ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-22 21:19:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Create auth-server.md

Browse Source 
Initial draft of a page detailing the AuthorizationServer class for the docs
This commit is contained in:
Andrew Millington 2017-12-23 15:47:51 +00:00 committed by GitHub
parent 825668e7c0
commit 053851a52a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
auth-server.md Normal file
View File

@ -0,0 +1,33 @@
---
layout: default
title: The Authorization Server
permalink: /authorization-server/index
---
# The Authorization Server
The Authorization server accepts authorization requests from a client and if validated, issues an access token and refresh tokens if applicable.
## enableGrantType() :null|DateInterval
By default, an instantiated AuthorizationServer will not accept any grant types. To add a grant type, call the `enableGrantType` method, passing it a `GrantTypeInterface` for the grant tht should be enabled and an optional DateInterval, specifying the default time to live for any access tokens issued by the grant type.
## validateAuthorizationRequest() : AuthorizationRequest
This function is used to validate an incoming authorization requests. It checks to ensure that a user has authorized a client to access their protected resources. If the authorization check passes, the server will issue an instance of `AuthorizationRequest`, which can be used with the `completeAuthorizationRequest()` method. This method is used by the Authorization Code Grant and the Implicit Grant.
## completeAuthorizationRequest() : ResponseInterface
To complete...
## respondToAccessTokenRequest() : ResponseInterface
This method is used to respond to a request for an access token. It will validate the client and authorization code received as part of the request, and if successful, issue an access token to the client.
## getResponseType() : ResponseTypeInterface
Used to get the response type that grants will return. The response type must be an implementation of the `ResponseTypeInterface`. If it is not, a default `BearerTokenResponse` is issued.
## setDefaultScope() : null
When the Authorization Server is first instantiated, it has no default scope set. If the server receieves an authorization request that does not specify any scope, it will reject the request by issuing an invalid scope response. If a default scope is set using this method, authorization requests without a scope will be assigned the default scope set for the server.