this->storage->unsetRefreshToken($this->oldRefreshToken);
             unset($this->oldRefreshToken);
         }
     }
     return $token;
 }
Exemplo n.º 2
0
 /**
  * Handle the creation of access token, also issue refresh token if support.
  *
  * This belongs in a separate factory, but to keep it simple, I'm just
  * keeping it here.
  *
  * @param $client_id
  * Client identifier related to the access token.
  * @param $scope
  * (optional) Scopes to be stored in space-separated string.
  *
  * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-5
  * @ingroup oauth2_section_5
  */
 protected function createAccessToken($client_id, $user_id, $scope = NULL)
 {
     $token = array("access_token" => $this->genAccessToken(), "expires_in" => $this->getVariable(self::CONFIG_ACCESS_LIFETIME), "token_type" => $this->getVariable(self::CONFIG_TOKEN_TYPE), "scope" => $scope);
     $this->storage->setAccessToken($token["access_token"], $client_id, $user_id, time() + $this->getVariable(self::CONFIG_ACCESS_LIFETIME), $scope);
     // Issue a refresh token also, if we support them
     if ($this->storage instanceof IOAuth2RefreshTokens) {
         $token["refresh_token"] = $this->genAccessToken();
         $this->storage->setRefreshToken($token["refresh_token"], $client_id, $user_id, time() + $this->getVariable(self::CONFIG_REFRESH_LIFETIME), $scope);
         // @todo HERE we need to call or add a function to truly unset and remove the access_tokens as well as the old refresh token
         // If the user has made it this far then it is a safe bet to say we can remove the refresh_token from the database as
         //die($_GET['refresh_token']);
         // If we've granted a new refresh token, expire the old one
         if ($this->oldRefreshToken) {
             $this->storage->unsetRefreshToken($this->oldRefreshToken);
             unset($this->oldRefreshToken);
             // Acually remove the refresh token from the database so it can not be used again
             //global $wpdb;
             //$prepare = $wpdb->prepare("DELETE FROM {$wpdb->prefix}oauth2_access_tokens WHERE oauth_token='%s'", array($this->oldRefreshToken));
             die($this->oldRefreshToken);
         }
     }
     return $token;
 }