Add scopes to client credential grant (see also BenjaminFavre#12)

Author: hfig

src/GrantType/ClientCredentialsGrantType.php

@@ -16,30 +16,21 @@ class ClientCredentialsGrantType implements GrantTypeInterface
 {
     use TokensExtractor;
 
-    private HttpClientInterface $client;
-
-    private string $tokenUrl;
-
-    private string $clientId;
-
-    private string $clientSecret;
-
     /**
      * @param HttpClientInterface $client A HTTP client to be used to communicate with the OAuth server.
      * @param string $tokenUrl The full URL of the token endpoint of the OAuth server.
      * @param string $clientId The OAuth client ID.
      * @param string $clientSecret The OAuth client secret.
+     * @param string $scope The OAuth scope for the access request.
      */
     public function __construct(
-        HttpClientInterface $client,
-        string $tokenUrl,
-        string $clientId,
-        string $clientSecret,
+        private HttpClientInterface $client,
+        private string $tokenUrl,
+        private string $clientId,
+        private string $clientSecret,
+        private string $scope = '',
     ) {
-        $this->client = $client;
-        $this->tokenUrl = $tokenUrl;
-        $this->clientId = $clientId;
-        $this->clientSecret = $clientSecret;
+  
     }
 
     /**
@@ -50,9 +41,17 @@ public function __construct(
     #[\Override]
     public function getTokens(): Tokens
     {
+        $body = [
+            'grant_type' => 'client_credentials'
+        ];
+
+        if ($this->scope !== '') {
+            $body['scope'] = $this->scope;
+        }
+
         $response = $this->client->request('POST', $this->tokenUrl, [
             'headers' => ['Authorization' => sprintf('Basic %s', base64_encode("{$this->clientId}:{$this->clientSecret}"))],
-            'body' => http_build_query(['grant_type' => 'client_credentials']),
+            'body' => http_build_query($body),
         ]);
 
         return $this->extractTokens($response);