OAuthClientStrategy
class OAuthClientStrategy
This class holds the options of execution of the OAuth client.
This set of options is the authentication strategy.
Constants
| TYPES |
|
Properties
| private | $reauthentication_parameter | The parameters to add to the OAuth provider authorization endpoint URL in case of new authentication. | |
| private | $offline_access_parameter | The parameter to add to the OAuth provider authorization endpoint URL when offline access is requested. | |
| private | $append_state_to_redirect_uri | The name of the OAuth session state variable, if different from the standard name, to work around the implementation bugs of some OAuth providers. | |
| private bool | $parameters_in_url | Determines if the API call parameters should be moved to the calling URL. | |
| private bool | $authorization_in_header | Determines if the OAuth parameters should be passed via HTTP Authorization request header. | |
| private string | $token_request_method | Define the HTTP method that should be used to request tokens from the provider. | |
| private string | $signature_method | If Oauth 1.0 or 1.0a, define the method to generate the signature for API request parameters values. | |
| private string | $signature_certificate_file | If signature_method is 'RSA-SHA1', this variable must contains the full path of the file containing a PEM encoded certificate/private key | |
| private string | $scope | Permissions that your application needs to call the OAuth provider APIs | |
| private bool | $offline_access | Specify whether it will be necessary to call the API when the user is not present and the provider supports renewing expired access tokens using refresh tokens. | |
| private bool | $reauthenticate | Specify whether it will be necessary to force the user to authenticate again even after the user has already authorized the application before. | |
| private string | $default_access_token_type | Type of access token to be assumed when the OAuth provider does not specify an access token type. | |
| private string | $access_token_content_type | Content type to be assumed when retrieving the response to a request to retrieve the access token. | |
| private string | $access_token_language | Language to be assumed when retrieving the response to a request to retrieve the access token. | |
| private string | $access_token_parameter | Name of the access token parameter to be passed in API call requests. | |
| private bool | $store_access_token_response | Option to determine if the original response for the access token request should be stored in the accessTokenResponse variable. | |
| private string | $access_token_authentication | Option to determine if the requests to obtain a new access token should use authentication to pass the application client ID and secret. | |
| private string | $refresh_token_authentication | Option to determine if the requests to refresh an expired access token should use authentication to pass the application client ID and secret. | |
| private | $grant_type | The type of grant to obtain the OAuth 2 access token. | |
| private bool | $get_token_with_api_key | Option to determine if the access token should be retrieved using the API key value instead of the client secret. |
Methods
Returns the parameters to add to the OAuth provider authorization endpoint URL in case of new authentication.
Returns the parameter to add to the OAuth provider authorization endpoint URL when offline access is requested.
Returns The name of the OAuth session state variable, if different from the standard name, to work around the implementation bugs of some OAuth providers.
Checks if the API call parameters should be moved to the calling URL.
Checks if the OAuth parameters should be passed via HTTP Authorization request header.
Returns the HTTP method that should be used to request tokens from the server.
Returns the method to generate the signature for API request parameters values.
Returns the full path of the file containing a PEM encoded certificate/private key
Returns the permissions that your application needs to call the OAuth provider APIs
Checks if it will be necessary to call the API when the user is not present and the server supports renewing expired access tokens using refresh tokens.
Checks if it will be necessary to force the user to authenticate again even after the user has already authorized the application before.
Returns the type of access token to be assumed when the OAuth provider does not specify an access token type.
Returns the content type to be assumed when retrieving the response to a request to retrieve the access token.
Returns the language to be assumed when retrieving the response to a request to retrieve the access token.
Returns the name of the access token parameter to be passed in API call requests.
Checks if the original response for the access token request should be stored in the accessTokenResponse variable.
Returns the option to determine if the requests to obtain a new access token should use authentication to pass the application client ID and secret.
Returns the option to determine if the requests to refresh an expired access token should use authentication to pass the application client ID and secret.
Returns the type of grant to obtain the OAuth 2 access token.
Checks if the access token should be retrieved using the API key value instead of the client secret.
Sets the parameters to add to the OAuth provider authorization endpoint URL in case of new authentication.
Sets the parameter to add to the OAuth provider authorization endpoint URL when offline access is requested.
Sets The name of the OAuth session state variable, if different from the standard name, to work around the implementation bugs of some OAuth providers.
Determines if the API call parameters should be moved to the calling URL.
Determines if the OAuth parameters should be passed via HTTP Authorization request header.
Sets the HTTP method that should be used to request tokens from the provider.
Sets the method to generate the signature for API request parameters values. OAuth 1.0 or 1.0a only.
Sets the full path of the file containing a PEM encoded certificate/private key
Sets the scope, that is to say, the set of permissions that the application needs to call the OAuth provider APIs
Determines whether it will be necessary to call the API when the user is not present and the provider supports renewing expired access tokens using refresh tokens.
