/** * Respond with access_token data. */ protected function makeTokenResponse() { $this->app->bind('token_response', function () { $request = OAuthRequest::createFromRequest(Request::instance()); $response = new OAuthResponse(); $response = $this->app->make('oauth2')->handleTokenRequest($request, $response); $code = $response->getStatusCode(); $response_params = $response->getOriginalParams(); if ($code != 200 && !empty($response_params['error'])) { return ErrorResponse::make($response_params['error_description'], $code); } else { return SuccessResponse::make($response_params); } }); }
* the 'client_id' and 'client_secret' (if available) params in the POST data, * or in the Authorize HTTP Header (Http Basic). Note: there is no User associated with tokens * generated by this grant type. * * if 'grant_type' = 'refresh_token', the 'refresh_token' param must also be present. * Refresh tokens are generated by requests initially made with 'authorization_code' or 'password' grant types. * They are sent back in the data along with the access_token. * The refresh_token sent back can then be supplied to receive another access_token and another refresh_token. * This method is used to keep a user logged in, after their access_token expires. * */ Route::post('get-token', array('as' => 'token_endpoint', function () { return App::make('token_response'); })); /** * Only authenticated users can access these endpoints. */ Route::group(array('before' => 'requires_oauth_token'), function () { Route::any('me', function () { return SuccessResponse::make(Auth::user()); }); }); }); }); App::missing(function ($exception) { if (Request::is('api/*')) { return ErrorResponse::make('API endpoint for this verb not found.', 404); } else { return 'Page not found.'; } });