[ 'displayErrorDetails' => true, ], Server::class => function () { // Init our repositories $clientRepository = new ClientRepository(); $accessTokenRepository = new AccessTokenRepository(); $scopeRepository = new ScopeRepository(); $privateKeyPath = 'file://' . __DIR__ . '/../private.key'; $publicKeyPath = 'file://' . __DIR__ . '/../public.key'; // Setup the authorization server return new Server( $clientRepository, $accessTokenRepository, $scopeRepository, $privateKeyPath, $publicKeyPath ); } ]); $app->get('/user', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { $server = $app->getContainer()->get(Server::class); $body = new Stream('php://temp', 'r+'); try { $request = $server->validateRequest($request); } catch (OAuthServerException $exception) { return $exception->generateHttpResponse($response); } catch (\Exception $exception) { $body->write($exception->getMessage()); return $response->withStatus(500)->withBody($body); } $params = []; if (in_array('basic', $request->getAttribute('oauth_scopes', []))) { $params = [ 'id' => 1, 'name' => 'Alex', 'city' => 'London' ]; } if (in_array('email', $request->getAttribute('oauth_scopes', []))) { $params['email'] = 'alex@example.com'; } $body->write(json_encode($params)); return $response->withBody($body); }); $app->run();