/**
* Handle the request.
*
* @return void
*
* @since 12.3
*/
public function execute()
{
// Verify that we have an OAuth 2.0 application.
$this->initialise();
// Get the credentials for the request.
$credentials = new MOauth2Credentials($this->request);
$credentials->load();
// Getting the client object
$client = $this->fetchClient($this->request->client_id);
// Doing authentication using Joomla! users
if ($credentials->doJoomlaAuthentication($client) == false) {
$this->respondError(400, 'unauthorized_client', 'The Joomla! credentials are not valid.');
}
// Load the JUser class on application for this client
$this->app->loadIdentity($client->_identity);
// Ensure the credentials are authorised.
if ($credentials->getType() === MOauth2Credentials::TOKEN) {
$this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.');
}
// Ensure the credentials are authorised.
if ($credentials->getType() !== MOauth2Credentials::AUTHORISED) {
$this->respondError(400, 'invalid_request', 'The token has not been authorised by the resource owner.');
}
// Convert the credentials to valid Token credentials for requesting protected resources.
$credentials->convert();
// Build the response for the client.
$response = array('access_token' => $credentials->getAccessToken(), 'expires_in' => 'P60M', 'refresh_token' => $credentials->getRefreshToken());
// Check if the request is CORS ( Cross-origin resource sharing ) and change the body if true
$body = $this->prepareBody($response);
// Set the response code and body.
$this->response->setHeader('status', '200')->setBody($body)->respond();
}
