1191 lines
58 KiB
HTML
1191 lines
58 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en">
|
||
<head>
|
||
<meta charset="utf-8">
|
||
<title>Documentation</title>
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
<base href="../">
|
||
<link rel="icon" href="images/favicon.ico"/>
|
||
<link rel="stylesheet" href="css/normalize.css">
|
||
<link rel="stylesheet" href="css/base.css">
|
||
<link href="https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap" rel="stylesheet">
|
||
<link rel="stylesheet" href="css/template.css">
|
||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0/css/all.min.css" integrity="sha256-ybRkN9dBjhcS2qrW1z+hfCxq+1aBdwyQM5wlQoQVt/0=" crossorigin="anonymous" />
|
||
<script src="https://cdn.jsdelivr.net/npm/fuse.js@3.4.6"></script>
|
||
<script src="https://cdn.jsdelivr.net/npm/css-vars-ponyfill@2"></script>
|
||
<script src="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0/js/all.min.js" integrity="sha256-0vuk8LXoyrmCjp1f0O300qo1M75ZQyhH9X3J6d+scmk=" crossorigin="anonymous"></script>
|
||
<script src="js/search.js"></script>
|
||
<script defer src="js/searchIndex.js"></script>
|
||
</head>
|
||
<body id="top">
|
||
<header class="phpdocumentor-header phpdocumentor-section">
|
||
<h1 class="phpdocumentor-title"><a href="" class="phpdocumentor-title__link">Documentation</a></h1>
|
||
<input class="phpdocumentor-header__menu-button" type="checkbox" id="menu-button" name="menu-button" />
|
||
<label class="phpdocumentor-header__menu-icon" for="menu-button">
|
||
<i class="fas fa-bars"></i>
|
||
</label>
|
||
<section data-search-form class="phpdocumentor-search">
|
||
<label>
|
||
<span class="visually-hidden">Search for</span>
|
||
<svg class="phpdocumentor-search__icon" width="21" height="20" viewBox="0 0 21 20" fill="none" xmlns="http://www.w3.org/2000/svg">
|
||
<circle cx="7.5" cy="7.5" r="6.5" stroke="currentColor" stroke-width="2"/>
|
||
<line x1="12.4892" y1="12.2727" x2="19.1559" y2="18.9393" stroke="currentColor" stroke-width="3"/>
|
||
</svg>
|
||
<input type="search" class="phpdocumentor-field phpdocumentor-search__field" placeholder="Loading .." disabled />
|
||
</label>
|
||
</section>
|
||
|
||
<nav class="phpdocumentor-topnav">
|
||
<ul class="phpdocumentor-topnav__menu">
|
||
</ul>
|
||
</nav>
|
||
</header>
|
||
|
||
<main class="phpdocumentor">
|
||
<div class="phpdocumentor-section">
|
||
<input class="phpdocumentor-sidebar__menu-button" type="checkbox" id="sidebar-button" name="sidebar-button" />
|
||
<label class="phpdocumentor-sidebar__menu-icon" for="sidebar-button">
|
||
Menu
|
||
</label>
|
||
<aside class="phpdocumentor-column -four phpdocumentor-sidebar">
|
||
|
||
<section class="phpdocumentor-sidebar__category">
|
||
<h2 class="phpdocumentor-sidebar__category-header">Namespaces</h2>
|
||
<h4 class="phpdocumentor-sidebar__root-namespace"><a href="namespaces/taproot.html"><abbr title="\Taproot">Taproot</abbr></a></h4>
|
||
<ul class="phpdocumentor-list">
|
||
<li><a href="namespaces/taproot-indieauth.html"><abbr title="\Taproot\IndieAuth">IndieAuth</abbr></a></li>
|
||
</ul>
|
||
</section>
|
||
|
||
|
||
<section class="phpdocumentor-sidebar__category">
|
||
<h2 class="phpdocumentor-sidebar__category-header">Reports</h2>
|
||
<h3 class="phpdocumentor-sidebar__root-package"><a href="reports/deprecated.html">Deprecated</a></h3>
|
||
<h3 class="phpdocumentor-sidebar__root-package"><a href="reports/errors.html">Errors</a></h3>
|
||
<h3 class="phpdocumentor-sidebar__root-package"><a href="reports/markers.html">Markers</a></h3>
|
||
</section>
|
||
|
||
<section class="phpdocumentor-sidebar__category">
|
||
<h2 class="phpdocumentor-sidebar__category-header">Indices</h2>
|
||
<h3 class="phpdocumentor-sidebar__root-package"><a href="indices/files.html">Files</a></h3>
|
||
</section>
|
||
</aside>
|
||
|
||
<div class="phpdocumentor-column -eight phpdocumentor-content">
|
||
<ul class="phpdocumentor-breadcrumbs">
|
||
<li class="phpdocumentor-breadcrumb"><a href="namespaces/taproot.html">Taproot</a></li>
|
||
<li class="phpdocumentor-breadcrumb"><a href="namespaces/taproot-indieauth.html">IndieAuth</a></li>
|
||
</ul>
|
||
|
||
<article class="phpdocumentor-element -class">
|
||
<h2 class="phpdocumentor-content__title">
|
||
Server
|
||
|
||
|
||
|
||
|
||
</h2>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">79</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">IndieAuth Server</p>
|
||
|
||
<section class="phpdocumentor-description"><p>A PSR-7-compatible implementation of the request-handling logic for IndieAuth authorization endpoints
|
||
and token endpoints.</p>
|
||
<p>Typical minimal usage looks something like this:</p>
|
||
<pre class="prettyprint"><code class="prettyprint">// Somewhere in your app set-up code:
|
||
$server = new Taproot\IndieAuth\Server([
|
||
// A secret key, >= 64 characters long.
