aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php')
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php318
1 files changed, 248 insertions, 70 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
index ae5107e29..074cee447 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
@@ -4,6 +4,7 @@ namespace OAuth2\Storage;
use OAuth2\OpenID\Storage\UserClaimsInterface;
use OAuth2\OpenID\Storage\AuthorizationCodeInterface as OpenIDAuthorizationCodeInterface;
+use InvalidArgumentException;
/**
* Simple PDO storage for all storage types
@@ -29,9 +30,22 @@ class Pdo implements
UserClaimsInterface,
OpenIDAuthorizationCodeInterface
{
+ /**
+ * @var \PDO
+ */
protected $db;
+
+ /**
+ * @var array
+ */
protected $config;
+ /**
+ * @param mixed $connection
+ * @param array $config
+ *
+ * @throws InvalidArgumentException
+ */
public function __construct($connection, $config = array())
{
if (!$connection instanceof \PDO) {
@@ -70,7 +84,11 @@ class Pdo implements
), $config);
}
- /* OAuth2\Storage\ClientCredentialsInterface */
+ /**
+ * @param string $client_id
+ * @param null|string $client_secret
+ * @return bool
+ */
public function checkClientCredentials($client_id, $client_secret = null)
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s where client_id = :client_id', $this->config['client_table']));
@@ -81,6 +99,10 @@ class Pdo implements
return $result && $result['client_secret'] == $client_secret;
}
+ /**
+ * @param string $client_id
+ * @return bool
+ */
public function isPublicClient($client_id)
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s where client_id = :client_id', $this->config['client_table']));
@@ -93,7 +115,10 @@ class Pdo implements
return empty($result['client_secret']);
}
- /* OAuth2\Storage\ClientInterface */
+ /**
+ * @param string $client_id
+ * @return array|mixed
+ */
public function getClientDetails($client_id)
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s where client_id = :client_id', $this->config['client_table']));
@@ -102,6 +127,15 @@ class Pdo implements
return $stmt->fetch(\PDO::FETCH_ASSOC);
}
+ /**
+ * @param string $client_id
+ * @param null|string $client_secret
+ * @param null|string $redirect_uri
+ * @param null|array $grant_types
+ * @param null|string $scope
+ * @param null|string $user_id
+ * @return bool
+ */
public function setClientDetails($client_id, $client_secret = null, $redirect_uri = null, $grant_types = null, $scope = null, $user_id = null)
{
// if it exists, update it.
@@ -114,6 +148,11 @@ class Pdo implements
return $stmt->execute(compact('client_id', 'client_secret', 'redirect_uri', 'grant_types', 'scope', 'user_id'));
}
+ /**
+ * @param $client_id
+ * @param $grant_type
+ * @return bool
+ */
public function checkRestrictedGrantType($client_id, $grant_type)
{
$details = $this->getClientDetails($client_id);
@@ -127,7 +166,10 @@ class Pdo implements
return true;
}
- /* OAuth2\Storage\AccessTokenInterface */
+ /**
+ * @param string $access_token
+ * @return array|bool|mixed|null
+ */
public function getAccessToken($access_token)
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s where access_token = :access_token', $this->config['access_token_table']));
@@ -141,6 +183,14 @@ class Pdo implements
return $token;
}
+ /**
+ * @param string $access_token
+ * @param mixed $client_id
+ * @param mixed $user_id
+ * @param int $expires
+ * @param string $scope
+ * @return bool
+ */
public function setAccessToken($access_token, $client_id, $user_id, $expires, $scope = null)
{
// convert expires to datestring
@@ -156,6 +206,10 @@ class Pdo implements
return $stmt->execute(compact('access_token', 'client_id', 'user_id', 'expires', 'scope'));
}
+ /**
+ * @param $access_token
+ * @return bool
+ */
public function unsetAccessToken($access_token)
{
$stmt = $this->db->prepare(sprintf('DELETE FROM %s WHERE access_token = :access_token', $this->config['access_token_table']));
