Documentation

RevocationResponse extends ApiResponse

Response from Authlete's /api/auth/revocation API.

Authlete's /api/auth/revocation API returns JSON which can be mapped to this class. The authorization server implementation should retrieve the value of the action from the response and take the following steps according to the value.

When the value returned from getAction() method is RevocationAction::$INVALID_CLIENT, it means that authentication of the client failed. In this case, the HTTP status of the response to the client application should be either 400 Bad Request or 401 Unauthorized. The description about invalid_client shown below is an excerpt from RFC 6749.

invalid_client: Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the "Authorization" request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code and include the "WWW-Authenticate" response header field matching the authentication schemeused by the client.

In either case, the JSON string returned from getResponseContent() method can be used as the entity body of the response to the client application.

The following illustrates the response which the authorization server implementation should generate and return to the client application.

HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

(The value returned from getResponseContent())

When the value returned from getAction() method is RevocationAction::$INTERNAL_SERVER_ERROR, it means that the request from the authorization server implementation (getRevocationRequest()) was wrong or that an error occurred in Authlete.

In either case, from a viewpoint of the client application, it is an error on the server side. Therefore, the authorization server implementation should generate a response to the client application with the HTTP status of 500 Internal Server Error.

In this case, getResponseContent() method returns a JSON string which describes the error, so it can be used as the entity body of the response. The following illustrates the response which the authorization server should generate and return to the client application.

HTTP/1.1 500 Internal Server Error
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

(The value returned from getResponseContent())

When the value returned from getAction() method is RevocationAction::$BAD_REQUEST, it means that the request from the client application is invalid.

The HTTP status of the response returned to the client application must be 400 Bad Request and the content type must be application/json. 2.2.1. Error Response of RFC 7009 states "The error presentation conforms to the definition in Section 5.2 of RFC 6749."

In this case, getResponseContent() method returns a JSON string which describes the error, so it can be used as the entity body of the response. The following illustartes the response which the authorization server implementation should generate and return to the client application.

HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

(The value returned from getResponseContent())

When the value returned from getAction() method is RevocationAction::$OK, it means that the request from the client application is valid and the presented token has been revoked successfully or that the client submitted an invalid token. Note that invalid tokens do not cause an error. See 2.2. Revocation Response for details.

The HTTP status of the response returned to the client application must be 200 OK.

If the original request from the client application contains the callback request parameter and its value is not empty, the content type should be application/javascript and the content should be a JavaScript snippet for JSONP.

In this case, getResponseContent() returns a JavaScript snippet if the original request from the client application contains the callback request parameter and its value is not empty. Otherwise, getResponseContent() returns null. The following illustrates the response which the authorization server implementation should generate and return to the client application.

HTTP/1.1 200 OK
Content-Type: application/javascript
Cache-Control: no-store
Pragma: no-cache

(The value returned from getResponseContent())

copyFromArray() : mixed: Copy the content of the given array into this object.
copyToArray() : mixed: Copy the content of this object into the given array.
fromArray() : static: Convert an array into an instance of this class.
fromJson() : static: Convert a JSON string into an instance of this class.
getAction() : RevocationAction: Get the next action that the revocation endpoint should take.
getResponseContent() : string: Get the response content which can be used as the entity body of the response returned from the revocation endpoint to the client application.
getResultCode() : string: Get the code of the result of an Authlete API call.
getResultMessage() : string: Get the message of the result of an Authlete API call.
setAction() : RevocationResponse: Set the next action that the revocation endpoint should take.
setResponseContent() : RevocationResponse: Set the response content which can be used as the entity body of the response returned from the revocation endpoint to the client application.
setResultCode() : ApiResponse: Set the code of the result of an Authlete API call.
setResultMessage() : ApiResponse: Set the message of the result of an Authlete API call.
toArray() : array<string|int, mixed>: Convert this object into an array.
toJson() : string: Convert this object into a JSON string.

copyFromArray()

Copy the content of the given array into this object.


    public
                copyFromArray(array<string|int, mixed> &$array) : mixed

Parameters

$array : array<string|int, mixed>

Return values

mixed —

copyToArray()

Copy the content of this object into the given array.


    public
                copyToArray(array<string|int, mixed> &$array) : mixed

Parameters

$array : array<string|int, mixed>

Return values

mixed —

fromArray()

Convert an array into an instance of this class.


    public
            static    fromArray([array<string|int, mixed> $array = null ]) : static

This static function returns a new instance of this class. If $array is null, null is returned.

Parameters

$array : array<string|int, mixed> = null: An array

Return values

static —

An instance of this class.

fromJson()

Convert a JSON string into an instance of this class.


    public
            static    fromJson(string $json) : static

This static function returns a new instance of this class. If $json is null or the type of $json is not string, null is returned.

Parameters

$json : string: A JSON string.

Return values

static —

An instance of this class.

getAction()

Get the next action that the revocation endpoint should take.


    public
                getAction() : RevocationAction

Return values

RevocationAction —

The next action that the revocation endpoint should take.

getResponseContent()

Get the response content which can be used as the entity body of the response returned from the revocation endpoint to the client application.


    public
                getResponseContent() : string

Return values

string —

The response content.

getResultCode()

Get the code of the result of an Authlete API call.


    public
                getResultCode() : string

Return values

string —

The result code.

getResultMessage()

Get the message of the result of an Authlete API call.


    public
                getResultMessage() : string

Return values

string —

The result message.

setAction()

Set the next action that the revocation endpoint should take.


    public
                setAction([RevocationAction $action = null ]) : RevocationResponse

Parameters

$action : RevocationAction = null: The next action that the revocation endpoint should take.

Return values

RevocationResponse —

$this object.

setResponseContent()

Set the response content which can be used as the entity body of the response returned from the revocation endpoint to the client application.


    public
                setResponseContent(string $responseContent) : RevocationResponse

Parameters

$responseContent : string: The response content.

Return values

RevocationResponse —

$this object.

setResultCode()

Set the code of the result of an Authlete API call.


    public
                setResultCode(string $resultCode) : ApiResponse

Parameters

$resultCode : string: The result code.

Return values

ApiResponse —

$this object.

setResultMessage()

Set the message of the result of an Authlete API call.


    public
                setResultMessage(string $resultMessage) : ApiResponse

Parameters

$resultMessage : string: The result message.

Return values

ApiResponse —

$this object.

toArray()

Convert this object into an array.


    public
                toArray() : array<string|int, mixed>

Return values

array<string|int, mixed> —

An array.

toJson()

Convert this object into a JSON string.


    public
                toJson(int $options) : string

Parameters

$options : int: Options passed to json_encode(). This parameter is optional and its default value is 0.

Return values

string —

A JSON string.

RevocationResponse extends ApiResponse

Table of Contents

Methods

copyFromArray()

Parameters

Return values

copyToArray()

Parameters

Return values

fromArray()

Parameters

Return values

fromJson()

Parameters

Return values

getAction()

Return values

getResponseContent()

Return values

getResultCode()

Return values

getResultMessage()

Return values

setAction()

Parameters

Return values

setResponseContent()

Parameters

Return values

setResultCode()

Parameters

Return values

setResultMessage()

Parameters

Return values

toArray()

Return values

toJson()

Parameters

Return values