/**
  * Grants access token for request
  *
  * @param IRequest $request
  *
  * @throws \OAuth2\Exception\InvalidGrantException
  * @throws \OAuth2\Exception\MissingParameterException
  * @throws \OAuth2\Exception\UnauthorizedClientException
  * @return IAccessToken
  */
 public function grant(IRequest $request)
 {
     if (!($refreshTokenIdentifier = $request->request('refresh_token'))) {
         throw new MissingParameterException("Parameter 'refresh_token' is missing.");
     }
     if (!($refreshToken = $this->refreshTokenStorage->get($refreshTokenIdentifier))) {
         throw new InvalidGrantException('Invalid refresh token.');
     }
     $client = $this->clientAuthenticator->authenticate($request);
     // are clients same?
     if ($client->getId() !== $refreshToken->getClient()->getId()) {
         throw new InvalidGrantException('Invalid refresh token.');
     }
     // is client allowed to use this grant type?
     if (!$client->isAllowedToUse($this)) {
         throw new UnauthorizedClientException('Client can not use this grant type.');
     }
     $expiresAt = $refreshToken->getExpiresAt();
     if ($expiresAt instanceof \DateTime) {
         $expiresAt = $expiresAt->getTimestamp();
     }
     // is refresh token expired?
     if ($expiresAt < time()) {
         throw new InvalidGrantException('Refresh token has expired.');
     }
     // intersection of refresh token and requested scopes
     $scopes = $this->scopeResolver->intersect($request->request('scope'), $refreshToken->getScopes());
     return $this->accessTokenStorage->generate($refreshToken->getUser(), $refreshToken->getClient(), $scopes);
 }
 function it_issues_refresh_token_for_given_access_token(IRefreshTokenStorage $refreshTokenStorage, IAccessToken $accessToken, IRefreshToken $refreshToken, IUser $user, IClient $client, IScope $scope)
 {
     $accessToken->getUser()->willReturn($user)->shouldBeCalled();
     $accessToken->getClient()->willReturn($client)->shouldBeCalled();
     $accessToken->getScopes()->willReturn([$scope])->shouldBeCalled();
     $refreshTokenStorage->generate($user, $client, [$scope])->willReturn($refreshToken)->shouldBeCalled();
     $this->issueToken($accessToken)->shouldReturnAnInstanceOf('OAuth2\\Storage\\IRefreshToken');
 }
 /**
  * Issues refresh token for given access token
  *
  * @param IAccessToken $accessToken
  *
  * @return \OAuth2\Storage\IRefreshToken
  */
 public function issueToken(IAccessToken $accessToken)
 {
     $scopes = $accessToken->getScopes();
     // in case of doctrine collections, etc
     if ($scopes instanceof \Traversable) {
         $scopes = iterator_to_array($scopes);
     }
     return $this->refreshTokenStorage->generate($accessToken->getUser(), $accessToken->getClient(), $scopes);
 }
 function it_issues_an_access_token(IRequest $request, IRefreshToken $refreshToken, IRefreshTokenStorage $refreshTokenStorage, IAccessTokenStorage $accessTokenStorage, IAccessToken $accessToken, IUser $user, IClient $client, IScope $scope1, IScope $scope2, IScopeResolver $scopeResolver, IClientAuthenticator $clientAuthenticator)
 {
     $scopes = [$scope1, $scope2];
     $request->request('refresh_token')->willReturn('pom')->shouldBeCalled();
     $refreshTokenStorage->get('pom')->willReturn($refreshToken)->shouldBeCalled();
     $refreshToken->getClient()->willReturn($client)->shouldBeCalled();
     $clientAuthenticator->authenticate($request)->willReturn($client)->shouldBeCalled();
     $client->getId()->willReturn('test')->shouldBeCalled();
     $client->isAllowedToUse($this)->willReturn(true)->shouldBeCalled();
     $refreshToken->getExpiresAt()->willReturn(time() + 100)->shouldBeCalled();
     $refreshToken->getScopes()->willReturn($scopes)->shouldBeCalled();
     $request->request('scope')->willReturn(null)->shouldBeCalled();
     $scopeResolver->intersect(null, $scopes)->willReturn($scopes)->shouldBeCalled();
     $refreshToken->getUser()->willReturn($user)->shouldBeCalled();
     $accessTokenStorage->generate($user, $client, $scopes)->willReturn($accessToken)->shouldBeCalled();
     $this->grant($request)->shouldReturnAnInstanceOf('OAuth2\\Storage\\IAccessToken');
 }