aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-12-21 13:36:33 -0800
committerzotlabs <mike@macgirvin.com>2017-12-21 13:36:33 -0800
commite7143a265ac97b31a8e0ada85b876ba76c911a3d (patch)
treedfa42a02359701960f525d10a22e1ebca5b82873 /vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller
parent684b572aa8005479f3eb219fc526c812c801ca76 (diff)
parent9c72963d7ce3c60709755edb5d40cb0b06b29cda (diff)
downloadvolse-hubzilla-e7143a265ac97b31a8e0ada85b876ba76c911a3d.tar.gz
volse-hubzilla-e7143a265ac97b31a8e0ada85b876ba76c911a3d.tar.bz2
volse-hubzilla-e7143a265ac97b31a8e0ada85b876ba76c911a3d.zip
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller')
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php139
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeControllerInterface.php37
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceController.php49
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceControllerInterface.php29
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php74
-rw-r--r--vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenControllerInterface.php27
6 files changed, 281 insertions, 74 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php
index ea7f54a87..4bafb1d24 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php
@@ -7,37 +7,76 @@ use OAuth2\ScopeInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
use OAuth2\Scope;
+use InvalidArgumentException;
/**
- * @see OAuth2\Controller\AuthorizeControllerInterface
+ * @see AuthorizeControllerInterface
*/
class AuthorizeController implements AuthorizeControllerInterface
{
+ /**
+ * @var string
+ */
private $scope;
+
+ /**
+ * @var int
+ */
private $state;
+
+ /**
+ * @var mixed
+ */
private $client_id;
+
+ /**
+ * @var string
+ */
private $redirect_uri;
+
+ /**
+ * The response type
+ *
+ * @var string
+ */
private $response_type;
+ /**
+ * @var ClientInterface
+ */
protected $clientStorage;
+
+ /**
+ * @var array
+ */
protected $responseTypes;
+
+ /**
+ * @var array
+ */
protected $config;
+
+ /**
+ * @var ScopeInterface
+ */
protected $scopeUtil;
/**
- * @param OAuth2\Storage\ClientInterface $clientStorage REQUIRED Instance of OAuth2\Storage\ClientInterface to retrieve client information
- * @param array $responseTypes OPTIONAL Array of OAuth2\ResponseType\ResponseTypeInterface objects. Valid array
- * keys are "code" and "token"
- * @param array $config OPTIONAL Configuration options for the server
- * <code>
- * $config = array(
- * 'allow_implicit' => false, // if the controller should allow the "implicit" grant type
- * 'enforce_state' => true // if the controller should require the "state" parameter
- * 'require_exact_redirect_uri' => true, // if the controller should require an exact match on the "redirect_uri" parameter
- * 'redirect_status_code' => 302, // HTTP status code to use for redirect responses
- * );
- * </code>
- * @param OAuth2\ScopeInterface $scopeUtil OPTIONAL Instance of OAuth2\ScopeInterface to validate the requested scope
+ * Constructor
+ *
+ * @param ClientInterface $clientStorage REQUIRED Instance of OAuth2\Storage\ClientInterface to retrieve client information
+ * @param array $responseTypes OPTIONAL Array of OAuth2\ResponseType\ResponseTypeInterface objects. Valid array
+ * keys are "code" and "token"
+ * @param array $config OPTIONAL Configuration options for the server:
+ * @param ScopeInterface $scopeUtil OPTIONAL Instance of OAuth2\ScopeInterface to validate the requested scope
+ * @code
+ * $config = array(
+ * 'allow_implicit' => false, // if the controller should allow the "implicit" grant type
+ * 'enforce_state' => true // if the controller should require the "state" parameter
+ * 'require_exact_redirect_uri' => true, // if the controller should require an exact match on the "redirect_uri" parameter
+ * 'redirect_status_code' => 302, // HTTP status code to use for redirect responses
+ * );
+ * @endcode
*/
public function __construct(ClientInterface $clientStorage, array $responseTypes = array(), array $config = array(), ScopeInterface $scopeUtil = null)
{
@@ -56,10 +95,20 @@ class AuthorizeController implements AuthorizeControllerInterface
$this->scopeUtil = $scopeUtil;
}
+ /**
+ * Handle the authorization request
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @param boolean $is_authorized
+ * @param mixed $user_id
+ * @return mixed|void
+ * @throws InvalidArgumentException
+ */
public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null)
{
if (!is_bool($is_authorized)) {