|
||
'secret' => YOUR_APP_INDIEAUTH_SECRET,
|
||
|
||
// A path to store token data, or an object implementing TokenStorageInterface.
|
||
'tokenStorage' => '/../data/auth_tokens/',
|
||
|
||
// An authentication callback function, which either returns data about the current user,
|
||
// or redirects to/implements an authentication flow.
|
||
'authenticationHandler' => function (ServerRequestInterface $request, string $authenticationRedirect, ?string $normalizedMeUrl) {
|
||
// If the request is authenticated, return an array with a `me` key containing the
|
||
// canonical URL of the currently logged-in user.
|
||
if ($userUrl = getLoggedInUserUrl($request)) {
|
||
return ['me' => $userUrl];
|
||
}
|
||
|
||
// Otherwise, redirect the user to a login page, ensuring that they will be redirected
|
||
// back to the IndieAuth flow with query parameters intact once logged in.
|
||
return new Response('302', ['Location' => 'https://example.com/login?next=' . urlencode($authenticationRedirect)]);
|
||
}
|
||
]);
|
||
|
||
// In your authorization endpoint route:
|
||
return $server->handleAuthorizationEndpointRequest($request);
|
||
|
||
// In your token endpoint route:
|
||
return $server->handleTokenEndpointRequest($request);
|
||
|
||
// In another route (e.g. a micropub route), to authenticate the request:
|
||
// (assuming $bearerToken is a token parsed from an “Authorization: Bearer XXXXXX” header
|
||
// or access_token property from a request body)
|
||
if ($accessToken = $server->getTokenStorage()->getAccessToken($bearerToken)) {
|
||
// Request is authenticated as $accessToken['me'], and is allowed to
|
||
// act according to the scopes listed in $accessToken['scope'].
|
||
$scopes = explode(' ', $accessToken['scope']);
|
||
}
|
||
</code></pre>
|
||
<p>Refer to the <code class="prettyprint">__construct</code> documentation for further configuration options, and to the
|
||
documentation for both handling methods for further documentation about them.</p>
|
||
</section>
|
||
|
||
|
||
<h5 class="phpdocumentor-tag-list__heading" id="tags">
|
||
Tags
|
||
<a href="#tags" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h5>
|
||
<dl class="phpdocumentor-tag-list">
|
||
<dt class="phpdocumentor-tag-list__entry">
|
||
<span class="phpdocumentor-tag__name">link</span>
|
||
</dt>
|
||
<dd class="phpdocumentor-tag-list__definition">
|
||
<a class="phpdocumentor-tag-link" href="https://indieauth.spec.indieweb.org/"> https://indieauth.spec.indieweb.org/ </a>
|
||
|
||
</dd>
|
||
<dt class="phpdocumentor-tag-list__entry">
|
||
<span class="phpdocumentor-tag__name">link</span>
|
||
</dt>
|
||
<dd class="phpdocumentor-tag-list__definition">
|
||
<a class="phpdocumentor-tag-link" href="https://www.rfc-editor.org/rfc/rfc6749.html#section-5.2"> https://www.rfc-editor.org/rfc/rfc6749.html#section-5.2 </a>
|
||
|
||
</dd>
|
||
<dt class="phpdocumentor-tag-list__entry">
|
||
<span class="phpdocumentor-tag__name">link</span>
|
||
</dt>
|
||
<dd class="phpdocumentor-tag-list__definition">
|
||
<a class="phpdocumentor-tag-link" href="https://github.com/indieweb/indieauth-client-php"> https://github.com/indieweb/indieauth-client-php </a>
|
||
|
||
</dd>
|
||
<dt class="phpdocumentor-tag-list__entry">
|
||
<span class="phpdocumentor-tag__name">link</span>
|
||
</dt>
|
||
<dd class="phpdocumentor-tag-list__definition">
|
||
<a class="phpdocumentor-tag-link" href="https://github.com/Zegnat/php-mindee/blob/development/index.php"> https://github.com/Zegnat/php-mindee/blob/development/index.php </a>
|
||
|
||
</dd>
|
||
</dl>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<h3 id="toc">
|
||
Table of Contents
|
||
<a href="#toc" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h3>
|
||
|
||
<dl class="phpdocumentor-table-of-contents">
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_APPROVE_ACTION_KEY">APPROVE_ACTION_KEY</a>
|
||
<span>
|
||
= 'taproot_indieauth_action' </span>
|
||
</dt>
|
||
<dd>The form data key used for identifying a request as an authorization (consent screen) form submissions.</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_APPROVE_ACTION_VALUE">APPROVE_ACTION_VALUE</a>
|
||
<span>
|
||
= 'approve' </span>
|
||
</dt>
|
||
<dd>The form data value used for identifying a request as an authorization (consent screen) form submissions.</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_DEFAULT_CSRF_KEY">DEFAULT_CSRF_KEY</a>
|
||
<span>
|
||
= 'taproot_indieauth_server_csrf' </span>
|
||
</dt>
|
||
<dd>The key used to store the CSRF token everywhere it’s used: Request parameters, Request body, and Cookies.</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HANDLE_AUTHENTICATION_REQUEST">HANDLE_AUTHENTICATION_REQUEST</a>
|
||
<span>
|
||
= 'authenticationHandler' </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HANDLE_NON_INDIEAUTH_REQUEST">HANDLE_NON_INDIEAUTH_REQUEST</a>
|
||
<span>
|
||
= 'handleNonIndieAuthRequestCallback' </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -constant -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HASH_QUERY_STRING_KEY">HASH_QUERY_STRING_KEY</a>
|
||
<span>
|
||
= 'taproot_indieauth_server_hash' </span>
|
||
</dt>
|
||
<dd>The query string parameter key used for storing the hash used for validating authorization request parameters.</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_authorizationForm">$authorizationForm</a>
|
||
<span>
|
||
