Extract creation and storage of the access token into its own method.

[stephenharris]

This PR moves the part of the code responsible for instantiating a new access key and storing to a public static function.

This allows third-parties to create access tokens without duplicating the code, and acts as a counterpart to WP_REST_OAuth1::revoke_access_token().

Why? I've developed an add-on for the OAuth1 plug-in which allows you to create a single access token. A single access token is a 'manually' created access token tied to a user account. It's primary purpose is single-user applications, where effectively the end-user and consumer are the one and the same. In such instances, implementing the entire OAuth token acquisition dance unnecessarily complicates matters. It serves the same purpose as 'application passwords', but provides the security that application passwords lack (at least over non-HTTPS connections).

Introducing the WP_REST_OAuth1::create_access_token() function gives that add-on something to use rather than duplicating code.

[kosso]

Useful. But this seems like something more suited to a plugin, if at all possible.

[stephenharris]

Its is. The PR was to abstract some code regarding token storage from the business logic of the REST API key-exchange endpoints to make it useful for said plugin.

[rmccue]

Single-use sounds great; I've wanted to do something similar, but never had the time. Got a link to your plugin?

PR looks good, but indentation is off in a couple of spots here.

[rmccue]

Indentation is off in a couple of places here.

[stephenharris]

Will update my PR later.

I've added the plug-in as gist here: https://gist.github.com/stephenharris/8584b6d6e0c0e996c125a34b01a962a7