mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-03 18:51:53 +05:30
allow refresh token ttl assign
This commit is contained in:
Julián Gutiérrez
parent
1e1043c04f
commit
44155a8efc
@ -283,15 +283,16 @@ abstract class AbstractGrant implements GrantTypeInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* @param \DateInterval $tokenTTL
|
||||||
* @param \League\OAuth2\Server\Entities\AccessTokenEntity $accessToken
|
* @param \League\OAuth2\Server\Entities\AccessTokenEntity $accessToken
|
||||||
*
|
*
|
||||||
* @return \League\OAuth2\Server\Entities\RefreshTokenEntity
|
* @return \League\OAuth2\Server\Entities\RefreshTokenEntity
|
||||||
*/
|
*/
|
||||||
protected function issueRefreshToken(AccessTokenEntity $accessToken)
|
protected function issueRefreshToken(\DateInterval $tokenTTL, AccessTokenEntity $accessToken)
|
||||||
{
|
{
|
||||||
$refreshToken = new RefreshTokenEntity();
|
$refreshToken = new RefreshTokenEntity();
|
||||||
$refreshToken->setIdentifier(SecureKey::generate());
|
$refreshToken->setIdentifier(SecureKey::generate());
|
||||||
$refreshToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('P1M')));
|
$refreshToken->setExpiryDateTime((new \DateTime())->add($tokenTTL));
|
||||||
$refreshToken->setAccessToken($accessToken);
|
$refreshToken->setAccessToken($accessToken);
|
||||||
|
|
||||||
return $refreshToken;
|
return $refreshToken;
|
||||||
|
|||||||
@ -32,14 +32,15 @@ class ClientCredentialsGrant extends AbstractGrant
|
|||||||
public function respondToRequest(
|
public function respondToRequest(
|
||||||
ServerRequestInterface $request,
|
ServerRequestInterface $request,
|
||||||
ResponseTypeInterface $responseType,
|
ResponseTypeInterface $responseType,
|
||||||
\DateInterval $tokenTTL
|
\DateInterval $accessTokenTTL,
|
||||||
|
\DateInterval $refreshTokenTTL
|
||||||
) {
|
) {
|
||||||
// Validate request
|
// Validate request
|
||||||
$client = $this->validateClient($request);
|
$client = $this->validateClient($request);
|
||||||
$scopes = $this->validateScopes($request, $client);
|
$scopes = $this->validateScopes($request, $client);
|
||||||
|
|
||||||
// Issue and persist access token
|
// Issue and persist access token
|
||||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes);
|
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);
|
||||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||||
|
|
||||||
// Inject access token into response type
|
// Inject access token into response type
|
||||||
|
|||||||
@ -11,7 +11,6 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server\Grant;
|
namespace League\OAuth2\Server\Grant;
|
||||||
|
|
||||||
use DateInterval;
|
|
||||||
use League\Event\EmitterInterface;
|
use League\Event\EmitterInterface;
|
||||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||||
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
||||||
@ -43,14 +42,16 @@ interface GrantTypeInterface
|
|||||||
*
|
*
|
||||||
* @param \Psr\Http\Message\ServerRequestInterface $request
|
* @param \Psr\Http\Message\ServerRequestInterface $request
|
||||||
* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
|
* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
|
||||||
* @param \DateInterval $tokenTTL
|
* @param \DateInterval $accessTokenTTL
|
||||||
|
* @param \DateInterval $refreshTokenTTL
|
||||||
*
|
*
|
||||||
* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
|
* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
|
||||||
*/
|
*/
|
||||||
public function respondToRequest(
|
public function respondToRequest(
|
||||||
ServerRequestInterface $request,
|
ServerRequestInterface $request,
|
||||||
ResponseTypeInterface $responseType,
|
ResponseTypeInterface $responseType,
|
||||||
DateInterval $tokenTTL
|
\DateInterval $accessTokenTTL,
|
||||||
|
\DateInterval $refreshTokenTTL
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -59,7 +59,8 @@ class PasswordGrant extends AbstractGrant
|
|||||||
public function respondToRequest(
|
public function respondToRequest(
|
||||||
ServerRequestInterface $request,
|
ServerRequestInterface $request,
|
||||||
ResponseTypeInterface $responseType,
|
ResponseTypeInterface $responseType,
|
||||||
\DateInterval $tokenTTL
|
\DateInterval $accessTokenTTL,
|
||||||
|
\DateInterval $refreshTokenTTL
|
||||||
) {
|
) {
|
||||||
// Validate request
|
// Validate request
|
||||||
$client = $this->validateClient($request);
|
$client = $this->validateClient($request);
|
||||||
@ -67,8 +68,8 @@ class PasswordGrant extends AbstractGrant
|
|||||||
$scopes = $this->validateScopes($request, $client);
|
$scopes = $this->validateScopes($request, $client);
|
||||||
|
|
||||||
// Issue and persist new tokens
|
// Issue and persist new tokens
|
||||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes);
|
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
|
||||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
$refreshToken = $this->issueRefreshToken($refreshTokenTTL, $accessToken);
|
||||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||||
|
|
||||||
|
|||||||
@ -50,8 +50,10 @@ class RefreshTokenGrant extends AbstractGrant
|
|||||||
public function respondToRequest(
|
public function respondToRequest(
|
||||||
ServerRequestInterface $request,
|
ServerRequestInterface $request,
|
||||||
ResponseTypeInterface $responseType,
|
ResponseTypeInterface $responseType,
|
||||||
\DateInterval $tokenTTL
|
\DateInterval $accessTokenTTL,
|
||||||
|
\DateInterval $refreshTokenTTL
|
||||||
) {
|
) {
|
||||||
|
// Validate request
|
||||||
$client = $this->validateClient($request);
|
$client = $this->validateClient($request);
|
||||||
$oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