- throw new \InvalidArgumentException('Argument "is_authorized" must be a boolean. This method must know if the user has granted access to the client.');
+ throw new InvalidArgumentException('Argument "is_authorized" must be a boolean. This method must know if the user has granted access to the client.');
}
// We repeat this, because we need to re-validate. The request could be POSTed
@@ -101,6 +150,14 @@ class AuthorizeController implements AuthorizeControllerInterface
$response->setRedirect($this->config['redirect_status_code'], $uri);
}
+ /**
+ * Set not authorized response
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @param string $redirect_uri
+ * @param mixed $user_id
+ */
protected function setNotAuthorizedResponse(RequestInterface $request, ResponseInterface $response, $redirect_uri, $user_id = null)
{
$error = 'access_denied';
@@ -108,9 +165,16 @@ class AuthorizeController implements AuthorizeControllerInterface
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $this->state, $error, $error_message);
}
- /*
+ /**
* We have made this protected so this class can be extended to add/modify
* these parameters
+ *
+ * @TODO: add dependency injection for the parameters in this method
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @param mixed $user_id
+ * @return array
*/
protected function buildAuthorizeParameters($request, $response, $user_id)
{
@@ -127,6 +191,8 @@ class AuthorizeController implements AuthorizeControllerInterface
}
/**
+ * Validate the OAuth request
+ *
* @param RequestInterface $request
* @param ResponseInterface $response
* @return bool
@@ -186,7 +252,7 @@ class AuthorizeController implements AuthorizeControllerInterface
$redirect_uri = $registered_redirect_uri;
}
- // Select the redirect URI
+ // Select the response type
$response_type = $request->query('response_type', $request->request('response_type'));
// for multiple-valued response types - make them alphabetical
@@ -281,10 +347,10 @@ class AuthorizeController implements AuthorizeControllerInterface
/**
* Build the absolute URI based on supplied URI and parameters.
*
- * @param $uri An absolute URI.
- * @param $params Parameters to be append as GET.
+ * @param string $uri An absolute URI.
+ * @param array $params Parameters to be append as GET.
*
- * @return
+ * @return string
* An absolute URI with supplied parameters.
*
* @ingroup oauth2_section_4
@@ -302,9 +368,9 @@ class AuthorizeController implements AuthorizeControllerInterface
}
}
- // Put humpty dumpty back together
+ // Put the uri back together
return
- ((isset($parse_url["scheme"])) ? $parse_url["scheme"] . "://" : "")
+ ((isset($parse_url["scheme"])) ? $parse_url["scheme"] . "://" : "")
. ((isset($parse_url["user"])) ? $parse_url["user"]
. ((isset($parse_url["pass"])) ? ":" . $parse_url["pass"] : "") . "@" : "")
. ((isset($parse_url["host"])) ? $parse_url["host"] : "")
@@ -326,10 +392,10 @@ class AuthorizeController implements AuthorizeControllerInterface
/**
* Internal method for validating redirect URI supplied
*
- * @param string $inputUri The submitted URI to be validated
+ * @param string $inputUri The submitted URI to be validated
* @param string $registeredUriString The allowed URI(s) to validate against. Can be a space-delimited string of URIs to
* allow for multiple URIs
- *
+ * @return bool
* @see http://tools.ietf.org/html/rfc6749#section-3.1.2
*/
protected function validateRedirectUri($inputUri, $registeredUriString)
@@ -363,29 +429,50 @@ class AuthorizeController implements AuthorizeControllerInterface
}
/**
- * Convenience methods to access the parameters derived from the validated request
+ * Convenience method to access the scope
+ *
+ * @return string
*/
-
public function getScope()
{
return $this->scope;
}
+ /**
+ * Convenience method to access the state
+ *
+ * @return int
+ */
public function getState()
{
return $this->state;
}
+ /**
+ * Convenience method to access the client id
+ *
+ * @return mixed
+ */
public function getClientId()
{
return $this->client_id;
}
+ /**
+ * Convenience method to access the redirect url
+ *
+ * @return string
+ */
public function getRedirectUri()
{
return $this->redirect_uri;
}
+ /**
+ * Convenience method to access the response type
+ *
+ * @return string
+ */
public function getResponseType()
{
return $this->response_type;
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeControllerInterface.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeControllerInterface.php
