/**
* {@inheritDoc}
*/
public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null)
{
$token = $request->getPost('access_token');
$scope = $request->getPost('scope');
if (null === $token) {
throw OAuth2Exception::invalidRequest('Missing parameter access_token');
}
$owner = $this->getOwner($token);
if (!$owner instanceof TokenOwnerInterface) {
throw OAuth2Exception::accessDenied('Unable to load user from this token');
}
/**
* @var AccessToken $accessToken
* @var null|RefreshToken $refreshToken
* */
$accessToken = new AccessToken();
$refreshToken = null;
// Generate token
$this->populateToken($accessToken, $client, $owner, $scope);
$accessToken = $this->accessTokenService->createToken($accessToken);
// Before generating a refresh token, we must make sure the authorization server supports this grant
if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) {
$refreshToken = new RefreshToken();
$this->populateToken($refreshToken, $client, $owner, $scope);
$refreshToken = $this->refreshTokenService->createToken($refreshToken);
}
return $this->prepareTokenResponse($accessToken, $refreshToken);
}
/**
* Constructor.
*
* @param array $options
*/
public function __construct($options)
{
$this->createUserCallable = function () {
// By default if a new user tries to sign in, he is not allowed to sign in
throw OAuth2Exception::accessDenied('You are not authorized to log in to the system.');
};
$this->setFromArray($options);
}
public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null)
{
// TODO: Complete rewrite. This is just a temp method to allow token generation
$owner = $this->userService->get($request->getPost('id'));
$scope = 'foobar';
if (!$owner instanceof TokenOwnerInterface) {
throw OAuth2Exception::accessDenied('access_denied');
}
/**
* @var AccessToken $accessToken
* @var null|RefreshToken $refreshToken
* */
$accessToken = new AccessToken();
$refreshToken = null;
$this->populateToken($accessToken, $client, $owner, $scope);
$accessToken = $this->accessTokenService->createToken($accessToken);
// Before generating a refresh token, we must make sure the authorization server supports this grant
if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) {
$refreshToken = new RefreshToken();
$this->populateToken($refreshToken, $client, $owner, $scope);
$refreshToken = $this->refreshTokenService->createToken($refreshToken);
}
return $this->prepareTokenResponse($accessToken, $refreshToken);
}
/**
* @throws OAuth2Exception
*/
public function createTokenResponse(ServerRequestInterface $request, Client $client = null, TokenOwnerInterface $owner = null) : ResponseInterface
{
$postParams = $request->getParsedBody();
// Validate the user using its username and password
$username = $postParams['username'] ?? null;
$password = $postParams['password'] ?? null;
$scope = $postParams['scope'] ?? null;
if (null === $username || null == $password) {
throw OAuth2Exception::invalidRequest('Username and/or password is missing');
}
$callback = $this->callback;
$owner = $callback($username, $password);
if (!$owner instanceof TokenOwnerInterface) {
throw OAuth2Exception::accessDenied('Either username or password are incorrect');
}
// Everything is okay, we can start tokens generation!
$accessToken = $this->accessTokenService->createToken($owner, $client, $scope);
// Before generating a refresh token, we must make sure the authorization server supports this grant
$refreshToken = null;
if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) {
$refreshToken = $this->refreshTokenService->createToken($owner, $client, $scope);
}
return $this->prepareTokenResponse($accessToken, $refreshToken);
}
