Made refresh_token grant configurable
This commit is contained in:
Josh Sherman
parent
35af1f4037
commit
1aa39f3a8d
2 changed files with 57 additions and 9 deletions
|
|
@ -19,9 +19,9 @@ class RefreshTokenStorage extends StorageAdapter implements RefreshTokenInterfac
|
||||||
if (count($results) === 1)
|
if (count($results) === 1)
|
||||||
{
|
{
|
||||||
return (new RefreshTokenEntity($this->server))
|
return (new RefreshTokenEntity($this->server))
|
||||||
->setId($result[0]['refresh_token'])
|
->setId($results[0]['refresh_token'])
|
||||||
->setExpireTime($result[0]['expires_at'])
|
->setExpireTime($results[0]['expires_at'])
|
||||||
->setAccessTokenId($result[0]['access_token_id']);
|
->setAccessTokenId($results[0]['access_token_id']);
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Pickles\OAuth2;
|
namespace Pickles\OAuth2;
|
||||||
|
|
||||||
|
use \League\OAuth2\Exception\OAuthException;
|
||||||
use \League\OAuth2\Server\AuthorizationServer;
|
use \League\OAuth2\Server\AuthorizationServer;
|
||||||
use \League\OAuth2\Server\Grant\PasswordGrant;
|
use \League\OAuth2\Server\Grant\PasswordGrant;
|
||||||
use \League\OAuth2\Server\Grant\RefreshTokenGrant;
|
use \League\OAuth2\Server\Grant\RefreshTokenGrant;
|
||||||
|
|
@ -16,6 +17,12 @@ class Resource extends \Pickles\Resource
|
||||||
{
|
{
|
||||||
throw new \Exception('Forbidden.', 403);
|
throw new \Exception('Forbidden.', 403);
|
||||||
}
|
}
|
||||||
|
elseif (!isset($_REQUEST['grant_type']))
|
||||||
|
{
|
||||||
|
throw new \Exception('Bad Request.', 400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$config = $this->config['oauth'][$_SERVER['__version']];
|
||||||
|
|
||||||
switch (substr($_REQUEST['request'], strlen($_SERVER['__version']) + 2))
|
switch (substr($_REQUEST['request'], strlen($_SERVER['__version']) + 2))
|
||||||
{
|
{
|
||||||
|
|
@ -30,7 +37,29 @@ class Resource extends \Pickles\Resource
|
||||||
$server->setScopeStorage(new ScopeStorage);
|
$server->setScopeStorage(new ScopeStorage);
|
||||||
$server->setRefreshTokenStorage(new RefreshTokenStorage);
|
$server->setRefreshTokenStorage(new RefreshTokenStorage);
|
||||||
|
|
||||||
switch ($_REQUEST['grant_type'])
|
$grant_type = $_REQUEST['grant_type'];
|
||||||
|
$grants = ['password'];
|
||||||
|
|
||||||
|
if (isset($config['grants']))
|
||||||
|
{
|
||||||
|
$grants = array_unique(array_merge($grants, $config['grants']));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!in_array($grant_type, $grants))
|
||||||
|
{
|
||||||
|
throw new \Exception('Unsupported grant type.', 403);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Defaults TTLs to 1 day and 1 week respectively
|
||||||
|
$token_ttl = 3600;
|
||||||
|
$refresh_ttl = 604800;
|
||||||
|
|
||||||
|
if (isset($config['ttl']['access_token']))
|
||||||
|
{
|
||||||
|
$token_ttl = $config['ttl']['access_token'];
|
||||||
|
}
|
||||||
|
|
||||||
|
switch ($grant_type)
|
||||||
{
|
{
|
||||||
case 'authorization_code':
|
case 'authorization_code':
|
||||||
throw new \Exception('Not Implemented', 501);
|
throw new \Exception('Not Implemented', 501);
|
||||||
|
|
@ -46,8 +75,7 @@ class Resource extends \Pickles\Resource
|
||||||
|
|
||||||
case 'password':
|
case 'password':
|
||||||
$grant = new PasswordGrant;
|
$grant = new PasswordGrant;
|
||||||
$grant->setAccessTokenTTL(3600);
|
$grant->setAccessTokenTTL($token_ttl);
|
||||||
// @todo ^^^ check config and use that value
|
|
||||||
|
|
||||||
$grant->setVerifyCredentialsCallback(function ($username, $password)
|
$grant->setVerifyCredentialsCallback(function ($username, $password)
|
||||||
{
|
{
|
||||||
|
|
@ -65,22 +93,42 @@ class Resource extends \Pickles\Resource
|
||||||
|
|
||||||
case 'refresh_token':
|
case 'refresh_token':
|
||||||
throw new \Exception('Not Implemented', 501);
|
throw new \Exception('Not Implemented', 501);
|
||||||
|
|
||||||
|
// @todo Need to work through this, appears lib is busted
|
||||||
|
$grant = new RefreshTokenGrant;
|
||||||
|
//$grant->setAccessTokenTTL($refresh_ttl);
|
||||||
|
$server->addGrantType($grant);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$server->addGrantType($grant);
|
$server->addGrantType($grant);
|
||||||
|
|
||||||
$refreshTokenGrant = new RefreshTokenGrant;
|
// Adds the refresh token grant if enabled
|
||||||
$server->addGrantType($refreshTokenGrant);
|
if ($grant_type != 'refresh_token'
|
||||||
|
&& in_array('refresh_token', $grants))
|
||||||
|
{
|
||||||
|
if (isset($config['ttl']['refresh_token']))
|
||||||
|
{
|
||||||
|
$refresh_ttl = $config['ttl']['refresh_token'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$grant = new RefreshTokenGrant;
|
||||||
|
$grant->setAccessTokenTTL($refresh_ttl);
|
||||||
|
$server->addGrantType($grant);
|
||||||
|
}
|
||||||
|
|
||||||
$response = $server->issueAccessToken();
|
$response = $server->issueAccessToken();
|
||||||
|
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
catch (\Exception $e)
|
catch (OAuthException $e)
|
||||||
{
|
{
|
||||||
throw new \Exception($e->getMessage(), $e->httpStatusCode);
|
throw new \Exception($e->getMessage(), $e->httpStatusCode);
|
||||||
}
|
}
|
||||||
|
catch (\Exception $e)
|
||||||
|
{
|
||||||
|
throw new \Exception($e->getMessage(), $e->getCode());
|
||||||
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue