public function getAccessToken(Request $request)
{
$tokenHeaders = $request->headers->get('Authorization', false);
if ($tokenHeaders && preg_match('/Bearer\\s*([^\\s]+)/', $tokenHeaders, $matches)) {
$tokenHeaders = $matches[1];
} else {
$tokenHeaders = false;
}
$tokenRequest = $request->request->get('access_token', false);
$tokenQuery = $request->query->get('access_token', false);
// At least one (and only one) of client credentials method required.
if (!$tokenHeaders && !$tokenRequest && !$tokenQuery) {
throw new InvalidRequestException(['error_description' => 'The request is missing a required parameter.']);
} elseif ($tokenHeaders && $tokenRequest || $tokenRequest && $tokenQuery || $tokenQuery && $tokenHeaders) {
throw new InvalidRequestException(['error_description' => 'The request includes multiple credentials.']);
}
// Check with HTTP basic auth if exists.
$accessToken = $tokenHeaders ?: $tokenRequest ?: $tokenQuery;
// access_token must be in valid format.
$errors = $this->validator->validate($accessToken, [new NotBlank(), new AccessToken()]);
if (count($errors) > 0) {
throw new InvalidRequestException(['error_description' => 'The request includes an invalid parameter value.']);
}
return $accessToken;
}