Ejemplo n.º 1
0
 public function githubAction(Application $app, Request $request)
 {
     $clientID = getenv('GITHUB_API_KEY');
     $clientSecret = getenv('GITHUB_API_SECRET');
     $code = $request->query->get('code');
     $redirectUri = $request->getScheme() . '://' . $request->getHost();
     if (80 != $request->getPort()) {
         $redirectUri .= ':' . $request->getPort();
     }
     $redirectUri .= '/auth/github';
     $provider = new Github(['clientId' => $clientID, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => ['user:email']]);
     if (empty($code)) {
         $authUrl = $provider->getAuthorizationUrl();
         $app['session']->set('oauth2state', $provider->state);
         return $app->redirect($authUrl);
     } else {
         $token = $provider->getAccessToken('authorization_code', ['code' => $code]);
         $userDetails = $provider->getUserDetails($token);
         try {
             $user = $app['user.manager']->fetchUserByGithubUid($userDetails->uid);
         } catch (UserNotFoundException $exception) {
             $email = null;
             foreach ($provider->getUserEmails($token) as $providerEmail) {
                 if ($providerEmail->primary) {
                     $email = $providerEmail->email;
                     break;
                 }
             }
             $user = $app['user.manager']->createUser(['email' => $email, 'roles' => ['ROLE_USER'], 'name' => $userDetails->name, 'githubUid' => $userDetails->uid]);
             $app['user.manager']->saveUser($user);
         }
         $app['session']->set('user', $user);
         return $app->redirect($app['url_generator']->generate('account.profile'));
     }
 }
Ejemplo n.º 2
0
 /**
  * Register a new user using their Github account.
  *
  * @param  string $code
  * @return \Tricks\User
  */
 public function register($code)
 {
     $token = $this->provider->getAccessToken('authorization_code', ['code' => $code]);
     $userDetails = $this->provider->getUserDetails($token);
     $verifiedEmails = $this->getVerifiedEmails($token->accessToken);
     $userDetails->email = $this->getPrimaryEmail($verifiedEmails);
     $profile = $this->profiles->findByUid($userDetails->uid);
     if (is_null($profile)) {
         $user = $this->users->findByEmail($userDetails->email);
         if (is_null($user)) {
             $user = $this->users->createFromGithubData($userDetails);
         }
         $profile = $this->profiles->createFromGithubData($userDetails, $user, $token->accessToken);
     } else {
         $profile = $this->profiles->updateToken($profile, $token->accessToken);
         $user = $profile->user;
     }
     return $user;
 }
Ejemplo n.º 3
0
 /**
  * @param Request $request
  * @param array $routeParams
  * @return RedirectResponse|EmptyResponse
  */
 public function handle(Request $request, array $routeParams = [])
 {
     session_start();
     $provider = new Github(['clientId' => $this->settings->get('github.client_id'), 'clientSecret' => $this->settings->get('github.client_secret'), 'redirectUri' => $this->url->toRoute('github.login')]);
     if (!isset($_GET['code'])) {
         $authUrl = $provider->getAuthorizationUrl(['scope' => ['user:email']]);
         $_SESSION['oauth2state'] = $provider->getState();
         return new RedirectResponse($authUrl);
     } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
         unset($_SESSION['oauth2state']);
         echo 'Invalid state.';
         exit;
     }
     $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
     $owner = $provider->getResourceOwner($token);
     $email = $owner->getEmail();
     $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getNickname());
     return $this->authenticated(compact('email'), compact('username'));
 }
Ejemplo n.º 4
0
 /**
  * @param Application $app
  *
  * @return string token
  */
 public function handleAuth(Application $app)
 {
     $code = $app->request()->get('code');
     $state = $app->request()->get('state');
     $key = sprintf('github.oauth2state.%s', session_id());
     $sessionState = $this->redisClient->get($key);
     if (is_null($code)) {
         // If we don't have an authorization code then get one
         $url = $this->oauth2Provider->getAuthorizationUrl();
         $this->redisClient->setex($key, 300, $this->oauth2Provider->state);
         $app->redirect($url);
     } elseif (empty($state) || isset($sessionState) && $state !== $sessionState) {
         // Check given state against previously stored one to mitigate CSRF attack
         $this->redisClient->del($key);
         throw new \RuntimeException('Invalid state');
     }
     // clean session
     $this->redisClient->del($key);
     // Try to get an access token (using the authorization code grant)
     return $this->oauth2Provider->getAccessToken('authorization_code', ['code' => $code])->accessToken;
 }
Ejemplo n.º 5
0
 /**
  *
  */
 public function authorize()
 {
     $this->view->disable();
     $provider = new Github(['clientId' => $this->clientId, 'clientSecret' => $this->clientSecret, 'redirectUri' => $this->redirectUriAuthorize]);
     $code = $this->request->getQuery('code');
     $state = $this->request->getQuery('state');
     if (!isset($code)) {
         // If we don't have an authorization code then get one
         $authUrl = $provider->getAuthorizationUrl();
         $this->session->set('oauth2state', $provider->state);
         return $this->response->redirect($authUrl);
         // Check given state against previously stored one to mitigate CSRF attack
     } elseif (empty($state) || $state !== $this->session->get('oauth2state')) {
         $this->session->remove('oauth2state');
         exit('Invalid state');
     } else {
         // Try to get an access token (using the authorization code grant)
         $token = $provider->getAccessToken('authorization_code', ['code' => $code]);
         $uid = $provider->getUserUid($token);
         $userDetails = $provider->getUserDetails($token);
         return array($uid, $token, $userDetails);
     }
 }
Ejemplo n.º 6
0
 /**
  * Authenticate with GitHub and cache the access token
  *
  * @param Request $request
  * @return \Illuminate\Http\RedirectResponse
  */
 public function github(Request $request)
 {
     if (Cache::has('github_token')) {
         return redirect('/');
     }
     $provider = new Provider\Github(['clientId' => env('GITHUB_CLIENT_ID'), 'clientSecret' => env('GITHUB_CLIENT_SECRET'), 'redirectUri' => url('auth/github')]);
     if (!$request->get('code')) {
         $authorizationUrl = $provider->getAuthorizationUrl(['scope' => ['notifications']]);
         $request->session()->put('oauth2state', $provider->getState());
         return redirect($authorizationUrl);
     } elseif (empty($request->get('state')) || $request->get('state') !== $request->session()->get('oauth2state')) {
         $request->session()->forget('oauth2state');
         exit('Invalid state');
     } else {
         try {
             $accessToken = $provider->getAccessToken('authorization_code', ['code' => $request->get('code')]);
             $token = $accessToken->getToken();
             Cache::put('github_token', $token, 60 * 24 * 30);
         } catch (IdentityProviderException $e) {
             exit($e->getMessage());
         }
     }
     return redirect('/');
 }
Ejemplo n.º 7
0
 public function userDetails($response, AccessToken $token)
 {
     $user = parent::userDetails($response, $token);
     // Fetch the primary email address
     if (!$user->email) {
         $emails = $this->fetchUserEmails($token);
         $emails = json_decode($emails);
         $email = null;
         foreach ($emails as $email) {
             if ($email->primary) {
                 $email = $email->email;
                 break;
             }
         }
         $user->email = $email;
     }
     return $user;
 }