diff --git a/src/OAuth2/Grant/AuthCode.php b/src/OAuth2/Grant/AuthCode.php index b0edc0b0..67dc2234 100644 --- a/src/OAuth2/Grant/AuthCode.php +++ b/src/OAuth2/Grant/AuthCode.php @@ -42,6 +42,12 @@ class AuthCode implements GrantTypeInterface { */ protected $authServer = null; + /** + * Access token expires in override + * @var int + */ + protected $expiresIn = null; + /** * Constructor * @param AuthServer $authServer AuthServer instance @@ -70,6 +76,16 @@ class AuthCode implements GrantTypeInterface { return $this->responseType; } + /** + * Override the default access token expire time + * @param int $expiresIn + * @return void + */ + public function setExpiresIn($expiresIn) + { + $this->expiresIn = $expiresIn; + } + /** * Check authorise parameters * @@ -222,8 +238,8 @@ class AuthCode implements GrantTypeInterface { // A session ID was returned so update it with an access token and remove the authorisation code $accessToken = SecureKey::make(); - $accessTokenExpires = time() + $this->authServer->getExpiresIn(); - $accessTokenExpiresIn = $this->authServer->getExpiresIn(); + $accessTokenExpiresIn = ($this->expiresIn !== null) ? $this->expiresIn : $this->authServer->getExpiresIn(); + $accessTokenExpires = time() + $accessTokenExpiresIn; // Remove the auth code $this->authServer->getStorage('session')->removeAuthCode($session['id']); diff --git a/src/OAuth2/Grant/ClientCredentials.php b/src/OAuth2/Grant/ClientCredentials.php index 4a520ee7..5d2a48a9 100644 --- a/src/OAuth2/Grant/ClientCredentials.php +++ b/src/OAuth2/Grant/ClientCredentials.php @@ -42,6 +42,12 @@ class ClientCredentials implements GrantTypeInterface { */ protected $authServer = null; + /** + * Access token expires in override + * @var int + */ + protected $expiresIn = null; + /** * Constructor * @param AuthServer $authServer AuthServer instance @@ -70,6 +76,16 @@ class ClientCredentials implements GrantTypeInterface { return $this->responseType; } + /** + * Override the default access token expire time + * @param int $expiresIn + * @return void + */ + public function setExpiresIn($expiresIn) + { + $this->expiresIn = $expiresIn; + } + /** * Complete the client credentials grant * @param null|array $inputParams @@ -126,9 +142,8 @@ class ClientCredentials implements GrantTypeInterface { // Generate an access token $accessToken = SecureKey::make(); - - $accessTokenExpires = time() + $this->authServer->getExpiresIn(); - $accessTokenExpiresIn = $this->authServer->getExpiresIn(); + $accessTokenExpiresIn = ($this->expiresIn !== null) ? $this->expiresIn : $this->authServer->getExpiresIn(); + $accessTokenExpires = time() + $accessTokenExpiresIn; // Delete any existing sessions just to be sure $this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'client', $authParams['client_id']); diff --git a/src/OAuth2/Grant/Password.php b/src/OAuth2/Grant/Password.php index b8d098db..dbc94eb9 100644 --- a/src/OAuth2/Grant/Password.php +++ b/src/OAuth2/Grant/Password.php @@ -48,6 +48,12 @@ class Password implements GrantTypeInterface { */ protected $authServer = null; + /** + * Access token expires in override + * @var int + */ + protected $expiresIn = null; + /** * Constructor * @param AuthServer $authServer AuthServer instance @@ -76,6 +82,16 @@ class Password implements GrantTypeInterface { return $this->responseType; } + /** + * Override the default access token expire time + * @param int $expiresIn + * @return void + */ + public function setExpiresIn($expiresIn) + { + $this->expiresIn = $expiresIn; + } + /** * Set the callback to verify a user's username and password * @param function $callback The callback function @@ -169,8 +185,8 @@ class Password implements GrantTypeInterface { // Generate an access token $accessToken = SecureKey::make(); - $accessTokenExpires = time() + $this->authServer->getExpiresIn(); - $accessTokenExpiresIn = $this->authServer->getExpiresIn(); + $accessTokenExpiresIn = ($this->expiresIn !== null) ? $this->expiresIn : $this->authServer->getExpiresIn(); + $accessTokenExpires = time() + $accessTokenExpiresIn; // Delete any existing sessions just to be sure $this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $userId); diff --git a/src/OAuth2/Grant/RefreshToken.php b/src/OAuth2/Grant/RefreshToken.php index 538d75bd..586c482f 100644 --- a/src/OAuth2/Grant/RefreshToken.php +++ b/src/OAuth2/Grant/RefreshToken.php @@ -42,6 +42,12 @@ class RefreshToken implements GrantTypeInterface { */ protected $authServer = null; + /** + * Access token expires in override + * @var int + */ + protected $expiresIn = null; + /** * Constructor * @param AuthServer $authServer AuthServer instance @@ -70,6 +76,16 @@ class RefreshToken implements GrantTypeInterface { return $this->responseType; } + /** + * Override the default access token expire time + * @param int $expiresIn + * @return void + */ + public function setExpiresIn($expiresIn) + { + $this->expiresIn = $expiresIn; + } + /** * Complete the refresh token grant * @param null|array $inputParams @@ -116,8 +132,8 @@ class RefreshToken implements GrantTypeInterface { // Generate new tokens and associate them to the session $accessToken = SecureKey::make(); - $accessTokenExpires = time() + $this->authServer->getExpiresIn(); - $accessTokenExpiresIn = $this->authServer->getExpiresIn(); + $accessTokenExpiresIn = ($this->expiresIn !== null) ? $this->expiresIn : $this->authServer->getExpiresIn(); + $accessTokenExpires = time() + $accessTokenExpiresIn; $refreshToken = SecureKey::make(); $newAccessTokenId = $this->authServer->getStorage('session')->associateAccessToken($accessTokenDetails['session_id'], $accessToken, $accessTokenExpires);