public function authenticate(ServerRequestInterface $request, ResponseInterface $response)
{
if (empty($username = $request->getParam('username')) || empty($password = $request->getParam('password')) || empty($grant = $request->getParam('grant_type')) || $grant !== 'password') {
throw (new OAuth2Exception('Invalid parameters supplied for authentication'))->displayMessage(OAuth2Exception::BAD_CREDENTIALS)->response($response->withStatus(401));
}
$result = $this->authRepo->validateCredentials($username, $password);
if (empty($result)) {
throw (new OAuth2Exception('Wrong username or password'))->displayMessage(OAuth2Exception::BAD_CREDENTIALS)->response($response->withStatus(401));
}
$address = $this->getAddress();
$expiration = $this->getExpiration($this->config['expiration']);
$builder = (new Builder())->setIssuer($address)->setAudience($address)->setId(md5(uniqid(mt_rand(), true)), true)->setIssuedAt(time())->setNotBefore(time() + 60)->setExpiration($expiration)->setSubject($result['id']);
$customClaims = [];
foreach ($result as $claim => $value) {
if ($claim !== 'id') {
$customClaims[] = $claim;
$builder->set($claim, $value);
}
}
$token = $builder->set('cc', implode(',', $customClaims))->sign(new Sha256(), new Key($this->config['private-key']))->getToken();
// Retrieves the generated token
return $response->withHeader(\HTTP\Header\CacheControl::name(), \HTTP\Header\CacheControl::values([\HTTP\Header\CacheControl::NO_CACHE, \HTTP\Header\CacheControl::REVALIDATE]))->writeJson(['token' => sprintf('%s', $token), 'type' => 'Bearer', 'expires' => $expiration]);
}
<?php require '../vendor/autoload.php'; use HTTP\Header; HTTP\Support\TypeSupport::addSupport([Header\ContentType::JSON]); (new \HTTP\Response())->withTypeNegotiation()->withHeader(Header\CacheControl::name(), Header\CacheControl::values([Header\CacheControl::NO_CACHE, Header\CacheControl::EXP_MAX_AGE]))->write(json_encode(['what' => 'testing']))->send();