My favorites | Sign in
Project Home Downloads Wiki Issues Source
READ-ONLY: This project has been archived. For more information see this post.
Search
for
GrantTypeMethods  
Description of the protected methods that must be implemented for each grant type.
Updated Jun 28, 2010 by tim.ridg...@gmail.com

Introduction

While the core, required methods of the OAuth2 library are marked as abstract, several others are only required to support particular grant types.

Marking all of these methods abstract would require subclasses to implement all of them, which is undesirable, because they would not all be used.

Depending on the grant types that your OAuth2 library supports, you will need to implement the methods detailed below.

Authorization Codes

Required methods

  • get_stored_auth_code($code)
  • store_auth_code($code, $client_id, $redirect_uri, $expires, $scope)

These methods store and retrieve authorization codes, using persistent storage.

get_stored_auth_code

Given a code, return an array:

 array (
  "client_id" => <stored client id>,
  "redirect_uri" => <stored redirect URI>,
  "expires" => <stored code expiration time>,
  "scope" => <stored scope values (space-separated string), or can be omitted if scope is unused>
 )

Return null if the code is invalid.

store_auth_code

Take the given values and store them in your database. All values except for $expires are supplied as strings. $expires is an integer (UNIX timestamp).

If storage fails, you should throw a descriptive message and exit. The library does not check the return value for success or failure.

Basic User Credentials

Required methods

  • check_user_credentials($client_id, $username, $password)

check_user_credentials

Verify the given username and password (also called a shared secret). Return false if the credentials are invalid.

If your resources require a given scope, you should return an array that contains the scope of the user's access:

 array (
  "scope" => <user's scope values (space-separated string)>
 )

Assertions

Required methods

  • check_assertion($client_id, $assertion_type, $assertion)

check_assertion

Verify the given assertion. Return false if the assertion is invalid.

If your resources require a given scope, you should return an array that contains the scope of the assertion's access:

 array (
  "scope" => <scope values from the assertion (space-separated string)>
 )

Refresh Tokens

Required methods

  • get_refresh_token($refresh_token)
  • store_refresh_token($token, $client_id, $expires, $scope = null)

get_refresh_token

Given a refresh token id, retrieve the token from storage and return an array with the values:

 array (
  "client_id" => <stored client id>,
  "expires" => <stored code expiration time>,
  "scope" => <stored scope values (space-separated string), or can be omitted if scope is unused>
 )

store_refresh_token

Take the given values and store them in your database. All values except for $expires are supplied as strings. $expires is an integer (UNIX timestamp).

If storage fails, you should throw a descriptive message and exit. The library does not check the return value for success or failure.

None

Required methods

  • check_none_access($client_id)

check_none_access

The spec doesn't really describe this access method very well yet. Return true to grant access or false to deny access.

If your resources require a given scope, you should return an array that contains the access scope:

 array (
  "scope" => <scope values from the assertion (space-separated string)>
 )
Comment by sey...@gmail.com, Oct 24, 2012

I'd like to pass additional info to the output for the grantAccessToken() (OAuth.php). How can I do this?

Powered by Google Project Hosting