$this->buildSub($account->id), 'exp' => Carbon::now()->addHour()->toDateTimeImmutable(), 'scope' => $this->prepareScopes([R::ACCOUNTS_WEB_USER]), ]; if ($session === null) { // If we don't remember a session, the token should live longer // so that the session doesn't end while working with the account $payloads['exp'] = Carbon::now()->addDays(7)->toDateTimeImmutable(); } else { $payloads['jti'] = (string)$session->id; } return Yii::$app->tokens->create($payloads); } public function createForOAuthClient(AccessTokenEntityInterface $accessToken): UnencryptedToken { $payloads = [ 'client_id' => $accessToken->getClient()->getIdentifier(), 'scope' => $this->prepareScopes($accessToken->getScopes()), ]; if ($accessToken->getExpiryDateTime() > new DateTime()) { $payloads['exp'] = $accessToken->getExpiryDateTime(); } if ($accessToken->getUserIdentifier() !== null) { $payloads['sub'] = $this->buildSub((int)$accessToken->getUserIdentifier()); } return Yii::$app->tokens->create($payloads); } public function createForMinecraftAccount(Account $account, string $clientToken): UnencryptedToken { return Yii::$app->tokens->create([ 'scope' => $this->prepareScopes([P::OBTAIN_OWN_ACCOUNT_INFO, P::MINECRAFT_SERVER_SESSION]), 'ely-client-token' => new EncryptedValue($clientToken), 'sub' => $this->buildSub($account->id), 'exp' => Carbon::now()->addDays(2)->toDateTimeImmutable(), ]); } /** * @param ScopeEntityInterface[]|string[] $scopes */ private function prepareScopes(array $scopes): string { return implode(' ', array_map(function($scope): string { if ($scope instanceof ScopeEntityInterface) { return $scope->getIdentifier(); } return $scope; }, $scopes)); } private function buildSub(int $accountId): string { return self::SUB_ACCOUNT_PREFIX . $accountId; } }