*/ class AuthorizationCode extends BaseAuthorizationCode { /** * Create access token * * @param AccessTokenInterface $accessToken * @param mixed $client_id - client identifier related to the access token. * @param mixed $user_id - user id associated with the access token * @param string $scope - scopes to be stored in space-separated string. * @return array */ public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope) { $includeRefreshToken = true; if (isset($this->authCode['id_token'])) { // OpenID Connect requests include the refresh token only if the // offline_access scope has been requested and granted. $scopes = explode(' ', trim($scope)); $includeRefreshToken = in_array('offline_access', $scopes); } $token = $accessToken->createAccessToken($client_id, $user_id, $scope, $includeRefreshToken); if (isset($this->authCode['id_token'])) { $token['id_token'] = $this->authCode['id_token']; } $this->storage->expireAuthorizationCode($this->authCode['code']); return $token; } }