$tokenStore->removeAuthorizationCode($_POST['code']);
} elseif ($_POST['grant_type'] === 'refresh_token' && array_key_exists('refresh_token', $_POST)) {
$authorizationTokenId = $_POST['refresh_token'];
$authorizationToken = $tokenStore->getRefreshToken($authorizationTokenId);
}
if (!is_null($authorizationToken)) {
$user = $userStore->getUser($authorizationToken['userId']);
}
if (!is_null($user)) {
if ($clientId == $authorizationToken['clientId']) {
$redirectUri = array_key_exists('redirect_uri', $_POST) ? $_POST['redirect_uri'] : null;
if ($authorizationToken['redirectUri'] == $redirectUri) {
$tokenFactory = new sspmod_oauth2server_OAuth2_TokenFactory($authorizationToken['authorizationCodeTTL'], $authorizationToken['accessTokenTTL'], $authorizationToken['refreshTokenTTL']);
$accessToken = $tokenFactory->createBearerAccessToken($authorizationToken['clientId'], $authorizationToken['scopes'], $authorizationToken['userId']);
if ($_POST['grant_type'] === 'authorization_code') {
$refreshToken = $tokenFactory->createRefreshToken($authorizationToken['clientId'], $authorizationToken['redirectUri'], $authorizationToken['scopes'], $authorizationToken['userId']);
$tokenStore->addRefreshToken($refreshToken);
$liveRefreshTokens = array($refreshToken['id']);
foreach ($user['refreshTokens'] as $tokenId) {
if (!is_null($tokenStore->getRefreshToken($tokenId))) {
array_push($liveRefreshTokens, $tokenId);
}
}
$user['refreshTokens'] = $liveRefreshTokens;
if ($refreshToken['expire'] > $user['expire']) {
$user['expire'] = $refreshToken['expire'];
}
if (($index = array_search($authorizationTokenId, $user['authorizationCodes'])) !== false) {
unset($user['authorizationCodes'][$index]);
}
} else {
