Path: blob/master/src/applications/auth/storage/PhabricatorAuthTemporaryToken.php
12256 views
<?php12final class PhabricatorAuthTemporaryToken extends PhabricatorAuthDAO3implements PhabricatorPolicyInterface {45// NOTE: This is usually a PHID, but may be some other kind of resource6// identifier for some token types.7protected $tokenResource;8protected $tokenType;9protected $tokenExpires;10protected $tokenCode;11protected $userPHID;12protected $properties = array();1314private $isNew = false;1516protected function getConfiguration() {17return array(18self::CONFIG_TIMESTAMPS => false,19self::CONFIG_SERIALIZATION => array(20'properties' => self::SERIALIZATION_JSON,21),22self::CONFIG_COLUMN_SCHEMA => array(23'tokenResource' => 'phid',24'tokenType' => 'text64',25'tokenExpires' => 'epoch',26'tokenCode' => 'text64',27'userPHID' => 'phid?',28),29self::CONFIG_KEY_SCHEMA => array(30'key_token' => array(31'columns' => array('tokenResource', 'tokenType', 'tokenCode'),32'unique' => true,33),34'key_expires' => array(35'columns' => array('tokenExpires'),36),37'key_user' => array(38'columns' => array('userPHID'),39),40),41) + parent::getConfiguration();42}4344private function newTokenTypeImplementation() {45$types = PhabricatorAuthTemporaryTokenType::getAllTypes();4647$type = idx($types, $this->tokenType);48if ($type) {49return clone $type;50}5152return null;53}5455public function getTokenReadableTypeName() {56$type = $this->newTokenTypeImplementation();57if ($type) {58return $type->getTokenReadableTypeName($this);59}6061return $this->tokenType;62}6364public function isRevocable() {65if ($this->tokenExpires < time()) {66return false;67}6869$type = $this->newTokenTypeImplementation();70if ($type) {71return $type->isTokenRevocable($this);72}7374return false;75}7677public function revokeToken() {78if ($this->isRevocable()) {79$this->setTokenExpires(PhabricatorTime::getNow() - 1)->save();80}81return $this;82}8384public static function revokeTokens(85PhabricatorUser $viewer,86array $token_resources,87array $token_types) {8889$tokens = id(new PhabricatorAuthTemporaryTokenQuery())90->setViewer($viewer)91->withTokenResources($token_resources)92->withTokenTypes($token_types)93->withExpired(false)94->execute();9596foreach ($tokens as $token) {97$token->revokeToken();98}99}100101public function getTemporaryTokenProperty($key, $default = null) {102return idx($this->properties, $key, $default);103}104105public function setTemporaryTokenProperty($key, $value) {106$this->properties[$key] = $value;107return $this;108}109110public function setShouldForceFullSession($force_full) {111return $this->setTemporaryTokenProperty('force-full-session', $force_full);112}113114public function getShouldForceFullSession() {115return $this->getTemporaryTokenProperty('force-full-session', false);116}117118public function setIsNewTemporaryToken($is_new) {119$this->isNew = $is_new;120return $this;121}122123public function getIsNewTemporaryToken() {124return $this->isNew;125}126127128/* -( PhabricatorPolicyInterface )----------------------------------------- */129130131public function getCapabilities() {132return array(133PhabricatorPolicyCapability::CAN_VIEW,134);135}136137public function getPolicy($capability) {138// We're just implement this interface to get access to the standard139// query infrastructure.140return PhabricatorPolicies::getMostOpenPolicy();141}142143public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {144return false;145}146147}148149150