Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/storage/PhabricatorAuthTemporaryToken.php
<?php | <?php | ||||
final class PhabricatorAuthTemporaryToken extends PhabricatorAuthDAO | final class PhabricatorAuthTemporaryToken extends PhabricatorAuthDAO | ||||
implements PhabricatorPolicyInterface { | implements PhabricatorPolicyInterface { | ||||
// TODO: OAuth1 stores a client identifier here, which is not a real PHID. | // NOTE: This is usually a PHID, but may be some other kind of resource | ||||
// At some point, we should rename this column to be a little more generic. | // identifier for some token types. | ||||
protected $objectPHID; | protected $tokenResource; | ||||
protected $tokenType; | protected $tokenType; | ||||
protected $tokenExpires; | protected $tokenExpires; | ||||
protected $tokenCode; | protected $tokenCode; | ||||
protected $userPHID; | |||||
protected $properties; | |||||
protected function getConfiguration() { | protected function getConfiguration() { | ||||
return array( | return array( | ||||
self::CONFIG_TIMESTAMPS => false, | self::CONFIG_TIMESTAMPS => false, | ||||
self::CONFIG_SERIALIZATION => array( | |||||
'properties' => self::SERIALIZATION_JSON, | |||||
), | |||||
self::CONFIG_COLUMN_SCHEMA => array( | self::CONFIG_COLUMN_SCHEMA => array( | ||||
'tokenResource' => 'phid', | |||||
'tokenType' => 'text64', | 'tokenType' => 'text64', | ||||
'tokenExpires' => 'epoch', | 'tokenExpires' => 'epoch', | ||||
'tokenCode' => 'text64', | 'tokenCode' => 'text64', | ||||
'userPHID' => 'phid?', | |||||
), | ), | ||||
self::CONFIG_KEY_SCHEMA => array( | self::CONFIG_KEY_SCHEMA => array( | ||||
'key_token' => array( | 'key_token' => array( | ||||
'columns' => array('objectPHID', 'tokenType', 'tokenCode'), | 'columns' => array('tokenResource', 'tokenType', 'tokenCode'), | ||||
'unique' => true, | 'unique' => true, | ||||
), | ), | ||||
'key_expires' => array( | 'key_expires' => array( | ||||
'columns' => array('tokenExpires'), | 'columns' => array('tokenExpires'), | ||||
), | ), | ||||
'key_user' => array( | |||||
'columns' => array('userPHID'), | |||||
), | |||||
), | ), | ||||
) + parent::getConfiguration(); | ) + parent::getConfiguration(); | ||||
} | } | ||||
private function newTokenTypeImplementation() { | private function newTokenTypeImplementation() { | ||||
$types = PhabricatorAuthTemporaryTokenType::getAllTypes(); | $types = PhabricatorAuthTemporaryTokenType::getAllTypes(); | ||||
$type = idx($types, $this->tokenType); | $type = idx($types, $this->tokenType); | ||||
Show All 30 Lines | public function revokeToken() { | ||||
if ($this->isRevocable()) { | if ($this->isRevocable()) { | ||||
$this->setTokenExpires(PhabricatorTime::getNow() - 1)->save(); | $this->setTokenExpires(PhabricatorTime::getNow() - 1)->save(); | ||||
} | } | ||||
return $this; | return $this; | ||||
} | } | ||||
public static function revokeTokens( | public static function revokeTokens( | ||||
PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
array $object_phids, | array $token_resources, | ||||
array $token_types) { | array $token_types) { | ||||
$tokens = id(new PhabricatorAuthTemporaryTokenQuery()) | $tokens = id(new PhabricatorAuthTemporaryTokenQuery()) | ||||
->setViewer($viewer) | ->setViewer($viewer) | ||||
->withObjectPHIDs($object_phids) | ->withTokenResources($token_resources) | ||||
->withTokenTypes($token_types) | ->withTokenTypes($token_types) | ||||
->withExpired(false) | ->withExpired(false) | ||||
->execute(); | ->execute(); | ||||
foreach ($tokens as $token) { | foreach ($tokens as $token) { | ||||
$token->revokeToken(); | $token->revokeToken(); | ||||
} | } | ||||
} | } | ||||
public function getTemporaryTokenProperty($key, $default = null) { | |||||
return idx($this->properties, $key, $default); | |||||
} | |||||
public function setTemporaryTokenProperty($key, $value) { | |||||
$this->properties[$key] = $value; | |||||
return $this; | |||||
} | |||||
/* -( PhabricatorPolicyInterface )----------------------------------------- */ | /* -( PhabricatorPolicyInterface )----------------------------------------- */ | ||||
public function getCapabilities() { | public function getCapabilities() { | ||||
return array( | return array( | ||||
PhabricatorPolicyCapability::CAN_VIEW, | PhabricatorPolicyCapability::CAN_VIEW, | ||||
); | ); | ||||
} | } | ||||
Show All 16 Lines |