1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
<?php
namespace Studip\OAuth2\Models;
/**
* @property int $id
* @property string $name
* @property string|null $secret
* @property string $redirect
* @property bool $revoked
* @property int $mkdate
* @property int $chdate
*/
class Client extends \SimpleORMap
{
use RevokedHelper;
/** @var string $plainsecret This is only filled when creating a new Client via `Client::createClient`. */
public $plainsecret;
protected static function configure($config = [])
{
$config['db_table'] = 'oauth2_clients';
$config['belongs_to']['user'] = [
'class_name' => \User::class,
'foreign_key' => 'user_id',
];
$config['has_many']['auth_codes'] = [
'class_name' => AuthCode::class,
'assoc_foreign_key' => 'client_id',
'on_delete' => 'delete',
'on_store' => 'store',
'order_by' => 'ORDER BY chdate',
];
$config['has_many']['access_tokens'] = [
'class_name' => AccessToken::class,
'assoc_foreign_key' => 'client_id',
'on_delete' => 'delete',
'on_store' => 'store',
'order_by' => 'ORDER BY chdate',
];
parent::configure($config);
}
/**
* Store a new client.
*
* @return static
*/
public static function createClient(
string $name,
string $redirect,
bool $confidential,
string $owner,
string $homepage,
?string $description,
?string $adminNotes
) {
$secret = null;
$plainsecret = null;
if ($confidential) {
$plainsecret = randomString(40);
$secret = password_hash($plainsecret, PASSWORD_BCRYPT);
}
$client = self::create([
'name' => $name,
'secret' => $secret,
'redirect' => $redirect,
'revoked' => 0,
'owner' => $owner,
'homepage' => $homepage,
'description' => $description,
'admin_notes' => $adminNotes,
]);
$client->plainsecret = $plainsecret;
return $client;
}
/**
* @param int|string $clientId
*
* @return ?static
*/
public static function findActive($clientId)
{
$client = self::find($clientId);
return $client && !$client->isRevoked() ? $client : null;
}
/**
* @param string $clientId
*
* @return bool
*/
public static function revoked($clientId): bool
{
return static::findActive($clientId) === null;
}
/**
* @return bool
*/
public function confidential(): bool
{
return !empty($this->secret);
}
/**
* @return string[]
*/
public function redirectURIs(): array
{
return explode(',', $this->redirect);
}
}
|
