/** * Get a session from Redis storage by an associated access token. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken * @return \League\OAuth2\Server\Entity\SessionEntity|null */ public function getByAccessToken(AccessTokenEntity $accessToken) { if (!($token = $this->getValue($accessToken->getId(), 'oauth_access_tokens'))) { return null; } return $this->get($token['session_id']); }
/** * Get a session from an access token * * @param AccessTokenEntity $accessToken * @return SessionEntity */ public function getByAccessToken(AccessTokenEntity $accessToken) { $result = $this->db->table('oauth_sessions')->select('oauth_sessions.*')->join('oauth_access_tokens', 'oauth_sessions.id', '=', 'oauth_access_tokens.session_id')->where('oauth_access_tokens.id', $accessToken->getId())->first(); if (is_null($result)) { return; } return (new SessionEntity($this->getServer()))->setId($result->id)->setOwner($result->owner_type, $result->owner_id); }
/** * @inheritdoc */ public function delete(AccessTokenEntity $token) { $accessToken = $this->findByToken($token->getId()); if ($accessToken === null) { throw new AccessTokenNotFound(); } $accessToken->delete(); }
/** * Get a session from an access token * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken The access token * @return \League\OAuth2\Server\Entity\SessionEntity */ public function getByAccessToken(AccessTokenEntity $accessToken) { $allowedSessionIds = $this->getConnection()->table('oauth_access_tokens')->where('id', $accessToken->getId())->pluck('session_id'); $result = $this->getConnection()->table('oauth_sessions')->whereIn('id', $allowedSessionIds)->first(); if (is_null($result)) { return null; } return (new SessionEntity($this->getServer()))->setId($result['id'])->setOwner($result['owner_type'], $result['owner_id']); }
public function getByAccessToken(AccessTokenEntity $accessToken) { if ($accessToken->getId() !== 'foo') { return null; } $session = new SessionEntity($this->server); $session->setId('foo'); return $session; }
/** * @inheritdoc */ public function getByAccessToken(AccessTokenEntity $entity) { $accessToken = AccessToken::findByToken($entity->getId()); /** @var Session $session */ $session = Session::find($accessToken->sessionId); if ($session === null) { throw new SessionNotFound(); } return $this->createEntity($session); }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessToken) { $result = M('oauth_sessions')->field('oauth_sessions.id, oauth_sessions.owner_type, oauth_sessions.owner_id, oauth_sessions.client_id, oauth_sessions.client_redirect_uri')->join('LEFT JOIN oauth_access_tokens ON oauth_access_tokens.session_id = oauth_sessions.id')->where(array('oauth_access_tokens.access_token' => $accessToken->getId()))->select(); if (count($result) === 1) { $session = new SessionEntity($this->server); $session->setId($result[0]['id']); $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); return $session; } return; }
/** * Get a session from an access token * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken The access token * @return \League\OAuth2\Server\Entity\SessionEntity */ public function getByAccessToken(AccessTokenEntity $accessToken) { $result = $this->db->fetchAll("SELECT s.id, s.owner_type, s.owner_id, s.client_id, s.client_redirect_uri FROM oauth_sessions s " . "JOIN oauth_access_tokens t ON t.session_id = s.id " . "WHERE t.access_token = ?", Db::FETCH_ASSOC, [$accessToken->getId()]); if (count($result) === 1) { $session = new SessionEntity($this->server); $session->setId($result[0]['id']); $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); return $session; } return NULL; }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessToken) { $result = $this->getConnection()->table('oauth_sessions')->select(['oauth_sessions.id', 'oauth_sessions.owner_type', 'oauth_sessions.owner_id', 'oauth_sessions.client_id', 'oauth_sessions.client_redirect_uri'])->join('oauth_access_tokens', 'oauth_access_tokens.session_id', '=', 'oauth_sessions.id')->where('oauth_access_tokens.access_token', $accessToken->getId())->first(); if (!is_null($result)) { $session = new SessionEntity($this->server); $session->setId($result->id); $session->setOwner($result->owner_type, $result->owner_id); return $session; } return; }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessToken) { $result = DB::table('oauth_sessions')->select(['oauth_sessions.id', 'oauth_sessions.owner_type', 'oauth_sessions.owner_id', 'oauth_sessions.client_id', 'oauth_sessions.client_redirect_uri'])->join('oauth_access_tokens', 'oauth_access_tokens.session_id', '=', 'oauth_sessions.id')->where('oauth_access_tokens.access_token', $accessToken->getId())->get(); if (count($result) === 1) { $session = new SessionEntity($this->server); $session->setId($result[0]->id); $session->setOwner($result[0]->owner_type, $result[0]->owner_id); return $session; } return null; }
