mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-23 13:39:48 +05:30
First commit of new refresh token grant
This commit is contained in:
parent
5e365bb974
commit
f855b572e8
94
src/OAuth2/Grant/RefreshToken.php
Normal file
94
src/OAuth2/Grant/RefreshToken.php
Normal file
@ -0,0 +1,94 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace OAuth2\Grant;
|
||||||
|
|
||||||
|
use OAuth2\Request;
|
||||||
|
use OAuth2\AuthServer;
|
||||||
|
use OAuth2\Exception;
|
||||||
|
use OAuth2\Util\SecureKey;
|
||||||
|
use OAuth2\Storage\SessionInterface;
|
||||||
|
use OAuth2\Storage\ClientInterface;
|
||||||
|
use OAuth2\Storage\ScopeInterface;
|
||||||
|
|
||||||
|
class RefreshToken implements GrantTypeInterface {
|
||||||
|
|
||||||
|
protected $identifier = 'refresh_token';
|
||||||
|
protected $responseType = null;
|
||||||
|
|
||||||
|
public function getIdentifier()
|
||||||
|
{
|
||||||
|
return $this->identifier;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getResponseType()
|
||||||
|
{
|
||||||
|
return $this->responseType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function completeFlow($inputParams = null, $authParams = array())
|
||||||
|
{
|
||||||
|
// Client ID
|
||||||
|
$authParams['client_id'] = (isset($inputParams['client_id'])) ?
|
||||||
|
$inputParams['client_id'] :
|
||||||
|
AuthServer::getRequest()->post('client_id');
|
||||||
|
|
||||||
|
if (is_null($authParams['client_id'])) {
|
||||||
|
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Client secret
|
||||||
|
$authParams['client_secret'] = (isset($inputParams['client_secret'])) ?
|
||||||
|
$inputParams['client_secret'] :
|
||||||
|
AuthServer::getRequest()->post('client_secret');
|
||||||
|
|
||||||
|
if (is_null($authParams['client_secret'])) {
|
||||||
|
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate client ID and redirect URI
|
||||||
|
$clientDetails = AuthServer::getStorage('client')->get($authParams['client_id'], $authParams['client_secret']);
|
||||||
|
|
||||||
|
if ($clientDetails === false) {
|
||||||
|
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8);
|
||||||
|
}
|
||||||
|
|
||||||
|
$authParams['client_details'] = $clientDetails;
|
||||||
|
|
||||||
|
// Refresh token
|
||||||
|
$authParams['refresh_token'] = (isset($inputParams['refresh_token'])) ?
|
||||||
|
$inputParams['refresh_token'] :
|
||||||
|
AuthServer::getRequest()->post('refresh_token');
|
||||||
|
|
||||||
|
if (is_null($authParams['refresh_token'])) {
|
||||||
|
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'refresh_token'), 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate refresh token
|
||||||
|
$sessionId = AuthServer::getStorage('client')->validateRefreshToken(
|
||||||
|
$params['refresh_token'],
|
||||||
|
$params['client_id']
|
||||||
|
);
|
||||||
|
|
||||||
|
if ($sessionId === false) {
|
||||||
|
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_refresh'), 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Generate new tokens
|
||||||
|
$accessToken = SecureKey::make();
|
||||||
|
$refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||||
|
|
||||||
|
$accessTokenExpires = time() + AuthServer::getExpiresIn();
|
||||||
|
$accessTokenExpiresIn = AuthServer::getExpiresIn();
|
||||||
|
|
||||||
|
AuthServer::getStorage('session')->updateRefreshToken($sessionId, $accessToken, $refreshToken, $accessTokenExpires);
|
||||||
|
|
||||||
|
return array(
|
||||||
|
'access_token' => $accessToken,
|
||||||
|
'refresh_token' => $refreshToken,
|
||||||
|
'token_type' => 'bearer',
|
||||||
|
'expires' => $accessTokenExpires,
|
||||||
|
'expires_in' => $accessTokenExpiresIn
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user