veryroundbird.house / smallbird-social
friendship ended with social-app. php is my new best friend
fork atom
smallbird-social / vendor / chillerlan / php-oauth / src / Core / OAuth2Interface.php
at d5072f2d878b3f82d91322daf9eaaad794c55767 2.1 kB view raw
1<?php 2/** 3 * Interface OAuth2Interface 4 * 5 * @created 09.07.2017 6 * @author Smiley <smiley@chillerlan.net> 7 * @copyright 2017 Smiley 8 * @license MIT 9 */ 10declare(strict_types=1); 11 12namespace chillerlan\OAuth\Core; 13 14/** 15 * Specifies the basic methods for an OAuth2 provider. 16 */ 17interface OAuth2Interface extends OAuthInterface{ 18 19 /** @var int */ 20 final public const AUTH_METHOD_HEADER = 1; 21 /** @var int */ 22 final public const AUTH_METHOD_QUERY = 2; 23 24 /** 25 * Specifies the authentication method: 26 * 27 * - OAuth2Interface::AUTH_METHOD_HEADER (Bearer, OAuth, ...) 28 * - OAuth2Interface::AUTH_METHOD_QUERY (access_token, ...) 29 * 30 * @var int 31 */ 32 public const AUTH_METHOD = self::AUTH_METHOD_HEADER; 33 34 /** 35 * The name of the authentication header in case of OAuth2Interface::AUTH_METHOD_HEADER 36 * 37 * @var string 38 */ 39 public const AUTH_PREFIX_HEADER = 'Bearer'; 40 41 /** 42 * The name of the authentication query parameter in case of OAuth2Interface::AUTH_METHOD_QUERY 43 * 44 * @var string 45 */ 46 public const AUTH_PREFIX_QUERY = 'access_token'; 47 48 /** 49 * This indicates that the current provider requires an `Authorization: Basic <base64(key:secret)>` header 50 * in the access token request, rather than the key and secret in the request body. 51 * 52 * It saves provider inplementations from the hassle to override the respective methods: 53 * 54 * - `OAuth2Provider::getAccessTokenRequestBodyParams()` 55 * - `OAuth2Provider::sendAccessTokenRequest()` 56 * 57 * I'm not sure where to put this: here or a feature interface (it's not exactly a feature). 58 * I'll leave it here for now, subject to change. 59 * 60 * @var bool 61 */ 62 public const USES_BASIC_AUTH_IN_ACCESS_TOKEN_REQUEST = false; 63 64 /** 65 * Obtains an OAuth2 access token with the given $code, verifies the $state 66 * if the provider implements the CSRFToken interface, and returns an AccessToken object 67 * 68 * @link https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.1 69 * @link https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3 70 */ 71 public function getAccessToken(string $code, string|null $state = null):AccessToken; 72 73}