: <a href="classes/Taproot-IndieAuth-Callback-AuthorizationFormInterface.html"><abbr title="\Taproot\IndieAuth\Callback\AuthorizationFormInterface">AuthorizationFormInterface</abbr></a> </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_csrfMiddleware">$csrfMiddleware</a>
|
||
<span>
|
||
: <abbr title="\Psr\Http\Server\MiddlewareInterface">MiddlewareInterface</abbr> </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_exceptionTemplatePath">$exceptionTemplatePath</a>
|
||
<span>
|
||
: string </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_handleAuthenticationRequestCallback">$handleAuthenticationRequestCallback</a>
|
||
<span>
|
||
: callable </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_handleNonIndieAuthRequest">$handleNonIndieAuthRequest</a>
|
||
<span>
|
||
: callable </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_httpGetWithEffectiveUrl">$httpGetWithEffectiveUrl</a>
|
||
<span>
|
||
: callable </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_logger">$logger</a>
|
||
<span>
|
||
: <abbr title="\Psr\Log\LoggerInterface">LoggerInterface</abbr> </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_requirePkce">$requirePkce</a>
|
||
<span>
|
||
: bool </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_secret">$secret</a>
|
||
<span>
|
||
: string </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -property -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_tokenStorage">$tokenStorage</a>
|
||
<span>
|
||
: <a href="classes/Taproot-IndieAuth-Storage-TokenStorageInterface.html"><abbr title="\Taproot\IndieAuth\Storage\TokenStorageInterface">TokenStorageInterface</abbr></a> </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -method -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method___construct">__construct()</a>
|
||
<span>
|
||
: self </span>
|
||
</dt>
|
||
<dd>Constructor</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -method -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_getTokenStorage">getTokenStorage()</a>
|
||
<span>
|
||
: <a href="classes/Taproot-IndieAuth-Storage-TokenStorageInterface.html"><abbr title="\Taproot\IndieAuth\Storage\TokenStorageInterface">TokenStorageInterface</abbr></a> </span>
|
||
</dt>
|
||
<dd></dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -method -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleAuthorizationEndpointRequest">handleAuthorizationEndpointRequest()</a>
|
||
<span>
|
||
: <abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr> </span>
|
||
</dt>
|
||
<dd>Handle Authorization Endpoint Request</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -method -public">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleTokenEndpointRequest">handleTokenEndpointRequest()</a>
|
||
<span>
|
||
: <abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr> </span>
|
||
</dt>
|
||
<dd>Handle Token Endpoint Request</dd>
|
||
|
||
<dt class="phpdocumentor-table-of-contents__entry -method -protected">
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleException">handleException()</a>
|
||
<span>
|
||
: <abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr> </span>
|
||
</dt>
|
||
<dd>Handle Exception</dd>
|
||
|
||
</dl>
|
||
|
||
|
||
|
||
|
||
<section class="phpdocumentor-constants">
|
||
<h3 class="phpdocumentor-elements__header" id="constants">
|
||
Constants
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constants" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h3>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_APPROVE_ACTION_KEY">
|
||
APPROVE_ACTION_KEY
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_APPROVE_ACTION_KEY" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">96</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">The form data key used for identifying a request as an authorization (consent screen) form submissions.</p>
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">APPROVE_ACTION_KEY</span>
|
||
= <span class="phpdocumentor-signature__default-value">'taproot_indieauth_action'</span>
|
||
</code>
|
||
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_APPROVE_ACTION_VALUE">
|
||
APPROVE_ACTION_VALUE
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_APPROVE_ACTION_VALUE" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">101</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">The form data value used for identifying a request as an authorization (consent screen) form submissions.</p>
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">APPROVE_ACTION_VALUE</span>
|
||
= <span class="phpdocumentor-signature__default-value">'approve'</span>
|
||
</code>
|
||
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_DEFAULT_CSRF_KEY">
|
||
DEFAULT_CSRF_KEY
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_DEFAULT_CSRF_KEY" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">91</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">The key used to store the CSRF token everywhere it’s used: Request parameters, Request body, and Cookies.</p>
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">DEFAULT_CSRF_KEY</span>
|
||
= <span class="phpdocumentor-signature__default-value">'taproot_indieauth_server_csrf'</span>
|
||
</code>
|
||
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_HANDLE_AUTHENTICATION_REQUEST">
|
||
HANDLE_AUTHENTICATION_REQUEST
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HANDLE_AUTHENTICATION_REQUEST" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">81</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">HANDLE_AUTHENTICATION_REQUEST</span>
|
||
= <span class="phpdocumentor-signature__default-value">'authenticationHandler'</span>
|
||
</code>