index fa07ae8d2..f758f976a 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeControllerInterface.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/AuthorizeControllerInterface.php
@@ -11,17 +11,18 @@ use OAuth2\ResponseInterface;
* authorization directly, this controller ensures the request is valid, but
* requires the application to determine the value of $is_authorized
*
- * ex:
- * > $user_id = $this->somehowDetermineUserId();
- * > $is_authorized = $this->somehowDetermineUserAuthorization();
- * > $response = new OAuth2\Response();
- * > $authorizeController->handleAuthorizeRequest(
- * > OAuth2\Request::createFromGlobals(),
- * > $response,
- * > $is_authorized,
- * > $user_id);
- * > $response->send();
- *
+ * @code
+ * $user_id = $this->somehowDetermineUserId();
+ * $is_authorized = $this->somehowDetermineUserAuthorization();
+ * $response = new OAuth2\Response();
+ * $authorizeController->handleAuthorizeRequest(
+ * OAuth2\Request::createFromGlobals(),
+ * $response,
+ * $is_authorized,
+ * $user_id
+ * );
+ * $response->send();
+ * @endcode
*/
interface AuthorizeControllerInterface
{
@@ -37,7 +38,21 @@ interface AuthorizeControllerInterface
const RESPONSE_TYPE_AUTHORIZATION_CODE = 'code';
const RESPONSE_TYPE_ACCESS_TOKEN = 'token';
+ /**
+ * Handle the OAuth request
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @param $is_authorized
+ * @param null $user_id
+ * @return mixed
+ */
public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null);
+ /**
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @return bool
+ */
public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response);
}
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceController.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceController.php
index 3cfaaaf12..926f90fda 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceController.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceController.php
@@ -10,17 +10,43 @@ use OAuth2\ResponseInterface;
use OAuth2\Scope;
/**
- * @see OAuth2\Controller\ResourceControllerInterface
+ * @see ResourceControllerInterface
*/
class ResourceController implements ResourceControllerInterface
{
+ /**
+ * @var array
+ */
private $token;
+ /**
+ * @var TokenTypeInterface
+ */
protected $tokenType;
+
+ /**
+ * @var AccessTokenInterface
+ */
protected $tokenStorage;
+
+ /**
+ * @var array
+ */
protected $config;
+
+ /**
+ * @var ScopeInterface
+ */
protected $scopeUtil;
+ /**
+ * Constructor
+ *
+ * @param TokenTypeInterface $tokenType
+ * @param AccessTokenInterface $tokenStorage
+ * @param array $config
+ * @param ScopeInterface $scopeUtil
+ */
public function __construct(TokenTypeInterface $tokenType, AccessTokenInterface $tokenStorage, $config = array(), ScopeInterface $scopeUtil = null)
{
$this->tokenType = $tokenType;
@@ -36,6 +62,14 @@ class ResourceController implements ResourceControllerInterface
$this->scopeUtil = $scopeUtil;
}
+ /**
+ * Verify the resource request
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @param null $scope
+ * @return bool
+ */
public function verifyResourceRequest(RequestInterface $request, ResponseInterface $response, $scope = null)
{
$token = $this->getAccessTokenData($request, $response);
@@ -71,6 +105,13 @@ class ResourceController implements ResourceControllerInterface
return (bool) $token;
}
+ /**
+ * Get access token data.
+ *
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ * @return array|null
+ */
public function getAccessTokenData(RequestInterface $request, ResponseInterface $response)
{
// Get the token parameter
@@ -103,7 +144,11 @@ class ResourceController implements ResourceControllerInterface
return null;
}
- // convenience method to allow retrieval of the token
+ /**
+ * convenience method to allow retrieval of the token.
+ *
+ * @return array
+ */
public function getToken()
{
return $this->token;
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceControllerInterface.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceControllerInterface.php
index 611421935..0e847ca61 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceControllerInterface.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/ResourceControllerInterface.php
@@ -10,17 +10,32 @@ use OAuth2\ResponseInterface;
* call verifyResourceRequest in order to determine if the request
* contains a valid token.
*
- * ex:
- * > if (!$resourceController->verifyResourceRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response())) {
- * > $response->send(); // authorization failed
- * > die();
- * > }
- * > return json_encode($resource); // valid token! Send the stuff!
