/** * Return the Random Access Token. * The access method should be POST. * The POST body should include 'client_id', 'client_secret', 'grant_type', 'code' and 'redirect_uri' used before. * The 'grant_type' must be 'authorization_code'; * The 'client_id' and 'client_secret' are registered in developer's center. * @return array AccessToken array if above parameters are valid, or error No. and message. */ public function run() { GrantType::checkGrantType(Yii::$app->request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE); Client::checkClientSecret(Client::checkClientId(Yii::$app->request->post('client_id')), Yii::$app->request->post('client_secret')); AuthorizationCode::checkAuthorizationCode(Yii::$app->request->post('code'), Yii::$app->request->post('redirect_uri')); return AccessToken::createAccessToken(Yii::$app->request->post('client_id'), Yii::$app->request->post('code')); }
/** * 创建访问令牌。 * 需要客户端ID和授权码,意即该客户端已经取得用户的授权。授权码仅用于创建 * 访问令牌,使用一次后即失效。 * 访问令牌的有效期可以在全局参数中设置,通常为 86400 秒。 * @param string $client_id * @param string $authorization_code * @return string The generated access token. * @throws \yii\web\ServerErrorHttpException 设置访问令牌未成功时抛出。正常 * 情况下不会抛出该异常,如果客户端收到该错误,则应检查服务器故障。 */ public static function createAccessToken($client_id, $authorization_code) { $token = ["access_token" => self::generateAccessToken(), "expires_in" => Yii::$app->params['access_lifetime']]; $setResult = self::setAccessToken($client_id, $authorization_code, $token['access_token'], $token['expires_in']); $code = OauthAuthorizationCode::findOne(['authorization_code' => $authorization_code]); if ($code) { AuthorizationCode::expireAuthorizationCode($code); } if (!$setResult) { throw new \yii\web\ServerErrorHttpException('Access Token Failed to Issue.', 10013); } return $token; }
/** * Loads the number of allowed requests and the corresponding timestamp from a persistent storage. * @param Request $request the current request * @param Action $action the action to be executed * @return array an array of two elements. The first element is the number of allowed requests, * and the second element is the corresponding UNIX timestamp. */ public function loadAllowance($request, $action) { GrantType::check($request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE); Client::checkSecret(Client::checkId($request->post('client_id')), $request->post('client_secret')); AuthorizationCode::check($request->post('code'), $request->post('redirect_uri')); }