diff --git a/sql/oauth2.sql b/sql/oauth2.sql index 0d708e8..5c4fbc1 100644 --- a/sql/oauth2.sql +++ b/sql/oauth2.sql @@ -7,13 +7,16 @@ CREATE TABLE `oauth_clients` ( UNIQUE KEY `u_oacl_clse_clid` (`secret`,`id`) ) ENGINE=INNODB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_client_endpoints` ( +CREATE TABLE `oauth_endpoints` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `client_id` char(40) NOT NULL, `redirect_uri` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `i_oaclen_clid` (`client_id`), - CONSTRAINT `f_oaclen_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE + CONSTRAINT `f_oaclen_clid` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; CREATE TABLE `oauth_sessions` ( @@ -23,46 +26,64 @@ CREATE TABLE `oauth_sessions` ( `owner_id` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `i_uase_clid_owty_owid` (`client_id`,`owner_type`,`owner_id`), - CONSTRAINT `f_oase_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE + CONSTRAINT `f_oase_clid` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE ON UPDATE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_access_tokens` ( +CREATE TABLE `oauth_access_tokens` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `session_id` int(10) unsigned NOT NULL, `access_token` char(40) NOT NULL, - `access_token_expires` int(10) unsigned NOT NULL, + `expires_at` int(10) unsigned NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `u_oaseacto_acto_seid` (`access_token`,`session_id`), KEY `f_oaseto_seid` (`session_id`), - CONSTRAINT `f_oaseto_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oaseto_seid` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_authcodes` ( +CREATE TABLE `oauth_authorization_codes` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `session_id` int(10) unsigned NOT NULL, - `auth_code` char(40) NOT NULL, - `auth_code_expires` int(10) unsigned NOT NULL, + `authorization_code` char(40) NOT NULL, + `expires_at` int(10) unsigned NOT NULL, PRIMARY KEY (`id`), KEY `session_id` (`session_id`), - CONSTRAINT `oauth_session_authcodes_ibfk_1` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE + CONSTRAINT `oauth_authorization_codes_ibfk_1` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_redirects` ( +CREATE TABLE `oauth_redirect_uris` ( `session_id` int(10) unsigned NOT NULL, `redirect_uri` varchar(255) NOT NULL, PRIMARY KEY (`session_id`), - CONSTRAINT `f_oasere_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oasere_seid` + FOREIGN KEY (`session_id`) + REFERENCES `oauth_sessions` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_refresh_tokens` ( - `session_access_token_id` int(10) unsigned NOT NULL, +CREATE TABLE `oauth_refresh_tokens` ( + `access_token_id` int(10) unsigned NOT NULL, `refresh_token` char(40) NOT NULL, - `refresh_token_expires` int(10) unsigned NOT NULL, + `expires_at` int(10) unsigned NOT NULL, `client_id` char(40) NOT NULL, - PRIMARY KEY (`session_access_token_id`), + PRIMARY KEY (`access_token_id`), KEY `client_id` (`client_id`), - CONSTRAINT `oauth_session_refresh_tokens_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE, - CONSTRAINT `f_oasetore_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `oauth_refresh_tokens_ibfk_1` + FOREIGN KEY (`client_id`) + REFERENCES `oauth_clients` (`id`) + ON DELETE CASCADE, + CONSTRAINT `f_oasetore_setoid` + FOREIGN KEY (`access_token_id`) + REFERENCES `oauth_access_tokens` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; CREATE TABLE `oauth_scopes` ( @@ -74,22 +95,35 @@ CREATE TABLE `oauth_scopes` ( UNIQUE KEY `u_oasc_sc` (`scope`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_token_scopes` ( +CREATE TABLE `oauth_access_token_scopes` ( `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, - `session_access_token_id` int(10) unsigned