|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace rhertogh\Yii2Oauth2Server\models; |
|
4
|
|
|
|
|
5
|
|
|
use DateTimeImmutable; |
|
6
|
|
|
use Lcobucci\JWT\Builder; |
|
7
|
|
|
use League\OAuth2\Server\Entities\ClientEntityInterface; |
|
8
|
|
|
use League\OAuth2\Server\Entities\Traits\AccessTokenTrait; |
|
9
|
|
|
use rhertogh\Yii2Oauth2Server\interfaces\models\Oauth2AccessTokenInterface; |
|
10
|
|
|
use rhertogh\Yii2Oauth2Server\interfaces\models\Oauth2AccessTokenScopeInterface; |
|
11
|
|
|
use rhertogh\Yii2Oauth2Server\interfaces\models\Oauth2ScopeInterface; |
|
12
|
|
|
use rhertogh\Yii2Oauth2Server\models\behaviors\DateTimeBehavior; |
|
13
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2ClientRelationTrait; |
|
14
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2EntityIdentifierTrait; |
|
15
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2ExpiryDateTimeTrait; |
|
16
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2ScopesRelationTrait; |
|
17
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2TokenTrait; |
|
18
|
|
|
use rhertogh\Yii2Oauth2Server\models\traits\Oauth2UserIdentifierTrait; |
|
19
|
|
|
use yii\helpers\ArrayHelper; |
|
20
|
|
|
|
|
21
|
|
|
/** |
|
22
|
|
|
* @property DateTimeImmutable $expiry_date_time |
|
23
|
|
|
* @property Oauth2Client $clientRelation |
|
24
|
|
|
* @property Oauth2ScopeInterface[] $scopesRelation |
|
25
|
|
|
*/ |
|
26
|
|
|
class Oauth2AccessToken extends base\Oauth2AccessToken implements Oauth2AccessTokenInterface |
|
27
|
|
|
{ |
|
28
|
|
|
use Oauth2EntityIdentifierTrait; |
|
29
|
|
|
use AccessTokenTrait; |
|
30
|
|
|
use Oauth2TokenTrait; |
|
31
|
|
|
use Oauth2ExpiryDateTimeTrait; |
|
32
|
|
|
use Oauth2UserIdentifierTrait; |
|
33
|
|
|
use Oauth2ScopesRelationTrait; |
|
34
|
|
|
use Oauth2ClientRelationTrait { |
|
35
|
|
|
__set as clientRelationSetter; |
|
36
|
|
|
setClient as clientSetter; |
|
37
|
|
|
} |
|
38
|
|
|
|
|
39
|
|
|
public const TYPE_BEARER = 1; |
|
40
|
|
|
public const TYPE_MAC = 2; |
|
41
|
|
|
|
|
42
|
|
|
///////////////////////////// |
|
43
|
|
|
/// ActiveRecord Settings /// |
|
44
|
|
|
///////////////////////////// |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* @inheritDoc |
|
48
|
|
|
*/ |
|
49
|
18 |
|
public function behaviors() |
|
50
|
|
|
{ |
|
51
|
18 |
|
return ArrayHelper::merge(parent::behaviors(), [ |
|
52
|
18 |
|
'dateTimeBehavior' => DateTimeBehavior::class |
|
53
|
18 |
|
]); |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
///////////////////////// |
|
57
|
|
|
/// Getters & Setters /// |
|
58
|
|
|
///////////////////////// |
|
59
|
|
|
|
|
60
|
|
|
/** |
|
61
|
|
|
* @inheritDoc |
|
62
|
|
|
*/ |
|
63
|
5 |
|
public function setClient(ClientEntityInterface $client) |
|
64
|
|
|
{ |
|
65
|
5 |
|
$this->clientSetter($client); |
|
66
|
4 |
|
$this->type = Oauth2AccessToken::TYPE_BEARER; // Fixed for now. |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
/** |
|
70
|
|
|
* @inheritDoc |
|
71
|
|
|
*/ |
|
72
|
18 |
|
public function __set($name, $value) |
|
73
|
|
|
{ |
|
74
|
|
|
// wrapper function to ensure the __set function of the Oauth2ClientRelationTrait is never overwritten. |
|
75
|
18 |
|
$this->clientRelationSetter($name, $value); |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
/** |
|
79
|
|
|
* @inheritDoc |
|
80
|
|
|
*/ |
|
81
|
1 |
|
public function getScopesRelationClassName() |
|
82
|
|
|
{ |
|
83
|
1 |
|
return Oauth2AccessTokenScopeInterface::class; |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
/** |
|
87
|
|
|
* @return \Lcobucci\JWT\Token\Plain |
|
88
|
|
|
* @see https://github.com/thephpleague/oauth2-server/issues/885 |
|
89
|
|
|
*/ |
|
90
|
1 |
|
private function convertToJWT() |
|
|
|
|
|
|
91
|
|
|
{ |
|
92
|
1 |
|
$this->initJwtConfiguration(); |
|
93
|
1 |
|
$builder = $this->jwtConfiguration->builder(); |
|
94
|
1 |
|
return $this->buildJwt($builder)->getToken( |
|
95
|
1 |
|
$this->jwtConfiguration->signer(), |
|
96
|
1 |
|
$this->jwtConfiguration->signingKey() |
|
97
|
1 |
|
); |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
1 |
|
protected function buildJwt(Builder $builder) |
|
101
|
|
|
{ |
|
102
|
|
|
// Default claims added by `\League\OAuth2\Server\Entities\Traits\AccessTokenTrait::convertToJWT`. |
|
103
|
1 |
|
$builder |
|
104
|
1 |
|
->permittedFor($this->getClient()->getIdentifier()) |
|
105
|
1 |
|
->identifiedBy($this->getIdentifier()) |
|
106
|
1 |
|
->issuedAt(new DateTimeImmutable()) |
|
107
|
1 |
|
->canOnlyBeUsedAfter(new DateTimeImmutable()) |
|
108
|
1 |
|
->expiresAt($this->getExpiryDateTime()) |
|
109
|
1 |
|
->relatedTo((string) $this->getUserIdentifier()) |
|
110
|
1 |
|
->withClaim('scopes', $this->getScopes()); |
|
111
|
|
|
|
|
112
|
|
|
// Additional claims. |
|
113
|
1 |
|
$builder |
|
114
|
1 |
|
->withClaim(static::TOKEN_CLAIM_CLIENT_ID, $this->getClient()->getIdentifier()); |
|
115
|
|
|
|
|
116
|
1 |
|
return $builder; |
|
117
|
|
|
} |
|
118
|
|
|
} |
|
119
|
|
|
|
rhertogh /
yii2-oauth2-server
This check looks for private methods that have been defined, but are not used inside the class.