thephpleague · Richard87 · Apr 10, 2020
diff --git a/examples/src/Repositories/AccessTokenRepository.php b/examples/src/Repositories/AccessTokenRepository.php
@@ -43,7 +43,7 @@ public function isAccessTokenRevoked($tokenId)
     /**
      * {@inheritdoc}
      */
-    public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null)
+    public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null, $authorizedAuthCodeIdentifier = null, $authorizedAccessTokenIdentifier = null)
     {
         $accessToken = new AccessTokenEntity();
         $accessToken->setClient($clientEntity);

diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php
@@ -418,6 +418,8 @@ protected function getServerParameter($parameter, ServerRequestInterface $reques
      * @param ClientEntityInterface  $client
      * @param string|null            $userIdentifier
      * @param ScopeEntityInterface[] $scopes
+     * @param string|null            $authorizedAuthCodeIdentifier
+     * @param string|null            $authorizedAccessTokenIdentifier
      *
      * @throws OAuthServerException
      * @throws UniqueTokenIdentifierConstraintViolationException
@@ -428,11 +430,13 @@ protected function issueAccessToken(
         DateInterval $accessTokenTTL,
         ClientEntityInterface $client,
         $userIdentifier,
-        array $scopes = []
+        array $scopes = [],
+        $authorizedAuthCodeIdentifier = null,
+        $authorizedAccessTokenIdentifier = null
     ) {
         $maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
 
-        $accessToken = $this->accessTokenRepository->getNewToken($client, $scopes, $userIdentifier);
+        $accessToken = $this->accessTokenRepository->getNewToken($client, $scopes, $userIdentifier, $authorizedAuthCodeIdentifier, $authorizedAccessTokenIdentifier);
         $accessToken->setExpiryDateTime((new DateTimeImmutable())->add($accessTokenTTL));
         $accessToken->setPrivateKey($this->privateKey);
 

diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
@@ -161,7 +161,7 @@ public function respondToAccessTokenRequest(
         }
 
         // Issue and persist new access token
-        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $authCodePayload->user_id, $scopes);
+        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $authCodePayload->user_id, $scopes, $authCodePayload->auth_code_id);
         $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
         $responseType->setAccessToken($accessToken);
 

diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php
@@ -66,7 +66,14 @@ public function respondToAccessTokenRequest(
         $this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
 
         // Issue and persist new access token
-        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
+        $accessToken = $this->issueAccessToken(
+            $accessTokenTTL,
+            $client,
+            $oldRefreshToken['user_id'],
+            $scopes,
+            null,
+            $oldRefreshToken['access_token_id']
+        );
         $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
         $responseType->setAccessToken($accessToken);
 

diff --git a/src/Repositories/AccessTokenRepositoryInterface.php b/src/Repositories/AccessTokenRepositoryInterface.php
@@ -24,11 +24,13 @@ interface AccessTokenRepositoryInterface extends RepositoryInterface
      *
      * @param ClientEntityInterface  $clientEntity
      * @param ScopeEntityInterface[] $scopes
-     * @param mixed                  $userIdentifier
+     * @param string|null            $userIdentifier
+     * @param string|null            $authorizedAuthCodeIdentifier
+     * @param string|null            $authorizedAccessTokenIdentifier
      *
      * @return AccessTokenEntityInterface
      */
-    public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null);
+    public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null, $authorizedAuthCodeIdentifier = null, $authorizedAccessTokenIdentifier = null);
 
     /**
      * Persists a new access token to permanent storage.