blob: f758f976ace647ea151903218085febc17df2f56 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
<?php
namespace OAuth2\Controller;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
/**
* This controller is called when a user should be authorized
* by an authorization server. As OAuth2 does not handle
* authorization directly, this controller ensures the request is valid, but
* requires the application to determine the value of $is_authorized
*
* @code
* $user_id = $this->somehowDetermineUserId();
* $is_authorized = $this->somehowDetermineUserAuthorization();
* $response = new OAuth2\Response();
* $authorizeController->handleAuthorizeRequest(
* OAuth2\Request::createFromGlobals(),
* $response,
* $is_authorized,
* $user_id
* );
* $response->send();
* @endcode
*/
interface AuthorizeControllerInterface
{
/**
* List of possible authentication response types.
* The "authorization_code" mechanism exclusively supports 'code'
* and the "implicit" mechanism exclusively supports 'token'.
*
* @var string
* @see http://tools.ietf.org/html/rfc6749#section-4.1.1
* @see http://tools.ietf.org/html/rfc6749#section-4.2.1
*/
const RESPONSE_TYPE_AUTHORIZATION_CODE = 'code';
const RESPONSE_TYPE_ACCESS_TOKEN = 'token';
/**
* Handle the OAuth request
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @param $is_authorized
* @param null $user_id
* @return mixed
*/
public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null);
/**
* @param RequestInterface $request
* @param ResponseInterface $response
* @return bool
*/
public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response);
}
|