From 3135f1796e0bbbe4d24900b1f3164f390d80b651 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 12 Jan 2016 23:05:19 +0000 Subject: [PATCH] Generate a refresh token in password grant --- src/Grant/PasswordGrant.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/Grant/PasswordGrant.php b/src/Grant/PasswordGrant.php index 2bce9d03..759f337f 100644 --- a/src/Grant/PasswordGrant.php +++ b/src/Grant/PasswordGrant.php @@ -16,6 +16,7 @@ use League\Event\Event; use League\OAuth2\Server\Entities\AccessTokenEntity; use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface; use League\OAuth2\Server\Entities\Interfaces\UserEntityInterface; +use League\OAuth2\Server\Entities\RefreshTokenEntity; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; @@ -134,18 +135,25 @@ class PasswordGrant extends AbstractGrant $accessToken->setIdentifier(SecureKey::generate()); $accessToken->setExpiryDateTime((new \DateTime())->add($accessTokenTTL)); $accessToken->setClient($client); - $accessToken->setOwner('user', $userEntity->getIdentifier()); + $accessToken->setUserIdentifier($userEntity->getIdentifier()); // Associate scopes with the session and access token foreach ($scopes as $scope) { $accessToken->addScope($scope); } - // Save the token + // Persist the token $this->accessTokenRepository->persistNewAccessToken($accessToken); - // Inject access token into token type + // Generate a refresh token + $refreshToken = new RefreshTokenEntity(); + $refreshToken->setIdentifier(SecureKey::generate()); + $refreshToken->setExpiryDateTime((new \DateTime())->add(new DateInterval('P1M'))); + $refreshToken->setAccessToken($accessToken); + + // Inject tokens into response $responseType->setAccessToken($accessToken); + $responseType->setRefreshToken($refreshToken); return $responseType; }