• Home
  • OAuthComponent

PHP Class OAuthComponent

Inheritance: extends Component, implements IOAuth2Storage, implements IOAuth2RefreshTokens, implements IOAuth2GrantUser, implements IOAuth2GrantCode, implements IOAuth2GrantClient
Show file Open project: thomseddon/cakephp-oauth-server Class Usage Examples

Public Properties

Property Type Description
$AccessToken object AccessToken object.
$AuthCode object AuthCode object.
$Client object Clients object.
$OAuth2 object OAuth2 Object
$RefreshToken object RefreshToken object.
$User object User object
$authenticate array Inherits theses defaults: $this->OAuth->authenticate = array( 'userModel' => 'User', 'fields' => array( 'username' => 'username', 'password' => 'password' ) ); Which can be overridden in your beforeFilter: $this->OAuth->authenticate = array( 'fields' => array( 'username' => 'email' ) ); $this->OAuth->authenticate
$grantTypes array By default = array('authorization_code', 'refresh_token', 'password'); Other grant mechanisms are not supported in the current release

Protected Properties

Property Type Description
$_authDefaults array Defaults for $authenticate
$_user array Static storage for current user
$allowedActions array Array of allowed actions

Public Methods

Method Description
__call ( string $name, mixed $arguments ) : mixed Fakes the OAuth2.php vendor class extension for methods
__construct ( ComponentCollection $collection, $settings = [] ) Constructor - Adds class associations
__get ( string $name ) : mixed Fakes the OAuth2.php vendor class extension for variables
allow ( $action = null ) : void Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions.
checkClientCredentials ( string $client_id, string $client_secret = null ) : mixed Check client details are valid
checkRestrictedGrantType ( string $client_id, string $grant_type ) : boolean Partial implementation, just checks globally avaliable grant types
checkUserCredentials ( type $client_id, type $username, type $password ) Grant type: user_credentials
deny ( $action = null ) : void Removes items from the list of allowed/no authentication required actions.
getAccessToken ( string $oauth_token ) : mixed Retrieve access token
getAuthCode ( string $code ) : AuthCode Grant type: authorization_code
getClientDetails ( string $client_id ) : boolean Get client details
getRefreshToken ( string $refresh_token ) : mixed Grant type: refresh_token
hash ( string $password ) : string Convenience function for hashing client_secret (or whatever else)
initialize ( Controller $controller ) : void Initializes OAuthComponent for use in the controller
invalidateUserTokens ( integer $user_id, string $tokens = 'both' ) Convenience function to invalidate all a users tokens, for example when they change their password
isAuthorized ( ) : boolean Checks if user is valid using OAuth2-php library
setAccessToken ( string $oauth_token, string $client_id, integer $user_id, string $expires, string $scope = null ) : boolean Set access token
setAuthCode ( string $code, string $client_id, integer $user_id, string $redirect_uri, string $expires, string $scope = null ) : boolean Grant type: authorization_code
setRefreshToken ( string $refresh_token, integer $client_id, string $user_id, string $expires, string $scope = null ) : boolean Grant type: refresh_token
startup ( Controller $controller ) : boolean Main engine that checks valid access_token and stores the associated user for retrival
unsetRefreshToken ( string $refresh_token ) : boolean Grant type: refresh_token
user ( type $field = null, $token = null ) : mixed Gets the user associated to the current access token.

Method Details

__call() public method

Fakes the OAuth2.php vendor class extension for methods
public __call ( string $name, mixed $arguments ) : mixed
$name string
$arguments mixed
return mixed

__construct() public method

Constructor - Adds class associations
public __construct ( ComponentCollection $collection, $settings = [] )
$collection ComponentCollection

__get() public method

Fakes the OAuth2.php vendor class extension for variables
public __get ( string $name ) : mixed
$name string
return mixed

allow() public method

You can use allow with either an array, or var args. $this->OAuth->allow(array('edit', 'add')); or $this->OAuth->allow('edit', 'add'); or $this->OAuth->allow(); to allow all actions.
public allow ( $action = null ) : void
return void

checkClientCredentials() public method

Check client details are valid
public checkClientCredentials ( string $client_id, string $client_secret = null ) : mixed
$client_id string
$client_secret string
return mixed array of client credentials if valid, false if not

checkRestrictedGrantType() public method

Partial implementation, just checks globally avaliable grant types
See also: IOAuth2Storage::checkRestrictedGrantType()
public checkRestrictedGrantType ( string $client_id, string $grant_type ) : boolean
$client_id string
$grant_type string
return boolean If grant type is availiable to client

checkUserCredentials() public method

Grant type: user_credentials
See also: IOAuth2GrantUser::checkUserCredentials()
public checkUserCredentials ( type $client_id, type $username, type $password )
$client_id type
$username type
$password type