public function getByAccessToken(AccessTokenEntity $access_token) { $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,' . ' oauth_sessions.owner_id, oauth_sessions.client_id,' . ' oauth_sessions.client_redirect_uri' . ' FROM oauth_sessions' . ' INNER JOIN oauth_access_tokens' . ' ON oauth_access_tokens.session_id = oauth_sessions.id' . ' WHERE oauth_access_tokens.access_token = ?;'; $results = $this->db->fetch($sql, [$access_token->getId()]); if (count($results) === 1) { $session = new SessionEntity($this->server); $session->setId($result[0]['id']); $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); return $session; } return null; }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessTokenEntity) { /** @var AccessToken $accessToken */ $accessToken = $this->dm->getRepository(AccessToken::class)->find($accessTokenEntity->getId()); if ($accessToken === null) { return null; } $session = $accessToken->getSession(); $sessionEntity = new SessionEntity($this->server); $sessionEntity->setId($session->getId()); $sessionEntity->setOwner($session->getOwnerType(), $session->getOwnerId()); return $sessionEntity; }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessToken) { $query = $this->db->createQueryBuilder()->select('s.id', 's.owner_type', 's.owner_id')->from('oauth_sessions', 's')->join('s', 'oauth_access_tokens', 'at', 's.id = at.session_id')->where('at.access_token = :accessToken'); $query->createNamedParameter($accessToken->getId(), \PDO::PARAM_STR, ':accessToken'); $stmt = $query->execute(); $result = $stmt->fetchAll(); if (count($result) === 1) { $session = new SessionEntity($this->server); $session->setId($result[0]['id']); $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); return $session; } }
/** * {@inheritdoc} * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken Access token * @return \League\OAuth2\Server\Entity\SessionEntity */ public function getByAccessToken(AccessTokenEntity $accessToken) { $this->loadModel('OAuthServer.Sessions'); $result = $this->Sessions->find()->matching('AccessTokens', function ($q) use($accessToken) { return $q->where(['oauth_token' => $accessToken->getId()]); })->first(); if ($result) { $session = new SessionEntity($this->server); $session->setId($result->id); $session->setOwner($result->owner_model, $result->owner_id); return $session; } }
/** * {@inheritdoc} */ public function getByAccessToken(AccessTokenEntity $accessToken) { $key = RedisUtil::prefix($accessToken->getId(), 'oauth_access_tokens'); if (isset($this->cache[$key])) { $result = $this->cache[$key]; } else { if (!($value = RedisCapsule::get($key))) { return; } $result = $this->cache[$key] = RedisUtil::unserialize($value); } return $this->getSession($result['session_id']); }
/** * Get a session from an access token * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken The access token * * @return \League\OAuth2\Server\Entity\SessionEntity | null */ public function getByAccessToken(AccessTokenEntity $accessToken) { $sql = <<<SQL SELECT os.id, os.owner_type, os.owner_id, os.client_id, os.client_redirect_uri FROM oauth_session os INNER JOIN oauth_access_token oat ON(oat.session_id = os.id) WHERE oat.access_token = :token SQL; foreach ($this->getDbConnection()->fetchAll($sql, ['token' => $accessToken->getId()]) as $row) { if ($row) { return (new SessionEntity($this->server))->setId($row['id'])->setOwner($row['owner_type'], $row['owner_id']); } } return null; }
/** * Get a session from an access token * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken The access token * * @return SessionEntity * @throws OAuthException */ public function getByAccessToken(AccessTokenEntity $accessToken) { $querySessions = new Query(); $session = null; $sessionResult = $querySessions->select(['{{%oauth_sessions}}.id as id', '{{%oauth_sessions}}.owner_type as owner_type', '{{%oauth_sessions}}.owner_id as owner_id', '{{%oauth_sessions}}.client_id as client_id', '{{%oauth_sessions}}.client_redirect_uri as redirect_uri'])->from('{{%oauth_sessions}}')->innerJoin('oauth_access_tokens', 'oauth_access_tokens.session_id={{%oauth_sessions}}.id')->where(['oauth_access_tokens.access_token' => $accessToken->getId()])->one(); if ($sessionResult) { $session = new SessionEntity($this->getServer()); $session->setId($sessionResult['id']); $session->setOwner($sessionResult['owner_type'], $sessionResult['owner_id']); if (!$session->save()) { throw new OAuthException(json_encode($session->errors)); } } else { throw new OAuthException(json_encode($sessionResult)); } return $session; }
public function getByAccessToken(AccessTokenEntity $accessToken) { $rawData = $this->redis->get("access_token:{$accessToken->getId()}"); if (!$rawData) { return null; } $data = json_decode($rawData, true); $sessionId = $data['session_id']; $rawData = $this->redis->get("session:{$data["session_id"]}"); if (!$rawData) { return null; } $data = json_decode($rawData, true); $session = new SessionEntity($this->server); $session->setId($sessionId); $session->setOwner($data['owner_type'], $data['owner_id']); return $session; }
