diff options
| author | zotlabs <mike@macgirvin.com> | 2016-10-07 14:11:24 -0700 |
|---|---|---|
| committer | zotlabs <mike@macgirvin.com> | 2016-10-07 14:11:24 -0700 |
| commit | 10863a5949cc59771424cb809af5c9f279f78a58 (patch) | |
| tree | 7a86223b830c1ae784bd4557bbefee9f60169542 /library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php | |
| parent | bf02e0428347350126abdd1726aa3e58c9ed63bb (diff) | |
| download | volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.gz volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.bz2 volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.zip | |
add oauth2/oidc lib
Diffstat (limited to 'library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php')
| -rw-r--r-- | library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php b/library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php new file mode 100644 index 000000000..c83aa72ea --- /dev/null +++ b/library/oauth2/src/OAuth2/Storage/JwtBearerInterface.php @@ -0,0 +1,74 @@ +<?php + +namespace OAuth2\Storage; + +/** + * Implement this interface to specify where the OAuth2 Server + * should get the JWT key for clients + * + * @TODO consider extending ClientInterface, as this will almost always + * be the same storage as retrieving clientData + * + * @author F21 + * @author Brent Shaffer <bshafs at gmail dot com> + */ +interface JwtBearerInterface +{ + /** + * Get the public key associated with a client_id + * + * @param $client_id + * Client identifier to be checked with. + * + * @return + * STRING Return the public key for the client_id if it exists, and MUST return FALSE if it doesn't. + */ + public function getClientKey($client_id, $subject); + + /** + * Get a jti (JSON token identifier) by matching against the client_id, subject, audience and expiration. + * + * @param $client_id + * Client identifier to match. + * + * @param $subject + * The subject to match. + * + * @param $audience + * The audience to match. + * + * @param $expiration + * The expiration of the jti. + * + * @param $jti + * The jti to match. + * + * @return + * An associative array as below, and return NULL if the jti does not exist. + * - issuer: Stored client identifier. + * - subject: Stored subject. + * - audience: Stored audience. + * - expires: Stored expiration in unix timestamp. + * - jti: The stored jti. + */ + public function getJti($client_id, $subject, $audience, $expiration, $jti); + + /** + * Store a used jti so that we can check against it to prevent replay attacks. + * @param $client_id + * Client identifier to insert. + * + * @param $subject + * The subject to insert. + * + * @param $audience + * The audience to insert. + * + * @param $expiration + * The expiration of the jti. + * + * @param $jti + * The jti to insert. + */ + public function setJti($client_id, $subject, $audience, $expiration, $jti); +} |