--- layout: default title: Authorization server with resource owner password credentials grant permalink: /authorization-server/resource-owner-password-credentials-grant/ --- # Authorization server with resource owner password credentials grant ## Setup Wherever you intialise your objects, initialize a new instance of the authorization server and bind the storage interfaces and authorization code grant: ~~~ php $server = new \League\OAuth2\Server\AuthorizationServer; $server->setSessionStorage(new Storage\SessionStorage); $server->setAccessTokenStorage(new Storage\AccessTokenStorage); $server->setClientStorage(new Storage\ClientStorage); $server->setScopeStorage(new Storage\ScopeStorage); $passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant(); $passwordGrant->setVerifyCredentialsCallback(function ($username, $password) { // implement logic here to validate a username and password, return an ID if valid, otherwise return false }); ~~~ ## Implementation The client will request an access token so create an `/access_token` endpoint. ~~~ php $router->post('/access_token', function (Request $request) use ($server) { try { $response = $server->issueAccessToken(); return new Response( json_encode($response), 200 [ 'Content-type' => 'application/json', 'Cache-Control' => 'no-store', 'Pragma' => 'no-store' ] ); } catch (\Exception $e) { return new Response( json_encode([ 'error' => $e->errorType, 'message' => $e->getMessage() ]), $e->httpStatusCode, $e->getHttpHeaders() ); } }); ~~~