ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-02 00:43:11 +05:30
Code Issues Packages Projects Releases Wiki Activity

configurable refresh token TTL per grant

Browse Source
This commit is contained in:
Julián Gutiérrez 2016-01-21 18:11:53 +01:00
parent 44155a8efc
commit b85f81c429
6 changed files with 40 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/Grant/AbstractGrant.php
View File

@ -80,6 +80,11 @@ abstract class AbstractGrant implements GrantTypeInterface
*/
protected $pathToPublicKey;
/**
* @var \DateInterval
*/
protected $refreshTokenTTL;
/**
* @param ClientRepositoryInterface $clientRepository
*/
@ -128,6 +133,14 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->emitter = $emitter;
}
/**
* @inheritdoc
*/
public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)
{
$this->refreshTokenTTL = $refreshTokenTTL;
}
/**
* {@inheritdoc}
*/
@ -283,16 +296,15 @@ abstract class AbstractGrant implements GrantTypeInterface
}
/**
* @param \DateInterval $tokenTTL
* @param \League\OAuth2\Server\Entities\AccessTokenEntity $accessToken
*
* @return \League\OAuth2\Server\Entities\RefreshTokenEntity
*/
protected function issueRefreshToken(\DateInterval $tokenTTL, AccessTokenEntity $accessToken)
protected function issueRefreshToken(AccessTokenEntity $accessToken)
{
$refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier(SecureKey::generate());
$refreshToken->setExpiryDateTime((new \DateTime())->add($tokenTTL));
$refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));
$refreshToken->setAccessToken($accessToken);
return $refreshToken;

3
src/Grant/ClientCredentialsGrant.php
View File

@ -32,8 +32,7 @@ class ClientCredentialsGrant extends AbstractGrant
public function respondToRequest(
ServerRequestInterface $request,
ResponseTypeInterface $responseType,
\DateInterval $accessTokenTTL,
\DateInterval $refreshTokenTTL
\DateInterval $accessTokenTTL
) {
// Validate request
$client = $this->validateClient($request);

11
src/Grant/GrantTypeInterface.php
View File

@ -23,6 +23,13 @@ use Psr\Http\Message\ServerRequestInterface;
*/
interface GrantTypeInterface
{
/**
* Set refresh token TTL
*
* @param \DateInterval $refreshTokenTTL
*/
public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL);
/**
* Return the identifier
*
@ -43,15 +50,13 @@ interface GrantTypeInterface
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
* @param \DateInterval $accessTokenTTL
* @param \DateInterval $refreshTokenTTL
*
* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
*/
public function respondToRequest(
ServerRequestInterface $request,
ResponseTypeInterface $responseType,
\DateInterval $accessTokenTTL,
\DateInterval $refreshTokenTTL
\DateInterval $accessTokenTTL
);
/**

7
src/Grant/PasswordGrant.php
View File

@ -51,6 +51,8 @@ class PasswordGrant extends AbstractGrant
) {
$this->userRepository = $userRepository;
$this->refreshTokenRepository = $refreshTokenRepository;
$this->refreshTokenTTL = new \DateInterval('P1M');
}
/**
@ -59,8 +61,7 @@ class PasswordGrant extends AbstractGrant
public function respondToRequest(
ServerRequestInterface $request,
ResponseTypeInterface $responseType,
\DateInterval $accessTokenTTL,
\DateInterval $refreshTokenTTL
\DateInterval $accessTokenTTL
) {
// Validate request
$client = $this->validateClient($request);
@ -69,7 +70,7 @@ class PasswordGrant extends AbstractGrant
// Issue and persist new tokens
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);
$refreshToken = $this->issueRefreshToken($refreshTokenTTL, $accessToken);
$refreshToken = $this->issueRefreshToken($accessToken);
$this->accessTokenRepository->persistNewAccessToken($accessToken);
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);

9
src/Grant/RefreshTokenGrant.php
View File

@ -42,6 +42,8 @@ class RefreshTokenGrant extends AbstractGrant
RefreshTokenRepositoryInterface $refreshTokenRepository
) {
$this->refreshTokenRepository = $refreshTokenRepository;
$this->refreshTokenTTL = new \DateInterval('P1M');
}
/**
@ -50,8 +52,7 @@ class RefreshTokenGrant extends AbstractGrant
public function respondToRequest(
ServerRequestInterface $request,
ResponseTypeInterface $responseType,
\DateInterval $accessTokenTTL,
\DateInterval $refreshTokenTTL
\DateInterval $accessTokenTTL
) {
// Validate request
$client = $this->validateClient($request);
@ -77,9 +78,9 @@ class RefreshTokenGrant extends AbstractGrant
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
$this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
// Issue and persist new tokens
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
$refreshToken = $this->issueRefreshToken($refreshTokenTTL, $accessToken);
$refreshToken = $this->issueRefreshToken($accessToken);
$this->accessTokenRepository->persistNewAccessToken($accessToken);
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);

21
src/Server.php
View File

@ -7,6 +7,7 @@ use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
@ -29,7 +30,7 @@ class Server implements EmitterAwareInterface
/**
* @var DateInterval[]
*/
protected $grantTypeTokensTTL = [];
protected $grantTypeAccessTokenTTL = [];
/**
* @var string
@ -91,14 +92,10 @@ class Server implements EmitterAwareInterface
* Enable a grant type on the server
*
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
* @param DateInterval|null $accessTokenTTL
* @param DateInterval|null $refreshTokenTTL
* @param DateInterval $accessTokenTTL
*/
public function enableGrantType(
GrantTypeInterface $grantType,
\DateInterval $accessTokenTTL,
\DateInterval $refreshTokenTTL = null
) {
public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL)
{
$grantType->setAccessTokenRepository($this->accessTokenRepository);
$grantType->setClientRepository($this->clientRepository);
$grantType->setScopeRepository($this->scopeRepository);
@ -108,10 +105,7 @@ class Server implements EmitterAwareInterface
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
$this->grantTypeTokensTTL[$grantType->getIdentifier()] = [
'access' => $accessTokenTTL,
'refresh' => $refreshTokenTTL !== null ? $refreshTokenTTL : new \DateInterval('P1M'),
];
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
}
/**
@ -139,8 +133,7 @@ class Server implements EmitterAwareInterface
$tokenResponse = $grantType->respondToRequest(
$request,
$this->getResponseType(),
$this->grantTypeTokensTTL[$grantType->getIdentifier()]['access'],
$this->grantTypeTokensTTL[$grantType->getIdentifier()]['refresh']
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
);
}
}