You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* This method is used using the OAuth Client Credentials Flow for machine-to-machine applications.
216
+
* Therefore the grant type must be Authorization::GRANT_CLIENT_CREDENTIALS. You need to specify the
207
217
* client identifier and client secret and may optionally specify a scope.
208
218
*
209
219
* @param string $serviceName
210
220
* @param string $clientId Client ID
211
221
* @param string $clientSecret Client Secret
212
222
* @param string $scope Scope which may consist of multiple identifiers, separated by comma
213
-
* @param string $grantType One of the Authorization::GRAND_* constants
214
223
* @param array $additionalParameters Additional parameters to provide in the request body while requesting the token. For example ['audience' => 'https://www.example.com/api/v1']
$this->logger->info(sprintf('OAuth (%s): Retrieving access token using %s grant for client "%s" using a %s bytes long secret. (authorization id: %s)', $this->getServiceType(), $grantType, $clientId, strlen($clientSecret), $authorizationId), LogEnvironment::fromMethodName(__METHOD__));
$this->logger->info(sprintf('OAuth (%s): Retrieving access token using client credentials grant for client "%s" using a %s bytes long secret. (authorization id: %s)', $this->getServiceType(), $clientId, strlen($clientSecret), $authorizationId));
$this->logger->info(sprintf('OAuth (%s): Starting authorization %s using client id "%s", a %s bytes long secret and scope "%s".', $this->getServiceType(), $authorization->getAuthorizationId(), $clientId, strlen($clientSecret), $scope), LogEnvironment::fromMethodName(__METHOD__));
$this->logger->info(sprintf('OAuth (%s): Starting authorization %s using client id "%s", a %s bytes long secret and scope "%s".', $this->getServiceType(), $authorization->getAuthorizationId(), $clientId, strlen($clientSecret), $scope));
@@ -317,6 +326,10 @@ public function finishAuthorization(string $stateIdentifier, string $code, strin
317
326
thrownewOAuthClientException(sprintf('OAuth2 (%s): Finishing authorization failed because authorization %s could not be retrieved from the database.', $this->getServiceType(), $authorizationId), 1568710771);
318
327
}
319
328
329
+
if ($authorization->getGrantType() !== Authorization::GRANT_AUTHORIZATION_CODE) {
330
+
thrownewOAuthClientException(sprintf('OAuth2 (%s): Finishing authorization failed because authorization %s does not have the authorization code flow type!', $this->getServiceType(), $authorizationId), 1597312780);
331
+
}
332
+
320
333
$this->logger->debug(sprintf('OAuth (%s): Retrieving an OAuth access token for authorization "%s" in exchange for the code %s', $this->getServiceType(), $authorizationId, str_repeat('*', strlen($code) - 3) . substr($code, -3, 3)));
$this->logger->info(sprintf('OAuth (%s): Persisting OAuth token for authorization "%s" with expiry time %s.', $this->getServiceType(), $authorizationId, $accessToken->getExpires()));
@@ -335,7 +348,7 @@ public function finishAuthorization(string $stateIdentifier, string $code, strin
thrownewOAuthClientException(sprintf('OAuth2: Could not refresh OAuth token because authorization %s was not found in our database.', $authorization), 1505317044316);
$this->logger->info(sprintf('OAuth (%s): Refreshing authorization %s for client "%s" using a %s bytes long secret and refresh token "%s".', $this->getServiceType(), $authorizationId, $clientId, strlen($authorization->getClientSecret()), $authorization->refreshToken));
362
377
@@ -377,6 +392,8 @@ public function refreshAuthorization(string $authorizationId, string $clientId,
377
392
}
378
393
379
394
/**
395
+
* Returns the specified Authorization record, if it exists
396
+
*
380
397
* @param string $authorizationId
381
398
* @return Authorization|null
382
399
*/
@@ -465,23 +482,6 @@ public function renderFinishAuthorizationUri(): string
0 commit comments