settings = $settings; } public function handle(ServerRequestInterface $request): ResponseInterface { $actor = RequestUtil::getActor($request); $actor->assertRegistered(); $params = $request->getParsedBody(); $oauth = new OAuth($this->settings); $server = $oauth->server(); $request = $oauth->request()::createFromGlobals(); $response = $oauth->response(); if (!$server->validateAuthorizeRequest($request, $response)) { $response->getResponseBody(); return new JsonResponse(json_decode($response->getResponseBody(), true)); } $is_authorized = (Arr::get($params, 'authorized', 'no') === 'yes'); $server->handleAuthorizeRequest($request, $response, $is_authorized, $actor->id); if ($is_authorized) { // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client /* $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40); exit("SUCCESS! Authorization Code: $code");*/ } $response->getResponseBody(); return new JsonResponse(json_decode($response->getResponseBody(), true)); } }