Documentation

AuthorizationRequestDecisionHandler extends AuthorizationRequestBaseHandler
in package

Handler for end-user's decision on the authorization request.

An authorization endpoint returns an authorization page (HTML) to an end-user, and the end-user will select either "authorize" or "deny" the authorization request. The handle() method handles the decision and calls Authlete's /api/auth/authorization/issue API or /api/auth/authorization/fail API.

Table of Contents

Methods

__construct()  : mixed
Constructor.
getApi()  : AuthleteApi
Get the implementation of the AuthleteApi interface.
handle()  : Response
Handle an end-user's decision on an authorization request.
authorizationFail()  : Response
Call Authlete's /api/auth/authorization/fail API and generate a Response instance according to the value of the "action" parameter in the response from the API.
authorizationIssue()  : Response
Call Authlete's /api/auth/authorization/issue API and generate a Response instance according to the value of the "action" parameter in the response from the API.
unknownAction()  : Response
A utility method to generate a Response instance with "500 Internal Server Error" and an error message in JSON.

Methods

getApi()

Get the implementation of the AuthleteApi interface.

public getApi() : AuthleteApi

The value returned from this method is the instance that was given to the constructor.

Return values
AuthleteApi

An implementation of the AuthleteApi interface.

handle()

Handle an end-user's decision on an authorization request.

public handle(string $ticket[, array<string|int, string> $claimNames = null ][, array<string|int, string> $claimLocales = null ]) : Response
Parameters
$ticket : string

A ticket issued from Authlete's /api/auth/authorization API.

$claimNames : array<string|int, string> = null

Names of requested claims. Use the value of the claims parameter in a response from Authlete's /api/auth/authorization API.

$claimLocales : array<string|int, string> = null

Requested claim locales. Use the value of the claimsLocales parameter in a response from Authlete's /api/auth/authorization API.

Tags
throws
AuthleteApiException
Return values
Response

An HTTP response that should be returned to the user agent.

authorizationFail()

Call Authlete's /api/auth/authorization/fail API and generate a Response instance according to the value of the "action" parameter in the response from the API.

protected authorizationFail(string $ticket, AuthorizationFailReason $reason) : Response

Read the description of AuthorizationFailRequest for details about the parameters given to this method.

Parameters
$ticket : string

The ticket which was issued from Authlete's /api/auth/authorization API.

$reason : AuthorizationFailReason

The reason of the failure of the authorization request.

Return values
Response

An HTTP response that should be returned from the authorization endpoint implementation to the user agent.

authorizationIssue()

Call Authlete's /api/auth/authorization/issue API and generate a Response instance according to the value of the "action" parameter in the response from the API.

protected authorizationIssue(string $ticket, string $subject, int|string $authTime, string $acr[, array<string|int, mixed> $claims = null ][, array<string|int, Property$properties = null ][, array<string|int, string> $scopes = null ], string $sub) : Response

Read the description of AuthorizationIssueRequest for details about the parameters given to this method.

Parameters
$ticket : string

The ticket which was issued from Authlete's /api/auth/authorization API.

$subject : string

The subject (= unique identifier) of the end-user.

$authTime : int|string

The time at which the end-user was authenticated. The value should be seconds since the Unix epoch (1970-Jan-1).

$acr : string

The Authentication Context Class Reference performed for the end-user authentication.

$claims : array<string|int, mixed> = null

The claims about the end-user.

$properties : array<string|int, Property> = null

Arbitrary properties to be associated with an access token and/or an authorization code.

$scopes : array<string|int, string> = null

Scopes to be associated with an access token and/or an authorization code.

$sub : string

The value of the sub claim which is embedded in an ID token. If this argument is null, the value of $subject will be used instead.

Return values
Response

An HTTP response that should be returned from the authorization endpoint implementation to the user agent.

unknownAction()

A utility method to generate a Response instance with "500 Internal Server Error" and an error message in JSON.

protected unknownAction(string $apiPath) : Response

This method is expected to be used when the value of the action parameter in a response from an Authlete API holds an unexpected value.

Parameters
$apiPath : string

The path of an Authlete API.

Return values
Response

A Response instahce which represents a server error.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results