Client Credentials

Enumerations
enum	OAUTH2_CLIENT_ID_REGEXP
Functions
	checkClientCredentials ($client_id, $client_secret=NULL)
	getClientCredentials ()

---

Detailed Description

When interacting with the authorization server, the client identifies itself using a client identifier and authenticates using a set of client credentials. This specification provides one mechanism for authenticating the client using password credentials.

See also:

http://tools.ietf.org/html/draft-ietf-oauth-v2-10#section-2

---

Enumeration Type Documentation

enum OAUTH2_CLIENT_ID_REGEXP

Regex to filter out the client identifier (described in Section 2 of IETF draft).

IETF draft does not prescribe a format for these, however I've arbitrarily chosen alphanumeric strings with hyphens and underscores, 3-32 characters long.

Feel free to change.

Definition at line 67 of file OAuth2.inc.

---

Function Documentation

checkClientCredentials	(	$	client_id,
		$	client_secret = NULL
	)			[abstract, protected, inherited]

Make sure that the client credentials is valid.

Parameters:

	$client_id	Client identifier to be check with.
	$client_secret	(optional) If a secret is required, check that they've given the right one.

Returns:

TRUE if client credentials are valid, and MUST return FALSE if invalid.

See also:

http://tools.ietf.org/html/draft-ietf-oauth-v2-10#section-2.1

Reimplemented in MongoOAuth2, and PDOOAuth2.

Referenced by OAuth2::grantAccessToken().

getClientCredentials

(

)

[protected, inherited]

Internal function used to get the client credentials from HTTP basic auth or POST data.

Returns:

A list containing the client identifier and password, for example

 return array(
   $_POST["client_id"],
   $_POST["client_secret"],
 );

See also:

http://tools.ietf.org/html/draft-ietf-oauth-v2-10#section-2

Definition at line 1107 of file OAuth2.inc.

References OAuth2::errorJsonResponse().

Referenced by OAuth2::grantAccessToken().