diff --git a/CHANGELOG.md b/CHANGELOG.md index b7738c2f7..d42353c13 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Added - The server will now validate redirect uris according to rfc8252 (PR #1203) - Events emitted now include the refresh token and access token payloads (PR #1211) +- Use the `revokeRefreshTokens()` function to decide whether refresh tokens are revoked or not upon use (PR #1189) ### Changed - Keys are now validated using `openssl_pkey_get_private()` and openssl_pkey_get_public()` instead of regex matching (PR #1215) diff --git a/src/AuthorizationServer.php b/src/AuthorizationServer.php index 1b6d593a7..a719656c6 100644 --- a/src/AuthorizationServer.php +++ b/src/AuthorizationServer.php @@ -141,7 +141,7 @@ public function enableGrantType(GrantTypeInterface $grantType, DateInterval $acc $grantType->setPrivateKey($this->privateKey); $grantType->setEmitter($this->getEmitter()); $grantType->setEncryptionKey($this->encryptionKey); - $grantType->setRevokeRefreshTokens($this->revokeRefreshTokens); + $grantType->revokeRefreshTokens($this->revokeRefreshTokens); $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType; $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL; @@ -245,7 +245,7 @@ public function setDefaultScope($defaultScope) * * @param bool $revokeRefreshTokens */ - public function setRevokeRefreshTokens(bool $revokeRefreshTokens): void + public function revokeRefreshTokens(bool $revokeRefreshTokens): void { $this->revokeRefreshTokens = $revokeRefreshTokens; } diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 8192da1a6..1665b980e 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -175,7 +175,7 @@ public function setDefaultScope($scope) /** * @param bool $revokeRefreshTokens */ - public function setRevokeRefreshTokens(bool $revokeRefreshTokens) + public function revokeRefreshTokens(bool $revokeRefreshTokens) { $this->revokeRefreshTokens = $revokeRefreshTokens; } diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php index 090919c61..8f56fac4c 100644 --- a/tests/Grant/RefreshTokenGrantTest.php +++ b/tests/Grant/RefreshTokenGrantTest.php @@ -69,7 +69,7 @@ public function testRespondToRequest() $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $grant->setRevokeRefreshTokens(true); + $grant->revokeRefreshTokens(true); $oldRefreshToken = $this->cryptStub->doEncrypt( \json_encode( @@ -183,7 +183,7 @@ public function testRespondToReducedScopes() $grant->setScopeRepository($scopeRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $grant->setRevokeRefreshTokens(true); + $grant->revokeRefreshTokens(true); $oldRefreshToken = $this->cryptStub->doEncrypt( \json_encode( @@ -523,7 +523,7 @@ public function testRevokedRefreshToken() $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $grant->setRevokeRefreshTokens(true); + $grant->revokeRefreshTokens(true); $grant->respondToAccessTokenRequest($serverRequest, new StubResponseType(), new DateInterval('PT5M')); Assert::assertTrue($refreshTokenRepositoryMock->isRefreshTokenRevoked($refreshTokenId));