/**
* authenticate
*
* @param \App\Restful\RestfulRequest $request
*
* @return \App\Restful\Security\Credential
*/
public function authenticate(RestfulRequest $request)
{
$client = $this->getClientOrFail($request);
$secret = $request->query->get('secret');
if (!$secret) {
throw new RestfulException(Response::HTTP_BAD_REQUEST, 'missing secret');
}
if ($secret != $client->getAttribute('secret')) {
throw new RestfulException(Response::HTTP_BAD_REQUEST, 'invalid secret');
}
/** @var \App\Models\Token $token */
$token = Token::ofToken($request->token)->firstOrNew(['client_id' => $client->getAttribute('id'), 'token' => Token::uniqueToken(), 'expires_in' => intval($client->getAttribute('expires_in'))]);
return new Credential($token->getAttribute('token'), $token->getAttribute('expires_in'));
}
