PageRenderTime 58ms CodeModel.GetById 33ms RepoModel.GetById 1ms app.codeStats 0ms

/src/OAuth2/ResponseType/AuthorizationCode.php

https://github.com/rich-choy/oauth2-server-php
PHP | 95 lines | 46 code | 13 blank | 36 comment | 3 complexity | 872877c44bf850ec0171c1d60a937541 MD5 | raw file
Possible License(s): MIT
  1. <?php
  2. namespace OAuth2\ResponseType;
  3. use OAuth2\Storage\AuthorizationCodeInterface as AuthorizationCodeStorageInterface;
  4. /**
  5. *
  6. * @author Brent Shaffer <bshafs at gmail dot com>
  7. */
  8. class AuthorizationCode implements AuthorizationCodeInterface
  9. {
  10. protected $storage;
  11. protected $config;
  12. public function __construct(AuthorizationCodeStorageInterface $storage, array $config = array())
  13. {
  14. $this->storage = $storage;
  15. $this->config = array_merge(array(
  16. 'enforce_redirect' => false,
  17. 'auth_code_lifetime' => 30,
  18. ), $config);
  19. }
  20. public function getAuthorizeResponse($params, $user_id = null)
  21. {
  22. // build the URL to redirect to
  23. $result = array('query' => array());
  24. $params += array('scope' => null, 'state' => null);
  25. $result["query"]["code"] = $this->createAuthorizationCode($params['client_id'], $user_id, $params['redirect_uri'], $params['scope']);
  26. if (isset($params['state'])) {
  27. $result["query"]["state"] = $params['state'];
  28. }
  29. return array($params['redirect_uri'], $result);
  30. }
  31. /**
  32. * Handle the creation of the authorization code.
  33. *
  34. * @param $client_id
  35. * Client identifier related to the authorization code
  36. * @param $user_id
  37. * User ID associated with the authorization code
  38. * @param $redirect_uri
  39. * An absolute URI to which the authorization server will redirect the
  40. * user-agent to when the end-user authorization step is completed.
  41. * @param $scope
  42. * (optional) Scopes to be stored in space-separated string.
  43. *
  44. * @see http://tools.ietf.org/html/rfc6749#section-4
  45. * @ingroup oauth2_section_4
  46. */
  47. public function createAuthorizationCode($client_id, $user_id, $redirect_uri, $scope = null)
  48. {
  49. $code = $this->generateAuthorizationCode();
  50. $this->storage->setAuthorizationCode($code, $client_id, $user_id, $redirect_uri, time() + $this->config['auth_code_lifetime'], $scope);
  51. return $code;
  52. }
  53. /**
  54. * @return
  55. * TRUE if the grant type requires a redirect_uri, FALSE if not
  56. */
  57. public function enforceRedirect()
  58. {
  59. return $this->config['enforce_redirect'];
  60. }
  61. /**
  62. * Generates an unique auth code.
  63. *
  64. * Implementing classes may want to override this function to implement
  65. * other auth code generation schemes.
  66. *
  67. * @return
  68. * An unique auth code.
  69. *
  70. * @ingroup oauth2_section_4
  71. */
  72. protected function generateAuthorizationCode()
  73. {
  74. $tokenLen = 40;
  75. if (file_exists('/dev/urandom')) { // Get 100 bytes of random data
  76. $randomData = file_get_contents('/dev/urandom', false, null, 0, 100) . uniqid(mt_rand(), true);
  77. } else {
  78. $randomData = mt_rand() . mt_rand() . mt_rand() . mt_rand() . microtime(true) . uniqid(mt_rand(), true);
  79. }
  80. return substr(hash('sha512', $randomData), 0, $tokenLen);
  81. }
  82. }