/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param string $token
* @param string|null $token_type_hint
* @param string|null $callback
*
* @throws \OAuth2\Exception\BaseExceptionInterface
*/
private function getParameters(ServerRequestInterface $request, &$token, &$token_type_hint, &$callback)
{
$query_params = $request->getQueryParams();
$body_params = RequestBody::getParameters($request);
foreach (['token', 'token_type_hint', 'callback'] as $key) {
${$key} = array_key_exists($key, $query_params) ? $query_params[$key] : (array_key_exists($key, $body_params) ? $body_params[$key] : null);
}
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
*
* @throws \OAuth2\Exception\BaseExceptionInterface
*/
private function handleRequest(ServerRequestInterface $request, ResponseInterface &$response)
{
$request_parameters = RequestBody::getParameters($request);
$type = $this->getGrantType($request_parameters);
$grant_type_response = new GrantTypeResponse();
$type->prepareGrantTypeResponse($request, $grant_type_response);
$client = $this->findClient($request, $grant_type_response);
$this->checkGrantType($client, $type->getGrantType());
$grant_type_response->setClientPublicId($client->getPublicId());
if ($this->hasScopeManager()) {
$this->populateScope($request, $grant_type_response);
}
$token_type_information = $this->getTokenTypeInformation($request_parameters, $client);
$type->grantAccessToken($request, $client, $grant_type_response);
if ($this->hasScopeManager()) {
$grant_type_response->setAvailableScope($grant_type_response->getAvailableScope() ?: $this->getScopeManager()->getAvailableScopesForClient($client));
//Modify the scope according to the scope policy
try {
$requested_scope = $this->getScopeManager()->checkScopePolicy($grant_type_response->getRequestedScope(), $client);
} catch (\InvalidArgumentException $e) {
throw $this->getExceptionManager()->getBadRequestException(ExceptionManagerInterface::ERROR_INVALID_SCOPE, $e->getMessage());
}
$grant_type_response->setRequestedScope($requested_scope);
//Check if scope requested are within the available scope
$this->checkRequestedScope($grant_type_response);
}
//Call extensions to add metadatas to the Access Token
$metadatas = $this->preAccessTokenCreation($client, $grant_type_response, $token_type_information);
//The access token can be created
$access_token = $this->createAccessToken($client, $grant_type_response, $request_parameters, $token_type_information, $metadatas);
//The result is processed using the access token and the other information
$data = $this->postAccessTokenCreation($client, $grant_type_response, $token_type_information, $access_token);
//The response is updated
$this->processResponse($response, $data);
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param string|null $token
* @param string|null $token_type_hint
*
* @throws \OAuth2\Exception\BaseExceptionInterface
*/
private function getParameters(ServerRequestInterface $request, &$token, &$token_type_hint)
{
$query_params = $request->getQueryParams();
$body_params = RequestBody::getParameters($request);
$token = array_key_exists('token', $query_params) ? $query_params['token'] : (array_key_exists('token', $body_params) ? $body_params['token'] : null);
$token_type_hint = array_key_exists('token_type_hint', $query_params) ? $query_params['token_type_hint'] : (array_key_exists('token_type_hint', $body_params) ? $body_params['token_type_hint'] : null);
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
* @param \OAuth2\Client\ClientInterface $client
*/
private function handlePut(ServerRequestInterface $request, ResponseInterface &$response, ClientInterface $client)
{
$request_parameters = RequestBody::getParameters($request);
$this->checkPreservedParameters($request_parameters);
$this->checkSoftwareStatement($request_parameters);
$client_data = $client->all();
foreach (['registration_access_token', 'registration_client_uri', 'client_secret_expires_at', 'client_id_issued_at'] as $k) {
if (array_key_exists($k, $client_data)) {
unset($client_data[$k]);
}
}
$diff_data = array_diff_key($client_data, $request_parameters);
Assertion::true(empty($diff_data), 'The request must include all client metadata fields.');
Assertion::eq($request_parameters['client_id'], $client->getPublicId(), 'Inconsistent "client_id" parameter.');
unset($request_parameters['client_id']);
$request_parameters = array_merge($request_parameters, ['registration_access_token' => null, 'registration_client_uri' => null, 'client_secret_expires_at' => null]);
foreach ($request_parameters as $k => $v) {
if (empty($v)) {
$client->remove($k);
unset($request_parameters[$k]);
}
}
$this->getClientRuleManager()->processParametersForClient($client, $request_parameters);
$this->getClientManager()->saveClient($client);
$this->processResponseWithClient($response, $client);
}
/**
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
*
* @throws \OAuth2\Exception\BaseExceptionInterface
*/
private function handleRequest(ServerRequestInterface $request, ResponseInterface &$response)
{
$initial_access_token = $this->findInitialAccessToken($request);
$request_parameters = RequestBody::getParameters($request);
$this->checkSoftwareStatement($request_parameters);
$client = $this->getClientManager()->createClient();
$this->getClientRuleManager()->processParametersForClient($client, $request_parameters);
if (null !== $initial_access_token) {
$client->setResourceOwnerPublicId($initial_access_token->getUserAccountPublicId());
}
$this->getClientManager()->saveClient($client);
$this->processResponse($response, $client);
}