Documentation

DefaultAuthorizationController extends Controller
in package

An implementation of authorization endpoint.

Table of Contents

Methods

__invoke()  : Response
The entry point of this controller.
convertLoginHintToLoginId()  : string
Convert a login hint to its corresponding login ID.
convertSubjectToLoginId()  : string
Convert a subject (= user's unique identifier) to its corresponding login ID.
getAuthorizationPage()  : Response
Get the view of the authorization page.
getAuthorizationPageTemplateName()  : string
Get the name of the template for the authorization page.
getNoInteractionHandlerSpi()  : NoInteractionHandlerSpi
Get an implementation of the NoInteractionHandlerSpi interface.
getUserAuthenticatedAt()  : int
Get the time at which the user was authenticated.
handleError()  : Response
Handle the authorization request as an error case.
handleInteraction()  : Response
Handle the authorization request with user interaction.
handleNoInteraction()  : Response
Handle the authorization request without user interaction.

Methods

__invoke()

The entry point of this controller.

public __invoke(AuthleteApi $api, Request $request) : Response
Parameters
$api : AuthleteApi

An implementation of the AuthleteApi interface.

$request : Request

An authorization request.

Return values
Response

A response that should be returned to the client.

convertLoginHintToLoginId()

Convert a login hint to its corresponding login ID.

protected convertLoginHintToLoginId(string $loginHint) : string

This method may be called when the authorization request contains the login_hint parameter.

The default implementation of this method returns the given value without any conversion.

Parameters
$loginHint : string

The value of the login_hint request parameter.

Return values
string

The login ID.

convertSubjectToLoginId()

Convert a subject (= user's unique identifier) to its corresponding login ID.

protected convertSubjectToLoginId(string $subject) : string

This method is called only when the authorization request has the claims parameter and the parameter contains the sub claim. See 5.5. Requesting Claims using the claims Request Parameter of OpenID Connect Core 1.0.

The default implementation of this method returns the given value without any conversion. Note that, however, it is not rare that subjects and login IDs are different.

Parameters
$subject : string

The required subject (= user's unique identifier).

Return values
string

The login ID.

getAuthorizationPage()

Get the view of the authorization page.

protected getAuthorizationPage(array<string|int, mixed> $data) : Response
Parameters
$data : array<string|int, mixed>

The data used in the authorization page.

Return values
Response

The view of the authorization page.

getAuthorizationPageTemplateName()

Get the name of the template for the authorization page.

protected getAuthorizationPageTemplateName() : string

The default implementation of this method returns authlete.authorization.

Return values
string

The name of the template for the authorization page.

getNoInteractionHandlerSpi()

Get an implementation of the NoInteractionHandlerSpi interface.

protected getNoInteractionHandlerSpi(Request $request) : NoInteractionHandlerSpi

The default implementation of this method returns an instance of DefaultNoInteractionHandlerSpi.

The instance returned from this method is used only when the authorization request includes prompt=none.

Parameters
$request : Request

An authorization request from the client.

Return values
NoInteractionHandlerSpi

An implementation of the NoInteractionHandlerSpi interface.

getUserAuthenticatedAt()

Get the time at which the user was authenticated.

protected getUserAuthenticatedAt(User $user, Request $request) : int

This method is called only when the authorization request is valid and the value of the prompt parameter is none and a user has already logged in.

The default implementation of this method returns 0. However, this method must be implemented properly to support the max_age request parameter and the auth_time claim. See OpenID Connect Core 1.0 for details.

Parameters
$user : User

The user.

$request : Request
Return values
int

The time at which the user was authenticated. The number of seconds since the Unix epoch (1970-Jan-1).

handleError()

Handle the authorization request as an error case.

protected handleError(AuthleteApi $api, Request $request, AuthorizationResponse $response) : Response
Parameters
$api : AuthleteApi

An implementation of the AuthleteApi interface.

$request : Request

An authorization request from the client.

$response : AuthorizationResponse

A response from Authlete's /api/auth/authorization API.

Return values
Response

A response that should be returned to the client.

handleInteraction()

Handle the authorization request with user interaction.

protected handleInteraction(AuthleteApi $api, Request $request, AuthorizationResponse $response) : Response

This method is called when the action parameter in the response from Authlete's /api/auth/authorization API is INTERACTION.

Parameters
$api : AuthleteApi

An implementation of the AuthleteApi interface.

$request : Request

An authorization request from the client.

$response : AuthorizationResponse

A response from Authlete's /api/auth/authorization API.

Return values
Response

A response that should be returned to the client.

handleNoInteraction()

Handle the authorization request without user interaction.

protected handleNoInteraction(AuthleteApi $api, Request $request, AuthorizationResponse $response) : Response
Parameters
$api : AuthleteApi

An implementation of the AuthleteApi interface.

$request : Request

An authorization request from the client.

$response : AuthorizationResponse

A response from Authlete's /api/auth/authorization API.

Return values
Response

A response that should be returned to the client.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results