deny() public method

You can use deny with either an array, or var args. $this->OAuth->deny(array('edit', 'add')); or $this->OAuth->deny('edit', 'add'); or $this->OAuth->deny(); to remove all items from the allowed list
See also: OAuthComponent::allow()
public deny ( $action = null ) : void
return void

getAccessToken() public method

Retrieve access token
public getAccessToken ( string $oauth_token ) : mixed
$oauth_token string
return mixed AccessToken array if valid, null if not

getAuthCode() public method

Grant type: authorization_code
See also: IOAuth2GrantCode::getAuthCode()
public getAuthCode ( string $code ) : AuthCode
$code string
return AuthCode if valid, null of not

getClientDetails() public method

Get client details
public getClientDetails ( string $client_id ) : boolean
$client_id string
return boolean

getRefreshToken() public method

Grant type: refresh_token
See also: IOAuth2RefreshTokens::getRefreshToken()
public getRefreshToken ( string $refresh_token ) : mixed
$refresh_token string
return mixed RefreshToken if valid, null if not

hash() public static method

Convenience function for hashing client_secret (or whatever else)
public static hash ( string $password ) : string
$password string
return string Hashed password

initialize() public method

Initializes OAuthComponent for use in the controller
public initialize ( Controller $controller ) : void
$controller Controller A reference to the instantiating controller object
return void

invalidateUserTokens() public method

Convenience function to invalidate all a users tokens, for example when they change their password
public invalidateUserTokens ( integer $user_id, string $tokens = 'both' )
$user_id integer
$tokens string 'both' (default) to remove both AccessTokens and RefreshTokens or remove just one type using 'access' or 'refresh'

isAuthorized() public method

Checks if user is valid using OAuth2-php library
See also: OAuth2::getBearerToken()
See also: OAuth2::verifyAccessToken()
public isAuthorized ( ) : boolean
return boolean true if carrying valid token, false if not

setAccessToken() public method

Set access token
public setAccessToken ( string $oauth_token, string $client_id, integer $user_id, string $expires, string $scope = null ) : boolean
$oauth_token string
$client_id string
$user_id integer
$expires string
$scope string
return boolean true if successfull, false if failed

setAuthCode() public method

Grant type: authorization_code
public setAuthCode ( string $code, string $client_id, integer $user_id, string $redirect_uri, string $expires, string $scope = null ) : boolean
$code string
$client_id string
$user_id integer
$redirect_uri string
$expires string
$scope string
return boolean true if successfull, otherwise false

setRefreshToken() public method

Grant type: refresh_token
See also: IOAuth2RefreshTokens::setRefreshToken()
public setRefreshToken ( string $refresh_token, integer $client_id, string $user_id, string $expires, string $scope = null ) : boolean
$refresh_token string
$client_id integer
$user_id string
$expires string
$scope string
return boolean true if successfull, false if fail

startup() public method

Main engine that checks valid access_token and stores the associated user for retrival
See also: AuthComponent::startup()
public startup ( Controller $controller ) : boolean
$controller Controller
return boolean

unsetRefreshToken() public method

Grant type: refresh_token
See also: IOAuth2RefreshTokens::unsetRefreshToken()
public unsetRefreshToken ( string $refresh_token ) : boolean
$refresh_token string
return boolean true if successfull, false if not

user() public method

Will return array of all user fields by default You can specify specific fields like so: $id = $this->OAuth->user('id');
public user ( type $field = null, $token = null ) : mixed
$field type
return mixed array of user fields if $field is blank, string value if $field is set and $fields is avaliable, false on failure

Property Details

$AccessToken public property

AccessToken object.
public object $AccessToken
return object

$AuthCode public property

AuthCode object.
public object $AuthCode
return object

$Client public property

Clients object.
public object $Client
return object

$OAuth2 public property

OAuth2 Object
public object $OAuth2
return object

$RefreshToken public property

RefreshToken object.
public object $RefreshToken
return object

$User public property

User object
public object $User
return object

$_authDefaults protected property

Defaults for $authenticate
protected array $_authDefaults
return array

$_user protected property

Static storage for current user
protected array $_user
return array

$allowedActions protected property

Array of allowed actions
protected array $allowedActions
return array

$authenticate public property

Inherits theses defaults: $this->OAuth->authenticate = array( 'userModel' => 'User', 'fields' => array( 'username' => 'username', 'password' => 'password' ) ); Which can be overridden in your beforeFilter: $this->OAuth->authenticate = array( 'fields' => array( 'username' => 'email' ) ); $this->OAuth->authenticate
public array $authenticate
return array

$grantTypes public property

By default = array('authorization_code', 'refresh_token', 'password'); Other grant mechanisms are not supported in the current release
public array $grantTypes
return array