diff options
Diffstat (limited to 'library/oauth2/src/OAuth2/GrantType/AuthorizationCode.php')
-rw-r--r-- | library/oauth2/src/OAuth2/GrantType/AuthorizationCode.php | 100 |
1 files changed, 0 insertions, 100 deletions
diff --git a/library/oauth2/src/OAuth2/GrantType/AuthorizationCode.php b/library/oauth2/src/OAuth2/GrantType/AuthorizationCode.php deleted file mode 100644 index e8995204c..000000000 --- a/library/oauth2/src/OAuth2/GrantType/AuthorizationCode.php +++ /dev/null @@ -1,100 +0,0 @@ -<?php - -namespace OAuth2\GrantType; - -use OAuth2\Storage\AuthorizationCodeInterface; -use OAuth2\ResponseType\AccessTokenInterface; -use OAuth2\RequestInterface; -use OAuth2\ResponseInterface; - -/** - * - * @author Brent Shaffer <bshafs at gmail dot com> - */ -class AuthorizationCode implements GrantTypeInterface -{ - protected $storage; - protected $authCode; - - /** - * @param OAuth2\Storage\AuthorizationCodeInterface $storage REQUIRED Storage class for retrieving authorization code information - */ - public function __construct(AuthorizationCodeInterface $storage) - { - $this->storage = $storage; - } - - public function getQuerystringIdentifier() - { - return 'authorization_code'; - } - - public function validateRequest(RequestInterface $request, ResponseInterface $response) - { - if (!$request->request('code')) { - $response->setError(400, 'invalid_request', 'Missing parameter: "code" is required'); - - return false; - } - - $code = $request->request('code'); - if (!$authCode = $this->storage->getAuthorizationCode($code)) { - $response->setError(400, 'invalid_grant', 'Authorization code doesn\'t exist or is invalid for the client'); - - return false; - } - - /* - * 4.1.3 - ensure that the "redirect_uri" parameter is present if the "redirect_uri" parameter was included in the initial authorization request - * @uri - http://tools.ietf.org/html/rfc6749#section-4.1.3 - */ - if (isset($authCode['redirect_uri']) && $authCode['redirect_uri']) { - if (!$request->request('redirect_uri') || urldecode($request->request('redirect_uri')) != $authCode['redirect_uri']) { - $response->setError(400, 'redirect_uri_mismatch', "The redirect URI is missing or do not match", "#section-4.1.3"); - - return false; - } - } - - if (!isset($authCode['expires'])) { - throw new \Exception('Storage must return authcode with a value for "expires"'); - } - - if ($authCode["expires"] < time()) { - $response->setError(400, 'invalid_grant', "The authorization code has expired"); - - return false; - } - - if (!isset($authCode['code'])) { - $authCode['code'] = $code; // used to expire the code after the access token is granted - } - - $this->authCode = $authCode; - - return true; - } - - public function getClientId() - { - return $this->authCode['client_id']; - } - - public function getScope() - { - return isset($this->authCode['scope']) ? $this->authCode['scope'] : null; - } - - public function getUserId() - { - return isset($this->authCode['user_id']) ? $this->authCode['user_id'] : null; - } - - public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope) - { - $token = $accessToken->createAccessToken($client_id, $user_id, $scope); - $this->storage->expireAuthorizationCode($this->authCode['code']); - - return $token; - } -} |