Determines whether it will be necessary to force the user to authenticate again even after the user has already authorized the application before.
Sets the type of access token to be assumed when the OAuth provider does not specify an access token type.
Sets the content type to be assumed when retrieving the response to a request to retrieve the access token.
Sets the language to be assumed when retrieving the response to a request to retrieve the access token.
Sets the name of the access token parameter to be passed in API call requests.
Determines if the original response for the access token request should be stored in the accessTokenResponse variable.
Determines if the requests to obtain a new access token should use authentication to pass the application client ID and secret.
Determines if the requests to refresh an expired access token should use authentication to pass the application client ID and secret.
Sets the type of grant to obtain the OAuth 2 access token.
Determines if the access token should be retrieved using the API key value instead of the client secret.
Binds the configuration options to the properties of this instance of the OAuth client strategy.
Returns the OAuth strategy as an array
Details
at line 230
string
getReauthenticationParameter()
Returns the parameters to add to the OAuth provider authorization endpoint URL in case of new authentication.
at line 240
string
getOfflineAccessParameter()
Returns the parameter to add to the OAuth provider authorization endpoint URL when offline access is requested.
at line 251
string
getAppendStateToRedirectUri()
Returns The name of the OAuth session state variable, if different from the standard name, to work around the implementation bugs of some OAuth providers.
at line 261
bool
isParametersInUrl()
Checks if the API call parameters should be moved to the calling URL.
at line 271
bool
isAuthorizationInHeader()
Checks if the OAuth parameters should be passed via HTTP Authorization request header.
at line 281
string
getTokenRequestMethod()
Returns the HTTP method that should be used to request tokens from the server.
at line 291
string
getSignatureMethod()
Returns the method to generate the signature for API request parameters values.
at line 301
string
getSignatureCertificateFile()
Returns the full path of the file containing a PEM encoded certificate/private key
at line 311
string
getScope()
Returns the permissions that your application needs to call the OAuth provider APIs
at line 322
bool
isOfflineAccess()
Checks if it will be necessary to call the API when the user is not present and the server supports renewing expired access tokens using refresh tokens.
at line 333
bool
shouldReauthenticate()
Checks if it will be necessary to force the user to authenticate again even after the user has already authorized the application before.
at line 343
string
getDefaultAccessTokenType()
Returns the type of access token to be assumed when the OAuth provider does not specify an access token type.
at line 353
string
getAccessTokenContentType()
Returns the content type to be assumed when retrieving the response to a request to retrieve the access token.
at line 363
string
getAccessTokenLanguage()
Returns the language to be assumed when retrieving the response to a request to retrieve the access token.
at line 373
string
getAccessTokenParameter()
Returns the name of the access token parameter to be passed in API call requests.
at line 384
bool
shouldStoreAccessTokenResponse()
Checks if the original response for the access token request should be stored in the accessTokenResponse variable.
at line 395
string
getAccessTokenAuthentication()
Returns the option to determine if the requests to obtain a new access token should use authentication to pass the application client ID and secret.
at line 406
string
getRefreshTokenAuthentication()
Returns the option to determine if the requests to refresh an expired access token should use authentication to pass the application client ID and secret.
at line 415
string
getGrantType()
Returns the type of grant to obtain the OAuth 2 access token.
at line 425
bool
shouldGetTokenWithApiKey()
Checks if the access token should be retrieved using the API key value instead of the client secret.
at line 441
OAuthClientStrategy
setReauthenticationParameter(string $reauthentication_parameter)
Sets the parameters to add to the OAuth provider authorization endpoint URL in case of new authentication.
Set this variable when forcing the user to authenticate again and the format of the of the authorization dialog page URL is different than the one set to the authorization_endpoint variable.
at line 459
OAuthClientStrategy
setOfflineAccessParameter(string $offline_access_parameter)
Sets the parameter to add to the OAuth provider authorization endpoint URL when offline access is requested.
Set this variable to the OAuth request token URL when you are not accessing one of the built-in OAuth providers and the OAuth provider supports offline access. It should have the same format as the authorization_endpoint variable.
at line 478
OAuthClientStrategy
setAppendStateToRedirectUri(string $append_state_to_redirect_uri)
Sets The name of the OAuth session state variable, if different from the standard name, to work around the implementation bugs of some OAuth providers.
Set this variable when you are not accessing one of the built-in supported OAuth providers if the OAuth provider has a bug that makes it not pass back the OAuth state identifier in a request variable named state.
at line 494
OAuthClientStrategy
setParametersInUrl(bool $parameters_in_url)
Determines if the API call parameters should be moved to the calling URL.
