'accounts_web_user', 'sub' => self::buildSub($account->id), ]; if ($session === null) { // If we don't remember a session, the token should live longer // so that the session doesn't end while working with the account $payloads['exp'] = Carbon::now()->addDays(7)->getTimestamp(); } else { $payloads['jti'] = $session->id; } return Yii::$app->tokens->create($payloads); } public static function createForOAuthClient(AccessTokenEntityInterface $accessToken): Token { $payloads = [ 'aud' => self::buildAud($accessToken->getClient()->getIdentifier()), 'ely-scopes' => array_map(static function(ScopeEntityInterface $scope): string { return $scope->getIdentifier(); }, $accessToken->getScopes()), 'exp' => $accessToken->getExpiryDateTime()->getTimestamp(), ]; if ($accessToken->getUserIdentifier() !== null) { $payloads['sub'] = self::buildSub($accessToken->getUserIdentifier()); } return Yii::$app->tokens->create($payloads); } private static function buildSub(int $accountId): string { return self::SUB_ACCOUNT_PREFIX . $accountId; } private static function buildAud(string $clientId): string { return self::AUD_CLIENT_PREFIX . $clientId; } }