public function issueAccessToken()
{
$type = Input::get('grant_type');
if ($type == 'password') {
$rules = array('username' => 'required', 'password' => 'required');
$data = Input::all();
$validation = Validator::make($data, $rules);
if ($validation->fails()) {
return $this->getMessage($validation->messages(), 400);
}
$credentials = array('username' => $data['username'], 'password' => $data['password']);
try {
// dd(Auth::attempt($credentials));
if (Auth::attempt($credentials)) {
$user = User::find(Auth::user()->id);
$accessToken = new AccessToken();
$accessToken->user_id = $user->id;
$a_token = $data['password'] . $data['username'] . Carbon::now() . str_random(10);
$r_token = $data['username'] . $data['password'] . Carbon::now() . str_random(10);
$accessToken->access_token = md5($a_token);
$accessToken->refresh_token = md5($r_token);
$accessToken->expire_time = 120;
$accessToken->save();
$message = ['access_token' => $accessToken->access_token, 'refresh_token' => $accessToken->refresh_token, 'expires' => $accessToken->expire_time];
return $this->getMessage($message, 200);
} else {
return $this->getMessage('Invalid Username or Password', 400);
}
// return 'not ok';
} catch (Exception $e) {
return $this->getMessage('Error', 400);
}
} elseif ($type == 'refresh_token') {
$r_token = Input::get('refresh_token');
if (isset($r_token)) {
$accessToken = AccessToken::whereRefreshToken($r_token)->first();
if (!$accessToken) {
return Response::json(['error' => 'Unauthorized', 'status' => 401]);
}
$user = User::find($accessToken->user_id);
// return $user->password;
$a_token = $user->username . $user->password . Carbon::now() . str_random(10);
$r_token = $user->username . $user->password . Carbon::now() . str_random(10);
// return md5($a_token);
$accessToken->access_token = md5($a_token);
$accessToken->refresh_token = md5($r_token);
$accessToken->expire_time = 120;
$accessToken->save();
$message = ['access_token' => $accessToken->access_token, 'refresh_token' => $accessToken->refresh_token, 'expires' => $accessToken->expire_time];
return $this->getMessage($message, 200);
} else {
return Response::json(['error' => 'Refresh Token Required', 'status' => 400]);
}
}
return Response::json(['error' => 'grant_type parameter missing', 'status' => 400]);
}
/**
* Creates a brand new access token from a give auth code
* @param AuthorizationCode $auth_code
* @param null $redirect_uri
* @return AccessToken
*/
public function createAccessToken(AuthorizationCode $auth_code, $redirect_uri = null)
{
$access_token = AccessToken::create($auth_code, $this->configuration_service->getConfigValue('OAuth2.AccessToken.Lifetime'));
$cache_service = $this->cache_service;
$client_service = $this->client_service;
$auth_service = $this->auth_service;
$this_var = $this;
$this->tx_service->transaction(function () use($auth_code, $redirect_uri, &$access_token, &$cache_service, &$client_service, &$auth_service, &$this_var) {
$value = $access_token->getValue();
$hashed_value = Hash::compute('sha256', $value);
$client_id = $access_token->getClientId();
$user_id = $access_token->getUserId();
$client = $client_service->getClientById($client_id);
$user = $auth_service->getUserById($user_id);
$access_token_db = new DBAccessToken(array('value' => $hashed_value, 'from_ip' => IPHelper::getUserIp(), 'associated_authorization_code' => Hash::compute('sha256', $auth_code->getValue()), 'lifetime' => $access_token->getLifetime(), 'scope' => $access_token->getScope(), 'audience' => $access_token->getAudience()));
$access_token_db->client()->associate($client);
$access_token_db->user()->associate($user);
$access_token_db->save();
//check if use refresh tokens...
if ($client->use_refresh_token && $client->getApplicationType() == IClient::ApplicationType_Web_App && $auth_code->getAccessType() == OAuth2Protocol::OAuth2Protocol_AccessType_Offline) {
//but only the first time (approval_prompt == force || not exists previous consent)
if (!$auth_code->getHasPreviousUserConsent() || $auth_code->getApprovalPrompt() == OAuth2Protocol::OAuth2Protocol_Approval_Prompt_Force) {
$this_var->createRefreshToken($access_token);
}
}
$this_var->storesAccessTokenOnCache($access_token);
//stores brand new access token hash value on a set by client id...
$cache_service->addMemberSet($client_id . TokenService::ClientAccessTokenPrefixList, $hashed_value);
$cache_service->incCounter($client_id . TokenService::ClientAccessTokensQty, TokenService::ClientAccessTokensQtyLifetime);
});
return $access_token;
}
