From d3a7b442ce9d00b9938ddd6befdc64a3ae6e5e18 Mon Sep 17 00:00:00 2001
From: Alex Bilbie <hello@alexbilbie.com>
Date: Sun, 10 Apr 2016 14:31:21 +0100
Subject: [PATCH] Updated implicit grant example

---
 examples/public/implicit.php | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/examples/public/implicit.php b/examples/public/implicit.php
index a9313017..d5bce903 100644
--- a/examples/public/implicit.php
+++ b/examples/public/implicit.php
@@ -3,6 +3,7 @@
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\Grant\ImplicitGrant;
 use League\OAuth2\Server\Server;
+use OAuth2ServerExamples\Entities\UserEntity;
 use OAuth2ServerExamples\Repositories\AccessTokenRepository;
 use OAuth2ServerExamples\Repositories\ClientRepository;
 use OAuth2ServerExamples\Repositories\ScopeRepository;
@@ -38,21 +39,30 @@ $app = new App([
         );
 
         // Enable the implicit grant on the server with a token TTL of 1 hour
-        $server->enableGrantType(
-            new ImplicitGrant($userRepository),
-            new \DateInterval('PT1H')
-        );
+        $server->enableGrantType(new ImplicitGrant($userRepository, new \DateInterval('PT1H')));
 
         return $server;
     },
 ]);
 
-$app->any('/authorize', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
+$app->get('/authorize', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
     /* @var \League\OAuth2\Server\Server $server */
     $server = $app->getContainer()->get(Server::class);
 
     try {
-        return $server->respondToRequest($request, $response);
+        // Validate the HTTP request and return an AuthorizationRequest object.
+        // The auth request object can be serialized into a user's session
+        $authRequest = $server->validateAuthorizationRequest($request);
+
+        // Once the user has logged in set the user on the AuthorizationRequest
+        $authRequest->setUser(new UserEntity());
+
+        // Once the user has approved or denied the client update the status
+        // (true = approved, false = denied)
+        $authRequest->setAuthorizationApproved(true);
+
+        // Return the HTTP redirect response
+        return $server->completeAuthorizationRequest($authRequest, $response);
     } catch (OAuthServerException $exception) {
         return $exception->generateHttpResponse($response);
     } catch (\Exception $exception) {