/**
* **********************************************
* If we have a code back from the OAuth 2.0 flow,
* we need to exchange that for an access token.
* We store the resultant access token
* bundle in the session, and redirect to ourself.
* **********************************************
*/
public function processAuthorizationGrantCode($transactionId)
{
if (isset($_GET['code'])) {
$code = $_GET['code'];
$this->getLogger()->debug('Found authorization code in request header');
$postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'grant_type' => 'authorization_code', 'redirect_uri' => $this->getCallbackUri(), 'code' => $code);
$response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals);
$this->processResponse($response);
$this->getAuthorizationToken()->setVendorName(self::VENDOR_NAME);
return true;
} else {
$this->getLogger()->debug('Expected code in the request header but found none - user probably denied request');
return false;
}
}
/**
* After receiving the authorization code, your application can exchange the code
* (along with a client ID and client secret) for an access token and, in some cases,
* a refresh token.
*
* This code is identical for Google and Hotmail
*
* @see PostmanAuthenticationManager::processAuthorizationGrantCode()
*/
public function processAuthorizationGrantCode($transactionId)
{
if (isset($_GET['code'])) {
$this->getLogger()->debug('Found authorization code in request header');
$code = $_GET['code'];
if (isset($_GET['state']) && $_GET['state'] == $transactionId) {
$this->getLogger()->debug('Found valid state in request header');
} else {
$this->getLogger()->error('The grant code from Google had no accompanying state and may be a forgery');
throw new PostmanStateIdMissingException();
}
$postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'grant_type' => 'authorization_code', 'redirect_uri' => $this->getCallbackUri(), 'code' => $code);
$response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals);
$this->processResponse($response);
$this->getAuthorizationToken()->setVendorName(self::VENDOR_NAME);
return true;
} else {
$this->getLogger()->debug('Expected code in the request header but found none - user probably denied request');
return false;
}
}
/**
* Step 5: Exchange refresh token for new access token
* After the access token expires, you can use the refresh token, which has a long lifetime, to get a new access token.
*/
public function refreshToken()
{
$this->getLogger()->debug('Refreshing Token');
$refreshUrl = $this->getTokenUrl();
$callbackUrl = $this->getCallbackUri();
assert(!empty($refreshUrl));
assert(!empty($callbackUrl));
$headers = array('Authorization' => sprintf("Basic %s", base64_encode($this->getClientId() . ':' . $this->getClientSecret())));
$postvals = array('redirect_uri' => $callbackUrl, 'grant_type' => 'refresh_token', 'refresh_token' => $this->getAuthorizationToken()->getRefreshToken());
$response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals, $headers);
$this->processResponse($response);
}
/**
* Given an OAuth provider-specific URL and redirectUri,
* issue an HttpRequest to refresh the access token
*
* This code is identical for Google and Hotmail
*/
public function refreshToken()
{
$this->getLogger()->debug('Refreshing Token');
$refreshUrl = $this->getTokenUrl();
$callbackUrl = $this->getCallbackUri();
assert(!empty($refreshUrl));
assert(!empty($callbackUrl));
// the format of the URL is
// client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=REDIRECT_URI&grant_type=refresh_token&refresh_token=REFRESH_TOKEN
$postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'redirect_uri' => $callbackUrl, 'grant_type' => 'refresh_token', 'refresh_token' => $this->getAuthorizationToken()->getRefreshToken());
// example request string
// client_id=0000000603DB0F&redirect_uri=http%3A%2F%2Fwww.contoso.com%2Fcallback.php&client_secret=LWILlT555GicSrIATma5qgyBXebRI&refresh_token=*LA9...//refresh token string shortened for example//...xRoX&grant_type=refresh_token
$response = PostmanUtils::remotePostGetBodyOnly($refreshUrl, $postvals);
$this->processResponse($response);
}