Set this variable to true if the API you need to call requires that the call parameters always be passed via the API URL.
at line 511
OAuthClientStrategy
setAuthorizationHeader(bool $authorization_in_header)
Determines if the OAuth parameters should be passed via HTTP Authorization request header.
Set this variable to true if the OAuth provider requires that the OAuth parameters be passed using the HTTP Authorization instead of the request URI parameters.
at line 528
OAuthClientStrategy
setTokenRequestMethod(string $token_request_method)
Sets the HTTP method that should be used to request tokens from the provider.
Set this variable to 'POST' if the OAuth provider does not support requesting tokens using the HTTP GET method.
at line 543
OAuthClientStrategy
setSignatureMethod(string $signature_method)
Sets the method to generate the signature for API request parameters values. OAuth 1.0 or 1.0a only.
Must be one of 'PLAINTEXT', 'HMAC-SHA1' or 'RSA-SHA1'.
at line 555
OAuthClientStrategy
setSignatureCertificateFile(string $signature_certificate_file)
Sets the full path of the file containing a PEM encoded certificate/private key
at line 572
OAuthClientStrategy
setScope(string $scope)
Sets the scope, that is to say, the set of permissions that the application needs to call the OAuth provider APIs
Check the documentation of the APIs that the application needs to call to set this variable with the identifiers of the permissions that the user needs to grant to your application.
at line 590
OAuthClientStrategy
setOfflineAccess(bool $offline_access)
Determines whether it will be necessary to call the API when the user is not present and the provider supports renewing expired access tokens using refresh tokens.
Set this variable to true if the provider supports renewing expired tokens automatically when the user is not present.
at line 607
OAuthClientStrategy
setReauthenticate(bool $reauthenticate)
Determines whether it will be necessary to force the user to authenticate again even after the user has already authorized the application before.
Set this variable to true if you want to force the user to authenticate again.
at line 624
OAuthClientStrategy
setDefaultAccessTokenType(string $default_access_token_type)
Sets the type of access token to be assumed when the OAuth provider does not specify an access token type.
Set this variable if the provider requires a certain type of access token to be used but it does not specify a token type when the access token is returned.
at line 640
OAuthClientStrategy
setAccessTokenContentType(string $access_token_content_type)
Sets the content type to be assumed when retrieving the response to a request to retrieve the access token.
Set this variable only if the server does not return the correct content type for the access token request response.
at line 656
OAuthClientStrategy
setAccessTokenLanguage(string $access_token_language)
Sets the language to be assumed when retrieving the response to a request to retrieve the access token.
Set this variable only if the provider requires an 'Accept-Language' header for the access token request response.
at line 675
OAuthClientStrategy
setAccessTokenParameter(string $access_token_parameter)
Sets the name of the access token parameter to be passed in API call requests.
Set this variable to a non-empty string to override the default name for the access token parameter which is :
- 'oauth_token' for OAuth 1.0 and 1.0a
- 'access_token' for OAuth 2.0.
at line 693
OAuthClientStrategy
setStoreAccessTokenResponse(bool $store_access_token_response)
Determines if the original response for the access token request should be stored in the accessTokenResponse variable.
Set this variable to true if the OAuth provider returns custom parameters in the request to obtain the access token that may be needed in subsequent API calls.
at line 714
OAuthClientStrategy
setAccessTokenAuthentication(string $access_token_authentication)
Determines if the requests to obtain a new access token should use authentication to pass the application client ID and secret.
Set this variable to 'basic' if the OAuth provider requires that the the client ID and secret be passed using HTTP basic authentication headers when retrieving a new token. Set this variable to 'none' to avoid that the Authorization header be set in the request to get the access token.
at line 735
OAuthClientStrategy
setRefreshTokenAuthentication(string $refresh_token_authentication)
Determines if the requests to refresh an expired access token should use authentication to pass the application client ID and secret.
Leave this value with an empty string to make it use the same as the access_token_authentication variable.
Set this variable to 'none' to avoid that the Authorization header be set in the request to get the refresh token.
at line 755
OAuthClientStrategy
setGrantType(string $grant_type)
Sets the type of grant to obtain the OAuth 2 access token.
Change this variable to :
- 'client_credentials' to obtain application only access token.
- 'password' to obtain an access token on behalf of an user with a given username and password. In this case the user does not need to be present, so the class will not redirect the user to the authorization dialog page.
at line 772
OAuthClientStrategy
setGetTokenWithApiKey(bool $get_token_with_api_key)
Determines if the access token should be retrieved using the API key value instead of the client secret.
Set this variable to true if the OAuth provider requires that the client secret be set to the API key when retrieving the OAuth token.
at line 785
void
bind($properties)
Binds the configuration options to the properties of this instance of the OAuth client strategy.
at line 804
array
toArray()
Returns the OAuth strategy as an array