From 782ac04ed8fa6c4c3f3659858d115692eae8366c Mon Sep 17 00:00:00 2001 From: Oleg Zhulnev Date: Wed, 20 Sep 2023 22:04:20 +0300 Subject: [PATCH] Add optional `scope` parameter to ClientCredentialsGrantType --- src/GrantType/ClientCredentialsGrantType.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/GrantType/ClientCredentialsGrantType.php b/src/GrantType/ClientCredentialsGrantType.php index 4a7bfab..6be9adb 100644 --- a/src/GrantType/ClientCredentialsGrantType.php +++ b/src/GrantType/ClientCredentialsGrantType.php @@ -22,22 +22,27 @@ class ClientCredentialsGrantType implements GrantTypeInterface private string $clientSecret; + private string $scope; + /** * @param HttpClientInterface $client A HTTP client to be used to communicate with the OAuth server. * @param string $tokenUrl The full URL of the token endpoint of the OAuth server. * @param string $clientId The OAuth client ID. * @param string $clientSecret The OAuth client secret. + * @param string $scope The scope of the access request. */ public function __construct( HttpClientInterface $client, string $tokenUrl, string $clientId, string $clientSecret, + string $scope = '', ) { $this->client = $client; $this->tokenUrl = $tokenUrl; $this->clientId = $clientId; $this->clientSecret = $clientSecret; + $this->scope = $scope; } /** @@ -47,9 +52,15 @@ public function __construct( */ public function getTokens(): Tokens { + $data = ['grant_type' => 'client_credentials']; + + if ($this->scope !== '') { + $data['scope'] = $this->scope; + } + $response = $this->client->request('POST', $this->tokenUrl, [ 'headers' => ['Authorization' => sprintf('Basic %s', base64_encode("{$this->clientId}:{$this->clientSecret}"))], - 'body' => http_build_query(['grant_type' => 'client_credentials']), + 'body' => http_build_query($data), ]); return $this->extractTokens($response);