if (empty($_GET['response_type']) || empty($_GET['client_id']) || $_GET['response_type'] != 'token') {
$error = 'invalid_request';
} else {
if (!$access_handler->isClient($_GET['client_id'])) {
$error = 'unauthorized_client';
} else {
if (!empty($_POST) && (empty($_POST['username']) || empty($_POST['password']))) {
$error = 'access_denied';
} else {
if (!empty($_POST)) {
if ($access_handler->checkUserAuth($_POST['username'], $_POST['password'])) {
$auth = array("access_token" => $access_handler->generateUniqueToken($_POST['username']));
if (Config::getSafe("api_v2_access_type", "bearer") == "bearer") {
$access = array("token_type" => "bearer");
} else {
$access = array("token_type" => "mac", "mac_key" => $access_handler->getSecretKey($_POST['username']), "mac_algorithm" => "hmac-sha-256");
}
$auth = array_merge($auth, $access);
$additional = $access_handler->getAdditionalParams($_POST['username']);
$auth = array_merge($auth, $additional);
$auth = http_build_query($auth);
} else {
$error = 'access_denied';
}
}
}
}
}
if (!empty($_GET['client_id'])) {
setcookie("client_id", $_GET['client_id']);
}
