Enumerations | |
| enum | OAUTH2_ERROR_INVALID_REQUEST |
| enum | OAUTH2_ERROR_INVALID_CLIENT |
| enum | OAUTH2_ERROR_UNAUTHORIZED_CLIENT |
| enum | OAUTH2_ERROR_REDIRECT_URI_MISMATCH |
| enum | OAUTH2_ERROR_USER_DENIED |
| enum | OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE |
| enum | OAUTH2_ERROR_INVALID_SCOPE |
| enum | OAUTH2_ERROR_INVALID_GRANT |
| enum | OAUTH2_ERROR_UNSUPPORTED_GRANT_TYPE |
| enum | OAUTH2_ERROR_INVALID_TOKEN |
| enum | OAUTH2_ERROR_EXPIRED_TOKEN |
| enum | OAUTH2_ERROR_INSUFFICIENT_SCOPE |
Functions | |
| getDefaultAuthenticationRealm () | |
| errorDoRedirectUriCallback ($redirect_uri, $error, $error_description=NULL, $error_uri=NULL, $state=NULL) | |
| errorJsonResponse ($http_status_code, $error, $error_description=NULL, $error_uri=NULL) | |
| errorWWWAuthenticateResponseHeader ($http_status_code, $realm, $error, $error_description=NULL, $error_uri=NULL, $scope=NULL) | |
The access token provided has expired. Resource servers SHOULD only use this error code when the client is expected to be able to handle the response and request a new access token using the refresh token issued with the expired access token. The resource server MUST respond with the HTTP 401 (Unauthorized) status code.
Definition at line 331 of file OAuth2.inc.
The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the "scope" attribute with the scope necessary to access the protected resource.
Definition at line 341 of file OAuth2.inc.
The client identifier provided is invalid.
Definition at line 256 of file OAuth2.inc.
The provided access grant is invalid, expired, or revoked (e.g. invalid assertion, expired authorization token, bad end-user password credentials, or mismatching authorization code and redirection URI).
Definition at line 302 of file OAuth2.inc.
The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.
Definition at line 248 of file OAuth2.inc.
The requested scope is invalid, unknown, or malformed.
Definition at line 293 of file OAuth2.inc.
The access token provided is invalid. Resource servers SHOULD use this error code when receiving an expired token which cannot be refreshed to indicate to the client that a new authorization is necessary. The resource server MUST respond with the HTTP 401 (Unauthorized) status code.
Definition at line 320 of file OAuth2.inc.
The redirection URI provided does not match a pre-registered value.
Definition at line 271 of file OAuth2.inc.
The client is not authorized to use the requested response type.
Definition at line 264 of file OAuth2.inc.
The access grant included - its type or another attribute - is not supported by the authorization server.
Definition at line 310 of file OAuth2.inc.
The requested response type is not supported by the authorization server.
Definition at line 285 of file OAuth2.inc.
The end-user or authorization server denied the request.
Definition at line 278 of file OAuth2.inc.
| errorDoRedirectUriCallback | ( | $ | redirect_uri, | |
| $ | error, | |||
| $ | error_description = NULL, |
|||
| $ | error_uri = NULL, |
|||
| $ | state = NULL | |||
| ) | [private, inherited] |
Redirect the end-user's user agent with error message.
| $redirect_uri | An absolute URI to which the authorization server will redirect the user-agent to when the end-user authorization step is completed. | |
| $error | A single error code as described in Section 3.2.1. | |
| $error_description | (optional) A human-readable text providing additional information, used to assist in the understanding and resolution of the error occurred. | |
| $error_uri | (optional) A URI identifying a human-readable web page with information about the error, used to provide the end-user with additional information about the error. | |
| $state | (optional) REQUIRED if the "state" parameter was present in the client authorization request. Set to the exact value received from the client. |
Definition at line 1457 of file OAuth2.inc.
References OAuth2::doRedirectUriCallback(), and OAuth2::getVariable().
Referenced by OAuth2::getAuthorizeParams().
| errorJsonResponse | ( | $ | http_status_code, | |
| $ | error, | |||
| $ | error_description = NULL, |
|||
| $ | error_uri = NULL | |||
| ) | [private, inherited] |
Send out error message in JSON.
| $http_status_code | HTTP status code message as predefined. | |
| $error | A single error code. | |
| $error_description | (optional) A human-readable text providing additional information, used to assist in the understanding and resolution of the error occurred. | |
| $error_uri | (optional) A URI identifying a human-readable web page with information about the error, used to provide the end-user with additional information about the error. |
Definition at line 1492 of file OAuth2.inc.
References OAuth2::getVariable(), and OAuth2::sendJsonHeaders().
Referenced by OAuth2::getAccessTokenParams(), OAuth2::getAuthorizeParams(), OAuth2::getClientCredentials(), and OAuth2::grantAccessToken().
| errorWWWAuthenticateResponseHeader | ( | $ | http_status_code, | |
| $ | realm, | |||
| $ | error, | |||
| $ | error_description = NULL, |
|||
| $ | error_uri = NULL, |
|||
| $ | scope = NULL | |||
| ) | [private, inherited] |
Send a 401 unauthorized header with the given realm and an error, if provided.
| $http_status_code | HTTP status code message as predefined. | |
| $realm | The "realm" attribute is used to provide the protected resources partition as defined by [RFC2617]. | |
| $scope | A space-delimited list of scope values indicating the required scope of the access token for accessing the requested resource. | |
| $error | The "error" attribute is used to provide the client with the reason why the access request was declined. | |
| $error_description | (optional) The "error_description" attribute provides a human-readable text containing additional information, used to assist in the understanding and resolution of the error occurred. | |
| $error_uri | (optional) The "error_uri" attribute provides a URI identifying a human-readable web page with information about the error, used to offer the end-user with additional information about the error. If the value is not an absolute URI, it is relative to the URI of the requested protected resource. |
Definition at line 1538 of file OAuth2.inc.
References OAuth2::getDefaultAuthenticationRealm(), and OAuth2::getVariable().
Referenced by OAuth2::verifyAccessToken().
| getDefaultAuthenticationRealm | ( | ) | [protected, inherited] |
Get default authentication realm for WWW-Authenticate header.
Change this to whatever authentication realm you want to send in a WWW-Authenticate header.
Definition at line 814 of file OAuth2.inc.
Referenced by OAuth2::errorWWWAuthenticateResponseHeader().
1.7.1