Updated refresh token grant

This commit is contained in:
Alex Bilbie 2013-04-30 15:07:44 +01:00
parent c73d45fc07
commit a661634194

View File

@ -102,23 +102,31 @@ class RefreshToken implements GrantTypeInterface {
} }
// Validate refresh token // Validate refresh token
$sessionId = $this->authServer->getStorage('session')->validateRefreshToken( $accessTokenId = $this->authServer->getStorage('session')->validateRefreshToken($authParams['refresh_token']);
$authParams['refresh_token'],
$authParams['client_id']
);
if ($sessionId === false) { if ($accessTokenId === false) {
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_refresh'), 0); throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_refresh'), 0);
} }
// Generate new tokens // Get the existing access token
$accessToken = SecureKey::make(); $accessTokenDetails = $this->authServer->getStorage('session')->getAccessToken($accessTokenId);
$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
// Get the scopes for the existing access token
$scopes = $this->authServer->getStorage('session')->getScopes($accessTokenDetails['access_token']);
// Generate new tokens and associate them to the session
$accessToken = SecureKey::make();
$accessTokenExpires = time() + $this->authServer->getExpiresIn(); $accessTokenExpires = time() + $this->authServer->getExpiresIn();
$accessTokenExpiresIn = $this->authServer->getExpiresIn(); $accessTokenExpiresIn = $this->authServer->getExpiresIn();
$refreshToken = SecureKey::make();
$this->authServer->getStorage('session')->updateRefreshToken($sessionId, $accessToken, $refreshToken, $accessTokenExpires); $newAccessTokenId = $this->authServer->getStorage('session')->associateAccessToken($accessTokenDetails['session_id'], $accessToken, $accessTokenExpires);
foreach ($scopes as $scope) {
$this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scope['id']);
}
$this->authServer->getStorage('session')->associateRefreshToken($newAccessTokenId, $refreshToken);
return array( return array(
'access_token' => $accessToken, 'access_token' => $accessToken,