/**
* Return the Random Access Token.
* The access method should be POST.
* The POST body should include 'client_id', 'client_secret', 'grant_type', 'code' and 'redirect_uri' used before.
* The 'grant_type' must be 'authorization_code';
* The 'client_id' and 'client_secret' are registered in developer's center.
* @return array AccessToken array if above parameters are valid, or error No. and message.
*/
public function run()
{
GrantType::checkGrantType(Yii::$app->request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE);
Client::checkClientSecret(Client::checkClientId(Yii::$app->request->post('client_id')), Yii::$app->request->post('client_secret'));
AuthorizationCode::checkAuthorizationCode(Yii::$app->request->post('code'), Yii::$app->request->post('redirect_uri'));
return AccessToken::createAccessToken(Yii::$app->request->post('client_id'), Yii::$app->request->post('code'));
}
/**
* 创建访问令牌。
* 需要客户端ID和授权码,意即该客户端已经取得用户的授权。授权码仅用于创建
* 访问令牌,使用一次后即失效。
* 访问令牌的有效期可以在全局参数中设置,通常为 86400 秒。
* @param string $client_id
* @param string $authorization_code
* @return string The generated access token.
* @throws \yii\web\ServerErrorHttpException 设置访问令牌未成功时抛出。正常
* 情况下不会抛出该异常,如果客户端收到该错误,则应检查服务器故障。
*/
public static function createAccessToken($client_id, $authorization_code)
{
$token = ["access_token" => self::generateAccessToken(), "expires_in" => Yii::$app->params['access_lifetime']];
$setResult = self::setAccessToken($client_id, $authorization_code, $token['access_token'], $token['expires_in']);
$code = OauthAuthorizationCode::findOne(['authorization_code' => $authorization_code]);
if ($code) {
AuthorizationCode::expireAuthorizationCode($code);
}
if (!$setResult) {
throw new \yii\web\ServerErrorHttpException('Access Token Failed to Issue.', 10013);
}
return $token;
}
/**
* Loads the number of allowed requests and the corresponding timestamp from a persistent storage.
* @param Request $request the current request
* @param Action $action the action to be executed
* @return array an array of two elements. The first element is the number of allowed requests,
* and the second element is the corresponding UNIX timestamp.
*/
public function loadAllowance($request, $action)
{
GrantType::check($request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE);
Client::checkSecret(Client::checkId($request->post('client_id')), $request->post('client_secret'));
AuthorizationCode::check($request->post('code'), $request->post('redirect_uri'));
}