/**
* Respond with access_token data.
*/
protected function makeTokenResponse()
{
$this->app->bind('token_response', function () {
$request = OAuthRequest::createFromRequest(Request::instance());
$response = new OAuthResponse();
$response = $this->app->make('oauth2')->handleTokenRequest($request, $response);
$code = $response->getStatusCode();
$response_params = $response->getOriginalParams();
if ($code != 200 && !empty($response_params['error'])) {
return ErrorResponse::make($response_params['error_description'], $code);
} else {
return SuccessResponse::make($response_params);
}
});
}
* the 'client_id' and 'client_secret' (if available) params in the POST data,
* or in the Authorize HTTP Header (Http Basic). Note: there is no User associated with tokens
* generated by this grant type.
*
* if 'grant_type' = 'refresh_token', the 'refresh_token' param must also be present.
* Refresh tokens are generated by requests initially made with 'authorization_code' or 'password' grant types.
* They are sent back in the data along with the access_token.
* The refresh_token sent back can then be supplied to receive another access_token and another refresh_token.
* This method is used to keep a user logged in, after their access_token expires.
*
*/
Route::post('get-token', array('as' => 'token_endpoint', function () {
return App::make('token_response');
}));
/**
* Only authenticated users can access these endpoints.
*/
Route::group(array('before' => 'requires_oauth_token'), function () {
Route::any('me', function () {
return SuccessResponse::make(Auth::user());
});
});
});
});
App::missing(function ($exception) {
if (Request::is('api/*')) {
return ErrorResponse::make('API endpoint for this verb not found.', 404);
} else {
return 'Page not found.';
}
});