1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * All storage engines need to implement this interface in order to use OAuth2 server |
---|
5 | * |
---|
6 | * @author David Rochwerger <catch.dave@gmail.com> |
---|
7 | */ |
---|
8 | interface IOAuth2Storage { |
---|
9 | |
---|
10 | /** |
---|
11 | * Make sure that the client credentials is valid. |
---|
12 | * |
---|
13 | * @param $client_id |
---|
14 | * Client identifier to be check with. |
---|
15 | * @param $client_secret |
---|
16 | * (optional) If a secret is required, check that they've given the right one. |
---|
17 | * |
---|
18 | * @return |
---|
19 | * TRUE if the client credentials are valid, and MUST return FALSE if it isn't. |
---|
20 | * @endcode |
---|
21 | * |
---|
22 | * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-3.1 |
---|
23 | * |
---|
24 | * @ingroup oauth2_section_3 |
---|
25 | */ |
---|
26 | public function checkClientCredentials($client_id, $client_secret = NULL); |
---|
27 | |
---|
28 | /** |
---|
29 | * Get client details corresponding client_id. |
---|
30 | * |
---|
31 | * OAuth says we should store request URIs for each registered client. |
---|
32 | * Implement this function to grab the stored URI for a given client id. |
---|
33 | * |
---|
34 | * @param $client_id |
---|
35 | * Client identifier to be check with. |
---|
36 | * |
---|
37 | * @return array |
---|
38 | * Client details. Only mandatory item is the "registered redirect URI", and MUST |
---|
39 | * return FALSE if the given client does not exist or is invalid. |
---|
40 | * |
---|
41 | * @ingroup oauth2_section_4 |
---|
42 | */ |
---|
43 | public function getClientDetails($client_id); |
---|
44 | |
---|
45 | /** |
---|
46 | * Look up the supplied oauth_token from storage. |
---|
47 | * |
---|
48 | * We need to retrieve access token data as we create and verify tokens. |
---|
49 | * |
---|
50 | * @param $oauth_token |
---|
51 | * oauth_token to be check with. |
---|
52 | * |
---|
53 | * @return |
---|
54 | * An associative array as below, and return NULL if the supplied oauth_token |
---|
55 | * is invalid: |
---|
56 | * - client_id: Stored client identifier. |
---|
57 | * - expires: Stored expiration in unix timestamp. |
---|
58 | * - scope: (optional) Stored scope values in space-separated string. |
---|
59 | * |
---|
60 | * @ingroup oauth2_section_7 |
---|
61 | */ |
---|
62 | public function getAccessToken($oauth_token); |
---|
63 | |
---|
64 | /** |
---|
65 | * Store the supplied access token values to storage. |
---|
66 | * |
---|
67 | * We need to store access token data as we create and verify tokens. |
---|
68 | * |
---|
69 | * @param $oauth_token |
---|
70 | * oauth_token to be stored. |
---|
71 | * @param $client_id |
---|
72 | * Client identifier to be stored. |
---|
73 | * @param $user_id |
---|
74 | * User identifier to be stored. |
---|
75 | * @param $expires |
---|
76 | * Expiration to be stored. |
---|
77 | * @param $scope |
---|
78 | * (optional) Scopes to be stored in space-separated string. |
---|
79 | * |
---|
80 | * @ingroup oauth2_section_4 |
---|
81 | */ |
---|
82 | public function setAccessToken($oauth_token, $client_id, $user_id, $expires, $scope = NULL, $refresh_token); |
---|
83 | |
---|
84 | /** |
---|
85 | * Check restricted grant types of corresponding client identifier. |
---|
86 | * |
---|
87 | * If you want to restrict clients to certain grant types, override this |
---|
88 | * function. |
---|
89 | * |
---|
90 | * @param $client_id |
---|
91 | * Client identifier to be check with. |
---|
92 | * @param $grant_type |
---|
93 | * Grant type to be check with, would be one of the values contained in |
---|
94 | * OAuth2::GRANT_TYPE_REGEXP. |
---|
95 | * |
---|
96 | * @return |
---|
97 | * TRUE if the grant type is supported by this client identifier, and |
---|
98 | * FALSE if it isn't. |
---|
99 | * |
---|
100 | * @ingroup oauth2_section_4 |
---|
101 | */ |
---|
102 | public function checkRestrictedGrantType($client_id, $grant_type); |
---|
103 | } |
---|