diff --git a/_data/menu.yml b/_data/menu.yml index 79982a65..d760149c 100644 --- a/_data/menu.yml +++ b/_data/menu.yml @@ -18,9 +18,9 @@ Authorization Server: Resource Server: 'Securing your API': '/resource-server/securing-your-api/' Respository Interfaces: - 'Scope Repository Interface': '/a' - 'Auth Code Repository Interface': '/a' - 'User Repository Interface': '/a' 'Access Token Repository Interface': '/access-token-repository-interface/' 'Access Token Repository Interface': '/access-token-repository-interface/' 'Client Repository Interface': '/client-repository-interface/' 'Refresh Token Repository Interface': '/refresh-token-repository-interface/' + 'Scope Repository Interface': '/scope-repository-interface/' + 'Auth Code Repository Interface': '/auth-code-repository-interface/' + 'User Repository Interface': '/user-repository-interface/' \ No newline at end of file diff --git a/index.md b/index.md index 0c1ba788..aff8eafe 100755 --- a/index.md +++ b/index.md @@ -3,6 +3,17 @@ layout: default title: Introduction --- +
+ +

This is the documentation for the version 5 release candidate.

+ +

Version 5 is stable and is the recommended version that you should implement as it is significantly simpler to work with.

+ +

Version 4 docs can be found here.

+ +
+ + # Introduction [![Author](http://img.shields.io/badge/author-@alexbilbie-red.svg?style=flat-square)](https://twitter.com/alexbilbie) diff --git a/repository-interface-auth-code.md b/repository-interface-auth-code.md new file mode 100644 index 00000000..a8a41efd --- /dev/null +++ b/repository-interface-auth-code.md @@ -0,0 +1,29 @@ +--- +layout: default +title: AuthCodeRepositoryInterface documentation +permalink: /auth-code-repository-interface/ +--- + +# Auth Code Repository Interface + +## persistNewAuthCode() : void + +When a new access token is created this method will be called. You don't have to do anything here but for auditing you probably want to. + +The access token entity passed in has a number of methods you can call which contain data worth saving to a database: + +* `getIdentifier() : string` this is randomly generated unique identifier (of 80+ characters in length) for the access token. +* `getExpiryDateTime() : \DateTime` the expiry date and time of the access token. +* `getUserIdentifier() : string|null` the user identifier represented by the access token. +* `getScopes() : ScopeEntityInterface[]` an array of scope entities +* `getClient()->getIdentifier() : string` the identifier of the client who requested the access token. + +JWT access tokens contain an expiry date and so will be rejected automatically when used. You can safely clean up expired access tokens from your database. + +## revokeAuthCode() : void + +This method is called when an authorization code is exchanged for an access token. + +## isAuthCodeRevoked() : boolean + +This method is called before an authorization code is exchanged for an access token by the authorization server. Return `true` if the auth code has been manually revoked before it expired. If the auth code is still valid return `false`. \ No newline at end of file diff --git a/repository-interface-scope.md b/repository-interface-scope.md new file mode 100644 index 00000000..049fd8e6 --- /dev/null +++ b/repository-interface-scope.md @@ -0,0 +1,23 @@ +--- +layout: default +title: ScopeRepositoryInterface documentation +permalink: /scope-repository-interface/ +--- + +# Scope Repository Interface + +## getScopeEntityByIdentifier() : ScopeEntityInterface + +This method is called to validate a scope. + +If the scope is valid validated you should return an instance of `\League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface` + +## finalizeScopes() : ScopeEntityInterface[] + +This method is called right before an access token or authorization code is created. + +Given a client, grant type and optional user identifier validate the set of scopes requested are valid and optionally append additional scopes or remove requested scopes. + +This method is useful for integrating with your own app's permissions system. + +You must return an array of `ScopeEntityInterface` instances; either the original scopes or an updated set. \ No newline at end of file diff --git a/repository-interface-user.md b/repository-interface-user.md new file mode 100644 index 00000000..b5640403 --- /dev/null +++ b/repository-interface-user.md @@ -0,0 +1,17 @@ +--- +layout: default +title: UserRepositoryInterface documentation +permalink: /user-repository-interface/ +--- + +# User Repository Interface + +## getUserEntityByUserCredentials() : UserEntityInterface + +This method is called to validate a user's credentials. + +You can use the grant type to determine if the user is permitted to use the grant type. + +You can use the client entity to determine to if the user is permitted to use the client. + +If the client's credentials are validated you should return an instance of `\League\OAuth2\Server\Entities\Interfaces\UserEntityInterface` \ No newline at end of file