mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Completely restored authorization_code grant for user side.
Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci]
This commit is contained in:
ErickSkrauch
@@ -1,38 +1,32 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace common\models;
|
||||
|
||||
use common\components\Redis\Set;
|
||||
use Yii;
|
||||
use yii\base\NotSupportedException;
|
||||
use yii\behaviors\TimestampBehavior;
|
||||
use yii\db\ActiveQuery;
|
||||
use yii\db\ActiveRecord;
|
||||
|
||||
/**
|
||||
* Fields:
|
||||
* @property integer $id
|
||||
* @property string $owner_type contains one of the OauthOwnerType constants
|
||||
* @property string|null $owner_id
|
||||
* @property string $client_id
|
||||
* @property string $client_redirect_uri
|
||||
* @property integer $created_at
|
||||
* @property int $account_id
|
||||
* @property string $client_id
|
||||
* @property int $legacy_id
|
||||
* @property array $scopes
|
||||
* @property integer $created_at
|
||||
*
|
||||
* Relations:
|
||||
* @property OauthClient $client
|
||||
* @property Account $account
|
||||
* @property Set $scopes
|
||||
*/
|
||||
class OauthSession extends ActiveRecord {
|
||||
|
||||
public static function tableName(): string {
|
||||
return '{{%oauth_sessions}}';
|
||||
return 'oauth_sessions';
|
||||
}
|
||||
|
||||
public static function find(): OauthSessionQuery {
|
||||
return new OauthSessionQuery(static::class);
|
||||
}
|
||||
|
||||
public function behaviors() {
|
||||
public function behaviors(): array {
|
||||
return [
|
||||
[
|
||||
'class' => TimestampBehavior::class,
|
||||
@@ -49,39 +43,28 @@ class OauthSession extends ActiveRecord {
|
||||
return $this->hasOne(Account::class, ['id' => 'owner_id']);
|
||||
}
|
||||
|
||||
public function getScopes(): Set {
|
||||
return new Set(static::getDb()->getSchema()->getRawTableName(static::tableName()), $this->id, 'scopes');
|
||||
}
|
||||
public function getScopes(): array {
|
||||
if (empty($this->scopes) && $this->legacy_id !== null) {
|
||||
return Yii::$app->redis->smembers($this->getLegacyRedisScopesKey());
|
||||
}
|
||||
|
||||
public function getAccessTokens() {
|
||||
throw new NotSupportedException('This method is possible, but not implemented');
|
||||
return (array)$this->scopes;
|
||||
}
|
||||
|
||||
public function beforeDelete(): bool {
|
||||
if (!$result = parent::beforeDelete()) {
|
||||
return $result;
|
||||
if (!parent::beforeDelete()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->clearScopes();
|
||||
$this->removeRefreshToken();
|
||||
if ($this->legacy_id !== null) {
|
||||
Yii::$app->redis->del($this->getLegacyRedisScopesKey());
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public function removeRefreshToken(): void {
|
||||
/** @var \api\components\OAuth2\Repositories\RefreshTokenStorage $refreshTokensStorage */
|
||||
// TODO: rework
|
||||
$refreshTokensStorage = Yii::$app->oauth->getRefreshTokenStorage();
|
||||
$refreshTokensSet = $refreshTokensStorage->sessionHash($this->id);
|
||||
foreach ($refreshTokensSet->members() as $refreshTokenId) {
|
||||
$refreshTokensStorage->delete($refreshTokensStorage->get($refreshTokenId));
|
||||
}
|
||||
|
||||
$refreshTokensSet->delete();
|
||||
}
|
||||
|
||||
public function clearScopes(): void {
|
||||
$this->getScopes()->delete();
|
||||
private function getLegacyRedisScopesKey(): string {
|
||||
return "oauth:sessions:{$this->legacy_id}:scopes";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user