diff --git a/src/OAuth2/Grant/AuthCode.php b/src/OAuth2/Grant/AuthCode.php index a4afc834..857ea842 100644 --- a/src/OAuth2/Grant/AuthCode.php +++ b/src/OAuth2/Grant/AuthCode.php @@ -282,7 +282,8 @@ class AuthCode implements GrantTypeInterface { // Associate a refresh token if set if ($this->authServer->hasGrantType('refresh_token')) { $refreshToken = SecureKey::make(); - $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken); + $refreshTokenTTL = time() + $this->authServer->getGrantType('refresh_token')->getRefreshTokenTTL(); + $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken, $refreshTokenTTL); $response['refresh_token'] = $refreshToken; } diff --git a/src/OAuth2/Grant/Password.php b/src/OAuth2/Grant/Password.php index 31cc7080..749a9526 100644 --- a/src/OAuth2/Grant/Password.php +++ b/src/OAuth2/Grant/Password.php @@ -212,7 +212,8 @@ class Password implements GrantTypeInterface { // Associate a refresh token if set if ($this->authServer->hasGrantType('refresh_token')) { $refreshToken = SecureKey::make(); - $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken); + $refreshTokenTTL = time() + $this->authServer->getGrantType('refresh_token')->getRefreshTokenTTL(); + $this->authServer->getStorage('session')->associateRefreshToken($accessTokenId, $refreshToken, $refreshTokenTTL); $response['refresh_token'] = $refreshToken; } diff --git a/src/OAuth2/Grant/RefreshToken.php b/src/OAuth2/Grant/RefreshToken.php index 6869f0ca..130ddd2c 100644 --- a/src/OAuth2/Grant/RefreshToken.php +++ b/src/OAuth2/Grant/RefreshToken.php @@ -48,6 +48,12 @@ class RefreshToken implements GrantTypeInterface { */ protected $accessTokenTTL = null; + /** + * Refresh token TTL + * @var integer + */ + protected $refreshTokenTTL = 604800; + /** * Constructor * @param AuthServer $authServer AuthServer instance @@ -86,6 +92,25 @@ class RefreshToken implements GrantTypeInterface { $this->accessTokenTTL = $accessTokenTTL; } + /** + * Set the TTL of the refresh token + * @param int $refreshTokenTTL + * @return void + */ + public function setRefreshTokenTTL($refreshTokenTTL) + { + $this->refreshTokenTTL = $refreshTokenTTL; + } + + /** + * Get the TTL of the refresh token + * @return int + */ + public function getRefreshTokenTTL() + { + return $this->refreshTokenTTL; + } + /** * Complete the refresh token grant * @param null|array $inputParams @@ -135,6 +160,7 @@ class RefreshToken implements GrantTypeInterface { $accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getExpiresIn(); $accessTokenExpires = time() + $accessTokenExpiresIn; $refreshToken = SecureKey::make(); + $refreshTokenExpires = time() + $this->getRefreshTokenTTL(); $newAccessTokenId = $this->authServer->getStorage('session')->associateAccessToken($accessTokenDetails['session_id'], $accessToken, $accessTokenExpires); @@ -142,7 +168,7 @@ class RefreshToken implements GrantTypeInterface { $this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scope['id']); } - $this->authServer->getStorage('session')->associateRefreshToken($newAccessTokenId, $refreshToken); + $this->authServer->getStorage('session')->associateRefreshToken($newAccessTokenId, $refreshToken, $refreshTokenExpires); return array( 'access_token' => $accessToken, diff --git a/src/OAuth2/Storage/SessionInterface.php b/src/OAuth2/Storage/SessionInterface.php index 2933af6c..23637150 100644 --- a/src/OAuth2/Storage/SessionInterface.php +++ b/src/OAuth2/Storage/SessionInterface.php @@ -59,9 +59,10 @@ interface SessionInterface * Associate a refresh token with a session * @param int $accessTokenId The access token ID * @param string $refreshToken The refresh token + * @param int $expireTime Unix timestamp of the refresh token expiry time * @return void */ - public function associateRefreshToken($accessTokenId, $refreshToken); + public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime); /** * Assocate an authorization code with a session