DEFAULT NULL, + `access_token_id` int(10) unsigned DEFAULT NULL, `scope_id` smallint(5) unsigned NOT NULL, PRIMARY KEY (`id`), - UNIQUE KEY `u_setosc_setoid_scid` (`session_access_token_id`,`scope_id`), + UNIQUE KEY `u_setosc_setoid_scid` (`access_token_id`,`scope_id`), KEY `f_oasetosc_scid` (`scope_id`), - CONSTRAINT `f_oasetosc_scid` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, - CONSTRAINT `f_oasetosc_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION + CONSTRAINT `f_oasetosc_scid` + FOREIGN KEY (`scope_id`) + REFERENCES `oauth_scopes` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION, + CONSTRAINT `f_oasetosc_setoid` + FOREIGN KEY (`access_token_id`) + REFERENCES `oauth_access_tokens` (`id`) + ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; -CREATE TABLE `oauth_session_authcode_scopes` ( - `oauth_session_authcode_id` int(10) unsigned NOT NULL, +CREATE TABLE `oauth_authorization_code_scopes` ( + `authorization_code_id` int(10) unsigned NOT NULL, `scope_id` smallint(5) unsigned NOT NULL, - KEY `oauth_session_authcode_id` (`oauth_session_authcode_id`), + KEY `authorization_code_id` (`authorization_code_id`), KEY `scope_id` (`scope_id`), - CONSTRAINT `oauth_session_authcode_scopes_ibfk_2` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE, - CONSTRAINT `oauth_session_authcode_scopes_ibfk_1` FOREIGN KEY (`oauth_session_authcode_id`) REFERENCES `oauth_session_authcodes` (`id`) ON DELETE CASCADE + CONSTRAINT `oauth_authorization_code_scopes_ibfk_2` + FOREIGN KEY (`scope_id`) + REFERENCES `oauth_scopes` (`id`) + ON DELETE CASCADE, + CONSTRAINT `oauth_authorization_code_scopes_ibfk_1` + FOREIGN KEY (`authorization_code_id`) + REFERENCES `oauth_authorization_codes` (`id`) + ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci; + diff --git a/src/OAuth2/AccessTokenStorage.php b/src/OAuth2/AccessTokenStorage.php index 7ecd943..04d8dc0 100644 --- a/src/OAuth2/AccessTokenStorage.php +++ b/src/OAuth2/AccessTokenStorage.php @@ -11,10 +11,10 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface { public function get($token) { - $sql = 'SELECT oauth_session_access_tokens.*' - . ' FROM oauth_session_access_tokens' + $sql = 'SELECT oauth_access_tokens.*' + . ' FROM oauth_access_tokens' . ' WHERE access_token = ?' - . ' AND access_token_expires >= ?;'; + . ' AND expires_at >= ?;'; $results = $this->db->fetch($sql, [$token, time()]); @@ -22,7 +22,7 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface { return (new AccessTokenEntity($this->server)) ->setId($results[0]['access_token']) - ->setExpireTime($results[0]['access_token_expires']); + ->setExpireTime($results[0]['expires_at']); } return null; @@ -31,10 +31,10 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface public function getScopes(AbstractTokenEntity $token) { $sql = 'SELECT oauth_scopes.id, oauth_scopes.description' - . ' FROM oauth_session_token_scopes' + . ' FROM oauth_access_token_scopes' . ' INNER JOIN oauth_scopes' - . ' ON oauth_session_token_scopes.scope_id = oauth_scopes.id' - . ' WHERE oauth_session_token_scopes.session_access_token_id = ?;'; + . ' ON oauth_access_token_scopes.scope_id = oauth_scopes.id' + . ' WHERE oauth_access_token_scopes.access_token_id = ?;'; $results = $this->db->fetch($sql, [$token->getId()]); $response = []; @@ -55,8 +55,8 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface public function create($token, $expiration, $session_id) { - $sql = 'INSERT INTO oauth_session_access_tokens' - . ' (access_token, session_id, access_token_expires)' + $sql = 'INSERT INTO oauth_access_tokens' + . ' (access_token, session_id, expires_at)' . ' VALUES' . ' (?, ?, ?);'; @@ -65,7 +65,7 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface