add oauth2/oidc lib

1 files changed, 43 insertions, 0 deletions

diff --git a/library/oauth2/src/OAuth2/Controller/AuthorizeControllerInterface.php b/library/oauth2/src/OAuth2/Controller/AuthorizeControllerInterface.php
new file mode 100644
index 000000000..fa07ae8d2
--- /dev/null
+++ b/library/oauth2/src/OAuth2/Controller/AuthorizeControllerInterface.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace OAuth2\Controller;
+
+use OAuth2\RequestInterface;
+use OAuth2\ResponseInterface;
+
+/**
+ *  This controller is called when a user should be authorized
+ *  by an authorization server.  As OAuth2 does not handle
+ *  authorization directly, this controller ensures the request is valid, but
+ *  requires the application to determine the value of $is_authorized
+ *
+ *  ex:
+ *  > $user_id = $this->somehowDetermineUserId();
+ *  > $is_authorized = $this->somehowDetermineUserAuthorization();
+ *  > $response = new OAuth2\Response();
+ *  > $authorizeController->handleAuthorizeRequest(
+ *  >     OAuth2\Request::createFromGlobals(),
+ *  >     $response,
+ *  >     $is_authorized,
+ *  >     $user_id);
+ *  > $response->send();
+ *
+ */
+interface AuthorizeControllerInterface
+{
+    /**
+     * List of possible authentication response types.
+     * The "authorization_code" mechanism exclusively supports 'code'
+     * and the "implicit" mechanism exclusively supports 'token'.
+     *
+     * @var string
+     * @see http://tools.ietf.org/html/rfc6749#section-4.1.1
+     * @see http://tools.ietf.org/html/rfc6749#section-4.2.1
+     */
+    const RESPONSE_TYPE_AUTHORIZATION_CODE = 'code';
+    const RESPONSE_TYPE_ACCESS_TOKEN = 'token';
+
+    public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null);
+
+    public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response);
+}