/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @throws \League\OAuth2\Server\Exception\AccessDeniedException
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->authorizer->setRequest($request);
if ($this->authorizer->getResourceOwnerType() !== 'user') {
throw new AccessDeniedException();
}
return $next($request);
}
/**
* @return \Illuminate\Http\Response
*/
public function postAccessToken(Request $request)
{
//Patch because the package doesn't support json body parameter, we have to do this
$this->request->request->replace($request->all());
//Replace the request instance into the authorizer
$this->authorizer->setRequest($this->request);
//Issue the access token
return response()->json($this->authorizer->issueAccessToken());
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @throws \League\OAuth2\Server\Exception\AccessDeniedException
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->authorizer->setRequest($request);
$this->authorizer->validateAccessToken($this->httpHeadersOnly);
if ($this->authorizer->getResourceOwnerType() !== 'client') {
throw new AccessDeniedException();
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @throws \League\OAuth2\Server\Exception\AccessDeniedException
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->authorizer->setRequest($request);
$user = $this->authorizer->getResourceOwnerId();
$user = json_decode($user, true)['data'];
if (in_array($user['role'], ['store_manager', 'admin'])) {
return $next($request);
}
throw new AccessDeniedException();
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $scopesString
*
* @throws \League\OAuth2\Server\Exception\InvalidScopeException
*
* @return mixed
*/
public function handle($request, Closure $next, $scopesString = null)
{
//$scopes = [];
//if (!is_null($scopesString)) {
// $scopes = explode('+', $scopesString);
//}
$this->authorizer->setRequest($request);
$this->authorizer->validateAccessToken($this->httpHeadersOnly);
//$this->validateScopes($scopes);
return $next($request);
}
/**
* Register the Authorization server with the IoC container
* @return void
*/
public function registerAuthorizer()
{
$this->app->bindShared('oauth2-server.authorizer', function ($app) {
$config = $app['config']->get('oauth2');
$issuer = $app->make('League\\OAuth2\\Server\\AuthorizationServer')->setClientStorage($app->make('League\\OAuth2\\Server\\Storage\\ClientInterface'))->setSessionStorage($app->make('League\\OAuth2\\Server\\Storage\\SessionInterface'))->setAuthCodeStorage($app->make('League\\OAuth2\\Server\\Storage\\AuthCodeInterface'))->setAccessTokenStorage($app->make('League\\OAuth2\\Server\\Storage\\AccessTokenInterface'))->setRefreshTokenStorage($app->make('League\\OAuth2\\Server\\Storage\\RefreshTokenInterface'))->setScopeStorage($app->make('League\\OAuth2\\Server\\Storage\\ScopeInterface'))->requireScopeParam($config['scope_param'])->setDefaultScope($config['default_scope'])->requireStateParam($config['state_param'])->setScopeDelimiter($config['scope_delimiter'])->setAccessTokenTTL($config['access_token_ttl']);
// add the supported grant types to the authorization server
foreach ($config['grant_types'] as $grantIdentifier => $grantParams) {
$grant = new $grantParams['class']();
$grant->setAccessTokenTTL($grantParams['access_token_ttl']);
if (array_key_exists('callback', $grantParams)) {
$grant->setVerifyCredentialsCallback($grantParams['callback']);
}
if (array_key_exists('auth_token_ttl', $grantParams)) {
$grant->setAuthTokenTTL($grantParams['auth_token_ttl']);
}
if (array_key_exists('refresh_token_ttl', $grantParams)) {
$grant->setRefreshTokenTTL($grantParams['refresh_token_ttl']);
}
$issuer->addGrantType($grant);
}
$checker = $app->make('League\\OAuth2\\Server\\ResourceServer');
$authorizer = new Authorizer($issuer, $checker);
$authorizer->setRequest($app['request']);
$authorizer->setTokenType($app->make($config['token_type']));
$app->refresh('request', $authorizer, 'setRequest');
return $authorizer;
});
$this->app->bind('LucaDegasperi\\OAuth2Server\\Authorizer', function ($app) {
