/** * Populate a token * * The actual token (sensitive part) is generated in the token service * * @param AbstractToken $token * @param Client|null $client * @param TokenOwnerInterface|null $owner * @param array|string $scopes * @return void */ protected function populateToken(AbstractToken $token, Client $client = null, TokenOwnerInterface $owner = null, $scopes = []) { if (null !== $client) { $token->setClient($client); } if (null !== $owner) { $token->setOwner($owner); } $token->setScopes($scopes ?: []); }
/** * Create a new token (and generate the token) * * @param AbstractToken $token * @return AbstractToken */ public function createToken(AbstractToken $token) : AbstractToken { $scopes = $token->getScopes(); if (empty($scopes)) { $defaultScopes = $this->scopeService->getDefaultScopes(); $token->setScopes($defaultScopes); } else { $this->validateTokenScopes($scopes); } $expiresAt = new DateTime(); $expiresAt->setTimestamp(time() + $this->tokenTTL); $token->setExpiresAt($expiresAt); do { $tokenHash = bin2hex(random_bytes(20)); } while ($this->tokenRepository->findByToken($tokenHash) !== null); $token->setToken($tokenHash); return $this->tokenRepository->save($token); }