mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-23 05:29:52 +05:30
AbstractGrant now handles persisting tokens
This commit is contained in:
parent
ad5b242d10
commit
064eb85f4e
@ -21,9 +21,12 @@ use League\OAuth2\Server\Entities\RefreshTokenEntity;
|
||||
use League\OAuth2\Server\Entities\ScopeEntity;
|
||||
use League\OAuth2\Server\Exception\OAuthServerException;
|
||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
||||
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
||||
use League\OAuth2\Server\Utils\SecureKey;
|
||||
use OAuth2ServerExamples\Repositories\AuthCodeRepository;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
|
||||
/**
|
||||
@ -55,6 +58,16 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
*/
|
||||
protected $scopeRepository;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface
|
||||
*/
|
||||
private $authCodeRepository;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
|
||||
*/
|
||||
private $refreshTokenRepository;
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
@ -94,6 +107,22 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$this->scopeRepository = $scopeRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
|
||||
*/
|
||||
public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
|
||||
{
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface $authCodeRepository
|
||||
*/
|
||||
public function setAuthCodeRepository(AuthCodeRepositoryInterface $authCodeRepository)
|
||||
{
|
||||
$this->authCodeRepository = $authCodeRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $pathToPrivateKey
|
||||
*/
|
||||
@ -126,6 +155,22 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$this->refreshTokenTTL = $refreshTokenTTL;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return AuthCodeRepositoryInterface
|
||||
*/
|
||||
protected function getAuthCodeRepository()
|
||||
{
|
||||
return $this->authCodeRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return RefreshTokenRepositoryInterface
|
||||
*/
|
||||
protected function getRefreshTokenRepository()
|
||||
{
|
||||
return $this->refreshTokenRepository;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate the client
|
||||
*
|
||||
@ -303,6 +348,8 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$accessToken->addScope($scope);
|
||||
}
|
||||
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
|
||||
return $accessToken;
|
||||
}
|
||||
|
||||
@ -336,6 +383,8 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$authCode->addScope($scope);
|
||||
}
|
||||
|
||||
$this->authCodeRepository->persistNewAuthCode($authCode);
|
||||
|
||||
return $authCode;
|
||||
}
|
||||
|
||||
@ -351,6 +400,8 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
$refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));
|
||||
$refreshToken->setAccessToken($accessToken);
|
||||
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
|
||||
return $refreshToken;
|
||||
}
|
||||
|
||||
|
@ -23,10 +23,6 @@ class AuthCodeGrant extends AbstractGrant
|
||||
* @var \DateInterval
|
||||
*/
|
||||
private $authCodeTTL;
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface
|
||||
*/
|
||||
private $authCodeRepository;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\UserRepositoryInterface
|
||||
@ -43,10 +39,6 @@ class AuthCodeGrant extends AbstractGrant
|
||||
*/
|
||||
private $pathToAuthorizeTemplate;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
|
||||
*/
|
||||
private $refreshTokenRepository;
|
||||
|
||||
/**
|
||||
* @param \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface $authCodeRepository
|
||||
@ -64,8 +56,8 @@ class AuthCodeGrant extends AbstractGrant
|
||||
$pathToLoginTemplate = null,
|
||||
$pathToAuthorizeTemplate = null
|
||||
) {
|
||||
$this->authCodeRepository = $authCodeRepository;
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
$this->setAuthCodeRepository($authCodeRepository);
|
||||
$this->setRefreshTokenRepository($refreshTokenRepository);
|
||||
$this->userRepository = $userRepository;
|
||||
$this->authCodeTTL = $authCodeTTL;
|
||||
$this->pathToLoginTemplate = ($pathToLoginTemplate === null)
|
||||
@ -209,7 +201,6 @@ class AuthCodeGrant extends AbstractGrant
