/** * {@inheritdoc} */ public function grantAccessToken(ServerRequestInterface $request, ClientInterface $client, GrantTypeResponseInterface &$grant_type_response) { $this->checkClient($request, $client); $authCode = $this->getAuthCode($request); $this->checkPKCE($request, $authCode, $client); $this->checkAuthCode($authCode, $client); $redirect_uri = RequestBody::getParameter($request, 'redirect_uri'); // Validate the redirect URI. $this->checkRedirectUri($authCode, $redirect_uri); $this->getAuthorizationCodeManager()->markAuthCodeAsUsed($authCode); if ($this->hasScopeManager()) { $grant_type_response->setRequestedScope(RequestBody::getParameter($request, 'scope') ? $this->getScopeManager()->convertToArray(RequestBody::getParameter($request, 'scope')) : $authCode->getScope()); $grant_type_response->setAvailableScope($authCode->getScope()); $grant_type_response->setRefreshTokenScope($authCode->getScope()); } $grant_type_response->setResourceOwnerPublicId($authCode->getResourceOwnerPublicId()); $grant_type_response->setUserAccountPublicId($authCode->getUserAccountPublicId()); $grant_type_response->setRedirectUri($authCode->getMetadata('redirect_uri')); // Refresh Token $grant_type_response->setRefreshTokenIssued($authCode->getIssueRefreshToken()); $grant_type_response->setAdditionalData('auth_code', $authCode); }