/** * Complete the auth code grant * * @return array * * @throws */ public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->query->get('client_id', $this->server->getRequest()->getUser()); if (is_null($clientId)) { throw new Exception\InvalidRequestException('client_id'); } $clientSecret = $this->server->getRequest()->query->get('client_secret', $this->server->getRequest()->getPassword()); if ($this->shouldRequireClientSecret() && is_null($clientSecret)) { throw new Exception\InvalidRequestException('client_secret'); } $redirectUri = $this->server->getRequest()->query->get('redirect_uri', null); if (is_null($redirectUri)) { throw new Exception\InvalidRequestException('redirect_uri'); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($clientId, $clientSecret, $redirectUri, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } // Validate the auth code $authCode = $this->server->getRequest()->query->get('code', null); if (is_null($authCode)) { throw new Exception\InvalidRequestException('code'); } // $code: AuthCodeEntity $code = $this->server->getAuthCodeStorage()->get($authCode); if ($code instanceof AuthCodeEntity === false) { throw new Exception\InvalidRequestException('code'); } // Ensure the auth code hasn't expired if ($code->isExpired() === true) { throw new Exception\InvalidRequestException('code'); } // Check redirect URI presented matches redirect URI originally used in authorize request if ($code->getRedirectUri() !== $redirectUri) { throw new Exception\InvalidRequestException('redirect_uri'); } // $session: SessionEntity $session = $code->getSession(); $session->associateClient($client); // $authCodeScopes: [ScopeEntity] $authCodeScopes = $code->getScopes(); // Generate the access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); foreach ($authCodeScopes as $authCodeScope) { $session->associateScope($authCodeScope); } foreach ($session->getScopes() as $scope) { $accessToken->associateScope($scope); } $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $accessToken->getId()); $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); // Associate a refresh token if set if ($this->server->hasGrantType('refresh_token')) { $refreshToken = new RefreshTokenEntity($this->server); $refreshToken->setId(SecureKey::generate()); $refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time()); $this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId()); } // Expire the auth code $code->expire(); // Save all the things $accessToken->setSession($session); $accessToken->save(); if (isset($refreshToken) && $this->server->hasGrantType('refresh_token')) { $refreshToken->setAccessToken($accessToken); $refreshToken->save(); } return $this->server->getTokenType()->generateResponse(); }
/** * Complete the password grant * * @return array * * @throws */ public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser()); if (is_null($clientId)) { throw new Exception\InvalidRequestException('client_id'); } $clientSecret = $this->server->getRequest()->request->get('client_secret', $this->server->getRequest()->getPassword()); if (is_null($clientSecret)) { throw new Exception\InvalidRequestException('client_secret'); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } $username = $this->server->getRequest()->request->get('username', null); if (is_null($username)) { throw new Exception\InvalidRequestException('username'); } $password = $this->server->getRequest()->request->get('password', null); if (is_null($password)) { throw new Exception\InvalidRequestException('password'); } // Check if user's username and password are correct $userId = call_user_func($this->getVerifyCredentialsCallback(), $username, $password); if ($userId === false) { $this->server->getEventEmitter()->emit(new Event\UserAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidCredentialsException(); } // Validate any scopes that are in the request $scopeParam = $this->server->getRequest()->request->get('scope', ''); $scopes = $this->validateScopes($scopeParam, $client); // Create a new session $session = new SessionEntity($this->server); $session->setOwner('user', $userId); $session->associateClient($client); // Generate an access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); // Associate scopes with the session and access token foreach ($scopes as $scope) { $session->associateScope($scope); } foreach ($session->getScopes() as $scope) { $accessToken->associateScope($scope); } $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $accessToken->getId()); $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); // Associate a refresh token if set if ($this->server->hasGrantType('refresh_token')) { $refreshToken = new RefreshTokenEntity($this->server); $refreshToken->setId(SecureKey::generate()); $refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time()); $this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId()); } // Save everything $session->save(); $accessToken->setSession($session); $accessToken->save(); if ($this->server->hasGrantType('refresh_token')) { $refreshToken->setAccessToken($accessToken); $refreshToken->save(); } return $this->server->getTokenType()->generateResponse(); }
/** * {@inheritdoc} */ public function delete(AccessTokenEntity $token) { Capsule::table('oauth_access_tokens')->where('access_token', $token->getId())->delete(); }
/** * {@inheritdoc} */ public function delete(AccessTokenEntity $token) { $this->getConnection()->table('oauth_access_tokens')->where('id', $token->getId())->delete(); }