return $app['oauth2-server.authorizer'];
});
}
/**
* Register the Authorization server with the IoC container
* @return void
*/
public function registerAuthorizer()
{
$this->app->bindShared('oauth2-server.authorizer', function ($app) {
$config = $app['config']->get('oauth2-server-laravel::oauth2');
$checker = $app->make('League\\OAuth2\\Server\\ResourceServer');
$authorizer = new Authorizer($checker);
$authorizer->setRequest($app['request']);
$authorizer->setTokenType($app->make($config['token_type']));
$app->refresh('request', $authorizer, 'setRequest');
return $authorizer;
});
$this->app->bind('LucaDegasperi\\OAuth2Server\\Authorizer', function ($app) {
return $app['oauth2-server.authorizer'];
});
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $scopesString
*
* @throws \League\OAuth2\Server\Exception\InvalidScopeException
*
* @return mixed
*/
public function handle($request, Closure $next, $scopesString = null)
{
$this->authorizer->setRequest($request);
$this->authorizer->validateAccessToken($this->httpHeadersOnly);
$scopes_sets = [];
if (!is_null($scopesString)) {
$scopes_sets = explode('|', $scopesString);
}
if (count($scopes_sets) === 0) {
return $next($request);
}
$valid = false;
foreach ($scopes_sets as $scopes) {
$scopes = explode(',', $scopes);
if ($this->validateScopes($scopes)) {
$valid = true;
break;
}
}
if ($valid === false) {
throw new InvalidScopeException($scopesString);
}
return $next($request);
}
/**
* Set the request to use on the issuer and checker.
*
* @param \Symfony\Component\HttpFoundation\Request $request
* @static
*/
public static function setRequest($request)
{
return \LucaDegasperi\OAuth2Server\Authorizer::setRequest($request);
}
/**
* Register the Authorization server with the IoC container.
*
* @param \Illuminate\Contracts\Foundation\Application $app
*
* @return void
*/
public function registerAuthorizer(Application $app)
{
$app->singleton('oauth2-server.authorizer', function ($app) {
$config = $app['config']->get('oauth2');
$issuer = $app->make(AuthorizationServer::class)->setClientStorage($app->make(ClientInterface::class))->setSessionStorage($app->make(SessionInterface::class))->setAuthCodeStorage($app->make(AuthCodeInterface::class))->setAccessTokenStorage($app->make(AccessTokenInterface::class))->setRefreshTokenStorage($app->make(RefreshTokenInterface::class))->setScopeStorage($app->make(ScopeInterface::class))->requireScopeParam($config['scope_param'])->setDefaultScope($config['default_scope'])->requireStateParam($config['state_param'])->setScopeDelimiter($config['scope_delimiter'])->setAccessTokenTTL($config['access_token_ttl']);
// add the supported grant types to the authorization server
foreach ($config['grant_types'] as $grantIdentifier => $grantParams) {
$grant = $app->make($grantParams['class']);
$grant->setAccessTokenTTL($grantParams['access_token_ttl']);
if (array_key_exists('callback', $grantParams)) {
list($className, $method) = array_pad(explode('@', $grantParams['callback']), 2, 'verify');
$verifier = $app->make($className);
$grant->setVerifyCredentialsCallback([$verifier, $method]);
}
if (array_key_exists('auth_token_ttl', $grantParams)) {
$grant->setAuthTokenTTL($grantParams['auth_token_ttl']);
}
if (array_key_exists('refresh_token_ttl', $grantParams)) {
$grant->setRefreshTokenTTL($grantParams['refresh_token_ttl']);
}
if (array_key_exists('rotate_refresh_tokens', $grantParams)) {
$grant->setRefreshTokenRotation($grantParams['rotate_refresh_tokens']);
}
$issuer->addGrantType($grant);
}
$checker = $app->make(ResourceServer::class);
$authorizer = new Authorizer($issuer, $checker);
$authorizer->setRequest($app['request']);
$authorizer->setTokenType($app->make($config['token_type']));
$app->refresh('request', $authorizer, 'setRequest');
return $authorizer;
});
$app->alias('oauth2-server.authorizer', Authorizer::class);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$this->authorizer->setRequest($request);
$this->authorizer->checkAuthCodeRequest();
return $next($request);
}
