/**
* Execute the Api Authorize operation.
*
* @return mixed RApi object with information on success, boolean false on failure.
*
* @since 1.2
*/
public function apiAuthorize()
{
$user = $this->getLoggedUser();
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
// Validate the authorize request
if (!$this->server->validateAuthorizeRequest($request, $response)) {
$this->response = $response;
return $this;
}
$clientId = $request->query('client_id');
$scopes = RApiOauth2Helper::getClientScopes($clientId);
if ($request->request('authorized', '') == '') {
$clientScopes = !empty($scopes) ? explode(' ', $scopes) : array();
if (!empty($clientScopes)) {
$clientScopes = RApiHalHelper::getWebserviceScopes($clientScopes);
}
$currentUri = JUri::getInstance();
$formAction = JUri::root() . 'index.php?' . $currentUri->getQuery();
// Display an authorization form
$this->response = RLayoutHelper::render('oauth2.authorize', array('view' => $this, 'options' => array('clientId' => $clientId, 'formAction' => $formAction, 'scopes' => $clientScopes)));
return $this;
}
// Print the authorization code if the user has authorized your client
$is_authorized = $request->request('authorized', '') === JText::_('LIB_REDCORE_API_OAUTH2_SERVER_AUTHORIZE_CLIENT_YES');
// We are setting client scope instead of requesting scope from user request
$request->request['scope'] = $scopes;
$this->server->handleAuthorizeRequest($request, $response, $is_authorized, $user->id);
$this->response = $response;
return $this;
}
