1 <?php
2 namespace PayPal\Api;
3
4 use PayPal\Common\PayPalResourceModel;
5 use PayPal\Rest\ApiContext;
6 use PayPal\Transport\PayPalRestCall;
7
8 /**
9 * Class OpenIdTokeninfo
10 *
11 * Token grant resource
12 *
13 * @property string scope
14 * @property string access_token
15 * @property string refresh_token
16 * @property string token_type
17 * @property string id_token
18 * @property int expires_in
19 */
20 class OpenIdTokeninfo extends PayPalResourceModel
21 {
22
23 /**
24 * OPTIONAL, if identical to the scope requested by the client; otherwise, REQUIRED.
25 *
26 * @param string $scope
27 * @return self
28 */
29 public function setScope($scope)
30 {
31 $this->scope = $scope;
32 return $this;
33 }
34
35 /**
36 * OPTIONAL, if identical to the scope requested by the client; otherwise, REQUIRED.
37 *
38 * @return string
39 */
40 public function getScope()
41 {
42 return $this->scope;
43 }
44
45 /**
46 * The access token issued by the authorization server.
47 *
48 * @param string $access_token
49 * @return self
50 */
51 public function setAccessToken($access_token)
52 {
53 $this->access_token = $access_token;
54 return $this;
55 }
56
57 /**
58 * The access token issued by the authorization server.
59 *
60 * @return string
61 */
62 public function getAccessToken()
63 {
64 return $this->access_token;
65 }
66
67 /**
68 * The refresh token, which can be used to obtain new access tokens using the same authorization grant as described in OAuth2.0 RFC6749 in Section 6.
69 *
70 * @param string $refresh_token
71 * @return self
72 */
73 public function setRefreshToken($refresh_token)
74 {
75 $this->refresh_token = $refresh_token;
76 return $this;
77 }
78
79 /**
80 * The refresh token, which can be used to obtain new access tokens using the same authorization grant as described in OAuth2.0 RFC6749 in Section 6.
81 *
82 * @return string
83 */
84 public function getRefreshToken()
85 {
86 return $this->refresh_token;
87 }
88
89 /**
90 * The type of the token issued as described in OAuth2.0 RFC6749 (Section 7.1). Value is case insensitive.
91 *
92 * @param string $token_type
93 * @return self
94 */
95 public function setTokenType($token_type)
96 {
97 $this->token_type = $token_type;
98 return $this;
99 }
100
101 /**
102 * The type of the token issued as described in OAuth2.0 RFC6749 (Section 7.1). Value is case insensitive.
103 *
104 * @return string
105 */
106 public function getTokenType()
107 {
108 return $this->token_type;
109 }
110
111 /**
112 * The id_token is a session token assertion that denotes the user's authentication status
113 *
114 * @param string $id_token
115 * @return self
116 */
117 public function setIdToken($id_token)
118 {
119 $this->id_token = $id_token;
120 return $this;
121 }
122
123 /**
124 * The id_token is a session token assertion that denotes the user's authentication status
125 *
126 * @return string
127 */
128 public function getIdToken()
129 {
130 return $this->id_token;
131 }
132
133 /**
134 * The lifetime in seconds of the access token.
135 *
136 * @param integer $expires_in
137 * @return self
138 */
139 public function setExpiresIn($expires_in)
140 {
141 $this->expires_in = $expires_in;
142 return $this;
143 }
144
145 /**
146 * The lifetime in seconds of the access token.
147 *
148 * @return integer
149 */
150 public function getExpiresIn()
151 {
152 return $this->expires_in;
153 }
154
155
156 /**
157 * Creates an Access Token from an Authorization Code.
158 *
159 * @path /v1/identity/openidconnect/tokenservice
160 * @method POST
161 * @param array $params (allowed values are client_id, client_secret, grant_type, code and redirect_uri)
162 * (required) client_id from developer portal
163 * (required) client_secret from developer portal
164 * (required) code is Authorization code previously received from the authorization server
165 * (required) redirect_uri Redirection endpoint that must match the one provided during the
166 * authorization request that ended in receiving the authorization code.
