/** * {@inheritdoc} */ public function grantAuthorization(Authorization $authorization) { $code = $this->getAuthCodeManager()->createAuthCode($authorization->getClient(), $authorization->getEndUser(), $authorization->getQueryParams(), $authorization->getRedirectUri(), $authorization->getScope(), $authorization->getIssueRefreshToken()); $params = ['code' => $code->getToken()]; if (null !== $authorization->getState()) { $params['state'] = $authorization->getState(); } return $params; }
/** * {@inheritdoc} */ public function grantAuthorization(Authorization $authorization) { $token = $this->getAccessTokenManager()->createAccessToken($authorization->getClient(), $authorization->getEndUser(), $authorization->getScope()); $params = []; $state = $authorization->getState(); if (!empty($state)) { $params['state'] = $state; } return $params; }
/** * @param \OAuth2\Endpoint\Authorization $authorization * * @throws \OAuth2\Exception\BaseExceptionInterface * * @return \OAuth2\Grant\ResponseTypeSupportInterface[] */ protected function getResponseTypes(Authorization $authorization) { /* * @see http://tools.ietf.org/html/rfc6749#section-3.1.1 */ if (null === $authorization->getResponseType()) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Invalid "response_type" parameter or parameter is missing'); } $types = explode(' ', $authorization->getResponseType()); $response_types = []; /* * Multiple response types support must be enabled. * This option should be set to true only if OpenID Connect is used. */ if (1 < count($types) && false === $this->getConfiguration()->get('multiple_response_types_support_enabled', false)) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Multiple response types is disabled.'); } foreach ($types as $type) { if (1 < count(array_keys($types, $type))) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'A response type appears more than once.'); } if (array_key_exists($type, $this->response_types)) { $response_types[] = $this->response_types[$type]; } else { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Response type "' . $type . '" is not supported by this server'); } if (!$authorization->getClient()->isAllowedGrantType($type)) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::UNAUTHORIZED_CLIENT, 'The response type "' . $authorization->getResponseType() . '" is unauthorized for this client.'); } } return $response_types; }