public function handleAuthRequest()
{
$response = new OAuthResponse();
$request = new OAuthRequest();
$response->setRequest($request);
$response->setTokenType($this->token_type);
try {
$request->parse();
if ($request->isImplicitGrantAuth()) {
} else {
if ($request->getRefreshToken()) {
$username = $this->access_handler->getUsernameByRefreshToken($request->getRefreshToken());
if (empty($username)) {
throw new OAuthInvalidClient("request_token not valid");
}
$request->setUsername($username);
$token = $this->access_handler->generateUniqueToken($request->getUsername());
if (!$token) {
throw new OAuthServerError("Token making failed");
}
$response->setAccessToken($token);
$refresh_token = $this->access_handler->getRefreshToken($token);
if ($refresh_token) {
$response->setRefreshToken($refresh_token);
}
if ($this->token_type == "mac") {
$key = $this->access_handler->getSecretKey($request->getUsername());
$response->setMacKey($key);
}
$additional_params = $this->access_handler->getAdditionalParams($request->getUsername());
if (!empty($additional_params)) {
$response->setAdditionalParams($additional_params);
}
} else {
if ($this->access_handler->checkUserAuth($request->getUsername(), $request->getPassword(), $request->getMacAddress(), $request->getSerialNumber(), $request)) {
$user = \Mysql::getInstance()->from('users')->where(array('login' => $request->getUsername()))->get()->first();
if ($user['status'] == 1) {
throw new OAuthAccessDenied("Account is disabled");
}
$token = $this->access_handler->generateUniqueToken($request->getUsername());
if (!$token) {
throw new OAuthServerError("Token making failed");
}
$response->setAccessToken($token);
$refresh_token = $this->access_handler->getRefreshToken($token);
if ($refresh_token) {
$response->setRefreshToken($refresh_token);
}
if ($this->token_type == "mac") {
$key = $this->access_handler->getSecretKey($request->getUsername());
$response->setMacKey($key);
}
$additional_params = $this->access_handler->getAdditionalParams($request->getUsername());
if (!empty($additional_params)) {
$response->setAdditionalParams($additional_params);
}
} else {
throw new OAuthInvalidClient("Username or password is incorrect");
}
}
}
} catch (OAuthException $e) {
if ($request->isImplicitGrantAuth()) {
echo $e->getMessage();
} else {
$response->setError($e->getCode(), $e->getMessage(), $e->getUrl());
}
}
$response->send();
}