@@ -166,6 +220,10 @@ class Pdo implements
}
/* OAuth2\Storage\AuthorizationCodeInterface */
+ /**
+ * @param string $code
+ * @return mixed
+ */
public function getAuthorizationCode($code)
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s where authorization_code = :code', $this->config['code_table']));
@@ -179,6 +237,16 @@ class Pdo implements
return $code;
}
+ /**
+ * @param string $code
+ * @param mixed $client_id
+ * @param mixed $user_id
+ * @param string $redirect_uri
+ * @param int $expires
+ * @param string $scope
+ * @param string $id_token
+ * @return bool|mixed
+ */
public function setAuthorizationCode($code, $client_id, $user_id, $redirect_uri, $expires, $scope = null, $id_token = null)
{
if (func_num_args() > 6) {
@@ -199,6 +267,16 @@ class Pdo implements
return $stmt->execute(compact('code', 'client_id', 'user_id', 'redirect_uri', 'expires', 'scope'));
}
+ /**
+ * @param string $code
+ * @param mixed $client_id
+ * @param mixed $user_id
+ * @param string $redirect_uri
+ * @param string $expires
+ * @param string $scope
+ * @param string $id_token
+ * @return bool
+ */
private function setAuthorizationCodeWithIdToken($code, $client_id, $user_id, $redirect_uri, $expires, $scope = null, $id_token = null)
{
// convert expires to datestring
@@ -214,6 +292,10 @@ class Pdo implements
return $stmt->execute(compact('code', 'client_id', 'user_id', 'redirect_uri', 'expires', 'scope', 'id_token'));
}
+ /**
+ * @param string $code
+ * @return bool
+ */
public function expireAuthorizationCode($code)
{
$stmt = $this->db->prepare(sprintf('DELETE FROM %s WHERE authorization_code = :code', $this->config['code_table']));
@@ -221,7 +303,11 @@ class Pdo implements
return $stmt->execute(compact('code'));
}
- /* OAuth2\Storage\UserCredentialsInterface */
+ /**
+ * @param string $username
+ * @param string $password
+ * @return bool
+ */
public function checkUserCredentials($username, $password)
{
if ($user = $this->getUser($username)) {
@@ -231,12 +317,20 @@ class Pdo implements
return false;
}
+ /**
+ * @param string $username
+ * @return array|bool
+ */
public function getUserDetails($username)
{
return $this->getUser($username);
}
- /* UserClaimsInterface */
+ /**
+ * @param mixed $user_id
+ * @param string $claims
+ * @return array|bool
+ */
public function getUserClaims($user_id, $claims)
{
if (!$userDetails = $this->getUserDetails($user_id)) {
@@ -262,6 +356,11 @@ class Pdo implements
return $userClaims;
}
+ /**
+ * @param string $claim
+ * @param array $userDetails
+ * @return array
+ */
protected function getUserClaim($claim, $userDetails)
{
$userClaims = array();
@@ -275,7 +374,10 @@ class Pdo implements
return $userClaims;
}
- /* OAuth2\Storage\RefreshTokenInterface */
+ /**
+ * @param string $refresh_token
+ * @return bool|mixed
+ */
public function getRefreshToken($refresh_token)
{
$stmt = $this->db->prepare(sprintf('SELECT * FROM %s WHERE refresh_token = :refresh_token', $this->config['refresh_token_table']));
@@ -289,6 +391,14 @@ class Pdo implements
return $token;
}
+ /**
+ * @param string $refresh_token
+ * @param mixed $client_id
+ * @param mixed $user_id
+ * @param string $expires
+ * @param string $scope
+ * @return bool
+ */
public function setRefreshToken($refresh_token, $client_id, $user_id, $expires, $scope = null)
{
// convert expires to datestring
@@ -299,6 +409,10 @@ class Pdo implements
return $stmt->execute(compact('refresh_token', 'client_id', 'user_id', 'expires', 'scope'));
}
+ /**
+ * @param string $refresh_token
+ * @return bool
+ */
public function unsetRefreshToken($refresh_token)
{
$stmt = $this->db->prepare(sprintf('DELETE FROM %s WHERE refresh_token = :refresh_token', $this->config['refresh_token_table']));
@@ -308,7 +422,13 @@ class Pdo implements
return $stmt->rowCount() > 0;
}
- // plaintext passwords are bad! Override this for your application
+ /**