/** * {@inheritdoc} */ public function completeFlow() { $clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser()); if (is_null($clientId)) { throw new Exception\InvalidRequestException('client_id'); } $clientSecret = $this->server->getRequest()->request->get('client_secret', $this->server->getRequest()->getPassword()); if (is_null($clientSecret)) { throw new Exception\InvalidRequestException('client_secret'); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } $oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null); if ($oldRefreshTokenParam === null) { throw new Exception\InvalidRequestException('refresh_token'); } // Validate refresh token $oldRefreshToken = $this->server->getRefreshTokenStorage()->get($oldRefreshTokenParam); if ($oldRefreshToken instanceof RefreshTokenEntity === false) { throw new Exception\InvalidRefreshException(); } // Ensure the old refresh token hasn't expired if ($oldRefreshToken->isExpired() === true) { throw new Exception\InvalidRefreshException(); } $oldAccessToken = $oldRefreshToken->getAccessToken(); // Get the scopes for the original session $session = $oldAccessToken->getSession(); $scopes = $this->formatScopes($session->getScopes()); // Get and validate any requested scopes $requestedScopesString = $this->server->getRequest()->request->get('scope', ''); $requestedScopes = $this->validateScopes($requestedScopesString, $client); // If no new scopes are requested then give the access token the original session scopes if (count($requestedScopes) === 0) { $newScopes = $scopes; } else { // The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure // the request doesn't include any new scopes foreach ($requestedScopes as $requestedScope) { if (!isset($scopes[$requestedScope->getId()])) { throw new Exception\InvalidScopeException($requestedScope->getId()); } } $newScopes = $requestedScopes; } // Generate a new access token and assign it the correct sessions $newAccessToken = new AccessTokenEntity($this->server); $newAccessToken->setId(SecureKey::generate()); $newAccessToken->setExpireTime($this->getAccessTokenTTL() + time()); $newAccessToken->setSession($session); foreach ($newScopes as $newScope) { $newAccessToken->associateScope($newScope); } // Expire the old token and save the new one $oldAccessToken->expire(); $newAccessToken->save(); $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $newAccessToken->getId()); $this->server->getTokenType()->setParam('expire_access_token', $this->getAccessTokenTTL() + time()); if ($this->shouldRotateRefreshTokens()) { // Expire the old refresh token $oldRefreshToken->expire(); // Generate a new refresh token $newRefreshToken = new RefreshTokenEntity($this->server); $newRefreshToken->setId(SecureKey::generate()); $newRefreshToken->setExpireTime($this->getRefreshTokenTTL() + time()); $newRefreshToken->setAccessToken($newAccessToken); $newRefreshToken->save(); $this->server->getTokenType()->setParam('refresh_token', $newRefreshToken->getId()); $this->server->getTokenType()->setParam('expire_refresh_token', $newRefreshToken->getExpireTime()); } else { $this->server->getTokenType()->setParam('refresh_token', $oldRefreshToken->getId()); $this->server->getTokenType()->setParam('expire_refresh_token', $oldRefreshToken->getExpireTime()); } return $this->server->getTokenType()->generateResponse(); }
/** * Associate a scope with an access token. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token The access token * @param \League\OAuth2\Server\Entity\ScopeEntity $scope The scope * * @return void */ public function associateScope(AccessTokenEntity $token, ScopeEntity $scope) { $this->getConnection()->table('oauth_access_token_scopes')->insert(['access_token_id' => $token->getId(), 'scope_id' => $scope->getId(), 'created_at' => Carbon::now(), 'updated_at' => Carbon::now()]); }
/** * {@inheritdoc} */ public function delete(AccessTokenEntity $token) { // Deletes the access token entry. $key = RedisUtil::prefix($token->getId(), 'oauth_access_tokens'); if (isset($this->cache[$key])) { unset($this->cache[$key]); } RedisCapsule::del($key); // Deletes the access token entry from the access tokens set. $key = RedisUtil::prefix(null, 'oauth_access_tokens'); if (isset($this->cache[$key]) && ($cacheKey = array_search($token->getId(), $this->cache[$key])) !== false) { unset($this->cache[$key][$cacheKey]); } RedisCapsule::srem($key, $token->getId()); // Deletes the access tokens associated scopes. $key = RedisUtil::prefix($token->getId(), 'oauth_access_token_scopes'); if (isset($this->cache[$key])) { unset($this->cache[$key]); } RedisCapsule::del($key); }
/** * {@inheritdoc} */ public function delete(AccessTokenEntity $token) { $this->loadModel('OAuthServer.AccessTokens'); $accessToken = $this->AccessTokens->findByOauthToken($token->getId())->first(); $this->AccessTokens->delete($accessToken, ['cascade' => true]); }
