protected function createAccessToken($client_id, $user_id, $scope = null)
{
$timeLimit = $this->getVariable(self::CONFIG_MAX_SESSION);
// If we have session time limit, then:
// 1. We limit time for initial refresh token to session length
// 2. We inherit this time limit for subsequent refresh tokens
if ($timeLimit) {
// enforce session length limits
if ($this->oldRefreshToken) {
// inherit expiration from the old token
$tokenSeed = BeanFactory::newBean('OAuthTokens');
$token = $tokenSeed->load($this->oldRefreshToken, 'oauth2');
$this->setVariable(self::CONFIG_REFRESH_LIFETIME, $token->expire_ts - time());
} else {
$this->setVariable(self::CONFIG_REFRESH_LIFETIME, $timeLimit);
}
}
return parent::createAccessToken($client_id, $user_id, $scope);
}
