public function token() { // Validate the request $request_params = $this->validate_token_params(); // Response Params $response_params = array('token_type' => OAuth2::TOKEN_TYPE_BEARER, 'expires_in' => Model_OAuth2_Access_Token::$lifetime); $client = Model_OAuth2_Client::find_client($request_params['client_id'], $request_params['client_secret']); $user_id = NULL; if ($request_params['grant_type'] == OAuth2::GRANT_TYPE_AUTH_CODE) { $auth_code = Model_OAuth2_Auth_Code::find_code($request_params['code']); $user_id = $auth_code->user_id; $auth_code->delete(); } elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_REFRESH_TOKEN) { $refresh_token = Model_OAuth2_Refresh_Token::find_token($request_params['refresh_token']); $user_id = $refresh_token->user_id; $refresh_token->delete(); } elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_CLIENT_CREDENTIALS) { $user_id = NULL; } elseif ($request_params['grant_type'] == OAuth2::GRANT_TYPE_PASSWORD) { $user_id = $this->_validate_user($request_params['username'], $request_params['password']); } // Generate an access token $access_token = Model_OAuth2_Access_Token::create_token($request_params['client_id'], $user_id, $request_params['scope']); $response_params['access_token'] = $access_token->access_token; // If refreh tokens are supported, add one. if (in_array(OAuth2::GRANT_TYPE_REFRESH_TOKEN, OAuth2::$supported_grant_types)) { // Generate a refresh token $refresh_token = Model_OAuth2_Refresh_Token::create_token($request_params['client_id'], $user_id, $request_params['scope']); $response_params['refresh_token'] = $refresh_token->refresh_token; } // Add scope if needed if (Valid::not_empty($request_params['scope'])) { $response_params['scope'] = $request_params['scope']; } return json_encode($response_params); }
/** * Deletes a token * * @param string $refresh_token the token to delete * * @return null */ public static function delete_token($refresh_token) { Model_OAuth2_Refresh_Token::find_client($refresh_token)->delete(); }