/**
* @param GetResponseForAuthenticationEvent $event
*/
public function onAuthorizationRequest(GetResponseForAuthenticationEvent $event)
{
if ($event->getResponse() !== null) {
return;
}
$request = $event->getRequest();
// Only act on response_type=token
$responseType = $request->get("response_type");
if ($responseType !== "token") {
return;
}
// Verify that implicit grants are allowed
$client = $event->getClient();
if (!$client->isAllowedGrantType("implicit")) {
return;
}
$user = $event->getUser();
$content = $this->getResponseContent($client, $user);
$redirectUri = $request->get("redirect_uri");
$state = $request->get("state");
$queryData = ["state" => $state];
$queryString = http_build_query($queryData);
$url = $redirectUri . "?" . $queryString;
$response = new RedirectResponse($url);
$response->setContent(json_encode($content));
$event->setResponse($response);
}
/**
* @param GetResponseForAuthenticationEvent $event
*/
public function onAuthorizationRequest(GetResponseForAuthenticationEvent $event)
{
if ($event->getResponse() !== null) {
return;
}
$request = $event->getRequest();
// Only act on response_type=code
$responseType = $request->get("response_type");
if ($responseType !== "code") {
return;
}
// Verify that authorization_code grants are allowed
$client = $event->getClient();
if (!$client->isAllowedGrantType("authorization_code")) {
return;
}
$user = $event->getUser();
$redirectUri = $request->get("redirect_uri");
$authorizationCode = $this->authorizationCodeManager->createAuthorizationCode();
$authorizationCode->setClient($client);
$authorizationCode->setUser($user);
$authorizationCode->setRedirectUri($redirectUri);
$this->authorizationCodeManager->saveAuthorizationCode($authorizationCode);
$state = $request->get("state");
$queryData = ["code" => $authorizationCode->getCode(), "state" => $state];
$queryString = http_build_query($queryData);
$url = $redirectUri . "?" . $queryString;
$response = new RedirectResponse($url);
$event->setResponse($response);
}