167 * (optional) grant_type is the Token grant type. Defaults to authorization_code
168 * @param string $clientId
169 * @param string $clientSecret
170 * @param ApiContext $apiContext Optional API Context
171 * @param PayPalRestCall $restCall
172 * @return OpenIdTokeninfo
173 */
174 public static function createFromAuthorizationCode($params, $clientId = null, $clientSecret = null, $apiContext = null, $restCall = null)
175 {
176 static $allowedParams = array('grant_type' => 1, 'code' => 1, 'redirect_uri' => 1);
177
178 if (!array_key_exists('grant_type', $params)) {
179 $params['grant_type'] = 'authorization_code';
180 }
181 $apiContext = $apiContext ? $apiContext : new ApiContext(self::$credential);
182
183 if (sizeof($apiContext->get($clientId)) > 0) {
184 $clientId = $apiContext->get($clientId);
185 }
186
187 if (sizeof($apiContext->get($clientSecret)) > 0) {
188 $clientSecret = $apiContext->get($clientSecret);
189 }
190
191 $clientId = $clientId ? $clientId : $apiContext->getCredential()->getClientId();
192 $clientSecret = $clientSecret ? $clientSecret : $apiContext->getCredential()->getClientSecret();
193
194 $json = self::executeCall(
195 "/v1/identity/openidconnect/tokenservice",
196 "POST",
197 http_build_query(array_intersect_key($params, $allowedParams)),
198 array(
199 'Content-Type' => 'application/x-www-form-urlencoded',
200 'Authorization' => 'Basic ' . base64_encode($clientId . ":" . $clientSecret)
201 ),
202 $apiContext,
203 $restCall
204 );
205 $token = new OpenIdTokeninfo();
206 $token->fromJson($json);
207 return $token;
208 }
209
210 /**
211 * Creates an Access Token from an Refresh Token.
212 *
213 * @path /v1/identity/openidconnect/tokenservice
214 * @method POST
215 * @param array $params (allowed values are grant_type and scope)
216 * (required) client_id from developer portal
217 * (required) client_secret from developer portal
218 * (optional) refresh_token refresh token. If one is not passed, refresh token from the current object is used.
219 * (optional) grant_type is the Token grant type. Defaults to refresh_token
220 * (optional) scope is an array that either the same or a subset of the scope passed to the authorization request
221 * @param APIContext $apiContext Optional API Context
222 * @param PayPalRestCall $restCall
223 * @return OpenIdTokeninfo
224 */
225 public function createFromRefreshToken($params, $apiContext = null, $restCall = null)
226 {
227 static $allowedParams = array('grant_type' => 1, 'refresh_token' => 1, 'scope' => 1);
228 $apiContext = $apiContext ? $apiContext : new ApiContext(self::$credential);
229
230 if (!array_key_exists('grant_type', $params)) {
231 $params['grant_type'] = 'refresh_token';
232 }
233 if (!array_key_exists('refresh_token', $params)) {
234 $params['refresh_token'] = $this->getRefreshToken();
235 }
236
237 $clientId = isset($params['client_id']) ? $params['client_id'] : $apiContext->getCredential()->getClientId();
238 $clientSecret = isset($params['client_secret']) ? $params['client_secret'] : $apiContext->getCredential()->getClientSecret();
239
240 $json = self::executeCall(
241 "/v1/identity/openidconnect/tokenservice",
242 "POST",
243 http_build_query(array_intersect_key($params, $allowedParams)),
244 array(
245 'Content-Type' => 'application/x-www-form-urlencoded',
246 'Authorization' => 'Basic ' . base64_encode($clientId . ":" . $clientSecret)
247 ),
248 $apiContext,
249 $restCall
250 );
251
252 $this->fromJson($json);
253 return $this;
254 }
255 }
256