/** * {@inheritDoc} * @throws OAuth2Exception */ public function createTokenResponse(ServerRequestInterface $request, Client $client = null, TokenOwnerInterface $owner = null) : ResponseInterface { $postParams = $request->getParsedBody(); $code = $postParams['code'] ?? null; if (null === $code) { throw OAuth2Exception::invalidRequest('Could not find the authorization code in the request'); } /* @var \ZfrOAuth2\Server\Model\AuthorizationCode $authorizationCode */ $authorizationCode = $this->authorizationCodeService->getToken($code); if (null === $authorizationCode || $authorizationCode->isExpired()) { throw OAuth2Exception::invalidGrant('Authorization code cannot be found or is expired'); } $clientId = $postParams['client_id'] ?? null; if ($authorizationCode->getClient()->getId() !== $clientId) { throw OAuth2Exception::invalidRequest('Authorization code\'s client does not match with the one that created the authorization code'); } // If owner is null, we reuse the same as the authorization code $owner = $owner ?: $authorizationCode->getOwner(); // Everything is okey, let's start the token generation! $scopes = $authorizationCode->getScopes(); // reuse the scopes from the authorization code $accessToken = $this->accessTokenService->createToken($owner, $client, $scopes); // Before generating a refresh token, we must make sure the authorization server supports this grant $refreshToken = null; if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) { $refreshToken = $this->refreshTokenService->createToken($owner, $client, $scopes); } return $this->prepareTokenResponse($accessToken, $refreshToken); }
public function testDoesCaseSensitiveTest() { $token = AccessToken::reconstitute(['token' => 'Token', 'owner' => $this->createMock(TokenOwnerInterface::class), 'client' => $this->createMock(Client::class), 'expiresAt' => new \DateTimeImmutable(), 'scopes' => []]); $this->tokenRepository->expects($this->once())->method('findByToken')->with('token')->will($this->returnValue($token)); $this->assertNull($this->tokenService->getToken('token')); }