|
$oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
|
||||||
$scopes = $this->validateScopes($request, $client);
|
$scopes = $this->validateScopes($request, $client);
|
||||||
@ -75,8 +77,8 @@ class RefreshTokenGrant extends AbstractGrant
|
|||||||
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
|
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
|
||||||
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
|
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
|
||||||
|
|
||||||
$accessToken = $this->issueAccessToken($tokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
|
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
|
||||||
$refreshToken = $this->issueRefreshToken($accessToken);
|
$refreshToken = $this->issueRefreshToken($refreshTokenTTL, $accessToken);
|
||||||
|
|
||||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||||
|
|||||||
@ -26,15 +26,10 @@ class Server implements EmitterAwareInterface
|
|||||||
*/
|
*/
|
||||||
protected $enabledGrantTypes = [];
|
protected $enabledGrantTypes = [];
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ResponseTypeInterface[]
|
|
||||||
*/
|
|
||||||
protected $grantResponseTypes = [];
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var DateInterval[]
|
* @var DateInterval[]
|
||||||
*/
|
*/
|
||||||
protected $grantTypeAccessTokenTTL = [];
|
protected $grantTypeTokensTTL = [];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
@ -92,48 +87,31 @@ class Server implements EmitterAwareInterface
|
|||||||
$this->responseType = $responseType;
|
$this->responseType = $responseType;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the token type that grants will return in the HTTP response
|
|
||||||
*
|
|
||||||
* @return ResponseTypeInterface
|
|
||||||
*/
|
|
||||||
public function getResponseType()
|
|
||||||
{
|
|
||||||
if (!$this->responseType instanceof ResponseTypeInterface) {
|
|
||||||
$this->responseType = new BearerTokenResponse(
|
|
||||||
$this->privateKeyPath,
|
|
||||||
$this->publicKeyPath,
|
|
||||||
$this->accessTokenRepository
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->responseType;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Enable a grant type on the server
|
* Enable a grant type on the server
|
||||||
*
|
*
|
||||||
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
|
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
|
||||||
* @param DateInterval $accessTokenTTL
|
* @param DateInterval|null $accessTokenTTL
|
||||||
|
* @param DateInterval|null $refreshTokenTTL
|
||||||
*/
|
*/
|
||||||
public function enableGrantType(
|
public function enableGrantType(
|
||||||
GrantTypeInterface $grantType,
|
GrantTypeInterface $grantType,
|
||||||
\DateInterval $accessTokenTTL
|
\DateInterval $accessTokenTTL,
|
||||||
|
\DateInterval $refreshTokenTTL = null
|
||||||
) {
|
) {
|
||||||
$grantType->setAccessTokenRepository($this->accessTokenRepository);
|
$grantType->setAccessTokenRepository($this->accessTokenRepository);
|
||||||
$grantType->setClientRepository($this->clientRepository);
|
$grantType->setClientRepository($this->clientRepository);
|
||||||
$grantType->setScopeRepository($this->scopeRepository);
|
$grantType->setScopeRepository($this->scopeRepository);
|
||||||
$grantType->setPathToPrivateKey($this->privateKeyPath);
|
$grantType->setPathToPrivateKey($this->privateKeyPath);
|
||||||
$grantType->setPathToPublicKey($this->publicKeyPath);
|
$grantType->setPathToPublicKey($this->publicKeyPath);
|
||||||
|
|
||||||
$grantType->setEmitter($this->getEmitter());
|
$grantType->setEmitter($this->getEmitter());
|
||||||
|
|
||||||
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
|
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
|
||||||
|
|
||||||
// Set grant response type
|
$this->grantTypeTokensTTL[$grantType->getIdentifier()] = [
|
||||||
$this->grantResponseTypes[$grantType->getIdentifier()] = $this->getResponseType();
|
'access' => $accessTokenTTL,
|
||||||
|
'refresh' => $refreshTokenTTL !== null ? $refreshTokenTTL : new \DateInterval('P1M'),
|
||||||
// Set grant access token TTL
|
];
|
||||||
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -160,8 +138,9 @@ class Server implements EmitterAwareInterface
|
|||||||
if ($grantType->canRespondToRequest($request)) {
|
if ($grantType->canRespondToRequest($request)) {
|
||||||
$tokenResponse = $grantType->respondToRequest(
|
$tokenResponse = $grantType->respondToRequest(
|
||||||
$request,
|
$request,
|
||||||
$this->grantResponseTypes[$grantType->getIdentifier()],
|
$this->getResponseType(),
|
||||||
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
|
$this->grantTypeTokensTTL[$grantType->getIdentifier()]['access'],
|
||||||
|
$this->grantTypeTokensTTL[$grantType->getIdentifier()]['refresh']
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -172,4 +151,22 @@ class Server implements EmitterAwareInterface
|
|||||||
|
|
||||||
return $tokenResponse->generateHttpResponse($response);
|
return $tokenResponse->generateHttpResponse($response);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the token type that grants will return in the HTTP response
|
||||||
|
*
|
||||||
|
* @return ResponseTypeInterface
|
||||||
|
*/
|
||||||
|
public function getResponseType()
|
||||||
|
{
|
||||||
|
if (!$this->responseType instanceof ResponseTypeInterface) {
|
||||||
|
$this->responseType = new BearerTokenResponse(
|
||||||
|
$this->privateKeyPath,
|
||||||
|
$this->publicKeyPath,
|
||||||
|
$this->accessTokenRepository
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->responseType;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user