+ * plaintext passwords are bad! Override this for your application
+ *
+ * @param array $user
+ * @param string $password
+ * @return bool
+ */
protected function checkPassword($user, $password)
{
return $user['password'] == $this->hashPassword($password);
@@ -320,6 +440,10 @@ class Pdo implements
return sha1($password);
}
+ /**
+ * @param string $username
+ * @return array|bool
+ */
public function getUser($username)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT * from %s where username=:username', $this->config['user_table']));
@@ -335,6 +459,15 @@ class Pdo implements
), $userInfo);
}
+ /**
+ * plaintext passwords are bad! Override this for your application
+ *
+ * @param string $username
+ * @param string $password
+ * @param string $firstName
+ * @param string $lastName
+ * @return bool
+ */
public function setUser($username, $password, $firstName = null, $lastName = null)
{
// do not store in plaintext
@@ -350,7 +483,10 @@ class Pdo implements
return $stmt->execute(compact('username', 'password', 'firstName', 'lastName'));
}
- /* ScopeInterface */
+ /**
+ * @param string $scope
+ * @return bool
+ */
public function scopeExists($scope)
{
$scope = explode(' ', $scope);
@@ -365,6 +501,10 @@ class Pdo implements
return false;
}
+ /**
+ * @param mixed $client_id
+ * @return null|string
+ */
public function getDefaultScope($client_id = null)
{
$stmt = $this->db->prepare(sprintf('SELECT scope FROM %s WHERE is_default=:is_default', $this->config['scope_table']));
@@ -381,7 +521,11 @@ class Pdo implements
return null;
}
- /* JWTBearerInterface */
+ /**
+ * @param mixed $client_id
+ * @param $subject
+ * @return string
+ */
public function getClientKey($client_id, $subject)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT public_key from %s where client_id=:client_id AND subject=:subject', $this->config['jwt_table']));
@@ -391,6 +535,10 @@ class Pdo implements
return $stmt->fetchColumn();
}
+ /**
+ * @param mixed $client_id
+ * @return bool|null
+ */
public function getClientScope($client_id)
{
if (!$clientDetails = $this->getClientDetails($client_id)) {
@@ -404,6 +552,14 @@ class Pdo implements
return null;
}
+ /**
+ * @param mixed $client_id
+ * @param $subject
+ * @param $audience
+ * @param $expires
+ * @param $jti
+ * @return array|null
+ */
public function getJti($client_id, $subject, $audience, $expires, $jti)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT * FROM %s WHERE issuer=:client_id AND subject=:subject AND audience=:audience AND expires=:expires AND jti=:jti', $this->config['jti_table']));
@@ -423,6 +579,14 @@ class Pdo implements
return null;
}
+ /**
+ * @param mixed $client_id
+ * @param $subject
+ * @param $audience
+ * @param $expires
+ * @param $jti
+ * @return bool
+ */
public function setJti($client_id, $subject, $audience, $expires, $jti)
{
$stmt = $this->db->prepare(sprintf('INSERT INTO %s (issuer, subject, audience, expires, jti) VALUES (:client_id, :subject, :audience, :expires, :jti)', $this->config['jti_table']));
@@ -430,7 +594,10 @@ class Pdo implements
return $stmt->execute(compact('client_id', 'subject', 'audience', 'expires', 'jti'));
}
- /* PublicKeyInterface */
+ /**
+ * @param mixed $client_id
+ * @return mixed
+ */
public function getPublicKey($client_id = null)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT public_key FROM %s WHERE client_id=:client_id OR client_id IS NULL ORDER BY client_id IS NOT NULL DESC', $this->config['public_key_table']));
@@ -441,6 +608,10 @@ class Pdo implements
}
}
+ /**
+ * @param mixed $client_id
+ * @return mixed
+ */
public function getPrivateKey($client_id = null)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT private_key FROM %s WHERE client_id=:client_id OR client_id IS NULL ORDER BY client_id IS NOT NULL DESC', $this->config['public_key_table']));
@@ -451,6 +622,10 @@ class Pdo implements
}
}
+ /**
+ * @param mixed $client_id
+ * @return string
