From 4cb4d5ba21426c1d33ea2fc5ddbaa3398684a118 Mon Sep 17 00:00:00 2001
From: ziege <christoph@ziegenberg.com>
Date: Tue, 26 Mar 2013 07:20:26 +0100
Subject: [PATCH] Refresh token removed in Client Credentials Grant

As defined in RFC: http://tools.ietf.org/html/rfc6749#section-4.4.3
---
 src/OAuth2/Grant/ClientCredentials.php | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/src/OAuth2/Grant/ClientCredentials.php b/src/OAuth2/Grant/ClientCredentials.php
index 19103e3e..2becff4f 100644
--- a/src/OAuth2/Grant/ClientCredentials.php
+++ b/src/OAuth2/Grant/ClientCredentials.php
@@ -126,7 +126,6 @@ class ClientCredentials implements GrantTypeInterface {
 
         // Generate an access token
         $accessToken = SecureKey::make();
-        $refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
 
         $accessTokenExpires = time() + $this->authServer->getExpiresIn();
         $accessTokenExpiresIn = $this->authServer->getExpiresIn();
@@ -142,7 +141,7 @@ class ClientCredentials implements GrantTypeInterface {
             $authParams['client_id'],
             null,
             $accessToken,
-            $refreshToken,
+            null,
             $accessTokenExpires,
             'granted'
         );
@@ -160,11 +159,7 @@ class ClientCredentials implements GrantTypeInterface {
             'expires_in'    =>  $accessTokenExpiresIn
         );
 
-        if ($this->authServer->hasGrantType('refresh_token')) {
-            $response['refresh_token'] = $refreshToken;
-        }
-
         return $response;
     }
 
-}
\ No newline at end of file
+}