From 6c641b1834539c65edb35dd43a6afa7620e73e1c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 14 Mar 2017 09:09:05 +1100 Subject: move oauth2 to vendor --- .../oauth2/src/OAuth2/Storage/JwtAccessToken.php | 88 ---------------------- 1 file changed, 88 deletions(-) delete mode 100644 library/oauth2/src/OAuth2/Storage/JwtAccessToken.php (limited to 'library/oauth2/src/OAuth2/Storage/JwtAccessToken.php') diff --git a/library/oauth2/src/OAuth2/Storage/JwtAccessToken.php b/library/oauth2/src/OAuth2/Storage/JwtAccessToken.php deleted file mode 100644 index 75b49d301..000000000 --- a/library/oauth2/src/OAuth2/Storage/JwtAccessToken.php +++ /dev/null @@ -1,88 +0,0 @@ - - */ -class JwtAccessToken implements JwtAccessTokenInterface -{ - protected $publicKeyStorage; - protected $tokenStorage; - protected $encryptionUtil; - - /** - * @param OAuth2\Encryption\PublicKeyInterface $publicKeyStorage the public key encryption to use - * @param OAuth2\Storage\AccessTokenInterface $tokenStorage OPTIONAL persist the access token to another storage. This is useful if - * you want to retain access token grant information somewhere, but - * is not necessary when using this grant type. - * @param OAuth2\Encryption\EncryptionInterface $encryptionUtil OPTIONAL class to use for "encode" and "decode" functions. - */ - public function __construct(PublicKeyInterface $publicKeyStorage, AccessTokenInterface $tokenStorage = null, EncryptionInterface $encryptionUtil = null) - { - $this->publicKeyStorage = $publicKeyStorage; - $this->tokenStorage = $tokenStorage; - if (is_null($encryptionUtil)) { - $encryptionUtil = new Jwt; - } - $this->encryptionUtil = $encryptionUtil; - } - - public function getAccessToken($oauth_token) - { - // just decode the token, don't verify - if (!$tokenData = $this->encryptionUtil->decode($oauth_token, null, false)) { - return false; - } - - $client_id = isset($tokenData['aud']) ? $tokenData['aud'] : null; - $public_key = $this->publicKeyStorage->getPublicKey($client_id); - $algorithm = $this->publicKeyStorage->getEncryptionAlgorithm($client_id); - - // now that we have the client_id, verify the token - if (false === $this->encryptionUtil->decode($oauth_token, $public_key, array($algorithm))) { - return false; - } - - // normalize the JWT claims to the format expected by other components in this library - return $this->convertJwtToOAuth2($tokenData); - } - - public function setAccessToken($oauth_token, $client_id, $user_id, $expires, $scope = null) - { - if ($this->tokenStorage) { - return $this->tokenStorage->setAccessToken($oauth_token, $client_id, $user_id, $expires, $scope); - } - } - - public function unsetAccessToken($access_token) - { - if ($this->tokenStorage) { - return $this->tokenStorage->unsetAccessToken($access_token); - } - } - - - // converts a JWT access token into an OAuth2-friendly format - protected function convertJwtToOAuth2($tokenData) - { - $keyMapping = array( - 'aud' => 'client_id', - 'exp' => 'expires', - 'sub' => 'user_id' - ); - - foreach ($keyMapping as $jwtKey => $oauth2Key) { - if (isset($tokenData[$jwtKey])) { - $tokenData[$oauth2Key] = $tokenData[$jwtKey]; - unset($tokenData[$jwtKey]); - } - } - - return $tokenData; - } -} -- cgit v1.2.3