Documentation

OAuthState extends AutoService
in package

AutoService is a base-class for defining a service (in Civi's service-container).

Tags
service

oauth2.state

Table of Contents

Constants

LEGACY_TTL  = 3600
SESSION_ID_REGEX  = '/^([\x21\x23-\x2B\x2D-\x3A\x3C-\x5B\x5D-\x7E]+)$/'
Session IDs are cookie values, so... "Any US-ASCII character excluding control characters (ASCII characters 0 up to 31 and ASCII character 127), Whitespace, double quotes, commas, semicolons, and backslashes."
SESSION_WILDCARD  = ',;"wildcard'
When beginning OAuth flow from CLI, set the state with `session=>SESSION_WILDCARD` to allow the pageflow to continue in a browser with an unknown session ID.

Properties

$cache  : CRM_Utils_Cache_Interface

Methods

load()  : mixed
Restore from the $stateId.
store()  : string
getSessionId()  : string

Constants

SESSION_WILDCARD

When beginning OAuth flow from CLI, set the state with `session=>SESSION_WILDCARD` to allow the pageflow to continue in a browser with an unknown session ID.

public mixed SESSION_WILDCARD = ',;"wildcard'

Ideal value is (1) serializable and (2) invalid as cookie-content and (3) recognizable.

Properties

Methods

load()

Restore from the $stateId.

public load(string $stateId) : mixed
Parameters
$stateId : string
Tags
throws
OAuthException

store()

public store(array<string|int, mixed> $state[, string|null $stateId = null ]) : string
Parameters
$state : array<string|int, mixed>

Flexible data. Standard keys:

  • session (string), automatically defined
  • time (int), creation time; seconds since epoch. Default: NOW
  • ttl (int), the number of seconds for which this record is valid. Default: LEGACY_TTL
  • clientId (int), the OAuthClient.id which initiated this flow
  • landingUrl (string, optional), If we want to ultimately redirect back to another part of our web UI
  • storage (string), Where to store the resulting token. Ex: OAuthSysToken or OAuthContactToken
  • scopes (array), List of scopes being requested
  • tag (string, optional), The symbolic tag to apply to the new token
  • code_verifier (string, optional), An extra string that we will send to the token-endpoint to prove that we initiated the flow
  • grant_type (string, optional), The kind of flow that we are pursuing. Default: authorization_code
$stateId : string|null = null

If specified, use the given state ID.

Return values
string

State token / identifier

getSessionId()

protected getSessionId() : string
Return values
string 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results