Все реализации Grant'ов для oAuth перенесены в проект. Форк league/oauth2-client больше не используется

api/components/OAuth2/Grants/ClientCredentialsGrant.php

@@ -1,21 +1,72 @@
 <?php
 namespace api\components\OAuth2\Grants;
 
-use api\components\OAuth2\Entities;
-use League\OAuth2\Server\Entity\ClientEntity;
+use api\components\OAuth2\Entities\AccessTokenEntity;
+use api\components\OAuth2\Entities\SessionEntity;
+use League\OAuth2\Server\Entity\ClientEntity as BaseClientEntity;
+use League\OAuth2\Server\Event;
+use League\OAuth2\Server\Exception;
+use League\OAuth2\Server\Grant\AbstractGrant;
+use League\OAuth2\Server\Util\SecureKey;
 
-class ClientCredentialsGrant extends \League\OAuth2\Server\Grant\ClientCredentialsGrant {
+class ClientCredentialsGrant extends AbstractGrant {
 
-    protected function createAccessTokenEntity() {
-        return new Entities\AccessTokenEntity($this->server);
-    }
+    protected $identifier = 'client_credentials';
 
-    protected function createRefreshTokenEntity() {
-        return new Entities\RefreshTokenEntity($this->server);
-    }
+    /**
+     * @return array
+     * @throws \League\OAuth2\Server\Exception\OAuthException
+     */
+    public function completeFlow(): array {
+        // Get the required params
+        $clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser());
+        if ($clientId === null) {
+            throw new Exception\InvalidRequestException('client_id');
+        }
 
-    protected function createSessionEntity() {
-        return new Entities\SessionEntity($this->server);
+        $clientSecret = $this->server->getRequest()->request->get('client_secret',
+            $this->server->getRequest()->getPassword());
+        if ($clientSecret === null) {
+            throw new Exception\InvalidRequestException('client_secret');
+        }
+
+        // Validate client ID and client secret
+        $client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier());
+        if (!$client instanceof BaseClientEntity) {
+            $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest()));
+            throw new Exception\InvalidClientException();
+        }
+
+        // Validate any scopes that are in the request
+        $scopeParam = $this->server->getRequest()->request->get('scope', '');
+        $scopes = $this->validateScopes($scopeParam, $client);
+
+        // Create a new session
+        $session = new SessionEntity($this->server);
+        $session->setOwner('client', $client->getId());
+        $session->associateClient($client);
+
+        // Generate an access token
+        $accessToken = new AccessTokenEntity($this->server);
+        $accessToken->setId(SecureKey::generate());
+        $accessToken->setExpireTime($this->getAccessTokenTTL() + time());
+
+        // Associate scopes with the session and access token
+        foreach ($scopes as $scope) {
+            $session->associateScope($scope);
+            $accessToken->associateScope($scope);
+        }
+
+        // Save everything
+        $session->save();
+        $accessToken->setSession($session);
+        $accessToken->save();
+
+        $this->server->getTokenType()->setSession($session);
+        $this->server->getTokenType()->setParam('access_token', $accessToken->getId());
+        $this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
+
+        return $this->server->getTokenType()->generateResponse();
     }
 
     /**