/**
* Complete the client credentials grant
*
* @return array
*
* @throws
*/
public function completeFlow(ClientEntity $client)
{
// Validate any scopes that are in the request
$scopeParam = $this->server->getRequestHandler()->getParam('scope');
$scopes = $this->validateScopes($scopeParam, $client);
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner('client', $client->getId());
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setId();
$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
foreach ($scopes as $scope) {
$session->associateScope($scope);
}
foreach ($session->getScopes() as $scope) {
$accessToken->associateScope($scope);
}
// Save everything
$session->save();
$accessToken->setSession($session);
$accessToken->save();
$this->server->getTokenType()->setSession($session);
$this->server->getTokenType()->setParam('access_token', $accessToken->getId());
$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
return $this->server->getTokenType()->generateResponse();
}
/**
* Parse a new authorize request
*
* @param string $type The session owner's type
* @param string $typeId The session owner's ID
* @param array $authParams The authorize request $_GET parameters
*
* @return string An authorisation code
*/
public function newAuthorizeRequest($type, $typeId, $authParams = [])
{
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner($type, $typeId);
$session->associateClient($authParams['client']);
// Create a new auth code
$authCode = new AuthCodeEntity($this->server);
$authCode->setId();
$authCode->setRedirectUri($authParams['redirect_uri']);
$authCode->setExpireTime(time() + $this->authTokenTTL);
foreach ($authParams['scopes'] as $scope) {
$authCode->associateScope($scope);
$session->associateScope($scope);
}
$session->save();
$authCode->setSession($session);
$authCode->save();
return $authCode->generateRedirectUri($authParams['state']);
}
/**
* Complete the password grant
*
* @return array
*
* @throws
*/
public function completeFlow(ClientEntity $client)
{
$username = $this->server->getRequestHandler()->getParam('username');
if (is_null($username)) {
throw new Exception\InvalidRequestException('username');
}
$password = $this->server->getRequestHandler()->getParam('password');
if (is_null($password)) {
throw new Exception\InvalidRequestException('password');
}
// Check if user's username and password are correct
$userId = call_user_func($this->getVerifyCredentialsCallback(), $username, $password);
if ($userId === false) {
throw new Exception\InvalidCredentialsException();
}
// Validate any scopes that are in the request
$scopeParam = $this->server->getRequestHandler()->getParam('scope');
$scopes = $this->validateScopes($scopeParam, $client);
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner('user', $userId);
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setId();
$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
foreach ($scopes as $scope) {
$session->associateScope($scope);
}
foreach ($session->getScopes() as $scope) {
$accessToken->associateScope($scope);
}
$this->server->getTokenType()->setSession($session);
$this->server->getTokenType()->setParam('access_token', $accessToken->getId());
$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshTokenEntity($this->server);
$refreshToken->setId();
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId());
}
// Save everything
$session->save();
$accessToken->setSession($session);
$accessToken->save();
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken->setAccessToken($accessToken);
$refreshToken->save();
}
return $this->server->getTokenType()->generateResponse();
}