From 10863a5949cc59771424cb809af5c9f279f78a58 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Fri, 7 Oct 2016 14:11:24 -0700
Subject: add oauth2/oidc lib

---
 .../src/OAuth2/Storage/RefreshTokenInterface.php   | 82 ++++++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100644 library/oauth2/src/OAuth2/Storage/RefreshTokenInterface.php

(limited to 'library/oauth2/src/OAuth2/Storage/RefreshTokenInterface.php')

diff --git a/library/oauth2/src/OAuth2/Storage/RefreshTokenInterface.php b/library/oauth2/src/OAuth2/Storage/RefreshTokenInterface.php
new file mode 100644
index 000000000..0273f2125
--- /dev/null
+++ b/library/oauth2/src/OAuth2/Storage/RefreshTokenInterface.php
@@ -0,0 +1,82 @@
+<?php
+
+namespace OAuth2\Storage;
+
+/**
+ * Implement this interface to specify where the OAuth2 Server
+ * should get/save refresh tokens for the "Refresh Token"
+ * grant type
+ *
+ * @author Brent Shaffer <bshafs at gmail dot com>
+ */
+interface RefreshTokenInterface
+{
+    /**
+     * Grant refresh access tokens.
+     *
+     * Retrieve the stored data for the given refresh token.
+     *
+     * Required for OAuth2::GRANT_TYPE_REFRESH_TOKEN.
+     *
+     * @param $refresh_token
+     * Refresh token to be check with.
+     *
+     * @return
+     * An associative array as below, and NULL if the refresh_token is
+     * invalid:
+     * - refresh_token: Refresh token identifier.
+     * - client_id: Client identifier.
+     * - user_id: User identifier.
+     * - expires: Expiration unix timestamp, or 0 if the token doesn't expire.
+     * - scope: (optional) Scope values in space-separated string.
+     *
+     * @see http://tools.ietf.org/html/rfc6749#section-6
+     *
+     * @ingroup oauth2_section_6
+     */
+    public function getRefreshToken($refresh_token);
+
+    /**
+     * Take the provided refresh token values and store them somewhere.
+     *
+     * This function should be the storage counterpart to getRefreshToken().
+     *
+     * If storage fails for some reason, we're not currently checking for
+     * any sort of success/failure, so you should bail out of the script
+     * and provide a descriptive fail message.
+     *
+     * Required for OAuth2::GRANT_TYPE_REFRESH_TOKEN.
+     *
+     * @param $refresh_token
+     * Refresh token to be stored.
+     * @param $client_id
+     * Client identifier to be stored.
+     * @param $user_id
+     * User identifier to be stored.
+     * @param $expires
+     * Expiration timestamp to be stored. 0 if the token doesn't expire.
+     * @param $scope
+     * (optional) Scopes to be stored in space-separated string.
+     *
+     * @ingroup oauth2_section_6
+     */
+    public function setRefreshToken($refresh_token, $client_id, $user_id, $expires, $scope = null);
+
+    /**
+     * Expire a used refresh token.
+     *
+     * This is not explicitly required in the spec, but is almost implied.
+     * After granting a new refresh token, the old one is no longer useful and
+     * so should be forcibly expired in the data store so it can't be used again.
+     *
+     * If storage fails for some reason, we're not currently checking for
+     * any sort of success/failure, so you should bail out of the script
+     * and provide a descriptive fail message.
+     *
+     * @param $refresh_token
+     * Refresh token to be expirse.
+     *
+     * @ingroup oauth2_section_6
+     */
+    public function unsetRefreshToken($refresh_token);
+}
-- 
cgit v1.2.3