| Methods |
public
static
|
init($f3)
|
#
|
public
|
__construct()
|
#
|
public
|
onPostInit(GenericStoppableEvent $event): void
Run post-initialisation procedures. This event is only called in the main
SimpleID invocation, and not during the upgrade process.
Run post-initialisation procedures. This event is only called in the main
SimpleID invocation, and not during the upgrade process.
|
#
|
public
|
auth(): void
Prepares an OAuth authorisation request for processing.
Prepares an OAuth authorisation request for processing.
This function checks the request for protocol compliance via
checkAuthRequest() before passing it to processAuthRequest()
for processing.
|
#
|
protected
|
checkAuthRequest(Request $request, Response $response): void
Checks an OAuth authorisation request for protocol compliance.
Checks an OAuth authorisation request for protocol compliance.
Parameters
| $request |
the original request
|
| $response |
the OAuth response
|
|
#
|
protected
|
processAuthRequest(Request $request, Response $response): void
Processes an OAuth authorisation request that has been prepared by checkAuthRequest() .
It is important that all requests are prepared by checkAuthRequest()
instead of being passed directly to this function, as this function assumes that the request
has been checked for protocol compliance.
Parameters
| $request |
the original request
|
| $response |
the OAuth response
|
|
#
|
protected
|
checkIdentity(Request $request): int
Determines whether the current user has granted authorisation to the OAuth/OpenID Connect
client.
Determines whether the current user has granted authorisation to the OAuth/OpenID Connect
client.
Parameters
| $request |
the OAuth authorisation request
|
Returns
one of CHECKID_OK, CHECKID_APPROVAL_REQUIRED, CHECKID_LOGIN_REQUIRED, CHECKID_INSUFFICIENT_TRUST
or CHECKID_USER_DENIED
|
#
|
protected
|
grantAuth(Request $request, Response $response, array<string>|null $scopes = null): void
Grants an authorisation request by issuing the appropriate response. The response
may take in the form of an authorization code, an access token or other
parameters
Grants an authorisation request by issuing the appropriate response. The response
may take in the form of an authorization code, an access token or other
parameters
Parameters
| $request |
the authorisation request
|
| $response |
the authorisation response
|
| $scopes |
the requested scope
|
|
#
|
public
|
token(): void
Processes an OAuth token request.
Processes an OAuth token request.
|
#
|
protected
|
tokenFromCode(Request $request, Response $response): void
Processes an OAuth token request where an authorisation code is supplied.
Processes an OAuth token request where an authorisation code is supplied.
Parameters
| $request |
the OAuth token request
|
| $response |
the OAuth response
|
|
#
|
protected
|
tokenFromRefreshToken(Request $request, Response $response): void
Processes an OAuth refresh token request.
Processes an OAuth refresh token request.
Parameters
| $request |
the OAuth token request
|
| $response |
the response
|
|
#
|
protected
|
consentForm(Request $request, Response $response): void
Provides a form for user authorisation of an OAuth client.
Provides a form for user authorisation of an OAuth client.
Parameters
| $request |
the OAuth request
|
| $response |
the OAuth response
|
|
#
|
public
|
consent(): void
|
#
|
public
|
revoke(): void
Endpoint for token revocation requests
Endpoint for token revocation requests
|
#
|
public
|
introspect(): void
Endpoint for token revocation requests
Endpoint for token revocation requests
|
#
|
public
|
metadata(): void
Displays the OAuth authorisation server metadata for this installation.
Displays the OAuth authorisation server metadata for this installation.
|
#
|
public
|
onScopeInfoCollectionEvent(ScopeInfoCollectionEvent $event): void
|
#
|
public
|
onOauthResponseTypes(BaseDataCollectionEvent $event): void
|
#
|
public
|
onConsentRevoke(ConsentEvent $event): void
|
#
|
protected
|
rfc3986_urlencode(string $s): string
Encodes a URL using RFC 3986.
Encodes a URL using RFC 3986.
PHP's rawurlencode function encodes a URL using RFC 1738. RFC 1738 has been
updated by RFC 3986, which change the list of characters which needs to be
encoded.
Strictly correct encoding is required for various purposes, such as OAuth
signature base strings.
Parameters
Returns
|
#
|
protected
|
inferTokenFromRequestBody(Request $request, Response $response): ?Token
Infers a token by parsing the token and token_type_hint parameters
in the body of a request. If token_type_hint exists, then the
appropriate Token object is created from token. If token_type_hint
does not exist, it firstly attempts to create an access token, then
it attempts to create a refresh token.
Infers a token by parsing the token and token_type_hint parameters
in the body of a request. If token_type_hint exists, then the
appropriate Token object is created from token. If token_type_hint
does not exist, it firstly attempts to create an access token, then
it attempts to create a refresh token.
Note that the token returned may not be valid.
If an error occurs, then an appropriate error response is set using
the supplied response object
Parameters
| $request |
the request
|
| $response |
the response
|
Returns
the access or refresh token, or null if no token can be found
|
#
|
public
static
|
sortScopes(string $a, string $b): int
A callback function for use by usort() to sort scopes to be displayed on
a consent form.
A callback function for use by usort() to sort scopes to be displayed on
a consent form.
This function determines the sort order as follows:
- If the relevant entry has a
key called
required and is set to true, this scope is placed first
- If the relevant entry has a
key called
weight, it is sorted using that weight.
- Otherwise, scopes are sorted in alphabetical order
|
#
|