Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
Total | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
CRAP | |
72.73% |
8 / 11 |
ClientCredentialsGrant | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
6.73 | |
72.73% |
8 / 11 |
completeFlow() | |
0.00% |
0 / 1 |
6.73 | |
72.73% |
8 / 11 |
<?php | |
/** | |
* OAuth 2.0 Client credentials grant | |
* | |
* @package league/oauth2-server | |
* @author Alex Bilbie <hello@alexbilbie.com> | |
* @copyright Copyright (c) Alex Bilbie | |
* @license http://mit-license.org/ | |
* @link https://github.com/thephpleague/oauth2-server | |
*/ | |
namespace League\OAuth2\Server\Grant; | |
use League\OAuth2\Server\Entity\AccessTokenEntity; | |
use League\OAuth2\Server\Entity\ClientEntity; | |
use League\OAuth2\Server\Entity\SessionEntity; | |
use League\OAuth2\Server\Event; | |
use League\OAuth2\Server\Exception; | |
use League\OAuth2\Server\Util\SecureKey; | |
/** | |
* Client credentials grant class | |
*/ | |
class ClientCredentialsGrant extends AbstractGrant | |
{ | |
/** | |
* Grant identifier | |
* | |
* @var string | |
*/ | |
protected $identifier = 'client_credentials'; | |
/** | |
* Response type | |
* | |
* @var string | |
*/ | |
protected $responseType = null; | |
/** | |
* AuthServer instance | |
* | |
* @var \League\OAuth2\Server\AuthorizationServer | |
*/ | |
protected $server = null; | |
/** | |
* Access token expires in override | |
* | |
* @var int | |
*/ | |
protected $accessTokenTTL = null; | |
/** | |
* Complete the client credentials grant | |
* | |
* @return array | |
* | |
* @throws | |
*/ | |
public function completeFlow() | |
{ | |
// Get the required params | |
$clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser()); | |
if (is_null($clientId)) { | |
throw new Exception\InvalidRequestException('client_id'); | |
} | |
$clientSecret = $this->server->getRequest()->request->get('client_secret', | |
$this->server->getRequest()->getPassword()); | |
if (is_null($clientSecret)) { | |
throw new Exception\InvalidRequestException('client_secret'); | |
} | |
// Validate client ID and client secret | |
$client = $this->server->getClientStorage()->get( | |
$clientId, | |
$clientSecret, | |
null, | |
$this->getIdentifier() | |
); | |
if (($client instanceof ClientEntity) === false) { | |
$this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); | |
throw new Exception\InvalidClientException(); | |
} | |
// Validate any scopes that are in the request | |
$scopeParam = $this->server->getRequest()->request->get('scope', ''); | |
$scopes = $this->validateScopes($scopeParam, $client); | |
// Create a new session | |
$session = new SessionEntity($this->server); | |
$session->setOwner('client', $client->getId()); | |
$session->associateClient($client); | |
// Generate an access token | |
$accessToken = new AccessTokenEntity($this->server); | |
$accessToken->setId(SecureKey::generate()); | |
$accessToken->setExpireTime($this->getAccessTokenTTL() + time()); | |
// Associate scopes with the session and access token | |
foreach ($scopes as $scope) { | |
$session->associateScope($scope); | |
} | |
foreach ($session->getScopes() as $scope) { | |
$accessToken->associateScope($scope); | |
} | |
// Save everything | |
$session->save(); | |
$accessToken->setSession($session); | |
$accessToken->save(); | |
$this->server->getTokenType()->setSession($session); | |
$this->server->getTokenType()->setParam('access_token', $accessToken->getId()); | |
$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL()); | |
return $this->server->getTokenType()->generateResponse(); | |
} | |
} |