|
|
const | AUTH_TOKEN_LIFETIME_SECS = 300 |
| |
|
const | CLOCK_SKEW_SECS = 300 |
| |
|
const | MAX_TOKEN_LIFETIME_SECS = 86400 |
| |
|
const | OAUTH2_AUTH_URL = 'https://accounts.google.com/o/oauth2/auth' |
| |
|
const | OAUTH2_ISSUER = 'accounts.google.com' |
| |
|
const | OAUTH2_ISSUER_HTTPS = 'https://accounts.google.com' |
| |
|
const | OAUTH2_REVOKE_URI = 'https://accounts.google.com/o/oauth2/revoke' |
| |
|
const | OAUTH2_TOKEN_URI = 'https://accounts.google.com/o/oauth2/token' |
| |
◆ authenticate()
| Google_Auth_OAuth2::authenticate |
( |
| $code, |
|
|
| $crossClient = false ) |
- Parameters
-
| string | $code | |
| boolean | $crossClient | |
- Exceptions
-
- Return values
-
◆ authenticatedRequest()
Perform an authenticated / signed apiHttpRequest.
This function takes the apiHttpRequest, calls apiAuth->sign on it (which can modify the request in what ever way fits the auth mechanism) and then calls apiCurlIO\makeRequest on the signed request
- Parameters
-
- Return values
-
| Google_Http_Request | The resulting HTTP response including the responseHttpCode, responseHeaders and responseBody. |
Reimplemented from Google_Auth_Abstract.
◆ createAuthUrl()
| Google_Auth_OAuth2::createAuthUrl |
( |
| $scope | ) |
|
Create a URL to obtain user authorization.
The authorization endpoint allows the user to first authenticate, and then grant/deny the access request.
- Parameters
-
| string | $scope | The scope is expressed as a list of space-delimited strings. |
- Return values
-
◆ isAccessTokenExpired()
| Google_Auth_OAuth2::isAccessTokenExpired |
( |
| ) |
|
Returns if the access_token is expired.
- Return values
-
| bool | Returns True if the access_token is expired. |
◆ refreshToken()
| Google_Auth_OAuth2::refreshToken |
( |
| $refreshToken | ) |
|
Fetches a fresh access token with the given refresh token.
- Parameters
-
- Return values
-
◆ refreshTokenWithAssertion()
| Google_Auth_OAuth2::refreshTokenWithAssertion |
( |
| $assertionCredentials = null | ) |
|
Fetches a fresh access token with a given assertion token.
- Parameters
-
- Return values
-
◆ retrieveCertsFromLocation()
| Google_Auth_OAuth2::retrieveCertsFromLocation |
( |
| $url | ) |
|
Retrieve and cache a certificates file.
- Parameters
-
- Exceptions
-
- Return values
-
◆ revokeToken()
| Google_Auth_OAuth2::revokeToken |
( |
| $token = null | ) |
|
Revoke an OAuth2 access token or refresh token.
This method will revoke the current access token, if a token isn't provided.
- Exceptions
-
- Parameters
-
| string | null | $token | The token (access token or a refresh token) that should be revoked. |
- Return values
-
| boolean | Returns True if the revocation was successful, otherwise False. |
◆ setAccessToken()
| Google_Auth_OAuth2::setAccessToken |
( |
| $token | ) |
|
◆ sign()
Include an accessToken in a given apiHttpRequest.
- Parameters
-
- Return values
-
- Exceptions
-
Reimplemented from Google_Auth_Abstract.
◆ verifyIdToken()
| Google_Auth_OAuth2::verifyIdToken |
( |
| $id_token = null, |
|
|
| $audience = null ) |
Verifies an id token and returns the authenticated apiLoginTicket.
Throws an exception if the id token is not valid. The audience parameter can be used to control which id tokens are accepted. By default, the id token must have been issued to this OAuth2 client.
- Parameters
-
- Return values
-
◆ verifySignedJwtWithCerts()
| Google_Auth_OAuth2::verifySignedJwtWithCerts |
( |
| $jwt, |
|
|
| $certs, |
|
|
| $required_audience, |
|
|
| $issuer = null, |
|
|
| $max_expiry = null ) |
Verifies the id token, returns the verified token contents.
- Parameters
-
| $jwt | string the token |
| $certs | array of certificates |
| $required_audience | string the expected consumer of the token |
| [$issuer] | the expected issues, defaults to Google |
| [$max_expiry] | the max lifetime of a token, defaults to MAX_TOKEN_LIFETIME_SECS |
- Exceptions
-
- Return values
-
| mixed | token information if valid, false if not |
The documentation for this class was generated from the following file:
- lib/google/src/Google/Auth/OAuth2.php
1.11.0