- *
+ * @code
+ * if (!$resourceController->verifyResourceRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response())) {
+ * $response->send(); // authorization failed
+ * die();
+ * }
+ * return json_encode($resource); // valid token! Send the stuff!
+ * @endcode
*/
interface ResourceControllerInterface
{
+ /**
+ * Verify the resource request
+ *
+ * @param RequestInterface $request - Request object
+ * @param ResponseInterface $response - Response object
+ * @param string $scope
+ * @return mixed
+ */
public function verifyResourceRequest(RequestInterface $request, ResponseInterface $response, $scope = null);
+ /**
+ * Get access token data.
+ *
+ * @param RequestInterface $request - Request object
+ * @param ResponseInterface $response - Response object
+ * @return mixed
+ */
public function getAccessTokenData(RequestInterface $request, ResponseInterface $response);
}
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
index 5d2d731fe..7fdaf85a6 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenController.php
@@ -10,9 +10,12 @@ use OAuth2\Scope;
use OAuth2\Storage\ClientInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
+use InvalidArgumentException;
+use LogicException;
+use RuntimeException;
/**
- * @see \OAuth2\Controller\TokenControllerInterface
+ * @see TokenControllerInterface
*/
class TokenController implements TokenControllerInterface
{
@@ -22,7 +25,7 @@ class TokenController implements TokenControllerInterface
protected $accessToken;
/**
- * @var array
+ * @var array<GrantTypeInterface>
*/
protected $grantTypes;
@@ -32,7 +35,7 @@ class TokenController implements TokenControllerInterface
protected $clientAssertionType;
/**
- * @var Scope|ScopeInterface
+ * @var ScopeInterface
*/
protected $scopeUtil;
@@ -41,12 +44,22 @@ class TokenController implements TokenControllerInterface
*/
protected $clientStorage;
+ /**
+ * Constructor
+ *
+ * @param AccessTokenInterface $accessToken
+ * @param ClientInterface $clientStorage
+ * @param array $grantTypes
+ * @param ClientAssertionTypeInterface $clientAssertionType
+ * @param ScopeInterface $scopeUtil
+ * @throws InvalidArgumentException
+ */
public function __construct(AccessTokenInterface $accessToken, ClientInterface $clientStorage, array $grantTypes = array(), ClientAssertionTypeInterface $clientAssertionType = null, ScopeInterface $scopeUtil = null)
{
if (is_null($clientAssertionType)) {
foreach ($grantTypes as $grantType) {
if (!$grantType instanceof ClientAssertionTypeInterface) {
- throw new \InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
+ throw new InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
}
}
}
@@ -63,6 +76,12 @@ class TokenController implements TokenControllerInterface
$this->scopeUtil = $scopeUtil;
}
+ /**
+ * Handle the token request.
+ *
+ * @param RequestInterface $request - Request object to grant access token
+ * @param ResponseInterface $response - Response object
+ */
public function handleTokenRequest(RequestInterface $request, ResponseInterface $response)
{
if ($token = $this->grantAccessToken($request, $response)) {
@@ -83,8 +102,10 @@ class TokenController implements TokenControllerInterface
* This would be called from the "/token" endpoint as defined in the spec.
* You can call your endpoint whatever you want.