|
||
|
||
|
||
|
||
|
||
|
||
</article>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_HANDLE_NON_INDIEAUTH_REQUEST">
|
||
HANDLE_NON_INDIEAUTH_REQUEST
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HANDLE_NON_INDIEAUTH_REQUEST" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">80</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">HANDLE_NON_INDIEAUTH_REQUEST</span>
|
||
= <span class="phpdocumentor-signature__default-value">'handleNonIndieAuthRequestCallback'</span>
|
||
</code>
|
||
|
||
|
||
|
||
|
||
|
||
</article>
|
||
<article class="phpdocumentor-element -constant -public ">
|
||
<h4 class="phpdocumentor-element__name" id="constant_HASH_QUERY_STRING_KEY">
|
||
HASH_QUERY_STRING_KEY
|
||
<a href="classes/Taproot-IndieAuth-Server.html#constant_HASH_QUERY_STRING_KEY" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">86</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">The query string parameter key used for storing the hash used for validating authorization request parameters.</p>
|
||
|
||
<code class="phpdocumentor-signature phpdocumentor-code ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__type">mixed</span>
|
||
<span class="phpdocumentor-signature__name">HASH_QUERY_STRING_KEY</span>
|
||
= <span class="phpdocumentor-signature__default-value">'taproot_indieauth_server_hash'</span>
|
||
</code>
|
||
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
</section>
|
||
|
||
|
||
<section class="phpdocumentor-properties">
|
||
<h3 class="phpdocumentor-elements__header" id="properties">
|
||
Properties
|
||
<a href="classes/Taproot-IndieAuth-Server.html#properties" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h3>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_authorizationForm">
|
||
$authorizationForm
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_authorizationForm" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">107</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type"><a href="classes/Taproot-IndieAuth-Callback-AuthorizationFormInterface.html"><abbr title="\Taproot\IndieAuth\Callback\AuthorizationFormInterface">AuthorizationFormInterface</abbr></a></span>
|
||
<span class="phpdocumentor-signature__name">$authorizationForm</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_csrfMiddleware">
|
||
$csrfMiddleware
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_csrfMiddleware" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">110</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type"><abbr title="\Psr\Http\Server\MiddlewareInterface">MiddlewareInterface</abbr></span>
|
||
<span class="phpdocumentor-signature__name">$csrfMiddleware</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_exceptionTemplatePath">
|
||
$exceptionTemplatePath
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_exceptionTemplatePath" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">125</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">string</span>
|
||
<span class="phpdocumentor-signature__name">$exceptionTemplatePath</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_handleAuthenticationRequestCallback">
|
||
$handleAuthenticationRequestCallback
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_handleAuthenticationRequestCallback" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">119</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">callable</span>
|
||
<span class="phpdocumentor-signature__name">$handleAuthenticationRequestCallback</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_handleNonIndieAuthRequest">
|
||
$handleNonIndieAuthRequest
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_handleNonIndieAuthRequest" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">122</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">callable</span>
|
||
<span class="phpdocumentor-signature__name">$handleNonIndieAuthRequest</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_httpGetWithEffectiveUrl">
|
||
$httpGetWithEffectiveUrl
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_httpGetWithEffectiveUrl" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">116</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">callable</span>
|
||
<span class="phpdocumentor-signature__name">$httpGetWithEffectiveUrl</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_logger">
|
||
$logger
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_logger" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">113</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type"><abbr title="\Psr\Log\LoggerInterface">LoggerInterface</abbr></span>
|
||
<span class="phpdocumentor-signature__name">$logger</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_requirePkce">
|
||
$requirePkce
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_requirePkce" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">131</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">bool</span>
|
||
<span class="phpdocumentor-signature__name">$requirePkce</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_secret">
|
||
$secret
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_secret" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">128</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type">string</span>
|
||
<span class="phpdocumentor-signature__name">$secret</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="
|
||
phpdocumentor-element
|
||
-property
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="property_tokenStorage">
|
||
$tokenStorage
|
||
