public function token()
{
// Validate the request
$request_params = $this->validate_token_params();
// Response Params
$response_params = array('token_type' => OAuth2::TOKEN_TYPE_BEARER, 'expires_in' => Model_OAuth2_Access_Token::$lifetime);
$client = Model_OAuth2_Client::find_client($request_params['client_id'], $request_params['client_secret']);
$user_id = NULL;
if ($request_params['grant_type'] == OAuth2::GRANT_TYPE_AUTH_CODE) {
$auth_code = Model_OAuth2_Auth_Code::find_code($request_params['code']);
$user_id = $auth_code->user_id;
$auth_code->delete();
} elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_REFRESH_TOKEN) {
$refresh_token = Model_OAuth2_Refresh_Token::find_token($request_params['refresh_token']);
$user_id = $refresh_token->user_id;
$refresh_token->delete();
} elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_CLIENT_CREDENTIALS) {
$user_id = NULL;
} elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_PASSWORD) {
$user_id = $this->_validate_user($request_params['username'], $request_params['password']);
}
// Generate an access token
$access_token = Model_OAuth2_Access_Token::create_token($request_params['client_id'], $user_id, $request_params['scope']);
$response_params['access_token'] = $access_token->access_token;
// If refreh tokens are supported, add one.
if (in_array(OAuth2::GRANT_TYPE_REFRESH_TOKEN, OAuth2::$supported_grant_types)) {
// Generate a refresh token
$refresh_token = Model_OAuth2_Refresh_Token::create_token($request_params['client_id'], $user_id, $request_params['scope']);
$response_params['refresh_token'] = $refresh_token->refresh_token;
}
// Add scope if needed
if (Valid::not_empty($request_params['scope'])) {
$response_params['scope'] = $request_params['scope'];
}
return json_encode($response_params);
}
/**
* Deletes a token
*
* @param string $refresh_token the token to delete
*
* @return null
*/
public static function delete_token($refresh_token)
{
Model_OAuth2_Refresh_Token::find_client($refresh_token)->delete();
}
