getClient(); if(is_null($client)) throw new InvalidClientAuthenticationContextException('client not set!'); if($client->getTokenEndpointAuthInfo()->getAuthenticationMethod() !== $context->getAuthType()) throw new InvalidClientCredentials(sprintf('invalid token endpoint auth method %s (%s)', $context->getAuthType(), $client->getTokenEndpointAuthInfo()->getAuthenticationMethod())); if($client->getClientType() !== IClient::ClientType_Confidential) throw new InvalidClientCredentials(sprintf('invalid client type %s', $client->getClientType())); $providedClientId = $context->getId(); $providedClientSecret = $context->getSecret(); Log::debug(sprintf("ClientPlainCredentialsAuthContextValidator::validate client id %s - provide client id %s", $client->getClientId(), $providedClientId)); Log::debug(sprintf("ClientPlainCredentialsAuthContextValidator::validate client secret %s - provide client secret %s", $client->getClientSecret(), $providedClientSecret)); return $client->getClientId() === $providedClientId && $client->getClientSecret() === $providedClientSecret; } }