/**
* Handle a token request
*
* @return \Zend\Http\Response|null
*/
public function tokenAction()
{
// Can't do anything if not HTTP request...
if (!$this->request instanceof HttpRequest) {
return null;
}
// Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from
// globals, and then convert the response back to ZF2 format
$request = ServerRequestFactory::fromGlobals();
$response = $this->authorizationServer->handleTokenRequest($request);
return $this->convertToZfResponse($response);
}
public function testThrowExceptionIfPrivateClientDoesNotHaveSecret()
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->exactly(2))->method('getParsedBody')->willReturn(['grant_type' => 'client_credentials']);
$grant = new ClientCredentialsGrant($this->getMock(TokenService::class, [], [], '', false));
$clientService = $this->getMock(ClientService::class, [], [], '', false);
$accessTokenService = $this->getMock(TokenService::class, [], [], '', false);
$refreshTokenService = $this->getMock(TokenService::class, [], [], '', false);
$authorizationServer = new AuthorizationServer($clientService, [$grant], $accessTokenService, $refreshTokenService);
$response = $authorizationServer->handleTokenRequest($request);
$body = json_decode($response->getBody(), true);
$this->assertEquals(400, $response->getStatusCode());
$this->assertArrayHasKey('error', $body);
$this->assertArrayHasKey('error_description', $body);
}