public function handleRefreshToken(TokenRequest $tokenRequest, ClientData $clientData)
{
$refreshToken = $tokenRequest->getRefreshToken();
$scope = $tokenRequest->getScope();
$result = $this->db->getApprovalByRefreshToken($clientData->getId(), $refreshToken);
if (false === $result) {
throw new BadRequestException('invalid_grant', 'the refresh_token was not found');
}
$token = array();
$token['access_token'] = $this->io->getRandomHex();
$token['expires_in'] = $this->accessTokenExpiry;
if (null !== $scope) {
// the client wants to obtain a specific scope
$requestedScope = new Scope($scope);
$authorizedScope = new Scope($result['scope']);
if ($requestedScope->hasOnlyScope($authorizedScope)) {
// if it is a subset of the authorized scope we honor that
$token['scope'] = $requestedScope->toString();
} else {
// if not the client gets the authorized scope
$token['scope'] = $result['scope'];
}
} else {
$token['scope'] = $result['scope'];
}
$token['token_type'] = 'bearer';
$this->db->storeAccessToken($token['access_token'], $this->io->getTime(), $clientData->getId(), $result['resource_owner_id'], $token['scope'], $token['expires_in']);
return $token;
}