*
- * @param RequestInterface $request Request object to grant access token
- * @param ResponseInterface $response
+ * @param RequestInterface $request - Request object to grant access token
+ * @param ResponseInterface $response - Response object
+ *
+ * @return bool|null|array
*
* @throws \InvalidArgumentException
* @throws \LogicException
@@ -97,9 +118,15 @@ class TokenController implements TokenControllerInterface
*/
public function grantAccessToken(RequestInterface $request, ResponseInterface $response)
{
- if (strtolower($request->server('REQUEST_METHOD')) != 'post') {
+ if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
+
+ return null;
+ }
+
+ if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
$response->setError(405, 'invalid_request', 'The request method must be POST when requesting an access token', '#section-3.2');
- $response->addHttpHeaders(array('Allow' => 'POST'));
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
return null;
}
@@ -121,6 +148,7 @@ class TokenController implements TokenControllerInterface
return null;
}
+ /** @var GrantTypeInterface $grantType */
$grantType = $this->grantTypes[$grantTypeIdentifier];
/**
@@ -128,8 +156,8 @@ class TokenController implements TokenControllerInterface
* ClientAssertionTypes allow for grant types which also assert the client data
* in which case ClientAssertion is handled in the validateRequest method
*
- * @see OAuth2\GrantType\JWTBearer
- * @see OAuth2\GrantType\ClientCredentials
+ * @see \OAuth2\GrantType\JWTBearer
+ * @see \OAuth2\GrantType\ClientCredentials
*/
if (!$grantType instanceof ClientAssertionTypeInterface) {
if (!$this->clientAssertionType->validateRequest($request, $response)) {
@@ -178,7 +206,6 @@ class TokenController implements TokenControllerInterface
*
* @see http://tools.ietf.org/html/rfc6749#section-3.3
*/
-
$requestedScope = $this->scopeUtil->getScopeFromRequest($request);
$availableScope = $grantType->getScope();
@@ -225,20 +252,24 @@ class TokenController implements TokenControllerInterface
}
/**
- * addGrantType
+ * Add grant type
*
- * @param GrantTypeInterface $grantType the grant type to add for the specified identifier
- * @param string $identifier a string passed in as "grant_type" in the response that will call this grantType
+ * @param GrantTypeInterface $grantType - the grant type to add for the specified identifier
+ * @param string|null $identifier - a string passed in as "grant_type" in the response that will call this grantType
*/
public function addGrantType(GrantTypeInterface $grantType, $identifier = null)
{
if (is_null($identifier) || is_numeric($identifier)) {
- $identifier = $grantType->getQuerystringIdentifier();
+ $identifier = $grantType->getQueryStringIdentifier();
}
$this->grantTypes[$identifier] = $grantType;
}
+ /**
+ * @param RequestInterface $request
+ * @param ResponseInterface $response
+ */
public function handleRevokeRequest(RequestInterface $request, ResponseInterface $response)
{
if ($this->revokeToken($request, $response)) {
@@ -257,13 +288,20 @@ class TokenController implements TokenControllerInterface
*
* @param RequestInterface $request
* @param ResponseInterface $response
+ * @throws RuntimeException
* @return bool|null
*/
public function revokeToken(RequestInterface $request, ResponseInterface $response)
{
- if (strtolower($request->server('REQUEST_METHOD')) != 'post') {
+ if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
+
+ return null;
+ }
+
+ if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
$response->setError(405, 'invalid_request', 'The request method must be POST when revoking an access token', '#section-3.2');
- $response->addHttpHeaders(array('Allow' => 'POST'));
+ $response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
return null;
}
@@ -285,7 +323,7 @@ class TokenController implements TokenControllerInterface
// @todo remove this check for v2.0
if (!method_exists($this->accessToken, 'revokeToken')) {
$class = get_class($this->accessToken);
- throw new \RuntimeException("AccessToken {$class} does not implement required revokeToken method");
+ throw new RuntimeException("AccessToken {$class} does not implement required revokeToken method");
}
$this->accessToken->revokeToken($token, $token_type_hint);
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenControllerInterface.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenControllerInterface.php
index 72d72570f..2f83ce4bd 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenControllerInterface.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/Controller/TokenControllerInterface.php
@@ -10,23 +10,30 @@ use OAuth2\ResponseInterface;
* it is called to handle all grant types the application supports.
* It also validates the client's credentials
*
- * ex:
- * > $tokenController->handleTokenRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response());
- * > $response->send();
- *
+ * @code
+ * $tokenController->handleTokenRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response());
+ * $response->send();
+ * @endcode
*/
interface TokenControllerInterface
{
/**
- * handleTokenRequest
- *
- * @param $request
- * OAuth2\RequestInterface - The current http request
- * @param $response
- * OAuth2\ResponseInterface - An instance of OAuth2\ResponseInterface to contain the response data
+ * Handle the token request
*
+ * @param RequestInterface $request - The current http request
+ * @param ResponseInterface $response - An instance of OAuth2\ResponseInterface to contain the response data
*/
public function handleTokenRequest(RequestInterface $request, ResponseInterface $response);
+ /**
+ * Grant or deny a requested access token.
+ * This would be called from the "/token" endpoint as defined in the spec.
+ * You can call your endpoint whatever you want.
+ *
+ * @param RequestInterface $request - Request object to grant access token
+ * @param ResponseInterface $response - Response object
+ *
+ * @return mixed
+ */
public function grantAccessToken(RequestInterface $request, ResponseInterface $response);
}