Class BearerCredential.
Description
Represents the parsed credential for HTTP Bearer Token Authentication. Bearer tokens MUST be treated as opaque secrets that grant access to the associated protected resource. Any party in possession of the token MAY use it, therefore implementations MUST ensure the token is never exposed in logs, stack traces, debug output, or error messages.
This credential SHALL be produced by the Bearer authentication parser in Authorization::parse() when a valid Bearer token is provided by the client.
Interfaces
Properties
Methods
Creates a new Bearer token credential instance.
Creates a new Bearer token credential instance.
public
__construct(
string
$token) : mixed
Description
The token parameter is marked with #[\SensitiveParameter] because it
MUST be handled as a private security secret; leaking its value may
allow unauthorized access to the protected system.
Parameters
$token
:
string
Description
the opaque bearer token provided by the client