Page MenuHomePhabricator
Differential D15478 Diff 37311 src/applications/auth/storage/PhabricatorAuthTemporaryToken.php

Changeset View

Standalone View

View Options

src/applications/auth/storage/PhabricatorAuthTemporaryToken.php

<?php <?php
final class PhabricatorAuthTemporaryToken extends PhabricatorAuthDAO final class PhabricatorAuthTemporaryToken extends PhabricatorAuthDAO
implements PhabricatorPolicyInterface { implements PhabricatorPolicyInterface {
// TODO: OAuth1 stores a client identifier here, which is not a real PHID. // NOTE: This is usually a PHID, but may be some other kind of resource
// At some point, we should rename this column to be a little more generic. // identifier for some token types.
protected $objectPHID; protected $tokenResource;
protected $tokenType; protected $tokenType;
protected $tokenExpires; protected $tokenExpires;
protected $tokenCode; protected $tokenCode;
protected $userPHID;
protected $properties;
protected function getConfiguration() { protected function getConfiguration() {
return array( return array(
self::CONFIG_TIMESTAMPS => false, self::CONFIG_TIMESTAMPS => false,
self::CONFIG_SERIALIZATION => array(
'properties' => self::SERIALIZATION_JSON,
),
self::CONFIG_COLUMN_SCHEMA => array( self::CONFIG_COLUMN_SCHEMA => array(
'tokenResource' => 'phid',
'tokenType' => 'text64', 'tokenType' => 'text64',
'tokenExpires' => 'epoch', 'tokenExpires' => 'epoch',
'tokenCode' => 'text64', 'tokenCode' => 'text64',
'userPHID' => 'phid?',
), ),
self::CONFIG_KEY_SCHEMA => array( self::CONFIG_KEY_SCHEMA => array(
'key_token' => array( 'key_token' => array(
'columns' => array('objectPHID', 'tokenType', 'tokenCode'), 'columns' => array('tokenResource', 'tokenType', 'tokenCode'),
'unique' => true, 'unique' => true,
), ),
'key_expires' => array( 'key_expires' => array(
'columns' => array('tokenExpires'), 'columns' => array('tokenExpires'),
), ),
'key_user' => array(
'columns' => array('userPHID'),
),
), ),
) + parent::getConfiguration(); ) + parent::getConfiguration();
} }
private function newTokenTypeImplementation() { private function newTokenTypeImplementation() {
$types = PhabricatorAuthTemporaryTokenType::getAllTypes(); $types = PhabricatorAuthTemporaryTokenType::getAllTypes();
$type = idx($types, $this->tokenType); $type = idx($types, $this->tokenType);
Show All 30 Lines public function revokeToken() {
if ($this->isRevocable()) { if ($this->isRevocable()) {
$this->setTokenExpires(PhabricatorTime::getNow() - 1)->save(); $this->setTokenExpires(PhabricatorTime::getNow() - 1)->save();
} }
return $this; return $this;
} }
public static function revokeTokens( public static function revokeTokens(
PhabricatorUser $viewer, PhabricatorUser $viewer,
array $object_phids, array $token_resources,
array $token_types) { array $token_types) {
$tokens = id(new PhabricatorAuthTemporaryTokenQuery()) $tokens = id(new PhabricatorAuthTemporaryTokenQuery())
->setViewer($viewer) ->setViewer($viewer)
->withObjectPHIDs($object_phids) ->withTokenResources($token_resources)
->withTokenTypes($token_types) ->withTokenTypes($token_types)
->withExpired(false) ->withExpired(false)
->execute(); ->execute();
foreach ($tokens as $token) { foreach ($tokens as $token) {
$token->revokeToken(); $token->revokeToken();
} }
} }
public function getTemporaryTokenProperty($key, $default = null) {
return idx($this->properties, $key, $default);
}
public function setTemporaryTokenProperty($key, $value) {
$this->properties[$key] = $value;
return $this;
}
/* -( PhabricatorPolicyInterface )----------------------------------------- */ /* -( PhabricatorPolicyInterface )----------------------------------------- */
public function getCapabilities() { public function getCapabilities() {
return array( return array(
PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_VIEW,
); );
} }
Show All 16 Lines
Phabricator · Built by Phacility