Beispiel #1
0
 public function login(ProviderInterface $provider, $code, $state)
 {
     if ($code === null) {
         // If we don't have an authorization code then get one
         $authUrl = $provider->getAuthorizationUrl();
         $this->stateStorage->storeState($provider->state);
         return $authUrl;
         // Check given state against previously stored one to mitigate CSRF attack
     } elseif ($state === null || $state !== $this->stateStorage->loadState()) {
         $this->stateStorage->storeState(null);
         throw new InvalidStateException();
     } else {
         // Try to get an access token (using the authorization code grant)
         $token = $provider->getAccessToken('authorization_code', ['code' => $code]);
         // Optional: Now you have a token you can look up a users profile data
         try {
             // We got an access token, let's now get the user's details
             $userDetails = $provider->getUserDetails($token);
             $this->managerEvent($this->manager);
             return $this->manager->persistOAuthAccount(get_class($provider), $token, $userDetails);
         } catch (IDPException $e) {
             throw new AuthenticationException();
         }
     }
 }
Beispiel #2
0
 /**
  * Execute OAuth2 authentication and return the user.
  */
 static function auth(ProviderInterface $provider)
 {
     if (!require_get("code", false)) {
         redirect($provider->getAuthorizationUrl());
         return false;
     } else {
         // optionally check for abuse etc
         if (!\Openclerk\Events::trigger('oauth2_auth', $provider)) {
             throw new UserAuthenticationException("Login was cancelled by the system.");
         }
         $token = $provider->getAccessToken('authorization_code', array('code' => require_get("code")));
         // now find the relevant user
         return $provider->getUserDetails($token);
     }
 }
 /**
  * @return AccessToken
  */
 public function refresh()
 {
     try {
         $this->token = $this->provider->getAccessToken('refresh_token', ['refresh_token' => $this->token->refreshToken]);
     } catch (BadResponseException $e) {
         throw new AccessTokenExpiredException(self::REFRESH_TOKEN_EXPIRED_MESSAGE);
     }
     return $this->token;
 }
 public function authorize()
 {
     $request = $this->getRequest();
     $session = $request->getSession();
     if (!$request->query->has('code')) {
         // If we don't have an authorization code then get one
         $authUrl = $this->provider->getAuthorizationUrl();
         $session->set('oauth2state', $this->provider->state);
         $response = new RedirectResponse($authUrl);
         $response->send();
     } elseif (empty($request->query->get('state')) || $request->query->get('state') !== $session->get('oauth2state')) {
         $session->remove('oauth2state');
         throw new \InvalidArgumentException('Invalid State');
     } else {
         // Try to get an access token (using the authorization code grant)
         $this->token = $this->provider->getAccessToken('authorization_code', ['code' => $this->request->query->get('code')]);
     }
     return $this->token->accessToken;
 }