/** * @param \Psr\Http\Message\ServerRequestInterface $request * @param \OAuth2\Client\ClientInterface $client * @param \OAuth2\TokenEndpointAuthMethod\TokenEndpointAuthMethodInterface $authentication_method * @param mixed|null $client_credentials * * @return true */ public function isClientAuthenticated(ServerRequestInterface $request, ClientInterface $client, TokenEndpointAuthMethodInterface $authentication_method, $client_credentials) { if (in_array($client->get('token_endpoint_auth_method'), $authentication_method->getSupportedAuthenticationMethods())) { if (false === $client->areClientCredentialsExpired()) { return $authentication_method->isClientAuthenticated($client, $client_credentials, $request); } } return false; }