<a href="classes/Taproot-IndieAuth-Server.html#property_tokenStorage" class="headerlink"><i class="fas fa-link"></i></a>
|
||
<span class="phpdocumentor-element__modifiers">
|
||
</span>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">104</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__type"><a href="classes/Taproot-IndieAuth-Storage-TokenStorageInterface.html"><abbr title="\Taproot\IndieAuth\Storage\TokenStorageInterface">TokenStorageInterface</abbr></a></span>
|
||
<span class="phpdocumentor-signature__name">$tokenStorage</span>
|
||
</code>
|
||
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
|
||
</article>
|
||
</section>
|
||
|
||
<section class="phpdocumentor-methods">
|
||
<h3 class="phpdocumentor-elements__header" id="methods">
|
||
Methods
|
||
<a href="classes/Taproot-IndieAuth-Server.html#methods" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h3>
|
||
<article
|
||
class="phpdocumentor-element
|
||
-method
|
||
-public
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="method___construct">
|
||
__construct()
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method___construct" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">208</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">Constructor</p>
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__name">__construct</span><span>(</span><span class="phpdocumentor-signature__argument"><span class="phpdocumentor-signature__argument__return-type">array<string|int, mixed> </span><span class="phpdocumentor-signature__argument__name">$config</span></span><span>)</span><span> : </span><span class="phpdocumentor-signature__response_type">self</span></code>
|
||
|
||
<section class="phpdocumentor-description"><p>Server instances are configured by passing a config array to the constructor.</p>
|
||
<p>The following keys are required:</p>
|
||
<ul>
|
||
<li>
|
||
<p><code class="prettyprint">authenticationHandler</code>: a callable with the signature
|
||
<code class="prettyprint">function (ServerRequestInterface $request, string $authenticationRedirect, ?string $normalizedMeUrl): array|ResponseInterface</code>.
|
||
This function is called on IndieAuth authorization requests, after validating the query parameters.</p>
|
||
<p>It should check to see if $request is authenticated, then:</p>
|
||
<ul>
|
||
<li>If it is authenticated, return an array which MUST have a <code class="prettyprint">me</code> key, mapping to the
|
||
canonical URL of the currently logged-in user. It may additionally have a <code class="prettyprint">profile</code> key. These
|
||
keys will be stored in the authorization code and sent to the client, if successful.</li>
|
||
<li>If it is not authenticated, either present or redirect to an authentication flow. This flow MUST
|
||
redirect the logged-in used back to <code class="prettyprint">$authenticationRedirect</code>.</li>
|
||
</ul>
|
||
<p>If the request has a valid <code class="prettyprint">me</code> parameter, the canonicalized version of it is passed as
|
||
<code class="prettyprint">$normalizedMeUrl</code>. Otherwise, this parameter is null. This parameter can optionally be used
|
||
as a suggestion for which user to log in as in a multi-user authentication flow, but should NOT
|
||
be considered valid data.</p>
|
||
<p>If redirecting to an existing authentication flow, this callable can usually be implemented as a
|
||
closure. The callable may also implement its own authentication logic. For an example, see
|
||
<code class="prettyprint">Callback\SingleUserPasswordAuthenticationCallback</code>.</p>
|
||
</li>
|
||
<li>
|
||
<p><code class="prettyprint">secret</code>: A cryptographically random string with a minimum length of 64 characters. Used
|
||
to hash and subsequently verify request query parameters which get passed around.</p>
|
||
</li>
|
||
<li>
|
||
<p><code class="prettyprint">tokenStorage</code>: Either an object implementing <code class="prettyprint">Storage\TokenStorageInterface</code>, or a string path,
|
||
which will be passed to <code class="prettyprint">Storage\FilesystemJsonStorage</code>. This object handles persisting authorization
|
||
codes and access tokens, as well as implementation-specific parts of the exchange process which are
|
||
out of the scope of the Server class (e.g. lifetimes and expiry). Refer to the <code class="prettyprint">Storage\TokenStorageInterface</code>
|
||
documentation for more details.</p>
|
||
</li>
|
||
</ul>
|
||
<p>The following keys may be required depending on which packages you have installed:</p>
|
||
<ul>
|
||
<li>
|
||
<code class="prettyprint">httpGetWithEffectiveUrl</code>: must be a callable with the following signature:
|
||
<code class="prettyprint">function (string $url): array [ResponseInterface $response, string $effectiveUrl]</code>, where
|
||
<code class="prettyprint">$effectiveUrl</code> is the final URL after following any redirects (unfortunately, neither the PSR-7
|
||
Response nor the PSR-18 Client interfaces offer a standard way of getting this very important
|
||
data, hence the unusual return signature). If <code class="prettyprint">guzzlehttp/guzzle</code> is installed, this parameter
|
||
will be created automatically. Otherwise, the user must provide their own callable.</li>
|
||
</ul>
|
||
<p>The following keys are optional:</p>
|
||
<ul>
|
||
<li>
|
||
<code class="prettyprint">authorizationForm</code>: an instance of <code class="prettyprint">AuthorizationFormInterface</code>. Defaults to <code class="prettyprint">DefaultAuthorizationForm</code>.
