vendor/league/oauth2-server/src/AuthorizationServer.php line 189

Open in your IDE?
  1. <?php
  2. /**
  3.  * @author      Alex Bilbie <hello@alexbilbie.com>
  4.  * @copyright   Copyright (c) Alex Bilbie
  5.  * @license     http://mit-license.org/
  6.  *
  7.  * @link        https://github.com/thephpleague/oauth2-server
  8.  */
  10. namespace League\OAuth2\Server;
  12. use DateInterval;
  13. use Defuse\Crypto\Key;
  14. use League\Event\EmitterAwareInterface;
  15. use League\Event\EmitterAwareTrait;
  16. use League\OAuth2\Server\Exception\OAuthServerException;
  17. use League\OAuth2\Server\Grant\GrantTypeInterface;
  18. use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
  19. use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
  20. use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
  21. use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
  22. use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
  23. use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
  24. use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
  25. use Psr\Http\Message\ResponseInterface;
  26. use Psr\Http\Message\ServerRequestInterface;
  28. class AuthorizationServer implements EmitterAwareInterface
  29. {
  30.     use EmitterAwareTrait;
  32.     /**
  33.      * @var GrantTypeInterface[]
  34.      */
  35.     protected $enabledGrantTypes = [];
  37.     /**
  38.      * @var DateInterval[]
  39.      */
  40.     protected $grantTypeAccessTokenTTL = [];
  42.     /**
  43.      * @var CryptKey
  44.      */
  45.     protected $privateKey;
  47.     /**
  48.      * @var CryptKey
  49.      */
  50.     protected $publicKey;
  52.     /**
  53.      * @var ResponseTypeInterface
  54.      */
  55.     protected $responseType;
  57.     /**
  58.      * @var ClientRepositoryInterface
  59.      */
  60.     private $clientRepository;
  62.     /**
  63.      * @var AccessTokenRepositoryInterface
  64.      */
  65.     private $accessTokenRepository;
  67.     /**
  68.      * @var ScopeRepositoryInterface
  69.      */
  70.     private $scopeRepository;
  72.     /**
  73.      * @var string|Key
  74.      */
  75.     private $encryptionKey;
  77.     /**
  78.      * @var string
  79.      */
  80.     private $defaultScope '';
  82.     /**
  83.      * New server instance.
  84.      *
  85.      * @param ClientRepositoryInterface      $clientRepository
  86.      * @param AccessTokenRepositoryInterface $accessTokenRepository
  87.      * @param ScopeRepositoryInterface       $scopeRepository
  88.      * @param CryptKey|string                $privateKey
  89.      * @param string|Key                     $encryptionKey
  90.      * @param null|ResponseTypeInterface     $responseType
  91.      */
  92.     public function __construct(
  93.         ClientRepositoryInterface $clientRepository,
  94.         AccessTokenRepositoryInterface $accessTokenRepository,
  95.         ScopeRepositoryInterface $scopeRepository,
  96.         $privateKey,
  97.         $encryptionKey,
  98.         ResponseTypeInterface $responseType null
  99.     ) {
  100.         $this->clientRepository $clientRepository;
  101.         $this->accessTokenRepository $accessTokenRepository;
  102.         $this->scopeRepository $scopeRepository;
  104.         if ($privateKey instanceof CryptKey === false) {
  105.             $privateKey = new CryptKey($privateKey);
  106.         }
  108.         $this->privateKey $privateKey;
  109.         $this->encryptionKey $encryptionKey;
  111.         if ($responseType === null) {
  112.             $responseType = new BearerTokenResponse();
  113.         } else {
  114.             $responseType = clone $responseType;
  115.         }
  117.         $this->responseType $responseType;
  118.     }
  120.     /**
  121.      * Enable a grant type on the server.
  122.      *
  123.      * @param GrantTypeInterface $grantType
  124.      * @param null|DateInterval  $accessTokenTTL
  125.      */
  126.     public function enableGrantType(GrantTypeInterface $grantTypeDateInterval $accessTokenTTL null)
  127.     {
  128.         if ($accessTokenTTL instanceof DateInterval === false) {
  129.             $accessTokenTTL = new DateInterval('PT1H');
  130.         }
  132.         $grantType->setAccessTokenRepository($this->accessTokenRepository);
  133.         $grantType->setClientRepository($this->clientRepository);
  134.         $grantType->setScopeRepository($this->scopeRepository);
  135.         $grantType->setDefaultScope($this->defaultScope);
  136.         $grantType->setPrivateKey($this->privateKey);
  137.         $grantType->setEmitter($this->getEmitter());
  138.         $grantType->setEncryptionKey($this->encryptionKey);
  140.         $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
  141.         $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
  142.     }
  144.     /**
  145.      * Validate an authorization request
  146.      *
  147.      * @param ServerRequestInterface $request
  148.      *
  149.      * @throws OAuthServerException
  150.      *
  151.      * @return AuthorizationRequest
  152.      */
  153.     public function validateAuthorizationRequest(ServerRequestInterface $request)
  154.     {
  155.         foreach ($this->enabledGrantTypes as $grantType) {
  156.             if ($grantType->canRespondToAuthorizationRequest($request)) {
  157.                 return $grantType->validateAuthorizationRequest($request);
  158.             }
  159.         }
  161.         throw OAuthServerException::unsupportedGrantType();
  162.     }
  164.     /**
  165.      * Complete an authorization request
  166.      *
  167.      * @param AuthorizationRequest $authRequest
  168.      * @param ResponseInterface    $response
  169.      *
  170.      * @return ResponseInterface
  171.      */
  172.     public function completeAuthorizationRequest(AuthorizationRequest $authRequestResponseInterface $response)
  173.     {
  174.         return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
  175.             ->completeAuthorizationRequest($authRequest)
  176.             ->generateHttpResponse($response);
  177.     }
  179.     /**
  180.      * Return an access token response.
  181.      *
  182.      * @param ServerRequestInterface $request
  183.      * @param ResponseInterface      $response
  184.      *
  185.      * @throws OAuthServerException
  186.      *
  187.      * @return ResponseInterface
  188.      */
  189.     public function respondToAccessTokenRequest(ServerRequestInterface $requestResponseInterface $response)
  190.     {
  191.         foreach ($this->enabledGrantTypes as $grantType) {
  192.             if (!$grantType->canRespondToAccessTokenRequest($request)) {
  193.                 continue;
  194.             }
  195.             $tokenResponse $grantType->respondToAccessTokenRequest(
  196.                 $request,
  197.                 $this->getResponseType(),
  198.                 $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
  199.             );
  201.             if ($tokenResponse instanceof ResponseTypeInterface) {
  202.                 return $tokenResponse->generateHttpResponse($response);
  203.             }
  204.         }
  206.         throw OAuthServerException::unsupportedGrantType();
  207.     }
  209.     /**
  210.      * Get the token type that grants will return in the HTTP response.
  211.      *
  212.      * @return ResponseTypeInterface
  213.      */
  214.     protected function getResponseType()
  215.     {
  216.         $responseType = clone $this->responseType;
  218.         if ($responseType instanceof AbstractResponseType) {
  219.             $responseType->setPrivateKey($this->privateKey);
  220.         }
  222.         $responseType->setEncryptionKey($this->encryptionKey);
  224.         return $responseType;
  225.     }
  227.     /**
  228.      * Set the default scope for the authorization server.
  229.      *
  230.      * @param string $defaultScope
  231.      */
  232.     public function setDefaultScope($defaultScope)
  233.     {
  234.         $this->defaultScope $defaultScope;
  235.     }
  236. }