/** * Handle the request. * * @return void * * @since 12.3 */ public function execute() { // Verify that we have an OAuth 2.0 application. $this->initialise(); // Get the credentials for the request. $credentials = new ROauth2Credentials($this->request); $credentials->load(); // Getting the client object $client = $this->fetchClient($this->request->client_id); // Doing authentication using Joomla! users $credentials->doJoomlaAuthentication($client); // Load the JUser class on application for this client $this->app->loadIdentity($client->_identity); // Ensure the credentials are authorised. if ($credentials->getType() === ROauth2Credentials::TOKEN) { $this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.'); } // Ensure the credentials are authorised. if ($credentials->getType() !== ROauth2Credentials::AUTHORISED) { $this->respondError(400, 'invalid_request', 'The token has not been authorised by the resource owner.'); } // Convert the credentials to valid Token credentials for requesting protected resources. $credentials->convert(); // Build the response for the client. $response = array('access_token' => $credentials->getAccessToken(), 'expires_in' => 'P60M', 'refresh_token' => $credentials->getRefreshToken()); // Set the response code and body. $this->response->setHeader('status', '200')->setBody(json_encode($response))->respond(); }