/** * {@inheritDoc} */ public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null) { $token = $request->getPost('access_token'); $scope = $request->getPost('scope'); if (null === $token) { throw OAuth2Exception::invalidRequest('Missing parameter access_token'); } $owner = $this->getOwner($token); if (!$owner instanceof TokenOwnerInterface) { throw OAuth2Exception::accessDenied('Unable to load user from this token'); } /** * @var AccessToken $accessToken * @var null|RefreshToken $refreshToken * */ $accessToken = new AccessToken(); $refreshToken = null; // Generate token $this->populateToken($accessToken, $client, $owner, $scope); $accessToken = $this->accessTokenService->createToken($accessToken); // Before generating a refresh token, we must make sure the authorization server supports this grant if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) { $refreshToken = new RefreshToken(); $this->populateToken($refreshToken, $client, $owner, $scope); $refreshToken = $this->refreshTokenService->createToken($refreshToken); } return $this->prepareTokenResponse($accessToken, $refreshToken); }
/** * Constructor. * * @param array $options */ public function __construct($options) { $this->createUserCallable = function () { // By default if a new user tries to sign in, he is not allowed to sign in throw OAuth2Exception::accessDenied('You are not authorized to log in to the system.'); }; $this->setFromArray($options); }
public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null) { // TODO: Complete rewrite. This is just a temp method to allow token generation $owner = $this->userService->get($request->getPost('id')); $scope = 'foobar'; if (!$owner instanceof TokenOwnerInterface) { throw OAuth2Exception::accessDenied('access_denied'); } /** * @var AccessToken $accessToken * @var null|RefreshToken $refreshToken * */ $accessToken = new AccessToken(); $refreshToken = null; $this->populateToken($accessToken, $client, $owner, $scope); $accessToken = $this->accessTokenService->createToken($accessToken); // Before generating a refresh token, we must make sure the authorization server supports this grant if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) { $refreshToken = new RefreshToken(); $this->populateToken($refreshToken, $client, $owner, $scope); $refreshToken = $this->refreshTokenService->createToken($refreshToken); } return $this->prepareTokenResponse($accessToken, $refreshToken); }
/** * @throws OAuth2Exception */ public function createTokenResponse(ServerRequestInterface $request, Client $client = null, TokenOwnerInterface $owner = null) : ResponseInterface { $postParams = $request->getParsedBody(); // Validate the user using its username and password $username = $postParams['username'] ?? null; $password = $postParams['password'] ?? null; $scope = $postParams['scope'] ?? null; if (null === $username || null == $password) { throw OAuth2Exception::invalidRequest('Username and/or password is missing'); } $callback = $this->callback; $owner = $callback($username, $password); if (!$owner instanceof TokenOwnerInterface) { throw OAuth2Exception::accessDenied('Either username or password are incorrect'); } // Everything is okay, we can start tokens generation! $accessToken = $this->accessTokenService->createToken($owner, $client, $scope); // Before generating a refresh token, we must make sure the authorization server supports this grant $refreshToken = null; if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) { $refreshToken = $this->refreshTokenService->createToken($owner, $client, $scope); } return $this->prepareTokenResponse($accessToken, $refreshToken); }