PHP ZfrOAuth2\Server\Exception OAuth2Exception::invalidScope Examples

Programming Language: PHP

Namespace/Package Name: ZfrOAuth2\Server\Exception

Class/Type: OAuth2Exception

Method/Function: invalidScope

Examples at hotexamples.com: 2

PHP ZfrOAuth2\Server\Exception OAuth2Exception::invalidScope - 2 examples found. These are the top rated real world PHP examples of ZfrOAuth2\Server\Exception\OAuth2Exception::invalidScope extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

invalidRequest(10)

accessDenied(4)

invalidGrant(2)

invalidScope(2)

getCode(1)

getMessage(1)

invalidClient(1)

unsupportedGrantType(1)

unsupportedResponseType(1)

unsupportedTokenType(1)

Example #1

Show file

File: RefreshTokenGrant.php Project: basz/zfr-oauth2-server

 /**
  * {@inheritDoc}
  */
 public function createTokenResponse(ServerRequestInterface $request, Client $client = null, TokenOwnerInterface $owner = null) : ResponseInterface
 {
     $postParams = $request->getParsedBody();
     $refreshToken = $postParams['refresh_token'] ?? null;
     if (null === $refreshToken) {
         throw OAuth2Exception::invalidRequest('Refresh token is missing');
     }
     // We can fetch the actual token, and validate it
     /** @var RefreshToken $refreshToken */
     $refreshToken = $this->refreshTokenService->getToken((string) $refreshToken);
     if (null === $refreshToken || $refreshToken->isExpired()) {
         throw OAuth2Exception::invalidGrant('Refresh token is expired');
     }
     // We can now create a new access token! First, we need to make some checks on the asked scopes,
     // because according to the spec, a refresh token can create an access token with an equal or lesser
     // scope, but not more
     $scopes = $postParams['scope'] ?? $refreshToken->getScopes();
     if (!$refreshToken->matchScopes($scopes)) {
         throw OAuth2Exception::invalidScope('The scope of the new access token exceeds the scope(s) of the refresh token');
     }
     $owner = $refreshToken->getOwner();
     $accessToken = $this->accessTokenService->createToken($owner, $client, $scopes);
     // We may want to revoke the old refresh token
     if ($this->serverOptions->getRotateRefreshTokens()) {
         if ($this->serverOptions->getRevokeRotatedRefreshTokens()) {
             $this->refreshTokenService->deleteToken($refreshToken);
         }
         $refreshToken = $this->refreshTokenService->createToken($owner, $client, $scopes);
     }
     // We can generate the response!
     return $this->prepareTokenResponse($accessToken, $refreshToken, true);
 }

Example #2

Show file

File: AbstractTokenService.php Project: basz/zfr-oauth2-server

 /**
  * Validate the token scopes against the registered scope
  *
  * @param  array $scopes
  * @return void
  * @throws OAuth2Exception
  */
 protected function validateTokenScopes(array $scopes)
 {
     $registeredScopes = $this->scopeService->getAll();
     foreach ($registeredScopes as &$registeredScope) {
         $registeredScope = is_string($registeredScope) ? $registeredScope : $registeredScope->getName();
     }
     $diff = array_diff($scopes, $registeredScopes);
     if (count($diff) > 0) {
         throw OAuth2Exception::invalidScope(sprintf('Some scope(s) do not exist: %s', implode(', ', $diff)));
     }
 }