83 lines
2.6 KiB
PHP
83 lines
2.6 KiB
PHP
<?php
|
|
|
|
namespace OAuth2\Storage;
|
|
|
|
/**
|
|
* Implement this interface to specify where the OAuth2 Server
|
|
* should get/save refresh tokens for the "Refresh Token"
|
|
* grant type
|
|
*
|
|
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
*/
|
|
interface RefreshTokenInterface
|
|
{
|
|
/**
|
|
* Grant refresh access tokens.
|
|
*
|
|
* Retrieve the stored data for the given refresh token.
|
|
*
|
|
* Required for OAuth2::GRANT_TYPE_REFRESH_TOKEN.
|
|
*
|
|
* @param $refresh_token
|
|
* Refresh token to be check with.
|
|
*
|
|
* @return
|
|
* An associative array as below, and NULL if the refresh_token is
|
|
* invalid:
|
|
* - refresh_token: Refresh token identifier.
|
|
* - client_id: Client identifier.
|
|
* - user_id: User identifier.
|
|
* - expires: Expiration unix timestamp, or 0 if the token doesn't expire.
|
|
* - scope: (optional) Scope values in space-separated string.
|
|
*
|
|
* @see http://tools.ietf.org/html/rfc6749#section-6
|
|
*
|
|
* @ingroup oauth2_section_6
|
|
*/
|
|
public function getRefreshToken($refresh_token);
|
|
|
|
/**
|
|
* Take the provided refresh token values and store them somewhere.
|
|
*
|
|
* This function should be the storage counterpart to getRefreshToken().
|
|
*
|
|
* If storage fails for some reason, we're not currently checking for
|
|
* any sort of success/failure, so you should bail out of the script
|
|
* and provide a descriptive fail message.
|
|
*
|
|
* Required for OAuth2::GRANT_TYPE_REFRESH_TOKEN.
|
|
*
|
|
* @param $refresh_token
|
|
* Refresh token to be stored.
|
|
* @param $client_id
|
|
* Client identifier to be stored.
|
|
* @param $user_id
|
|
* User identifier to be stored.
|
|
* @param $expires
|
|
* Expiration timestamp to be stored. 0 if the token doesn't expire.
|
|
* @param $scope
|
|
* (optional) Scopes to be stored in space-separated string.
|
|
*
|
|
* @ingroup oauth2_section_6
|
|
*/
|
|
public function setRefreshToken($refresh_token, $client_id, $user_id, $expires, $scope = null);
|
|
|
|
/**
|
|
* Expire a used refresh token.
|
|
*
|
|
* This is not explicitly required in the spec, but is almost implied.
|
|
* After granting a new refresh token, the old one is no longer useful and
|
|
* so should be forcibly expired in the data store so it can't be used again.
|
|
*
|
|
* If storage fails for some reason, we're not currently checking for
|
|
* any sort of success/failure, so you should bail out of the script
|
|
* and provide a descriptive fail message.
|
|
*
|
|
* @param $refresh_token
|
|
* Refresh token to be expirse.
|
|
*
|
|
* @ingroup oauth2_section_6
|
|
*/
|
|
public function unsetRefreshToken($refresh_token);
|
|
}
|