/** * Complete the password grant * * @return array * * @throws */ public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser()); if (is_null($clientId)) { throw new Exception\InvalidRequestException('client_id'); } $clientSecret = $this->server->getRequest()->request->get('client_secret', $this->server->getRequest()->getPassword()); if (is_null($clientSecret)) { throw new Exception\InvalidRequestException('client_secret'); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } $twitter_token = $this->server->getRequest()->request->get('twitter_token', null); $client_id = $this->server->getRequest()->request->get('client_id', null); $userId = createOrUpdateTwCustomer($twitter_token, $client_id); //If not integer means error in the helper function, return it FOR DEBUGGING ONLY if (!is_int($userId)) { return $userId; } if ($userId === false) { $this->server->getEventEmitter()->emit(new Event\UserAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidCredentialsException(); } // Validate any scopes that are in the request $scopeParam = $this->server->getRequest()->request->get('scope', ''); $scopes = $this->validateScopes($scopeParam, $client); // Create a new session $session = new SessionEntity($this->server); $session->setOwner('user', $userId); $session->associateClient($client); // Generate an access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); // Associate scopes with the session and access token foreach ($scopes as $scope) { $session->associateScope($scope); } foreach ($session->getScopes() as $scope) { $accessToken->associateScope($scope); } $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $accessToken->getId()); $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); // Associate a refresh token if set if ($this->server->hasGrantType('refresh_token')) { $refreshToken = new RefreshTokenEntity($this->server); $refreshToken->setId(SecureKey::generate()); $refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time()); $this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId()); } // Save everything $session->save(); $accessToken->setSession($session); $accessToken->save(); if ($this->server->hasGrantType('refresh_token')) { $refreshToken->setAccessToken($accessToken); $refreshToken->save(); } return $this->server->getTokenType()->generateResponse(); }
/** * Delete an access token * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token The access token to delete * * @return int * @throws OAuthException */ public function delete(AccessTokenEntity $token = null) { try { return self::deleteAll("access_token = :access_token", [":access_token" => $token->getId()]); } catch (Exception $e) { throw new OAuthException(json_encode($e)); } }
/** * Complete the client credentials grant * * @return array * * @throws */ public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser()); //$clientId= 'client1'; if (is_null($clientId)) { throw new Exception\InvalidRequestException('client_id'); } $clientSecret = $this->server->getRequest()->request->get('client_secret', $this->server->getRequest()->getPassword()); //$clientSecret = 'test1'; if (is_null($clientSecret)) { throw new Exception\InvalidRequestException('client_secret'); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } // Validate any scopes that are in the request $scopeParam = $this->server->getRequest()->request->get('scope', ''); $scopes = $this->validateScopes($scopeParam, $client); // Create a new session $session = new SessionEntity($this->server); $session->setOwner('client', $client->getId()); $session->associateClient($client); // Generate an access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); // Associate scopes with the session and access token foreach ($scopes as $scope) { $session->associateScope($scope); } foreach ($session->getScopes() as $scope) { $accessToken->associateScope($scope); } // Save everything $session->save(); $accessToken->setSession($session); $accessToken->save(); $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $accessToken->getId()); $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); return $this->server->getTokenType()->generateResponse(); }
/** * Complete the password grant. * * @return array * * @throws */ public function completeFlow() { $client = $this->getClient(); $userId = $this->getUserId($this->server->getRequest(), $this->getVerifyCredentialsCallback()); if ($userId === false) { $this->server->getEventEmitter()->emit(new UserAuthenticationFailedEvent($this->server->getRequest())); throw new InvalidCredentialsException(); } // Create a new session $session = new SessionEntity($this->server); $session->setOwner('user', $userId); $session->associateClient($client); // Generate an access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); $this->server->getTokenType()->setSession($session); $this->server->getTokenType()->setParam('access_token', $accessToken->getId()); $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); // Save everything $session->save(); $accessToken->setSession($session); $accessToken->save(); // Associate a refresh token if set if ($this->server->hasGrantType('refresh_token')) { $refreshToken = new RefreshTokenEntity($this->server); $refreshToken->setId(SecureKey::generate()); $refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time()); $this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId()); $refreshToken->setAccessToken($accessToken); $refreshToken->save(); } return $this->server->getTokenType()->generateResponse(); }