File: Tokens.md

package info (click to toggle)
owncloud 7.0.4%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: jessie-kfreebsd
  • size: 104,192 kB
  • sloc: php: 403,584; xml: 5,843; perl: 630; cs: 504; sh: 453; sql: 271; python: 221; makefile: 104
file content (84 lines) | stat: -rw-r--r-- 2,425 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# Tokens

## Intro

A token is an opaque string that represents an authorization to access cloud resources. Tokens may be revoked at any time and are valid for a finite duration.

## Setup

Token objects are instantiated from the Identity service. For more details, see the [Service](Service.md) docs.

## Useful object properties/methods

Property|Description|Getter|Setter
---|---|---|---
id|The unique ID of the token|`getId()`|`setId()`
expires|Timestamp of when the token will expire|`getExpires()` or `hasExpired()`|`setExpires()`

## Create token (authenticate)

In order to generate a token, you must pass in the JSON template that is sent to the API. This is because Rackspace's operation expects a slightly different entity body than OpenStack Keystone.

Request body for Rackspace's generate token operation:

```json
{
    "auth": {
        "RAX-KSKEY:apiKeyCredentials": {
            "username": "foo",
            "apiKey": "aaaaa-bbbbb-ccccc-12345678"
        },
        "tenantId": "1100111"
    }
}
```

Request body for Keystone's generate token operation:

```json
{
    "auth": {
        "passwordCredentials":{
            "username":"demoauthor",
            "password":"theUsersPassword"
        },
        "tenantId": "12345678"
    }
}
```

The only real differences you'll notice is the name of the object key (`RAX-KSKEY:apiKeyCredentials`/`passwordCredentials`) and the secret (`apiKey`/`password`). The `tenantId` property in both templates are optional. You can also add `tenantName` too.

```php
use OpenCloud\Common\Http\Message\Formatter;

$template = sprintf(
   '{"auth": {"RAX-KSKEY:apiKeyCredentials":{"username": "%s", "apiKey": "%s"}}}',
   'my_username',
   'my_api_key'
);

$response = $service->generateToken($template);

$body = Formatter::decode($response);

// service catalog
$catalog = $body->access->serviceCatalog;

// token
$token = $body->access->token;

// user
$user = $body->access->user;
```

As you will notice, these variables will be stdClass objects - for fully fledged functionality, let the client authenticate by itself because it ends up stocking the necessary models for you.

To see the response body structure, consult the [official docs](http://docs.rackspace.com/auth/api/v2.0/auth-client-devguide/content/POST_authenticate_v2.0_tokens_Token_Calls.html).

## Revoke token (destroy session)

```php
$tokenId = '1234567';
$service->revokeToken($tokenId);
```