refreshLegacy($refreshToken, $pdsEndpoint, $handle) : $this->refreshOAuth($refreshToken, $pdsEndpoint, $dpopKey, $handle); } /** * Refresh OAuth session using /oauth/token endpoint with DPoP. */ protected function refreshOAuth( string $refreshToken, string $pdsEndpoint, DPoPKey $dpopKey, ?string $handle, ): AccessToken { $tokenUrl = $pdsEndpoint.'/oauth/token'; $response = $this->dpopClient->request($pdsEndpoint, $tokenUrl, 'POST', $dpopKey) ->asForm() ->post($tokenUrl, array_merge( $this->clientAssertion->getAuthParams($pdsEndpoint), [ 'grant_type' => 'refresh_token', 'refresh_token' => $refreshToken, ] )); if ($response->failed()) { throw new AuthenticationException('Token refresh failed: '.$response->body()); } return AccessToken::fromResponse($response->json(), $handle, $pdsEndpoint); } /** * Refresh legacy session using /xrpc/com.atproto.server.refreshSession endpoint. */ protected function refreshLegacy( string $refreshToken, string $pdsEndpoint, ?string $handle, ): AccessToken { $response = Http::withHeader('Authorization', 'Bearer '.$refreshToken) ->withBody('', 'application/json') ->post($pdsEndpoint.'/xrpc/com.atproto.server.refreshSession'); if ($response->failed()) { throw new AuthenticationException('Token refresh failed: '.$response->body()); } return AccessToken::fromResponse($response->json(), $handle, $pdsEndpoint); } }