function get_token()
{
$token = isset($_COOKIE['refresh_token']) ? $_COOKIE['refresh_token'] : '';
if (!$token) {
throw new Exception("no token sent");
}
$auth = new oauth_server();
try {
$new_token = $auth->refresh_token($token);
return $new_token;
} catch (Exception $e) {
$error = $e->getMessage();
throw new Exception($error, $e->getCode());
}
}
$msg = $_SERVER['REQUEST_METHOD'] . " not allowed. Use POST.";
throw new BadMethodCallException($msg, 403);
}
if (!isset($_POST['grant_type'])) {
throw new InvalidArgumentException("grant type cannot be empty", 400);
}
if (!isset($_POST['email'])) {
throw new InvalidArgumentException("email cannot be empty", 400);
}
if (!isset($_POST['password'])) {
throw new InvalidArgumentException("password cannot be empty", 400);
}
if ($_POST['grant_type'] != 'password') {
$msg = "Grant type: " . $_POST['grant_type'] . " not implemented yet.";
throw new DomainException($msg, 501);
}
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
$auth = new oauth_server();
$uid = oauth_server::authenticateUser($email, $password);
$res = array("status" => "success", "message" => null);
$res['data'] = oauth_server::generate_token($uid);
$res['data']['_links']['user_info']['href'] = "/user/" . $uid;
response($res, 200);
exit;
} catch (Exception $e) {
$errMsg = $e->getMessage();
$res = array("status" => "error", "message" => $errMsg, "data" => null);
response($res, $e->getCode());
exit;
}
public function user_logout()
{
if (!$this->_user_id) {
throw new Exception("no token sent which likely means theres no user logged in", 400);
}
require_once '../oauth/oauth_class.php';
$auth = new oauth_server();
if ($auth->destroy_token($this->_user_id)) {
return array('data' => "log out successful", 'status' => '200');
} else {
return array('data' => "error in logging out", 'status' => '200');
}
}
