src/Core/Framework/Api/OAuth/RefreshTokenRepository.php line 51

  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Api\OAuth;
  5. use Doctrine\DBAL\Connection;
  6. use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
  7. use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
  8. use Shopware\Core\Defaults;
  9. use Shopware\Core\Framework\Log\Package;
  10. use Shopware\Core\Framework\Uuid\Uuid;
  12. #[Package('core')]
  13. class RefreshTokenRepository implements RefreshTokenRepositoryInterface
  14. {
  15.     /**
  16.      * @internal
  17.      */
  18.     public function __construct(private readonly Connection $connection)
  19.     {
  20.     }
  22.     /**
  23.      * {@inheritdoc}
  24.      */
  25.     public function getNewRefreshToken(): RefreshTokenEntityInterface
  26.     {
  27.         return new RefreshToken();
  28.     }
  30.     /**
  31.      * {@inheritdoc}
  32.      */
  33.     public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntity): void
  34.     {
  35.         $this->connection->createQueryBuilder()
  36.             ->insert('refresh_token')
  37.             ->values([
  38.                 'id' => ':id',
  39.                 'user_id' => ':userId',
  40.                 'token_id' => ':tokenId',
  41.                 'issued_at' => ':issuedAt',
  42.                 'expires_at' => ':expiresAt',
  43.             ])
  44.             ->setParameters([
  45.                 'id' => Uuid::randomBytes(),
  46.                 'userId' => Uuid::fromHexToBytes($refreshTokenEntity->getAccessToken()->getUserIdentifier()),
  47.                 'tokenId' => $refreshTokenEntity->getIdentifier(),
  48.                 'issuedAt' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
  49.                 'expiresAt' => $refreshTokenEntity->getExpiryDateTime()->format(Defaults::STORAGE_DATE_TIME_FORMAT),
  50.             ])
  51.             ->execute();
  53.         $this->cleanUpExpiredRefreshTokens();
  54.     }
  56.     /**
  57.      * {@inheritdoc}
  58.      */
  59.     public function revokeRefreshToken($tokenId): void
  60.     {
  61.         $this->connection->createQueryBuilder()
  62.             ->delete('refresh_token')
  63.             ->where('token_id = :tokenId')
  64.             ->setParameter('tokenId'$tokenId)
  65.             ->execute();
  67.         $this->cleanUpExpiredRefreshTokens();
  68.     }
  70.     /**
  71.      * {@inheritdoc}
  72.      */
  73.     public function isRefreshTokenRevoked($tokenId): bool
  74.     {
  75.         $refreshToken $this->connection->createQueryBuilder()
  76.             ->select(['token_id'])
  77.             ->from('refresh_token')
  78.             ->where('token_id = :tokenId')
  79.             ->setParameter('tokenId'$tokenId)
  80.             ->execute()
  81.             ->fetch();
  83.         $this->cleanUpExpiredRefreshTokens();
  85.         // no token found, token is invalid
  86.         if (!$refreshToken) {
  87.             return true;
  88.         }
  90.         return false;
  91.     }
  93.     public function revokeRefreshTokensForUser(string $userId): void
  94.     {
  95.         $this->connection->createQueryBuilder()
  96.             ->delete('refresh_token')
  97.             ->where('user_id = UNHEX(:userId)')
  98.             ->setParameter('userId'$userId)
  99.             ->execute();
  100.     }
  102.     private function cleanUpExpiredRefreshTokens(): void
  103.     {
  104.         $now = (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT);
  106.         $this->connection->createQueryBuilder()
  107.             ->delete('refresh_token')
  108.             ->where('expires_at < :now')
  109.             ->setParameter('now'$now)
  110.             ->execute();
  111.     }
  112. }