PHP Classes

cookie_oauth_client.php

Recommend this page to a friend!

      PHP OAuth Library  >  PHP OAuth Library package blog  >  How to Implement PHP ...  >  All threads  >  cookie_oauth_client.php  >  (Un) Subscribe thread alerts  
Subject:cookie_oauth_client.php
Summary:Purpose of this file?
Messages:4
Author:John Rambelle
Date:2013-11-06 13:13:06
Update:2014-03-08 05:58:46
 

  1. cookie_oauth_client.php   Reply   Report abuse  
Picture of John Rambelle John Rambelle - 2013-11-06 13:13:06
I noticed this in the distribution now but it is not used in the code yet. Is the purpose of this to encrypt the session variables for those who don't want to store in other containers (like db)?

  2. Re: cookie_oauth_client.php   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2013-11-06 15:45:35 - In reply to message 1 from John Rambelle
This is a sub-class of the oauth_client_class that stores tokens in encrypted cookies instead of PHP sessions.

I have been meaning to write an article but did not have the time yet.

  3. Re: cookie_oauth_client.php   Reply   Report abuse  
Picture of Sean Laval Sean Laval - 2014-03-07 21:22:32 - In reply to message 2 from Manuel Lemos
I notice this class uses session cookies. Is that because you think its not safe from a security point of view to persist the cookies between browser sessions?

  4. Re: cookie_oauth_client.php   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2014-03-08 05:58:46 - In reply to message 3 from Sean Laval
No, that sub-classes uses cookies because it may be easier to setup sessions that survive after the user has closed the browser.

It also does not require any database on the server side because all the information is stored on the cookie using encryption.