mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-03 18:51:53 +05:30
Fixes #665
This commit is contained in:
parent
eb1e36165b
commit
362114c460
@ -16,22 +16,22 @@ This method should return an implementation of `\League\OAuth2\Server\Entities\A
|
||||
|
||||
## persistNewAuthCode() : void
|
||||
|
||||
When a new access token is created this method will be called. You don't have to do anything here but for auditing you probably want to.
|
||||
When a new auht code is created this method will be called. You don't have to do anything here but for auditing you probably want to.
|
||||
|
||||
The access token entity passed in has a number of methods you can call which contain data worth saving to a database:
|
||||
The auth code entity passed in has a number of methods you can call which contain data worth saving to a database:
|
||||
|
||||
* `getIdentifier() : string` this is randomly generated unique identifier (of 80+ characters in length) for the access token.
|
||||
* `getExpiryDateTime() : \DateTime` the expiry date and time of the access token.
|
||||
* `getUserIdentifier() : string|null` the user identifier represented by the access token.
|
||||
* `getIdentifier() : string` this is randomly generated unique identifier (of 80+ characters in length) for the auth code.
|
||||
* `getExpiryDateTime() : \DateTime` the expiry date and time of the auth code.
|
||||
* `getUserIdentifier() : string|null` the user identifier represented by the auth code.
|
||||
* `getScopes() : ScopeEntityInterface[]` an array of scope entities
|
||||
* `getClient()->getIdentifier() : string` the identifier of the client who requested the access token.
|
||||
* `getClient()->getIdentifier() : string` the identifier of the client who requested the auth code.
|
||||
|
||||
JWT access tokens contain an expiry date and so will be rejected automatically when used. You can safely clean up expired access tokens from your database.
|
||||
The auth codes contain an expiry date and so will be rejected automatically if used when expired. You can safely clean up expired auth codes from your database.
|
||||
|
||||
## revokeAuthCode() : void
|
||||
|
||||
This method is called when an authorization code is exchanged for an access token.
|
||||
This method is called when an authorization code is exchanged for an access token. You can also use it in your own business logic.
|
||||
|
||||
## isAuthCodeRevoked() : boolean
|
||||
|
||||
This method is called before an authorization code is exchanged for an access token by the authorization server. Return `true` if the auth code has been manually revoked before it expired. If the auth code is still valid return `false`.
|
||||
This method is called before an authorization code is exchanged for an access token by the authorization server. Return `true` if the auth code has been manually revoked before it expired. If the auth code is still valid return `false`.
|
||||
|
Loading…
Reference in New Issue
Block a user