OAuthRS Class


Description

Class with the OAuth Resource Server logic.

Class Variables

  • Boolean debug_active: If TRUE, the debug is active, inactive otherwise.
  • String error: Error code-name
  • String resource: The obtained resource.
  • String scope: Scope of the Request.
  • AuthServerList authservers: AuthServerList object
  • ErrorList errors: ErrorList object
  • Array extra: Extra parameters send in the Client's request.
  • String token: The access token of the request.

Methods

PUBLIC oauthRS __construct([$dir=""])

oauthRS class Constructor

Return an OAuthRS Object

  • String dir: directory where the configuration is defined

    • PRIVATE addTokenInfo($token_info): string

    Function that add to the parameters of the request the attributes included in the access token and checks if the attributes were the defined in the ResourceClasses.xml.

    TRUE if everything went ok, FALSE otherwise.

    • String $token_info: Information included in the Access Token.

    PRIVATE error($string): void

    Function that shows the errors in the error_log if $debug_active is TRUE.

    • String string: String showed in the error_log.

    PRIVATE isValidFormatGETorPOSTRequest($request): string

    Function that checks if the request (GET or POST) is a valid one.

    TRUE if is a valid one, FALSE otherwise.

    • String $request: The GET or POST request data.

    PRIVATE isValidFormatHeaderRequest($request): string

    Function that checks if the request (Authorization Header) is a valid one.

    TRUE if is a valid one, FALSE otherwise.

    • String $request: The HEADER request data.

    PRIVATE isValidFormatRequest(): string

    Function that checks the format of the request, depending on the method: GET, POST or Authorization Header.

    TRUE if is a valid one, FALSE otherwise.

    PRIVATE isValidToken(): string

    Function that checks if the token given in the request is a valid one.

    TRUE if is a valid one, FALSE otherwise.

    PRIVATE manageRSErrorResponse(): string

    Function that manage a negative response. If the error is insufficient_scope, sends a HTTP 403. If the error is a invalid_request, sends a HTTP 400. If the error is a invalid_token, sends a HTTP 401. Other types of errors returns an HTTP 401.

    Uses the "application/json" media type with the following format:

    • error REQUIRED. A single error code
    • error_description OPTIONAL. A human-readable text providing additional information, used to assist in the understanding and resolution of the error occurred.
    • error_uri OPTIONAL. A URI identifying a human-readable web page with information about the error, used to provide the end-user with additional information about the error.

    PRIVATE manageRSResponse(): string

    Function that returns the resource, making use of the Resource Class deployed in the server.

    PUBLIC manageRequest(): string

    Function that manages the request of the app client and return an appropiate response.

    Checks the format of the request depending on the method: GET, POST or header and if the given token is a valid one.

    Returns a string with an Error or a Resource