|
||
Refer to that implementation if you wish to replace the consent screen/scope choosing/authorization form.</li>
|
||
<li>
|
||
<code class="prettyprint">csrfMiddleware</code>: an instance of <code class="prettyprint">MiddlewareInterface</code>, which will be used to CSRF-protect the
|
||
user-facing authorization flow. By default an instance of <code class="prettyprint">DoubleSubmitCookieCsrfMiddleware</code>.
|
||
Refer to that implementation if you want to replace it with your own middleware — you will
|
||
likely have to either make sure your middleware sets the same request attribute, or alter your
|
||
templates accordingly.</li>
|
||
<li>
|
||
<code class="prettyprint">exceptionTemplatePath</code>: string, path to a template which will be used for displaying user-facing
|
||
errors. Defaults to <code class="prettyprint">../templates/default_exception_response.html.php</code>, refer to that if you wish
|
||
to write your own template.</li>
|
||
<li>
|
||
<code class="prettyprint">handleNonIndieAuthRequestCallback</code>: A callback with the following signature:
|
||
<code class="prettyprint">function (ServerRequestInterface $request): ?ResponseInterface</code> which will be called if the
|
||
authorization endpoint gets a request which is not identified as an IndieAuth request or authorization
|
||
form submission request. You could use this to handle various requests e.g. client-side requests
|
||
made by your authentication or authorization pages, if it’s not convenient to put them elsewhere.
|
||
Returning <code class="prettyprint">null</code> will result in a standard <code class="prettyprint">invalid_request</code> error being returned.</li>
|
||
<li>
|
||
<code class="prettyprint">logger</code>: An instance of <code class="prettyprint">LoggerInterface</code>. Will be used for internal logging, and will also be set
|
||
as the logger for any objects passed in config which implement <code class="prettyprint">LoggerAwareInterface</code>.</li>
|
||
<li>
|
||
<code class="prettyprint">requirePKCE</code>: bool, default true. Setting this to <code class="prettyprint">false</code> allows requests which don’t provide PKCE
|
||
parameters (code_challenge, code_challenge_method, code_verifier), under the following conditions:
|
||
<ul>
|
||
<li>If any of the PKCE parameters are present in an authorization code request, all must be present
|
||
and valid.</li>
|
||
<li>If an authorization code request lacks PKCE parameters, the created auth code can only be exchanged
|
||
by an exchange request without parameters.</li>
|
||
<li>If authorization codes are stored without PKCE parameters, and then <code class="prettyprint">requirePKCE</code> is set to <code class="prettyprint">true</code>,
|
||
these old authorization codes will no longer be redeemable.</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</section>
|
||
|
||
<h5 class="phpdocumentor-argument-list__heading">Parameters</h5>
|
||
<dl class="phpdocumentor-argument-list">
|
||
<dt class="phpdocumentor-argument-list__entry">
|
||
<span class="phpdocumentor-signature__argument__name">$config</span>
|
||
: <span class="phpdocumentor-signature__argument__return-type">array<string|int, mixed></span>
|
||
</dt>
|
||
<dd class="phpdocumentor-argument-list__definition">
|
||
<section class="phpdocumentor-description"><p>An array of configuration variables</p>
|
||
</section>
|
||
|
||
</dd>
|
||
</dl>
|
||
|
||
|
||
|
||
<h5 class="phpdocumentor-return-value__heading">Return values</h5>
|
||
<span class="phpdocumentor-signature__response_type">self</span>
|
||
—
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="phpdocumentor-element
|
||
-method
|
||
-public
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="method_getTokenStorage">
|
||
getTokenStorage()
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_getTokenStorage" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">306</span>
|
||
</aside>
|
||
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__name">getTokenStorage</span><span>(</span><span>)</span><span> : </span><span class="phpdocumentor-signature__response_type"><a href="classes/Taproot-IndieAuth-Storage-TokenStorageInterface.html"><abbr title="\Taproot\IndieAuth\Storage\TokenStorageInterface">TokenStorageInterface</abbr></a></span></code>
|
||
|
||
|
||
|
||
|
||
|
||
<h5 class="phpdocumentor-return-value__heading">Return values</h5>
|
||
<span class="phpdocumentor-signature__response_type"><a href="classes/Taproot-IndieAuth-Storage-TokenStorageInterface.html"><abbr title="\Taproot\IndieAuth\Storage\TokenStorageInterface">TokenStorageInterface</abbr></a></span>
|
||
—
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="phpdocumentor-element
|
||
-method
|
||
-public
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="method_handleAuthorizationEndpointRequest">
|
||
handleAuthorizationEndpointRequest()
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleAuthorizationEndpointRequest" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">345</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">Handle Authorization Endpoint Request</p>
