Fetches access token from authorization code.
|
public fetchAccessToken ( string $authCode, array $params = [] ) : |
||
| $authCode | string | authorization code, usually comes at $_GET['code']. |
| $params | array | additional request params. |
| return | access token. | |
/**
* @inheritdoc
*/
public function fetchAccessToken($authCode, array $params = [])
{
$authState = $this->getState('authState');
if (!isset($_REQUEST['state']) || empty($authState) || strcmp($_REQUEST['state'], $authState) !== 0) {
throw new HttpException(400, 'Invalid auth state parameter.');
} else {
$this->removeState('authState');
}
return parent::fetchAccessToken($authCode, $params);
}
/**
* Fetches the access token using the authorization code
* @author Adegoke Obasa <*****@*****.**>
* @param $code
* @return mixed Access token
* @throws Oauth2ClientException
*/
public function fetchAccessToken($code)
{
$this->validateTokenParams();
$this->oauth2->tokenUrl = $this->tokenUrl;
$this->oauth2->clientId = $this->clientId;
$this->oauth2->clientSecret = $this->clientSecret;
try {
$response = $this->oauth2->fetchAccessToken($code);
} catch (Exception $ex) {
throw new Oauth2ClientException($ex->getMessage());
}
return $this->handleTokenResponse($response);
}
public function actionSuccess()
{
$session = \Yii::$app->session;
$request = \Yii::$app->request;
$authHeader = 'Authorization: Basic ' . base64_encode("{$this->clientId}:{$this->secret}");
$contentHeader = 'Content-Type: application/x-www-form-urlencoded';
$httpHeaders = array($authHeader, $contentHeader);
$oauth = new OAuth2();
$oauth->clientId = $this->clientId;
$oauth->clientSecret = $this->secret;
$oauth->returnUrl = "http://localhost" . Yii::getAlias('@web/index.php/login/success');
$oauth->tokenUrl = 'https://api.fitbit.com/oauth2/token';
$oauth->fetchAccessToken($request->get('code'), [], $httpHeaders);
$token = $oauth->getAccessToken();
$session->set('dump', $token);
return $this->redirect('@web/index.php/site/dump');
}
/**
* @return bool
* @throws Exception
* @throws Exception
*/
public function connect()
{
if ($this->service instanceof OAuth1) {
try {
$accessToken = $this->service->fetchAccessToken();
return $this->isConnected($accessToken);
} catch (Exception $e) {
Yii::$app->session->setFlash($this->flash, $e->getMessage());
return false;
}
} elseif ($this->service instanceof OAuth2) {
try {
$accessToken = $this->service->fetchAccessToken(Yii::$app->request->get('code', null));
return $this->isConnected($accessToken);
} catch (Exception $e) {
Yii::$app->session->setFlash($this->flash, $e->getMessage());
return false;
}
} else {
throw new Exception(Yii::t('SyncSocial', 'SyncSocial is not support {serviceName}.', ['serviceName' => get_class($this->service)]));
}
}
/**
* Performs OAuth2 auth flow.
* @param OAuth2 $client auth client instance.
* @return Response action response.
* @throws \yii\base\Exception on failure.
*/
protected function authOAuth2($client)
{
if (isset($_GET['error'])) {
if ($_GET['error'] == 'access_denied') {
// user denied error
return $this->redirectCancel();
} else {
// request error
if (isset($_GET['error_description'])) {
$errorMessage = $_GET['error_description'];
} elseif (isset($_GET['error_message'])) {
$errorMessage = $_GET['error_message'];
} else {
$errorMessage = http_build_query($_GET);
}
throw new Exception('Auth error: ' . $errorMessage);
}
}
// Get the access_token and save them to the session.
if (isset($_GET['code'])) {
$code = $_GET['code'];
$token = $client->fetchAccessToken($code);
if (!empty($token)) {
return $this->authSuccess($client);
} else {
return $this->redirectCancel();
}
} else {
$url = $client->buildAuthUrl();
return Yii::$app->getResponse()->redirect($url);
}
}
/**
* @inheritdoc
*/
public function fetchAccessToken($authCode, array $params = [])
{
$authState = $this->getState('authState');
// if (!isset($_REQUEST['state']) || empty($authState) || strcmp($_REQUEST['state'], $authState) !== 0) {
// throw new HttpException(400, 'Invalid auth state parameter.');
// } else {
// $this->removeState('authState');
// }
$params['appid'] = $this->clientId;
$params['secret'] = $this->clientSecret;
return parent::fetchAccessToken($authCode, $params);
}
