Renamed Grants

src/Grant/ClientCredentialsGrant.php

@@ -0,0 +1,118 @@
+<?php
+/**
+ * OAuth 2.0 Client credentials grant
+ *
+ * @package     league/oauth2-server
+ * @author      Alex Bilbie <hello@alexbilbie.com>
+ * @copyright   Copyright (c) Alex Bilbie
+ * @license     http://mit-license.org/
+ * @link        https://github.com/thephpleague/oauth2-server
+ */
+
+namespace League\OAuth2\Server\Grant;
+
+use League\OAuth2\Server\AuthorizationServer;
+use League\OAuth2\Server\Entity\AccessTokenEntity;
+use League\OAuth2\Server\Entity\ClientEntity;
+use League\OAuth2\Server\Entity\SessionEntity;
+use League\OAuth2\Server\Entity\ScopeEntity;
+use League\OAuth2\Server\Exception;
+use League\OAuth2\Server\Util\SecureKey;
+use League\OAuth2\Server\Storage\SessionInterface;
+use League\OAuth2\Server\Storage\ClientInterface;
+use League\OAuth2\Server\Storage\ScopeInterface;
+
+/**
+ * Client credentials grant class
+ */
+class ClientCredentialsGrant extends AbstractGrant
+{
+    /**
+     * Grant identifier
+     * @var string
+     */
+    protected $identifier = 'client_credentials';
+
+    /**
+     * Response type
+     * @var string
+     */
+    protected $responseType = null;
+
+    /**
+     * AuthServer instance
+     * @var AuthServer
+     */
+    protected $server = null;
+
+    /**
+     * Access token expires in override
+     * @var int
+     */
+    protected $accessTokenTTL = null;
+
+    /**
+     * Complete the client credentials grant
+     * @param  null|array $inputParams
+     * @return array
+     */
+    public function completeFlow()
+    {
+         // Get the required params
+        $clientId = $this->server->getRequest()->request->get('client_id', null);
+        if (is_null($clientId)) {
+            throw new Exception\InvalidRequestException('client_id');
+        }
+
+        $clientSecret = $this->server->getRequest()->request->get('client_secret', null);
+        if (is_null($clientSecret)) {
+            throw new Exception\InvalidRequestException('client_secret');
+        }
+
+        // Validate client ID and client secret
+        $client = $this->server->getStorage('client')->get(
+            $clientId,
+            $clientSecret,
+            null,
+            $this->getIdentifier()
+        );
+
+        if (($client instanceof ClientEntity) === false) {
+            throw new Exception\InvalidClientException();
+        }
+
+        // Validate any scopes that are in the request
+        $scopeParam = $this->server->getRequest()->request->get('scope', '');
+        $scopes = $this->validateScopes($scopeParam);
+
+        // Create a new session
+        $session = new SessionEntity($this->server);
+        $session->setOwner('client', $client->getId());
+        $session->associateClient($client);
+
+        // Generate an access token
+        $accessToken = new AccessTokenEntity($this->server);
+        $accessToken->setToken(SecureKey::generate());
+        $accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
+
+        // Associate scopes with the session and access token
+        foreach ($scopes as $scope) {
+            $accessToken->associateScope($scope);
+            $session->associateScope($scope);
+        }
+
+        // Save everything
+        $session->save($this->server->getStorage('session'));
+        $accessToken->setSession($session);
+        $accessToken->save($this->server->getStorage('access_token'));
+
+        $response = [
+            'access_token'  =>  $accessToken->getToken(),
+            'token_type'    =>  'Bearer',
+            'expires'       =>  $accessToken->getExpireTime(),
+            'expires_in'    =>  $this->server->getAccessTokenTTL()
+        ];
+
+        return $response;
+    }
+}