public function authenticate(TokenInterface $token) { if (strlen($token->getOAuthToken()) === 0) { $url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_id=" . $this->remoteApiId . "&client_secret=" . $this->remoteApiSecret . "&grant_type=password" . "&username="******"&password=" . $token->getPassword(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $apiResponse = json_decode(curl_exec($ch)); curl_close($ch); if (isset($apiResponse->access_token)) { $user = $this->userManager->createUser(); $user->setUsername($token->getUsername()); $authenticatedToken = new OAuthUserToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setOAuthToken($apiResponse->access_token); $authenticatedToken->setRefreshToken($apiResponse->refresh_token); $authenticatedToken->setTokenType($apiResponse->token_type); // We take 3 minutes less (180 seconds) just to be sure. $authenticatedToken->setExpireTime(time() + $apiResponse->expires_in - 180); return $authenticatedToken; } elseif (isset($apiResponse->error_description)) { throw new AuthenticationException($apiResponse->error_description); } else { throw new AuthenticationException('The OAuth authentication failed.'); } } else { return $token; } }