ILIAS  release_8 Revision v8.24
AccessToken.php
Go to the documentation of this file.
1<?php
2
19namespace ILIAS\LTI\ToolProvider;
20
21use ILIAS\LTI\ToolProvider\Tool;
22use ILIAS\LTI\ToolProvider\Http\HTTPMessage;
23
32class AccessToken
33{
39 public ?string $token = null;
40
46 public ?int $expires = null;
47
53 public ?array $scopes = array();
54
60 private ?Platform $platform = null;
61
67 public ?int $created = null;
68
74 public ?int $updated = null;
75
83 public function __construct(Platform $platform, array $scopes = null, string $token = null, int $expires = null)
84 {
85 $this->platform = $platform;
86 $this->scopes = $scopes;
87 if (!empty($token)) {
88 $this->token = $token;
89 }
90 if (!empty($expires)) {
91 $this->expires = time() + $expires;
92 }
93 $this->created = null;
94 $this->updated = null;
95 if (empty($scopes)) {
96 $this->load();
97 }
98 }
99
105 public function getPlatform(): ?Platform
106 {
107 return $this->platform;
108 }
109
115 public function load(): bool
116 {
117 return $this->platform->getDataConnector()->loadAccessToken($this);
118 }
119
125 public function save(): bool
126 {
127 sort($this->scopes);
128 return $this->platform->getDataConnector()->saveAccessToken($this);
129 }
130
136 public function hasScope(string $scope = ''): bool
137 {
138 if (substr($scope, -9) === '.readonly') {
139 $scope2 = substr($scope, 0, -9);
140 } else {
141 $scope2 = $scope;
142 }
143 return !empty($this->token) && (empty($this->expires) || ($this->expires > time())) &&
144 (empty($scope) || empty($this->scopes) || (in_array($scope, $this->scopes) || in_array($scope2, $this->scopes)));
145 }
146
153 public function get(string $scope = '', bool $scopeOnly = false): AccessToken
154 {
155 $url = $this->platform->accessTokenUrl;
156 if (!empty($url) && !empty(Tool::$defaultTool) && !empty(Tool::$defaultTool->rsaKey)) {
157 if ($scopeOnly) {
158 $scopesRequested = array($scope);
159 } else {
160 $scopesRequested = Tool::$defaultTool->requiredScopes;
161 if (substr($scope, -9) === '.readonly') {
162 $scope2 = substr($scope, 0, -9);
163 } else {
164 $scope2 = $scope;
165 }
166 if (!empty($scope) && !in_array($scope, $scopesRequested) && !in_array($scope2, $scopesRequested)) {
167 $scopesRequested[] = $scope;
168 }
169 }
170 if (!empty($scopesRequested)) {
171 $retry = false;
172 do {
173 $method = 'POST';
174 $type = 'application/x-www-form-urlencoded';
175 $body = array(
176 'grant_type' => 'client_credentials',
177 'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
178 'scope' => implode(' ', $scopesRequested)
179 );
180 if (!empty(Tool::$defaultTool)) {
181 Tool::$defaultTool->platform = $this->platform;
182 $body = Tool::$defaultTool->signServiceRequest($url, $method, $type, $body);
183 } else {
184 $body = $this->platform->signServiceRequest($url, $method, $type, $body);
185 }
186 $http = new HttpMessage($url, $method, $body);
187 if ($http->send() && !empty($http->response)) {
188 $http->responseJson = json_decode($http->response);
189 if (!is_null($http->responseJson) && !empty($http->responseJson->access_token) && !empty($http->responseJson->expires_in)) {
190 if (isset($http->responseJson->scope)) {
191 $scopesAccepted = explode(' ', $http->responseJson->scope);
192 } else {
193 $scopesAccepted = $scopesRequested;
194 }
195 $this->scopes = $scopesAccepted;
196 $this->token = $http->responseJson->access_token;
197 $this->expires = time() + $http->responseJson->expires_in;
198 if (!$scopeOnly) {
199 $this->save();
200 }
201 }
202 $retry = false;
203 } elseif ($retry) {
204 $retry = false;
205 } elseif (!empty($scope) && (count($scopesRequested) > 1)) { // Just ask for the single scope requested
206 $retry = true;
207 $scopesRequested = array($scope);
208 }
209 } while ($retry);
210 }
211 } else {
212 $this->scopes = null;
213 $this->token = null;
214 $this->expires = null;
215 $this->created = null;
216 $this->updated = null;
217 }
218
219 return $this;
220 }
221}
ILIAS\LTI\ToolProvider\AccessToken
Class to represent an HTTP message.
Definition: AccessToken.php:33
ILIAS\LTI\ToolProvider\AccessToken\$token
string $token
Access token string.
Definition: AccessToken.php:39
ILIAS\LTI\ToolProvider\AccessToken\$updated
int $updated
Timestamp for when the object was last updated.
Definition: AccessToken.php:74
ILIAS\LTI\ToolProvider\AccessToken\$scopes
array $scopes
Scope(s) for which the access token is valid.
Definition: AccessToken.php:53
ILIAS\LTI\ToolProvider\AccessToken\save
save()
Save a nonce value in the database.
Definition: AccessToken.php:125
ILIAS\LTI\ToolProvider\AccessToken\load
load()
Load a nonce value from the database.
Definition: AccessToken.php:115
ILIAS\LTI\ToolProvider\AccessToken\$created
int $created
Timestamp for when the object was created.
Definition: AccessToken.php:67
ILIAS\LTI\ToolProvider\AccessToken\$platform
Platform $platform
Platform for this context.
Definition: AccessToken.php:60
ILIAS\LTI\ToolProvider\AccessToken\$expires
int $expires
Timestamp at which the token string expires.
Definition: AccessToken.php:46
ILIAS\LTI\ToolProvider\AccessToken\__construct
__construct(Platform $platform, array $scopes=null, string $token=null, int $expires=null)
Class constructor.
Definition: AccessToken.php:83
ILIAS\LTI\ToolProvider\AccessToken\hasScope
hasScope(string $scope='')
Check if a valid access token exists for a specific scope (or any scope if none specified).
Definition: AccessToken.php:136
ILIAS\LTI\ToolProvider\Platform
Class to represent a platform.
Definition: Platform.php:36
ILIAS\LTI\ToolProvider\Tool
Class to represent an LTI Tool.
Definition: Tool.php:39
ILIAS\LTI\ToolProvider\Tool\$defaultTool
static Tool $defaultTool
Default tool for use with service requests.
Definition: Tool.php:299
$scope
$scope
Definition: ltiregstart.php:53
ILIAS\LTI\ToolProvider
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: AccessToken.php:19
$type
$type
Definition: proxy_ylocal.php:10
$url
$url
Definition: proxy_ylocal.php:28
$http
$http
Definition: raiseError.php:7