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__name">handleAuthorizationEndpointRequest</span><span>(</span><span class="phpdocumentor-signature__argument"><span class="phpdocumentor-signature__argument__return-type"><abbr title="\Psr\Http\Message\ServerRequestInterface">ServerRequestInterface</abbr> </span><span class="phpdocumentor-signature__argument__name">$request</span></span><span>)</span><span> : </span><span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span></code>
|
||
|
||
<section class="phpdocumentor-description"><p>This method handles all requests to your authorization endpoint, passing execution off to
|
||
other callbacks when necessary. The logical flow can be summarised as follows:</p>
|
||
<ul>
|
||
<li>If this request an <strong>auth code exchange for profile information</strong>, validate the request
|
||
and return a response or error response.</li>
|
||
<li>Otherwise, proceed, wrapping all execution in CSRF-protection middleware.</li>
|
||
<li>Validate the request’s indieauth authorization code request parameters, returning an
|
||
error response if any are missing or invalid.</li>
|
||
<li>Call the authentication callback
|
||
<ul>
|
||
<li>If the callback returned an instance of ResponseInterface, the user is not currently
|
||
logged in. Return the Response, which will presumably start an authentication flow.</li>
|
||
<li>Otherwise, the callback returned information about the currently logged-in user. Continue.</li>
|
||
</ul>
|
||
</li>
|
||
<li>If this request is an authorization form submission, validate the data, store and authorization
|
||
code and return a redirect response to the client redirect_uri with code data. On an error, return
|
||
an appropriate error response.</li>
|
||
<li>Otherwise, fetch the client_id, parse app data if present, validate the <code class="prettyprint">redirect_uri</code> and present
|
||
the authorization form/consent screen to the user.</li>
|
||
<li>If none of the above apply, try calling the non-indieauth request handler. If it returns a Response,
|
||
return that, otherwise return an error response.</li>
|
||
</ul>
|
||
<p>This route should NOT be wrapped in additional CSRF-protection, due to the need to handle API
|
||
POST requests from the client. Make sure you call it from a route which is excluded from any
|
||
CSRF-protection you might be using. To customise the CSRF protection used internally, refer to the
|
||
<code class="prettyprint">__construct</code> config array documentation for the <code class="prettyprint">csrfMiddleware</code> key.</p>
|
||
<p>Most user-facing errors are thrown as instances of <code class="prettyprint">IndieAuthException</code>, which are passed off to
|
||
<code class="prettyprint">handleException</code> to be turned into an instance of <code class="prettyprint">ResponseInterface</code>. If you want to customise
|
||
error behaviour, one way to do so is to subclass <code class="prettyprint">Server</code> and override that method.</p>
|
||
</section>
|
||
|
||
<h5 class="phpdocumentor-argument-list__heading">Parameters</h5>
|
||
<dl class="phpdocumentor-argument-list">
|
||
<dt class="phpdocumentor-argument-list__entry">
|
||
<span class="phpdocumentor-signature__argument__name">$request</span>
|
||
: <span class="phpdocumentor-signature__argument__return-type"><abbr title="\Psr\Http\Message\ServerRequestInterface">ServerRequestInterface</abbr></span>
|
||
</dt>
|
||
<dd class="phpdocumentor-argument-list__definition">
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
</dd>
|
||
</dl>
|
||
|
||
|
||
|
||
<h5 class="phpdocumentor-return-value__heading">Return values</h5>
|
||
<span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span>
|
||
—
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="phpdocumentor-element
|
||
-method
|
||
-public
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="method_handleTokenEndpointRequest">
|
||
handleTokenEndpointRequest()
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleTokenEndpointRequest" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">728</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">Handle Token Endpoint Request</p>
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">public</span>
|
||
<span class="phpdocumentor-signature__name">handleTokenEndpointRequest</span><span>(</span><span class="phpdocumentor-signature__argument"><span class="phpdocumentor-signature__argument__return-type"><abbr title="\Psr\Http\Message\ServerRequestInterface">ServerRequestInterface</abbr> </span><span class="phpdocumentor-signature__argument__name">$request</span></span><span>)</span><span> : </span><span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span></code>
|
||
|
||
<section class="phpdocumentor-description"><p>Handles requests to the IndieAuth token endpoint. The logical flow can be summarised as follows:</p>
|
||
<ul>
|
||
