/** * ********************************************** * If we have a code back from the OAuth 2.0 flow, * we need to exchange that for an access token. * We store the resultant access token * bundle in the session, and redirect to ourself. * ********************************************** */ public function processAuthorizationGrantCode($transactionId) { if (isset($_GET['code'])) { $code = $_GET['code']; $this->getLogger()->debug('Found authorization code in request header'); $postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'grant_type' => 'authorization_code', 'redirect_uri' => $this->getCallbackUri(), 'code' => $code); $response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals); $this->processResponse($response); $this->getAuthorizationToken()->setVendorName(self::VENDOR_NAME); return true; } else { $this->getLogger()->debug('Expected code in the request header but found none - user probably denied request'); return false; } }
/** * After receiving the authorization code, your application can exchange the code * (along with a client ID and client secret) for an access token and, in some cases, * a refresh token. * * This code is identical for Google and Hotmail * * @see PostmanAuthenticationManager::processAuthorizationGrantCode() */ public function processAuthorizationGrantCode($transactionId) { if (isset($_GET['code'])) { $this->getLogger()->debug('Found authorization code in request header'); $code = $_GET['code']; if (isset($_GET['state']) && $_GET['state'] == $transactionId) { $this->getLogger()->debug('Found valid state in request header'); } else { $this->getLogger()->error('The grant code from Google had no accompanying state and may be a forgery'); throw new PostmanStateIdMissingException(); } $postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'grant_type' => 'authorization_code', 'redirect_uri' => $this->getCallbackUri(), 'code' => $code); $response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals); $this->processResponse($response); $this->getAuthorizationToken()->setVendorName(self::VENDOR_NAME); return true; } else { $this->getLogger()->debug('Expected code in the request header but found none - user probably denied request'); return false; } }
/** * Step 5: Exchange refresh token for new access token * After the access token expires, you can use the refresh token, which has a long lifetime, to get a new access token. */ public function refreshToken() { $this->getLogger()->debug('Refreshing Token'); $refreshUrl = $this->getTokenUrl(); $callbackUrl = $this->getCallbackUri(); assert(!empty($refreshUrl)); assert(!empty($callbackUrl)); $headers = array('Authorization' => sprintf("Basic %s", base64_encode($this->getClientId() . ':' . $this->getClientSecret()))); $postvals = array('redirect_uri' => $callbackUrl, 'grant_type' => 'refresh_token', 'refresh_token' => $this->getAuthorizationToken()->getRefreshToken()); $response = PostmanUtils::remotePostGetBodyOnly($this->getTokenUrl(), $postvals, $headers); $this->processResponse($response); }
/** * Given an OAuth provider-specific URL and redirectUri, * issue an HttpRequest to refresh the access token * * This code is identical for Google and Hotmail */ public function refreshToken() { $this->getLogger()->debug('Refreshing Token'); $refreshUrl = $this->getTokenUrl(); $callbackUrl = $this->getCallbackUri(); assert(!empty($refreshUrl)); assert(!empty($callbackUrl)); // the format of the URL is // client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=REDIRECT_URI&grant_type=refresh_token&refresh_token=REFRESH_TOKEN $postvals = array('client_id' => $this->getClientId(), 'client_secret' => $this->getClientSecret(), 'redirect_uri' => $callbackUrl, 'grant_type' => 'refresh_token', 'refresh_token' => $this->getAuthorizationToken()->getRefreshToken()); // example request string // client_id=0000000603DB0F&redirect_uri=http%3A%2F%2Fwww.contoso.com%2Fcallback.php&client_secret=LWILlT555GicSrIATma5qgyBXebRI&refresh_token=*LA9...//refresh token string shortened for example//...xRoX&grant_type=refresh_token $response = PostmanUtils::remotePostGetBodyOnly($refreshUrl, $postvals); $this->processResponse($response); }