Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
- Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/lib/classes/oauth2/ -> access_token.php (source)
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Loads/stores oauth2 access tokens in DB for system accounts in order to use a single token across multiple sessions. 19 * 20 * @package core 21 * @copyright 2018 Jan Dageförde <jan.dagefoerde@ercis.uni-muenster.de> 22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 23 */ 24 namespace core\oauth2; 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 use core\persistent; 29 30 /** 31 * Loads/stores oauth2 access tokens in DB for system accounts in order to use a single token across multiple sessions. 32 * 33 * When a system user is authenticated via OAuth, we need to use a single access token across user sessions, 34 * because we want to avoid using multiple tokens at the same time for a single remote user. Reasons are that, 35 * first, redeeming the refresh token for an access token requires an additional request, and second, there is 36 * no guarantee that redeeming the refresh token doesn't invalidate *all* corresponding previous access tokes. 37 * As a result, we would need to either continuously request lots and lots of new access tokens, or persist the 38 * access token in the DB where it can be used from all sessions. Let's do the latter! 39 * 40 * @copyright 2018 Jan Dageförde <jan.dagefoerde@ercis.uni-muenster.de> 41 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 42 */ 43 class access_token extends persistent { 44 45 /** The table name. */ 46 const TABLE = 'oauth2_access_token'; 47 48 /** 49 * Return the definition of the properties of this model. 50 * 51 * @return array 52 */ 53 protected static function define_properties() { 54 return array( 55 // Issuer id instead of the system account id because, at the time of storing/loading a token we may not 56 // know the system account id. 57 'issuerid' => array( 58 'type' => PARAM_INT 59 ), 60 'token' => array( 61 'type' => PARAM_RAW, 62 ), 63 'expires' => array( 64 'type' => PARAM_INT, 65 ), 66 'scope' => array( 67 'type' => PARAM_RAW, 68 ), 69 ); 70 } 71 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
