Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame^] | 1 | <?php |
| 2 | |
| 3 | namespace OAuth2\OpenID\Storage; |
| 4 | |
| 5 | /** |
| 6 | * Implement this interface to specify where the OAuth2 Server |
| 7 | * should retrieve user claims for the OpenID Connect id_token. |
| 8 | */ |
| 9 | interface UserClaimsInterface |
| 10 | { |
| 11 | // valid scope values to pass into the user claims API call |
| 12 | const VALID_CLAIMS = 'profile email address phone'; |
| 13 | |
| 14 | // fields returned for the claims above |
| 15 | const PROFILE_CLAIM_VALUES = 'name family_name given_name middle_name nickname preferred_username profile picture website gender birthdate zoneinfo locale updated_at'; |
| 16 | const EMAIL_CLAIM_VALUES = 'email email_verified'; |
| 17 | const ADDRESS_CLAIM_VALUES = 'formatted street_address locality region postal_code country'; |
| 18 | const PHONE_CLAIM_VALUES = 'phone_number phone_number_verified'; |
| 19 | |
| 20 | /** |
| 21 | * Return claims about the provided user id. |
| 22 | * |
| 23 | * Groups of claims are returned based on the requested scopes. No group |
| 24 | * is required, and no claim is required. |
| 25 | * |
| 26 | * @param mixed $user_id - The id of the user for which claims should be returned. |
| 27 | * @param string $scope - The requested scope. |
| 28 | * Scopes with matching claims: profile, email, address, phone. |
| 29 | * |
| 30 | * @return array - An array in the claim => value format. |
| 31 | * |
| 32 | * @see http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims |
| 33 | */ |
| 34 | public function getUserClaims($user_id, $scope); |
| 35 | } |