2016-02-14 23:20:10 +05:30
|
|
|
<?php
|
2019-08-23 13:58:04 +05:30
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
2016-11-27 03:13:42 +05:30
|
|
|
namespace api\components\OAuth2;
|
2016-02-14 23:20:10 +05:30
|
|
|
|
2019-09-22 02:47:21 +05:30
|
|
|
use api\components\OAuth2\Grants\AuthCodeGrant;
|
|
|
|
|
use api\components\OAuth2\Grants\RefreshTokenGrant;
|
2019-08-23 13:58:04 +05:30
|
|
|
use api\components\OAuth2\Keys\EmptyKey;
|
|
|
|
|
use DateInterval;
|
2016-02-14 23:20:10 +05:30
|
|
|
use League\OAuth2\Server\AuthorizationServer;
|
2019-08-23 13:58:04 +05:30
|
|
|
use League\OAuth2\Server\Grant;
|
2017-06-17 23:35:36 +05:30
|
|
|
use yii\base\Component as BaseComponent;
|
2016-02-14 23:20:10 +05:30
|
|
|
|
2017-06-17 23:35:36 +05:30
|
|
|
class Component extends BaseComponent {
|
2016-02-14 23:20:10 +05:30
|
|
|
|
2019-12-04 15:54:30 +05:30
|
|
|
/**
|
|
|
|
|
* @var string|\Defuse\Crypto\Key
|
|
|
|
|
*/
|
|
|
|
|
public $encryptionKey;
|
|
|
|
|
|
2016-02-14 23:20:10 +05:30
|
|
|
/**
|
|
|
|
|
* @var AuthorizationServer
|
|
|
|
|
*/
|
|
|
|
|
private $_authServer;
|
|
|
|
|
|
2017-06-17 23:35:36 +05:30
|
|
|
public function getAuthServer(): AuthorizationServer {
|
2016-02-14 23:20:10 +05:30
|
|
|
if ($this->_authServer === null) {
|
2019-08-23 13:58:04 +05:30
|
|
|
$clientsRepo = new Repositories\ClientRepository();
|
|
|
|
|
$accessTokensRepo = new Repositories\AccessTokenRepository();
|
2019-09-13 03:49:03 +05:30
|
|
|
$publicScopesRepo = new Repositories\PublicScopeRepository();
|
2019-09-22 02:47:21 +05:30
|
|
|
$internalScopesRepo = new Repositories\InternalScopeRepository();
|
2019-08-23 13:58:04 +05:30
|
|
|
$authCodesRepo = new Repositories\AuthCodeRepository();
|
|
|
|
|
$refreshTokensRepo = new Repositories\RefreshTokenRepository();
|
|
|
|
|
|
|
|
|
|
$accessTokenTTL = new DateInterval('P1D');
|
|
|
|
|
|
|
|
|
|
$authServer = new AuthorizationServer(
|
|
|
|
|
$clientsRepo,
|
|
|
|
|
$accessTokensRepo,
|
2019-09-22 02:47:21 +05:30
|
|
|
new Repositories\EmptyScopeRepository(),
|
2019-08-23 13:58:04 +05:30
|
|
|
new EmptyKey(),
|
2019-12-04 15:54:30 +05:30
|
|
|
$this->encryptionKey
|
2019-08-23 13:58:04 +05:30
|
|
|
);
|
2019-09-22 02:47:21 +05:30
|
|
|
$authCodeGrant = new AuthCodeGrant($authCodesRepo, $refreshTokensRepo, new DateInterval('PT10M'));
|
2019-08-23 13:58:04 +05:30
|
|
|
$authCodeGrant->disableRequireCodeChallengeForPublicClients();
|
|
|
|
|
$authServer->enableGrantType($authCodeGrant, $accessTokenTTL);
|
2019-09-13 03:49:03 +05:30
|
|
|
$authCodeGrant->setScopeRepository($publicScopesRepo); // Change repository after enabling
|
2019-09-22 02:47:21 +05:30
|
|
|
|
|
|
|
|
$refreshTokenGrant = new RefreshTokenGrant($refreshTokensRepo);
|
2019-09-22 05:12:08 +05:30
|
|
|
$authServer->enableGrantType($refreshTokenGrant);
|
2019-09-22 02:47:21 +05:30
|
|
|
$refreshTokenGrant->setScopeRepository($publicScopesRepo); // Change repository after enabling
|
|
|
|
|
|
2019-09-22 05:12:08 +05:30
|
|
|
// TODO: make these access tokens live longer
|
2019-09-22 02:47:21 +05:30
|
|
|
$clientCredentialsGrant = new Grant\ClientCredentialsGrant();
|
|
|
|
|
$authServer->enableGrantType($clientCredentialsGrant, $accessTokenTTL);
|
|
|
|
|
$clientCredentialsGrant->setScopeRepository($internalScopesRepo); // Change repository after enabling
|
2016-02-14 23:20:10 +05:30
|
|
|
|
2017-06-17 23:35:36 +05:30
|
|
|
$this->_authServer = $authServer;
|
2016-02-14 23:20:10 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->_authServer;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
