Class

ezpOauthUtility

class ezpOauthUtility extends ezpRestModel

Functionality for working against the draft 10 of the oauth2 spec.

Constants

AUTH_HEADER_NAME

AUTH_CGI_HEADER_NAME

Methods

static void getToken(ezcMvcRequest $request)

Retrieving token as per section 5 of draft-ietf-oauth-v2-10

static ezpRestToken doRefreshToken(string $clientId, string $clientSecret, string $refreshToken)

Handles a refresh_token request.

static ezpRestToken doRefreshTokenWithAuthorizationCode(string $clientId, string $clientSecret, string $authCode, string $redirectUri)

Generates a new token against an authorization_code Auth code is checked against clientId, clientSecret and redirectUri as registered for client in admin Auth code is for one-use only and will be removed once the access token generated

Details

at line 37
static public void getToken(ezcMvcRequest $request)

Retrieving token as per section 5 of draft-ietf-oauth-v2-10

Token can be present inside the Authorize header, inside a URI query parameter, or in the HTTP body.

According to section 5.1 the header is the preferred way, and the query component and HTTP body are only looked at if no such header can be found.

Parameters

ezcMvcRequest $request

Return Value

void

at line 169
static public ezpRestToken doRefreshToken(string $clientId, string $clientSecret, string $refreshToken)

Handles a refresh_token request.

Returns the new token object as ezpRestToken

Parameters

string $clientId Client identifier
string $clientSecret Client secret key
string $refreshToken Refresh token

Return Value

ezpRestToken

Exceptions

ezpOauthInvalidRequestException

at line 229
static public ezpRestToken doRefreshTokenWithAuthorizationCode(string $clientId, string $clientSecret, string $authCode, string $redirectUri)

Generates a new token against an authorization_code Auth code is checked against clientId, clientSecret and redirectUri as registered for client in admin Auth code is for one-use only and will be removed once the access token generated

Parameters

string $clientId Client identifier
string $clientSecret Client secret key
string $authCode Authorization code provided by the client
string $redirectUri Redirect URI. Must be the same as registered in admin

Return Value

ezpRestToken

Exceptions

ezpOauthInvalidRequestException
ezpOauthInvalidTokenException
ezpOauthExpiredTokenException