| 1: | <?php |
| 2: | /* |
| 3: | * SimpleID |
| 4: | * |
| 5: | * Copyright (C) Kelvin Mo 2014-2025 |
| 6: | * |
| 7: | * This program is free software; you can redistribute it and/or |
| 8: | * modify it under the terms of the GNU General Public |
| 9: | * License as published by the Free Software Foundation; either |
| 10: | * version 2 of the License, or (at your option) any later version. |
| 11: | * |
| 12: | * This program is distributed in the hope that it will be useful, |
| 13: | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14: | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15: | * General Public License for more details. |
| 16: | * |
| 17: | * You should have received a copy of the GNU General Public |
| 18: | * License along with this program; if not, write to the Free |
| 19: | * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 20: | */ |
| 21: | |
| 22: | namespace SimpleID\Protocols\OAuth; |
| 23: | |
| 24: | /** |
| 25: | * An OAuth access token. |
| 26: | * |
| 27: | * To create and encode a token, use the {@link create()} static function. |
| 28: | * To parse an encoded token, use the {@link decode()} static function. |
| 29: | */ |
| 30: | class AccessToken extends Token implements AccessTokenInterface { |
| 31: | /** @var string */ |
| 32: | private $token_type = 'bearer'; |
| 33: | |
| 34: | protected function __construct() { |
| 35: | parent::__construct(); |
| 36: | } |
| 37: | |
| 38: | /** |
| 39: | * {@inheritdoc} |
| 40: | * |
| 41: | * @return string the token type |
| 42: | */ |
| 43: | public function getType(): string { |
| 44: | return 'access_token'; |
| 45: | } |
| 46: | |
| 47: | /** |
| 48: | * Decodes an encoded token and returns an instance of this class |
| 49: | * containing the decoded data. |
| 50: | * |
| 51: | * The decoded token can be checked for validity using the {@link isValid()} |
| 52: | * and {@link hasScope()} methods. The data can be obtained using the |
| 53: | * various `get` methods. |
| 54: | * |
| 55: | * @param string $encoded the encoded token |
| 56: | * @return AccessToken the decoded token |
| 57: | */ |
| 58: | static public function decode($encoded) { |
| 59: | $token = new AccessToken(); |
| 60: | $token->encoded = $encoded; |
| 61: | $token->parse(); |
| 62: | return $token; |
| 63: | } |
| 64: | |
| 65: | /** |
| 66: | * Encodes a token from parameters and returns an instance of this class. |
| 67: | * |
| 68: | * The encoded token can be obtained using the {@link getEncoded()} method. |
| 69: | * |
| 70: | * @param Authorization $authorization the authorisation to use to create |
| 71: | * this token |
| 72: | * @param array<string> $scope the scope of this token - this must be a subset |
| 73: | * of the scope provided in `$authorization` |
| 74: | * @param int $expires_in the time to expiry or {@link Token::TTL_PERPETUAL} |
| 75: | * @param TokenGrantType $grant if the token is created from a previous authorisation |
| 76: | * code or refresh token, the ID of those artefacts |
| 77: | * @param array<string, mixed> $additional any additional data to be stored on the server for this token |
| 78: | * @return AccessToken|null |
| 79: | */ |
| 80: | static public function create($authorization, $scope = [], $expires_in = Token::TTL_PERPETUAL, $grant = NULL, $additional = []) { |
| 81: | $token = new AccessToken(); |
| 82: | $token->init($authorization, $scope, $expires_in, $grant, $additional); |
| 83: | $token->encode(); |
| 84: | $token->is_parsed = true; |
| 85: | return $token; |
| 86: | } |
| 87: | |
| 88: | /** |
| 89: | * {@inheritdoc} |
| 90: | * |
| 91: | * This class will always return `bearer`. Subclasses implementing other token |
| 92: | * types may return a different value. |
| 93: | * |
| 94: | * @return string the token type |
| 95: | */ |
| 96: | public function getAccessTokenType(): string { |
| 97: | return $this->token_type; |
| 98: | } |
| 99: | } |
| 100: | |
| 101: | ?> |