<li>Check that the request is a code redeeming request. Return an error if not.</li>
|
||
<li>Ensure that all required parameters are present. Return an error if not.</li>
|
||
<li>Attempt to exchange the <code class="prettyprint">code</code> parameter for an access token. Return an error if it fails.</li>
|
||
<li>Make sure the client_id and redirect_uri request parameters match those stored in the auth code. If not, revoke the access token and return an error.</li>
|
||
<li>Make sure the provided code_verifier hashes to the code_challenge stored in the auth code. If not, revoke the access token and return an error.</li>
|
||
<li>Make sure the granted scope stored in the auth code is not empty. If it is, revoke the access token and return an error.</li>
|
||
<li>Otherwise, return a success response containing information about the issued access token.</li>
|
||
</ul>
|
||
<p>This method must NOT be CSRF-protected as it accepts external requests from client apps.</p>
|
||
</section>
|
||
|
||
<h5 class="phpdocumentor-argument-list__heading">Parameters</h5>
|
||
<dl class="phpdocumentor-argument-list">
|
||
<dt class="phpdocumentor-argument-list__entry">
|
||
<span class="phpdocumentor-signature__argument__name">$request</span>
|
||
: <span class="phpdocumentor-signature__argument__return-type"><abbr title="\Psr\Http\Message\ServerRequestInterface">ServerRequestInterface</abbr></span>
|
||
</dt>
|
||
<dd class="phpdocumentor-argument-list__definition">
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
</dd>
|
||
</dl>
|
||
|
||
|
||
|
||
<h5 class="phpdocumentor-return-value__heading">Return values</h5>
|
||
<span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span>
|
||
—
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
</article>
|
||
<article
|
||
class="phpdocumentor-element
|
||
-method
|
||
-protected
|
||
"
|
||
>
|
||
<h4 class="phpdocumentor-element__name" id="method_handleException">
|
||
handleException()
|
||
<a href="classes/Taproot-IndieAuth-Server.html#method_handleException" class="headerlink"><i class="fas fa-link"></i></a>
|
||
</h4>
|
||
<aside class="phpdocumentor-element-found-in">
|
||
<abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
|
||
:
|
||
<span class="phpdocumentor-element-found-in__line">832</span>
|
||
</aside>
|
||
|
||
<p class="phpdocumentor-summary">Handle Exception</p>
|
||
|
||
<code class="phpdocumentor-code phpdocumentor-signature ">
|
||
<span class="phpdocumentor-signature__visibility">protected</span>
|
||
<span class="phpdocumentor-signature__name">handleException</span><span>(</span><span class="phpdocumentor-signature__argument"><span class="phpdocumentor-signature__argument__return-type"><a href="classes/Taproot-IndieAuth-IndieAuthException.html"><abbr title="\Taproot\IndieAuth\IndieAuthException">IndieAuthException</abbr></a> </span><span class="phpdocumentor-signature__argument__name">$exception</span></span><span>)</span><span> : </span><span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span></code>
|
||
|
||
<section class="phpdocumentor-description"><p>Turns an instance of <code class="prettyprint">IndieAuthException</code> into an appropriate instance of <code class="prettyprint">ResponseInterface</code>.</p>
|
||
</section>
|
||
|
||
<h5 class="phpdocumentor-argument-list__heading">Parameters</h5>
|
||
<dl class="phpdocumentor-argument-list">
|
||
<dt class="phpdocumentor-argument-list__entry">
|
||
<span class="phpdocumentor-signature__argument__name">$exception</span>
|
||
: <span class="phpdocumentor-signature__argument__return-type"><a href="classes/Taproot-IndieAuth-IndieAuthException.html"><abbr title="\Taproot\IndieAuth\IndieAuthException">IndieAuthException</abbr></a></span>
|
||
</dt>
|
||
<dd class="phpdocumentor-argument-list__definition">
|
||
|
||
</dd>
|
||
</dl>
|
||
|
||
|
||
|
||
<h5 class="phpdocumentor-return-value__heading">Return values</h5>
|
||
<span class="phpdocumentor-signature__response_type"><abbr title="\Psr\Http\Message\ResponseInterface">ResponseInterface</abbr></span>
|
||
—
|
||
<section class="phpdocumentor-description"></section>
|
||
|
||
|
||
</article>
|
||
</section>
|
||
|
||
</article>
|
||
<section data-search-results class="phpdocumentor-search-results phpdocumentor-search-results--hidden">
|
||
<section class="phpdocumentor-search-results__dialog">
|
||
<header class="phpdocumentor-search-results__header">
|
||
<h2 class="phpdocumentor-search-results__title">Search results</h2>
|
||
<button class="phpdocumentor-search-results__close"><i class="fas fa-times"></i></button>
|
||
</header>
|
||
<section class="phpdocumentor-search-results__body">
|
||
<ul class="phpdocumentor-search-results__entries"></ul>
|
||
</section>
|
||
</section>
|
||
</section>
|
||
</div>
|
||
</div>
|
||
<a href="classes/Taproot-IndieAuth-Server.html#top" class="phpdocumentor-back-to-top"><i class="fas fa-chevron-circle-up"></i></a>
|
||
|
||
</main>
|
||
|
||
<script>
|
||
cssVars({});
|
||
</script>
|
||
</body>
|
||
</html>
|