/**
* Takes an OAuth2 response and converts it to JSON output via Tonis\Http\Response.
*
* @param Response $oauthResponse
* @param ResponseInterface $psrResponse
* @return ResponseInterface
*/
public static function convertResponseToPsr7(Response $oauthResponse, ResponseInterface $psrResponse)
{
$psrResponse = $psrResponse->withStatus($oauthResponse->getStatusCode());
foreach ($oauthResponse->getHttpHeaders() as $header => $value) {
$psrResponse = $psrResponse->withHeader($header, $value);
}
if (!empty($oauthResponse->getParameters())) {
$psrResponse = $psrResponse->withHeader('Content-Type', 'application/json');
$psrResponse->getBody()->write(json_encode($oauthResponse->getParameters()));
}
return $psrResponse;
}
/**
* Copies values from the given Oauth2\Response to a PSR-7 Http Response.
*
* @param OAuth2\Response $oauth2Response The OAuth2 server response.
*
* @return \Psr\Http\Message\ResponseInterface
*/
public static final function fromOauth2(OAuth2\Response $oauth2Response)
{
$headers = [];
foreach ($oauth2Response->getHttpHeaders() as $key => $value) {
$headers[$key] = explode(', ', $value);
}
$stream = fopen('php://temp', 'r+');
if (!empty($oauth2Response->getParameters())) {
fwrite($stream, $oauth2Response->getResponseBody());
rewind($stream);
}
return new Response(new Stream($stream), $oauth2Response->getStatusCode(), $headers);
}
public function testGrantCodeAccessTokenOnNewCode()
{
$request = TestRequest::createPost(array('grant_type' => 'device_code', 'client_id' => 'test_client_id'));
$this->server->handleDeviceRequest($request, $response = new Response());
$this->assertNotNull($response->getParameter('code'));
$deviceCodeResponse = $response;
// Get access token when user_id is null
$request = TestRequest::createPost(array('grant_type' => 'device_token', 'client_id' => 'test_client_id', 'code' => $deviceCodeResponse->getParameter('code')));
$this->server->handleDeviceRequest($request, $response = new Response());
$this->assertEquals($response->getStatusCode(), 400);
$this->assertArrayHasKey('error', $response->getParameters());
$this->assertEquals('authorization_pending', $response->getParameter('error'));
// Update user_id and verify response
$deviceStorage = $this->server->getStorage('device_code');
$code = $deviceStorage->getDeviceCode($deviceCodeResponse->getParameter('code'), 'test_client_id');
$deviceStorage->setDeviceCode($code['device_code'], $code['user_code'], $code['client_id'], 1, $code['expires'], $code['scope']);
$request = TestRequest::createPost(array('grant_type' => 'device_token', 'client_id' => 'test_client_id', 'code' => $deviceCodeResponse->getParameter('code')));
$this->server->handleDeviceRequest($request, $response = new Response());
$this->assertEquals($response->getStatusCode(), 200);
$this->assertArrayHasKey('access_token', $response->getParameters());
//ensure device code was deleted
$code = $deviceStorage->getDeviceCode($deviceCodeResponse->getParameter('code'), 'test_client_id');
$this->assertFalse($code);
}
/**
* Map OAuth2Response to ApiProblemResponse
*
* @param OAuth2Response $response
* @return ApiProblemResponse
*/
protected function getApiProblemResponse(OAuth2Response $response)
{
$parameters = $response->getParameters();
$errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null;
$error = isset($parameters['error']) ? $parameters['error'] : null;
$errorDescription = isset($parameters['error_description']) ? $parameters['error_description'] : null;
return new ApiProblemResponse(new ApiProblem($response->getStatusCode(), $errorDescription, $errorUri, $error));
}
protected function handleResponse(OAuth2Response $response)
{
$redirect = $response->getHttpHeader('Location');
if (!empty($redirect)) {
return $this->redirect()->toUrl($redirect);
}
$parameters = $response->getParameters();
$errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null;
$view = new ViewModel(array('statusCode' => $response->getStatusCode(), 'statusText' => $response->getStatusText(), 'errorDescription' => $parameters['error_description'], 'error' => $parameters['error'], 'errorUri' => $errorUri));
$view->setTemplate('kap-security/oauth-authorize-error');
return $view;
}
private function buildResponse($format, HttpResponse $httpResponse, OAuthResponse $oauthResponse)
{
$httpResponse->setVersion($oauthResponse->version);
$httpResponse->setStatusCode($oauthResponse->getStatusCode());
$headers = $httpResponse->getHeaders();
foreach ($oauthResponse->getHttpHeaders() as $name => $value) {
$headers->addHeaderLine(sprintf('%s: %s', $name, $value));
}
switch ($format) {
case 'json':
$headers->addHeaderLine('Content-Type: application/json');
$httpResponse->setContent(json_encode($oauthResponse->getParameters()));
break;
case 'xml':
$headers->addHeaderLine('Content-Type: text/xml');
$xml = new SimpleXMLElement('<response/>');
foreach ($oauthResponse->getParameters() as $key => $param) {
$xml->addChild($key, $param);
}
$httpResponse->setContent($xml->asXML());
break;
default:
throw new RuntimeException('Invalid format provided: ' . $format);
}
return $httpResponse;
}
