OAuth2ResponseMode uses ConstantsTrait
Enumeration of OAuth 2.0 / OpenID Connect `response_mode` values.
The response_mode parameter tells the authorization server how to return
the authorization response parameters to the client. Only the name of the
parameter is provided by OAuth2Parameter::RESPONSE_MODE; this class
provides the values it can take.
Three families are exposed here:
- Plain modes —
query,fragment(OAuth 2.0 Multiple Response Type Encoding Practices) andform_post(OAuth 2.0 Form Post Response Mode). - JARM —
jwt,query.jwt,fragment.jwt,form_post.jwt, where the response parameters are wrapped in a signed/encrypted JWT (JWT Secured Authorization Response Mode). - Web message —
web_message, used for silent authentication in SPAs (draft, but widely deployed).
Example:
$params =
[
OAuth2Parameter::RESPONSE_TYPE => OAuth2ResponseType::CODE ,
OAuth2Parameter::RESPONSE_MODE => OAuth2ResponseMode::FORM_POST ,
] ;
References:
- OAuth 2.0 Multiple Response Type Encoding Practices (
query,fragment) - OAuth 2.0 Form Post Response Mode (
form_post) - JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
- OAuth 2.0 Web Message Response Mode (
web_message, draft)
Tags
Table of Contents
Constants
- FORM_POST : string = 'form_post'
- `form_post` — Parameters returned via an auto-submitting HTML form using HTTP POST.
- FORM_POST_JWT : string = 'form_post.jwt'
- `form_post.jwt` — JWT-wrapped response returned via form POST.
- FRAGMENT : string = 'fragment'
- `fragment` — Parameters returned in the fragment of the redirect URI. Default for `token` / `id_token`.
- FRAGMENT_JWT : string = 'fragment.jwt'
- `fragment.jwt` — JWT-wrapped response returned in the fragment.
- JWT : string = 'jwt'
- `jwt` — Response wrapped in a JWT, using the default mode for the response type.
- QUERY : string = 'query'
- `query` — Parameters returned in the query component of the redirect URI. Default for `code`.
- QUERY_JWT : string = 'query.jwt'
- `query.jwt` — JWT-wrapped response returned in the query component.
- WEB_MESSAGE : string = 'web_message'
- `web_message` — Parameters returned via HTML5 Web Messaging, for SPA silent auth (draft).
Constants
FORM_POST
`form_post` — Parameters returned via an auto-submitting HTML form using HTTP POST.
public
string
FORM_POST
= 'form_post'
FORM_POST_JWT
`form_post.jwt` — JWT-wrapped response returned via form POST.
public
string
FORM_POST_JWT
= 'form_post.jwt'
FRAGMENT
`fragment` — Parameters returned in the fragment of the redirect URI. Default for `token` / `id_token`.
public
string
FRAGMENT
= 'fragment'
FRAGMENT_JWT
`fragment.jwt` — JWT-wrapped response returned in the fragment.
public
string
FRAGMENT_JWT
= 'fragment.jwt'
JWT
`jwt` — Response wrapped in a JWT, using the default mode for the response type.
public
string
JWT
= 'jwt'
QUERY
`query` — Parameters returned in the query component of the redirect URI. Default for `code`.
public
string
QUERY
= 'query'
QUERY_JWT
`query.jwt` — JWT-wrapped response returned in the query component.
public
string
QUERY_JWT
= 'query.jwt'
WEB_MESSAGE
`web_message` — Parameters returned via HTML5 Web Messaging, for SPA silent auth (draft).
public
string
WEB_MESSAGE
= 'web_message'