|
||||
$redirectUri,
|
||||
$scopes
|
||||
);
|
||||
$this->authCodeRepository->persistNewAuthCode($authCode);
|
||||
|
||||
$redirectPayload['code'] = KeyCrypt::encrypt(
|
||||
json_encode(
|
||||
@ -267,7 +258,7 @@ class AuthCodeGrant extends AbstractGrant
|
||||
throw OAuthServerException::invalidRequest('code', 'Authorization code has expired');
|
||||
}
|
||||
|
||||
if ($this->authCodeRepository->isAuthCodeRevoked($authCodePayload->auth_code_id) === true) {
|
||||
if ($this->getAuthCodeRepository()->isAuthCodeRevoked($authCodePayload->auth_code_id) === true) {
|
||||
throw OAuthServerException::invalidRequest('code', 'Authorization code has been revoked');
|
||||
}
|
||||
|
||||
@ -286,8 +277,6 @@ class AuthCodeGrant extends AbstractGrant
|
||||
$authCodePayload->scopes
|
||||
);
|
||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
|
||||
// Inject tokens into response type
|
||||
$responseType->setAccessToken($accessToken);
|
||||
|
@ -33,7 +33,6 @@ class ClientCredentialsGrant extends AbstractGrant
|
||||
|
||||
// Issue and persist access token
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
|
||||
// Inject access token into response type
|
||||
$responseType->setAccessToken($accessToken);
|
||||
|
@ -29,11 +29,6 @@ class PasswordGrant extends AbstractGrant
|
||||
*/
|
||||
private $userRepository;
|
||||
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
|
||||
*/
|
||||
private $refreshTokenRepository;
|
||||
|
||||
/**
|
||||
* @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository
|
||||
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
|
||||
@ -43,7 +38,7 @@ class PasswordGrant extends AbstractGrant
|
||||
RefreshTokenRepositoryInterface $refreshTokenRepository
|
||||
) {
|
||||
$this->userRepository = $userRepository;
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
$this->setRefreshTokenRepository($refreshTokenRepository);
|
||||
|
||||
$this->refreshTokenTTL = new \DateInterval('P1M');
|
||||
}
|
||||
@ -64,8 +59,6 @@ class PasswordGrant extends AbstractGrant
|
||||
// Issue and persist new tokens
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
|
||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
|
||||
// Inject tokens into response
|
||||
$responseType->setAccessToken($accessToken);
|
||||
|
@ -24,17 +24,12 @@ use Psr\Http\Message\ServerRequestInterface;
|
||||
*/
|
||||
class RefreshTokenGrant extends AbstractGrant
|
||||
{
|
||||
/**
|
||||
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
|
||||
*/
|
||||
private $refreshTokenRepository;
|
||||
|
||||
/**
|
||||
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
|
||||
*/
|
||||
public function __construct(RefreshTokenRepositoryInterface $refreshTokenRepository)
|
||||
{
|
||||
$this->refreshTokenRepository = $refreshTokenRepository;
|
||||
$this->setRefreshTokenRepository($refreshTokenRepository);
|
||||
|
||||
$this->refreshTokenTTL = new \DateInterval('P1M');
|
||||
}
|
||||
@ -73,13 +68,13 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
|
||||
// Expire old tokens
|
||||
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
|
||||
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
|
||||
$this->getRefreshTokenRepository()->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
|
||||
|
||||
// Issue and persist new tokens
|
||||
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
|
||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||
$this->getRefreshTokenRepository()->persistNewRefreshToken($refreshToken);
|
||||
|
||||
// Inject tokens into response
|
||||
$responseType->setAccessToken($accessToken);
|
||||
@ -125,7 +120,7 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
throw OAuthServerException::invalidRefreshToken('Token has expired');
|
||||
}
|
||||
|
||||
if ($this->refreshTokenRepository->isRefreshTokenRevoked($refreshTokenData['refresh_token_id']) === true) {
|
||||
if ($this->getRefreshTokenRepository()->isRefreshTokenRevoked($refreshTokenData['refresh_token_id']) === true) {
|
||||
throw OAuthServerException::invalidRefreshToken('Token has been revoked');
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user