Added force parameter functionality
This commit is contained in:
parent
5bb4a87280
commit
7301923bba
1 changed files with 9 additions and 6 deletions
|
@ -534,7 +534,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
||||||
'providerUid' => $oauth2ID,
|
'providerUid' => $oauth2ID,
|
||||||
'providerAccessToken' => $accessToken,
|
'providerAccessToken' => $accessToken,
|
||||||
'providerRefreshToken' => $refreshToken,
|
'providerRefreshToken' => $refreshToken,
|
||||||
'providerAccessTokenExpiry' => \time() + $accessTokenExpiry - 5, // 5 seconds time-sync and networking gap, to be safe
|
'providerAccessTokenExpiry' => \time() + $accessTokenExpiry,
|
||||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||||
'expire' => $expiry,
|
'expire' => $expiry,
|
||||||
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
||||||
|
@ -1668,7 +1668,7 @@ App::patch('/v1/account/sessions/:sessionId/oauth2-tokens')
|
||||||
->label('sdk.response.model', Response::MODEL_SESSION)
|
->label('sdk.response.model', Response::MODEL_SESSION)
|
||||||
->label('abuse-limit', 10)
|
->label('abuse-limit', 10)
|
||||||
->param('sessionId', null, new UID(), 'Session ID. Use the string \'current\' to update the current device session.')
|
->param('sessionId', null, new UID(), 'Session ID. Use the string \'current\' to update the current device session.')
|
||||||
->param('force', true, new Boolean(), 'Should generate new token even if current one is still valid?', true)
|
->param('force', false, new Boolean(), 'Should generate new token even if current one is still valid?', true)
|
||||||
->inject('request')
|
->inject('request')
|
||||||
->inject('response')
|
->inject('response')
|
||||||
->inject('user')
|
->inject('user')
|
||||||
|
@ -1698,6 +1698,11 @@ App::patch('/v1/account/sessions/:sessionId/oauth2-tokens')
|
||||||
|
|
||||||
foreach ($sessions as $key => $session) {/** @var Document $session */
|
foreach ($sessions as $key => $session) {/** @var Document $session */
|
||||||
if ($sessionId == $session->getId()) {
|
if ($sessionId == $session->getId()) {
|
||||||
|
$expireAt = (int) $session->getAttribute('providerAccessTokenExpiry');
|
||||||
|
if(\time() < $expireAt - 5 && !$force) { // 5 seconds time-sync and networking gap, to be safe
|
||||||
|
return $response->noContent();
|
||||||
|
}
|
||||||
|
|
||||||
$provider = $session->getAttribute('provider');
|
$provider = $session->getAttribute('provider');
|
||||||
$refreshToken = $session->getAttribute('providerRefreshToken');
|
$refreshToken = $session->getAttribute('providerRefreshToken');
|
||||||
|
|
||||||
|
@ -1712,7 +1717,7 @@ App::patch('/v1/account/sessions/:sessionId/oauth2-tokens')
|
||||||
$session
|
$session
|
||||||
->setAttribute('providerAccessToken', $oauth2->getAccessToken(''))
|
->setAttribute('providerAccessToken', $oauth2->getAccessToken(''))
|
||||||
->setAttribute('providerRefreshToken', $oauth2->getRefreshToken(''))
|
->setAttribute('providerRefreshToken', $oauth2->getRefreshToken(''))
|
||||||
->setAttribute('providerAccessTokenExpiry', \time() + $oauth2->getAccessTokenExpiry('') - 5) // 5 seconds time-sync and networking gap, to be safe
|
->setAttribute('providerAccessTokenExpiry', \time() + $oauth2->getAccessTokenExpiry(''))
|
||||||
;
|
;
|
||||||
|
|
||||||
$dbForProject->updateDocument('sessions', $sessionId, $session);
|
$dbForProject->updateDocument('sessions', $sessionId, $session);
|
||||||
|
@ -1735,9 +1740,7 @@ App::patch('/v1/account/sessions/:sessionId/oauth2-tokens')
|
||||||
->setParam('users.update', 1)
|
->setParam('users.update', 1)
|
||||||
;
|
;
|
||||||
|
|
||||||
$response->dynamic($session, Response::MODEL_SESSION);
|
return $response->dynamic($session, Response::MODEL_SESSION);
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue