[6351] | 1 | <?php |
---|
| 2 | |
---|
| 3 | /** |
---|
| 4 | * All storage engines need to implement this interface in order to use OAuth2 server |
---|
| 5 | * |
---|
| 6 | * @author David Rochwerger <catch.dave@gmail.com> |
---|
| 7 | */ |
---|
| 8 | interface IOAuth2Storage { |
---|
| 9 | |
---|
| 10 | /** |
---|
| 11 | * Make sure that the client credentials is valid. |
---|
| 12 | * |
---|
| 13 | * @param $client_id |
---|
| 14 | * Client identifier to be check with. |
---|
| 15 | * @param $client_secret |
---|
| 16 | * (optional) If a secret is required, check that they've given the right one. |
---|
| 17 | * |
---|
| 18 | * @return |
---|
| 19 | * TRUE if the client credentials are valid, and MUST return FALSE if it isn't. |
---|
| 20 | * @endcode |
---|
| 21 | * |
---|
| 22 | * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-3.1 |
---|
| 23 | * |
---|
| 24 | * @ingroup oauth2_section_3 |
---|
| 25 | */ |
---|
| 26 | public function checkClientCredentials($client_id, $client_secret = NULL); |
---|
| 27 | |
---|
| 28 | /** |
---|
| 29 | * Get client details corresponding client_id. |
---|
| 30 | * |
---|
| 31 | * OAuth says we should store request URIs for each registered client. |
---|
| 32 | * Implement this function to grab the stored URI for a given client id. |
---|
| 33 | * |
---|
| 34 | * @param $client_id |
---|
| 35 | * Client identifier to be check with. |
---|
| 36 | * |
---|
| 37 | * @return array |
---|
| 38 | * Client details. Only mandatory item is the "registered redirect URI", and MUST |
---|
| 39 | * return FALSE if the given client does not exist or is invalid. |
---|
| 40 | * |
---|
| 41 | * @ingroup oauth2_section_4 |
---|
| 42 | */ |
---|
| 43 | public function getClientDetails($client_id); |
---|
| 44 | |
---|
| 45 | /** |
---|
| 46 | * Look up the supplied oauth_token from storage. |
---|
| 47 | * |
---|
| 48 | * We need to retrieve access token data as we create and verify tokens. |
---|
| 49 | * |
---|
| 50 | * @param $oauth_token |
---|
| 51 | * oauth_token to be check with. |
---|
| 52 | * |
---|
| 53 | * @return |
---|
| 54 | * An associative array as below, and return NULL if the supplied oauth_token |
---|
| 55 | * is invalid: |
---|
| 56 | * - client_id: Stored client identifier. |
---|
| 57 | * - expires: Stored expiration in unix timestamp. |
---|
| 58 | * - scope: (optional) Stored scope values in space-separated string. |
---|
| 59 | * |
---|
| 60 | * @ingroup oauth2_section_7 |
---|
| 61 | */ |
---|
| 62 | public function getAccessToken($oauth_token); |
---|
| 63 | |
---|
| 64 | /** |
---|
| 65 | * Store the supplied access token values to storage. |
---|
| 66 | * |
---|
| 67 | * We need to store access token data as we create and verify tokens. |
---|
| 68 | * |
---|
| 69 | * @param $oauth_token |
---|
| 70 | * oauth_token to be stored. |
---|
| 71 | * @param $client_id |
---|
| 72 | * Client identifier to be stored. |
---|
| 73 | * @param $user_id |
---|
| 74 | * User identifier to be stored. |
---|
| 75 | * @param $expires |
---|
| 76 | * Expiration to be stored. |
---|
| 77 | * @param $scope |
---|
| 78 | * (optional) Scopes to be stored in space-separated string. |
---|
| 79 | * |
---|
| 80 | * @ingroup oauth2_section_4 |
---|
| 81 | */ |
---|
| 82 | public function setAccessToken($oauth_token, $client_id, $user_id, $expires, $scope = NULL, $refresh_token); |
---|
| 83 | |
---|
| 84 | /** |
---|
| 85 | * Check restricted grant types of corresponding client identifier. |
---|
| 86 | * |
---|
| 87 | * If you want to restrict clients to certain grant types, override this |
---|
| 88 | * function. |
---|
| 89 | * |
---|
| 90 | * @param $client_id |
---|
| 91 | * Client identifier to be check with. |
---|
| 92 | * @param $grant_type |
---|
| 93 | * Grant type to be check with, would be one of the values contained in |
---|
| 94 | * OAuth2::GRANT_TYPE_REGEXP. |
---|
| 95 | * |
---|
| 96 | * @return |
---|
| 97 | * TRUE if the grant type is supported by this client identifier, and |
---|
| 98 | * FALSE if it isn't. |
---|
| 99 | * |
---|
| 100 | * @ingroup oauth2_section_4 |
---|
| 101 | */ |
---|
| 102 | public function checkRestrictedGrantType($client_id, $grant_type); |
---|
| 103 | } |
---|