public function associateScope(AbstractTokenEntity $token, ScopeEntity $scope) { - $sql = 'INSERT INTO oauth_session_token_scopes' + $sql = 'INSERT INTO oauth_access_token_scopes' . ' (access_token, scope)' . ' VALUES' . ' (?, ?);'; @@ -75,7 +75,7 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface public function delete(AbstractTokenEntity $token) { - $sql = 'DELETE FROM oauth_session_token_scopes' + $sql = 'DELETE FROM oauth_access_token_scopes' . ' WHERE access_token = ?;'; $this->db->execute($sql, [$token->getId()]); diff --git a/src/OAuth2/ClientStorage.php b/src/OAuth2/ClientStorage.php index 8a38ffc..1a32583 100644 --- a/src/OAuth2/ClientStorage.php +++ b/src/OAuth2/ClientStorage.php @@ -16,8 +16,8 @@ class ClientStorage extends StorageAdapter implements ClientInterface if ($redirect_uri) { $sql .= ', oauth_client_redirect_uris.*' - . ' INNER JOIN oauth_client_redirect_uris' - . ' ON oauth_clients.id = oauth_client_redirect_uris.client_id'; + . ' INNER JOIN oauth_redirect_uris' + . ' ON oauth_clients.id = oauth_redirect_uris.client_id'; } $sql .= ' FROM oauth_clients WHERE oauth_clients.id = ?'; @@ -32,7 +32,7 @@ class ClientStorage extends StorageAdapter implements ClientInterface if ($redirect_uri) { - $sql .= 'AND oauth_client_redirect_uris.redirect_uri = ?'; + $sql .= 'AND oauth_redirect_uris.redirect_uri = ?'; $parameters[] = $redirect_uri; } diff --git a/src/OAuth2/SessionStorage.php b/src/OAuth2/SessionStorage.php index 68b015a..22a6786 100644 --- a/src/OAuth2/SessionStorage.php +++ b/src/OAuth2/SessionStorage.php @@ -17,9 +17,9 @@ class SessionStorage extends StorageAdapter implements SessionInterface . ' oauth_sessions.owner_id, oauth_sessions.client_id,' . ' oauth_sessions.client_redirect_uri' . ' FROM oauth_sessions' - . ' INNER JOIN oauth_session_access_tokens' - . ' ON oauth_session_access_tokens.session_id = oauth_sessions.id' - . ' WHERE oauth_session_access_tokens.access_token = ?;'; + . ' INNER JOIN oauth_access_tokens' + . ' ON oauth_access_tokens.session_id = oauth_sessions.id' + . ' WHERE oauth_access_tokens.access_token = ?;'; $results = $this->db->fetch($sql, [$access_token->getId()]); @@ -41,9 +41,9 @@ class SessionStorage extends StorageAdapter implements SessionInterface . ' oauth_sessions.owner_id, oauth_sessions.client_id,' . ' oauth_sessions.client_redirect_uri' . ' FROM oauth_sessions' - . ' INNER JOIN oauth_authcodes' - . ' ON oauth_auth_codes.session_id = oauth_sessions.id' - . ' WHERE oauth_auth_codes.auth_code = ?;'; + . ' INNER JOIN oauth_authorization_codes' + . ' ON oauth_authorization_codes.session_id = oauth_sessions.id' + . ' WHERE oauth_authorization_codes.authorization_code = ?;'; $results = $this->db->fetch($sql, [$auth_code->getId()]); @@ -63,10 +63,10 @@ class SessionStorage extends StorageAdapter implements SessionInterface { $sql = 'SELECT oauth_sessions.*' . ' FROM oauth_sessions' - . ' INNER JOIN oauth_session_token_scopes' - . ' ON oauth_sessions.id = oauth_session_token_scopes.session_access_token_id' + . ' INNER JOIN oauth_access_token_scopes' + . ' ON oauth_sessions.id = oauth_access_token_scopes.access_token_id' . ' INNER JOIN oauth_scopes' - . ' ON oauth_scopes.id = oauth_session_token_scopes.scope_id' + . ' ON oauth_scopes.id = oauth_access_token_scopes.scope_id' . ' WHERE oauth_sessions.id = ?;'; $results = $this->db->fetch($sql, [$session->getId()]); @@ -95,7 +95,7 @@ class SessionStorage extends StorageAdapter implements SessionInterface public function associateScope(SessionEntity $session, ScopeEntity $scope) { - $sql = 'INSERT INTO oauth_session_token_scopes' + $sql = 'INSERT INTO oauth_access_token_scopes' . ' (session_access_token_id, scope_id)' . ' VALUES' . ' (?, ?);';