| 1: | <?php |
| 2: | /* |
| 3: | * SimpleID |
| 4: | * |
| 5: | * Copyright (C) Kelvin Mo 2014-2025 |
| 6: | * |
| 7: | * This program is free software; you can redistribute it and/or |
| 8: | * modify it under the terms of the GNU General Public |
| 9: | * License as published by the Free Software Foundation; either |
| 10: | * version 2 of the License, or (at your option) any later version. |
| 11: | * |
| 12: | * This program is distributed in the hope that it will be useful, |
| 13: | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14: | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15: | * General Public License for more details. |
| 16: | * |
| 17: | * You should have received a copy of the GNU General Public |
| 18: | * License along with this program; if not, write to the Free |
| 19: | * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 20: | */ |
| 21: | |
| 22: | namespace SimpleID\Protocols\OAuth; |
| 23: | |
| 24: | /** |
| 25: | * An OAuth refresh token. |
| 26: | * |
| 27: | * Refresh tokens are perpetual bearer tokens from which access tokens |
| 28: | * can be granted. As such, it implements the |
| 29: | * {@link TokenGrantType} interface. |
| 30: | * |
| 31: | * To create and encode a token, use the {@link create()} static function. |
| 32: | * To parse an encoded token, use the {@link decode()} static function. |
| 33: | */ |
| 34: | class RefreshToken extends Token implements TokenGrantType { |
| 35: | /** Creates a refresh token */ |
| 36: | protected function __construct() { |
| 37: | parent::__construct(); |
| 38: | $this->expire = null; |
| 39: | } |
| 40: | |
| 41: | /** |
| 42: | * {@inheritdoc} |
| 43: | * |
| 44: | * @return string the token type |
| 45: | */ |
| 46: | public function getType(): string { |
| 47: | return 'refresh_token'; |
| 48: | } |
| 49: | |
| 50: | /** |
| 51: | * Decodes an encoded token and returns an instance of this class |
| 52: | * containing the decoded data. |
| 53: | * |
| 54: | * The decoded token can be checked for validity using the {@link isValid()} |
| 55: | * and {@link hasScope()} methods. The data can be obtained using the |
| 56: | * various `get` methods. |
| 57: | * |
| 58: | * @param string $encoded the encoded token |
| 59: | * @return RefreshToken the decoded token |
| 60: | */ |
| 61: | static public function decode($encoded) { |
| 62: | $token = new RefreshToken(); |
| 63: | $token->encoded = $encoded; |
| 64: | $token->parse(); |
| 65: | return $token; |
| 66: | } |
| 67: | |
| 68: | /** |
| 69: | * Encodes a token from parameters and returns an instance of this class. |
| 70: | * |
| 71: | * The encoded token can be obtained using the {@link getEncoded()} method. |
| 72: | * |
| 73: | * @param Authorization $authorization the authorisation to use to create |
| 74: | * this token |
| 75: | * @param array<string> $scope the scope of this token - this must be a subset |
| 76: | * of the scope provided in `$authorization` |
| 77: | * @param TokenGrantType $source if the token is created from a previous authorisation |
| 78: | * code or refresh token, the ID of those artefacts |
| 79: | * @param array<string, mixed> $additional any additional data to be stored on the server for this token |
| 80: | * @return RefreshToken|null |
| 81: | */ |
| 82: | static public function create($authorization, $scope = [], $source = NULL, $additional = []) { |
| 83: | $token = new RefreshToken(); |
| 84: | $token->init($authorization, $scope, Token::TTL_PERPETUAL, $source, $additional); |
| 85: | $token->encode(); |
| 86: | $token->is_parsed = true; |
| 87: | return $token; |
| 88: | } |
| 89: | |
| 90: | public function getGrantRef() { |
| 91: | return substr($this->id, -9); |
| 92: | } |
| 93: | } |
| 94: | |
| 95: | ?> |