1 | <?php |
||
2 | /** |
||
3 | * @author Alex Bilbie <[email protected]> |
||
4 | * @copyright Copyright (c) Alex Bilbie |
||
5 | * @license http://mit-license.org/ |
||
6 | * |
||
7 | * @link https://github.com/thephpleague/oauth2-server |
||
8 | */ |
||
9 | |||
10 | namespace League\OAuth2\Server\Entities\Traits; |
||
11 | |||
12 | use DateTimeImmutable; |
||
13 | use Lcobucci\JWT\Configuration; |
||
14 | use Lcobucci\JWT\Signer\Key\InMemory; |
||
15 | use Lcobucci\JWT\Signer\Key\LocalFileReference; |
||
16 | use Lcobucci\JWT\Signer\Rsa\Sha256; |
||
17 | use Lcobucci\JWT\Token; |
||
18 | use League\OAuth2\Server\CryptKey; |
||
19 | use League\OAuth2\Server\Entities\ClientEntityInterface; |
||
20 | use League\OAuth2\Server\Entities\ScopeEntityInterface; |
||
21 | |||
22 | trait AccessTokenTrait |
||
23 | { |
||
24 | /** |
||
25 | * @var CryptKey |
||
26 | */ |
||
27 | private $privateKey; |
||
28 | |||
29 | /** |
||
30 | * @var Configuration |
||
31 | 29 | */ |
|
32 | private $jwtConfiguration; |
||
33 | 29 | ||
34 | 29 | /** |
|
35 | * Set the private key used to encrypt this access token. |
||
36 | */ |
||
37 | public function setPrivateKey(CryptKey $privateKey) |
||
38 | { |
||
39 | $this->privateKey = $privateKey; |
||
40 | } |
||
41 | |||
42 | /** |
||
43 | 9 | * Initialise the JWT Configuration. |
|
44 | */ |
||
45 | 9 | public function initJwtConfiguration() |
|
46 | 9 | { |
|
47 | 9 | $privateKeyPassPhrase = $this->privateKey->getPassPhrase(); |
|
48 | 9 | ||
49 | 9 | $verificationKey = empty($privateKeyPassPhrase) ? InMemory::plainText('') : $privateKeyPassPhrase; |
|
50 | 9 | ||
51 | 9 | $this->jwtConfiguration = Configuration::forAsymmetricSigner( |
|
52 | 9 | new Sha256(), |
|
53 | 9 | LocalFileReference::file($this->privateKey->getKeyPath()), |
|
54 | $verificationKey |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
55 | ); |
||
56 | } |
||
57 | |||
58 | /** |
||
59 | 9 | * Generate a JWT from the access token |
|
60 | * |
||
61 | 9 | * @return Token |
|
62 | */ |
||
63 | private function convertToJWT() |
||
64 | { |
||
65 | $this->initJwtConfiguration(); |
||
66 | |||
67 | return $this->jwtConfiguration->builder() |
||
68 | ->permittedFor($this->getClient()->getIdentifier()) |
||
69 | ->identifiedBy($this->getIdentifier()) |
||
70 | ->issuedAt(new DateTimeImmutable()) |
||
71 | ->canOnlyBeUsedAfter(new DateTimeImmutable()) |
||
72 | ->expiresAt($this->getExpiryDateTime()) |
||
73 | ->relatedTo((string) $this->getUserIdentifier()) |
||
74 | ->withClaim('scopes', $this->getScopes()) |
||
75 | ->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey()); |
||
76 | } |
||
77 | |||
78 | /** |
||
79 | * Generate a string representation from the access token |
||
80 | */ |
||
81 | public function __toString() |
||
82 | { |
||
83 | return $this->convertToJWT()->toString(); |
||
84 | } |
||
85 | |||
86 | /** |
||
87 | * @return ClientEntityInterface |
||
88 | */ |
||
89 | abstract public function getClient(); |
||
90 | |||
91 | /** |
||
92 | * @return DateTimeImmutable |
||
93 | */ |
||
94 | abstract public function getExpiryDateTime(); |
||
95 | |||
96 | /** |
||
97 | * @return string|int |
||
98 | */ |
||
99 | abstract public function getUserIdentifier(); |
||
100 | |||
101 | /** |
||
102 | * @return ScopeEntityInterface[] |
||
103 | */ |
||
104 | abstract public function getScopes(); |
||
105 | |||
106 | /** |
||
107 | * @return string |
||
108 | */ |
||
109 | abstract public function getIdentifier(); |
||
110 | } |
||
111 |