Send HTTP 401 on invalid token

[grauphel.git] / lib / tokenstorage.php

diff --git a/lib/tokenstorage.php b/lib/tokenstorage.php
index 9a173f5c03c26248512848b98e38e2d4515cf97a..4b5f42094978a139c156a41aff6b8f3e1c47d5ac 100644 (file)
--- a/lib/tokenstorage.php
+++ b/lib/tokenstorage.php
@@ -95,17 +95,44 @@ class TokenStorage
         )->fetchRow();
 
         if ($tokenRow === false) {
-            throw new OAuthException('Unknown token: ' . $type . ' / ' . $tokenKey);
+            throw new OAuthException(
+                'Unknown token: ' . $type . ' / ' . $tokenKey,
+                OAUTH_TOKEN_REJECTED
+            );
         }
 
         $token = $this->fromDb($tokenRow);
         if ($token->tokenKey != $tokenKey) {
-            throw new OAuthException('Invalid token');
+            throw new OAuthException('Invalid token', OAUTH_TOKEN_REJECTED);
         }
 
         return $token;
     }
 
+    /**
+     * Load multiple tokens
+     *
+     * @param string $username User name
+     * @param string $type     Token type: temp, access, verify
+     *
+     * @return array Array of Token objects
+     */
+    public function loadForUser($username, $type)
+    {
+        $result = \OC_DB::executeAudited(
+            'SELECT * FROM `*PREFIX*grauphel_oauth_tokens`'
+            . ' WHERE `token_user` = ? AND `token_type` = ?',
+            array($username, $type)
+        );
+
+        $tokens = array();
+        while ($tokenRow = $result->fetchRow()) {
+            $tokens[] = $this->fromDb($tokenRow);
+        }
+
+        return $tokens;
+    }
+
     protected function fromDb($tokenRow)
     {
         $token = new Token();