+ */
public function getEncryptionAlgorithm($client_id = null)
{
$stmt = $this->db->prepare($sql = sprintf('SELECT encryption_algorithm FROM %s WHERE client_id=:client_id OR client_id IS NULL ORDER BY client_id IS NOT NULL DESC', $this->config['public_key_table']));
@@ -467,6 +642,9 @@ class Pdo implements
* DDL to create OAuth2 database and tables for PDO storage
*
* @see https://github.com/dsquier/oauth2-server-php-mysql
+ *
+ * @param string $dbName
+ * @return string
*/
public function getBuildSql($dbName = 'oauth2_server_php')
{
@@ -481,73 +659,73 @@ class Pdo implements
PRIMARY KEY (client_id)
);
- CREATE TABLE {$this->config['access_token_table']} (
- access_token VARCHAR(40) NOT NULL,
- client_id VARCHAR(80) NOT NULL,
- user_id VARCHAR(80),
- expires TIMESTAMP NOT NULL,
- scope VARCHAR(4000),
- PRIMARY KEY (access_token)
- );
+ CREATE TABLE {$this->config['access_token_table']} (
+ access_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(80),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (access_token)
+ );
- CREATE TABLE {$this->config['code_table']} (
- authorization_code VARCHAR(40) NOT NULL,
- client_id VARCHAR(80) NOT NULL,
- user_id VARCHAR(80),
- redirect_uri VARCHAR(2000),
- expires TIMESTAMP NOT NULL,
- scope VARCHAR(4000),
- id_token VARCHAR(1000),
- PRIMARY KEY (authorization_code)
- );
+ CREATE TABLE {$this->config['code_table']} (
+ authorization_code VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(80),
+ redirect_uri VARCHAR(2000),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ id_token VARCHAR(1000),
+ PRIMARY KEY (authorization_code)
+ );
- CREATE TABLE {$this->config['refresh_token_table']} (
- refresh_token VARCHAR(40) NOT NULL,
- client_id VARCHAR(80) NOT NULL,
- user_id VARCHAR(80),
- expires TIMESTAMP NOT NULL,
- scope VARCHAR(4000),
- PRIMARY KEY (refresh_token)
- );
+ CREATE TABLE {$this->config['refresh_token_table']} (
+ refresh_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(80),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (refresh_token)
+ );
- CREATE TABLE {$this->config['user_table']} (
- username VARCHAR(80),
- password VARCHAR(80),
- first_name VARCHAR(80),
- last_name VARCHAR(80),
- email VARCHAR(80),
- email_verified BOOLEAN,
- scope VARCHAR(4000)
- );
+ CREATE TABLE {$this->config['user_table']} (
+ username VARCHAR(80),
+ password VARCHAR(80),
+ first_name VARCHAR(80),
+ last_name VARCHAR(80),
+ email VARCHAR(80),
+ email_verified BOOLEAN,
+ scope VARCHAR(4000)
+ );
- CREATE TABLE {$this->config['scope_table']} (
- scope VARCHAR(80) NOT NULL,
- is_default BOOLEAN,
- PRIMARY KEY (scope)
- );
+ CREATE TABLE {$this->config['scope_table']} (
+ scope VARCHAR(80) NOT NULL,
+ is_default BOOLEAN,
+ PRIMARY KEY (scope)
+ );
- CREATE TABLE {$this->config['jwt_table']} (
- client_id VARCHAR(80) NOT NULL,
- subject VARCHAR(80),
- public_key VARCHAR(2000) NOT NULL
- );
+ CREATE TABLE {$this->config['jwt_table']} (
+ client_id VARCHAR(80) NOT NULL,
+ subject VARCHAR(80),
+ public_key VARCHAR(2000) NOT NULL
+ );
- CREATE TABLE {$this->config['jti_table']} (
- issuer VARCHAR(80) NOT NULL,
- subject VARCHAR(80),
- audience VARCHAR(80),
- expires TIMESTAMP NOT NULL,
- jti VARCHAR(2000) NOT NULL
- );
+ CREATE TABLE {$this->config['jti_table']} (
+ issuer VARCHAR(80) NOT NULL,
+ subject VARCHAR(80),
+ audiance VARCHAR(80),
+ expires TIMESTAMP NOT NULL,
+ jti VARCHAR(2000) NOT NULL
+ );
- CREATE TABLE {$this->config['public_key_table']} (
- client_id VARCHAR(80),
- public_key VARCHAR(2000),
- private_key VARCHAR(2000),
- encryption_algorithm VARCHAR(100) DEFAULT 'RS256'
- )
-";
+ CREATE TABLE {$this->config['public_key_table']} (
+ client_id VARCHAR(80),
+ public_key VARCHAR(2000),
+ private_key VARCHAR(2000),
+ encryption_algorithm VARCHAR(100) DEFAULT 'RS256'
+ )
+ ";
return $sql;
}
-}
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-16 14:36:59 +0000