mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-23 18:28:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Added possibility to manage client_credentials OAuth tokens

Browse source
This commit is contained in:
Jan Böhmer 2023-07-30 15:24:46 +02:00
parent 1b3fc2c23c
commit 6a00b8e168
3 changed files with 82 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

28
src/Entity/OAuthToken.php
View file

@ -39,26 +39,34 @@ use League\OAuth2\Client\Token\AccessTokenInterface;
class OAuthToken extends AbstractNamedDBElement implements AccessTokenInterface
{
/** @var string|null The short-term usable OAuth2 token */
#[ORM\Column(type: 'string', nullable: true)]
#[ORM\Column(type: 'text', nullable: true)]
private ?string $token = null;
/** @var \DateTimeInterface The date when the token expires */
#[ORM\Column(type: Types::DATETIME_IMMUTABLE, nullable: true)]
private ?\DateTimeInterface $expires_at = null;
/** @var string The refresh token for the OAuth2 auth */
#[ORM\Column(type: 'string')]
private string $refresh_token = '';
/** @var string|null The refresh token for the OAuth2 auth */
#[ORM\Column(type: 'text', nullable: true)]
private ?string $refresh_token = null;
/**
* The default expiration time for a authorization token, if no expiration time is given
*/
private const DEFAULT_EXPIRATION_TIME = 3600;
public function __construct(string $name, string $refresh_token, string $token = null, \DateTimeInterface $expires_at = null)
public function __construct(string $name, ?string $refresh_token, ?string $token = null, \DateTimeInterface $expires_at = null)
{
//If token is given, you also have to give the expires_at date
if ($token !== null && $expires_at === null) {
throw new \InvalidArgumentException('If you give a token, you also have to give the expires_at date');
}
//If no refresh_token is given, the token is a client credentials grant token, which must have a token
if ($refresh_token === null && $token === null) {
throw new \InvalidArgumentException('If you give no refresh_token, you have to give a token!');
}
$this->name = $name;
$this->refresh_token = $refresh_token;
$this->expires_at = $expires_at;
@ -109,6 +117,16 @@ class OAuthToken extends AbstractNamedDBElement implements AccessTokenInterface
return $this->expires_at->getTimestamp() < time();
}
/**
* Returns true if this token is a client credentials grant token (meaning it has no refresh token), and
* needs to be refreshed via the client credentials grant.
* @return bool
*/
public function isClientCredentialsGrant(): bool
{
return $this->refresh_token === null;
}
public function replaceWithNewToken(AccessTokenInterface $accessToken): void
{
$this->token = $accessToken->getToken();