Beispiel #1
0
 /**
  * Handle the request.
  *
  * @return  void
  *
  * @since   12.3
  */
 public function execute()
 {
     // Verify that we have an OAuth 2.0 application.
     $this->initialise();
     // Get the credentials for the request.
     $credentials = new MOauth2Credentials($this->request);
     $credentials->load();
     // Getting the client object
     $client = $this->fetchClient($this->request->client_id);
     // Doing authentication using Joomla! users
     if ($credentials->doJoomlaAuthentication($client) == false) {
         $this->respondError(400, 'unauthorized_client', 'The Joomla! credentials are not valid.');
     }
     // Load the JUser class on application for this client
     $this->app->loadIdentity($client->_identity);
     // Ensure the credentials are authorised.
     if ($credentials->getType() === MOauth2Credentials::TOKEN) {
         $this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.');
     }
     // Ensure the credentials are authorised.
     if ($credentials->getType() !== MOauth2Credentials::AUTHORISED) {
         $this->respondError(400, 'invalid_request', 'The token has not been authorised by the resource owner.');
     }
     // Convert the credentials to valid Token credentials for requesting protected resources.
     $credentials->convert();
     // Build the response for the client.
     $response = array('access_token' => $credentials->getAccessToken(), 'expires_in' => 'P60M', 'refresh_token' => $credentials->getRefreshToken());
     // Check if the request is CORS ( Cross-origin resource sharing ) and change the body if true
     $body = $this->prepareBody($response);
     // Set the response code and body.
     $this->response->setHeader('status', '200')->setBody($body)->respond();
 }
Beispiel #2
0
 /**
  * Handle the request.
  *
  * @return  void
  *
  * @since   1.0
  */
 public function execute()
 {
     // Verify that we have an OAuth 2.0 application.
     $this->initialise();
     // Generate temporary credentials for the client.
     $credentials = new MOauth2Credentials($this->request);
     $credentials->load();
     // Getting the client object
     $client = $this->fetchClient($this->request->client_id);
     // Ensure the credentials are authorised.
     if ($credentials->getType() !== MOauth2Credentials::TOKEN) {
         $this->respondError(400, 'invalid_request', 'The token is not for a valid credentials yet.');
     }
     // Load the JUser class on application for this client
     $this->app->loadIdentity($client->_identity);
 }
Beispiel #3
0
 /**
  * Handle the request.
  *
  * @return  void
  *
  * @since   12.3
  */
 public function execute()
 {
     // Verify that we have an rest api application.
     $this->initialise();
     // Generate temporary credentials for the client.
     $credentials = new MOauth2Credentials($this->request);
     $credentials->load();
     // Getting the client object
     $client = $this->fetchClient($this->request->client_id);
     // Doing authentication using Joomla! users
     if ($credentials->doJoomlaAuthentication($client) == false) {
         $this->respondError(400, 'unauthorized_client', 'The Joomla! credentials are not valid.');
     }
     // Load the JUser class on application for this client
     $this->app->loadIdentity($client->_identity);
     // Verify that we have a signed in user.
     if (isset($this->request->code) && $credentials->getTemporaryToken() !== $this->request->code) {
         $this->respondError(400, 'invalid_grant', 'Temporary token is not valid');
     }
     // Ensure the credentials are temporary.
     if ((int) $credentials->getType() !== MOauth2Credentials::TEMPORARY) {
         $this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.');
     }
     // Verify that we have a signed in user.
     if ($this->app->getIdentity()->get('guest')) {
         $this->respondError(400, 'unauthorized_client', 'You must first sign in.');
     }
     // Attempt to authorise the credentials for the current user.
     $credentials->authorise($this->app->getIdentity()->get('id'));
     /*
     if ($credentials->getCallbackUrl() && $credentials->getCallbackUrl() != 'oob')
     {
     	$this->app->redirect($credentials->getCallbackUrl());
     
     	return;
     }
     */
     // Build the response for the client.
     $response = array('oauth_code' => $credentials->getTemporaryToken(), 'oauth_state' => true);
     // Check if the request is CORS ( Cross-origin resource sharing ) and change the body if true
     $body = $this->prepareBody($response);
     // Set the response code and body.
     $this->response->setHeader('status', '200')->setBody($body)->respond();
     exit;
 }