CookieTokenStorage
class CookieTokenStorage extends AbstractTokenStorage implements TokenStorageInterface, TokenStorageManagementInterface
This class uses encrypted cookies to store the OAuth session variables.
This class is instantiated if the 'storage' option is set as follows: 'storage' => [ 'type' => 'cookie', 'key' => '< A KEY STRING FOR ENCRYPTION >' ]
Properties
protected OAuthClientInterface | $client | The Oauth client object using this storage. | from AbstractTokenStorage |
protected array | $parameters | Parameters of this token storage. | from AbstractTokenStorage |
protected string | $sessionId | The id of the session | from AbstractTokenStorage |
protected string | $sessionPath | The path on the server in which the cookie will be available on. | from AbstractTokenStorage |
private OAuthSession | $cookieValue | Holds the decrypted value of the cookie storing the OAuth session |
Methods
Constructs a token storage object derived from this class
Returns the name of a cookie that will be used to store the session id regardless of the token storage system
Returns the session id stored in a cookie regardless of the token storage system
Returns the path on the server in which the cookie will be available on
Sets the id of the session
Sets the path on the server in which the cookie will be available on
Deletes the session cookie that holds the session id
Creates an OAuthSession object and initializes it.
Retrieves the OAuth session or create it if it does not exist
Returns the OAuth configuration for all providers where the user has logged on.
Adds the OAuth configuration of the current provider to the list of providers where the user has logged on.
Removes the OAuth configuration of the current provider from the list of providers where the user has logged on.
Retrieves an OAuth session for a given provider
Store the values of the access token when it is succefully retrieved from the OAuth provider.
Stores the user ID returned by the OAuth provider
Retrieve the OAuth access token if it was already previously stored by the storeAccessToken method.
Returns the name of the cookie used to store the OAuth session
Returns the encrypted OAuth session stored in the cookie
Returns the decrypted value of the cookie storing the OAuth session
Sets the decrypted value of the cookie storing the OAuth session
Deletes the cookie that stores the OAuth session
Reset the access token to a state back when the user has not yet authorized the access to the OAuth provider API.
Encrypts a string using the cookie encryption key provided at initialization of this class.
Decrypts a string using the cookie encryption key provided at initialization of this class.
Unserializes, after decryption, the OAuth session stored in cookie then creates a OAuthSession object and returns it.
Serializes, after encryption, the OAuthSession object given in argument then stores it in a cookie.
Details
in AbstractTokenStorage at line 60
__construct(OAuthClientInterface $client, array $parameters = [])
Constructs a token storage object derived from this class
in AbstractTokenStorage at line 70
protected string
getSessionId()
Returns the id of the session
in AbstractTokenStorage at line 80
protected string
getSessionCookieName()
Returns the name of a cookie that will be used to store the session id regardless of the token storage system
in AbstractTokenStorage at line 90
protected string
getSessionCookie()
Returns the session id stored in a cookie regardless of the token storage system
in AbstractTokenStorage at line 100
protected string
getSessionPath()
Returns the path on the server in which the cookie will be available on
in AbstractTokenStorage at line 111
protected AbstractTokenStorage
setSessionId(string $sessionId)
Sets the id of the session
in AbstractTokenStorage at line 123
protected AbstractTokenStorage
setSessionPath(string $sessionPath)
Sets the path on the server in which the cookie will be available on
in AbstractTokenStorage at line 132
protected
deleteSessionCookie()
Deletes the session cookie that holds the session id
in AbstractTokenStorage at line 142
protected OAuthSession
initializeOAuthSession()
Creates an OAuthSession object and initializes it.
in AbstractTokenStorage at line 157
protected OAuthSession
fetchOAuthSession()
Retrieves the OAuth session or create it if it does not exist
in AbstractTokenStorage at line 185
protected array
getProvidersInCookie()
Returns the OAuth configuration for all providers where the user has logged on.
in AbstractTokenStorage at line 200
protected void
addProviderInCookie()
Adds the OAuth configuration of the current provider to the list of providers where the user has logged on.
in AbstractTokenStorage at line 218
protected void
removeProviderFromCookie()
Removes the OAuth configuration of the current provider from the list of providers where the user has logged on.
at line 80
bool
createOAuthSession(OAuthSession|null $session)
Creates and saves a new OAuth session
at line 91
bool
getOAuthSession($sessionId, string $provider, OAuthSession|null $oauthSession)
Retrieves an OAuth session for a given provider
at line 105
bool
saveOAuthSession(OAuthSession $session)
Saves a session for later use
in AbstractTokenStorage at line 247
bool
storeAccessToken(array $accessToken)
Store the values of the access token when it is succefully retrieved from the OAuth provider.
This method is meant to be only be called from inside the class.
Actual implementations should create a sub-class and override this function to make the access token values be stored in other types of containers, like for instance databases.
in AbstractTokenStorage at line 258
storeUserid(string $userId)
Stores the user ID returned by the OAuth provider
in AbstractTokenStorage at line 269
array|bool
getStoredAccessToken()
Retrieve the OAuth access token if it was already previously stored by the storeAccessToken method.
This method is meant to be only be called from inside the class.
Actual implementations should create a sub-class and override this method to retrieve the access token values from other types of containers, like for instance databases.
in AbstractTokenStorage at line 281
string|null
getStoredState()
Returns the stored state
in AbstractTokenStorage at line 291
string|null
getStoredNonce()
Returns the stored nonce
in AbstractTokenStorage at line 301
string|null
getStoredUserId()
Returns the stored user ID
at line 35
getCookieName()
Returns the name of the cookie used to store the OAuth session
at line 44
protected
getCookie()
Returns the encrypted OAuth session stored in the cookie
at line 53
protected OAuthSession|null
getCookieValue()
Returns the decrypted value of the cookie storing the OAuth session
at line 64
protected CookieTokenStorage
setCookieValue(OAuthSession|null $cookieValue)
Sets the decrypted value of the cookie storing the OAuth session
at line 72
protected
deleteCookie()
Deletes the cookie that stores the OAuth session
at line 113
bool
resetAccessToken()
Reset the access token to a state back when the user has not yet authorized the access to the OAuth provider API.
Call this method if for some reason the token to access the API was revoked and you need to ask the user to authorize the access again.
This method must be called when the user is accessing your site pages, so it can reset the information stored in session variables that cache the state of a previously retrieved access token.
Actual implementations should create a sub-class and override this method to reset the access token state when it is stored in other types of containers, like for instance databases.
at line 131
protected string
encrypt(string $text)
Encrypts a string using the cookie encryption key provided at initialization of this class.
at line 155
protected string|null
decrypt(string $encrypted)
Decrypts a string using the cookie encryption key provided at initialization of this class.
at line 182
private OAuthSession|null
unserialize()
Unserializes, after decryption, the OAuth session stored in cookie then creates a OAuthSession object and returns it.
at line 207
private bool
serialize(OAuthSession $value)
Serializes, after encryption, the OAuthSession object given in argument then stores it in a cookie.