public function githubAction(Application $app, Request $request)
{
$clientID = getenv('GITHUB_API_KEY');
$clientSecret = getenv('GITHUB_API_SECRET');
$code = $request->query->get('code');
$redirectUri = $request->getScheme() . '://' . $request->getHost();
if (80 != $request->getPort()) {
$redirectUri .= ':' . $request->getPort();
}
$redirectUri .= '/auth/github';
$provider = new Github(['clientId' => $clientID, 'clientSecret' => $clientSecret, 'redirectUri' => $redirectUri, 'scopes' => ['user:email']]);
if (empty($code)) {
$authUrl = $provider->getAuthorizationUrl();
$app['session']->set('oauth2state', $provider->state);
return $app->redirect($authUrl);
} else {
$token = $provider->getAccessToken('authorization_code', ['code' => $code]);
$userDetails = $provider->getUserDetails($token);
try {
$user = $app['user.manager']->fetchUserByGithubUid($userDetails->uid);
} catch (UserNotFoundException $exception) {
$email = null;
foreach ($provider->getUserEmails($token) as $providerEmail) {
if ($providerEmail->primary) {
$email = $providerEmail->email;
break;
}
}
$user = $app['user.manager']->createUser(['email' => $email, 'roles' => ['ROLE_USER'], 'name' => $userDetails->name, 'githubUid' => $userDetails->uid]);
$app['user.manager']->saveUser($user);
}
$app['session']->set('user', $user);
return $app->redirect($app['url_generator']->generate('account.profile'));
}
}
/**
* Register a new user using their Github account.
*
* @param string $code
* @return \Tricks\User
*/
public function register($code)
{
$token = $this->provider->getAccessToken('authorization_code', ['code' => $code]);
$userDetails = $this->provider->getUserDetails($token);
$verifiedEmails = $this->getVerifiedEmails($token->accessToken);
$userDetails->email = $this->getPrimaryEmail($verifiedEmails);
$profile = $this->profiles->findByUid($userDetails->uid);
if (is_null($profile)) {
$user = $this->users->findByEmail($userDetails->email);
if (is_null($user)) {
$user = $this->users->createFromGithubData($userDetails);
}
$profile = $this->profiles->createFromGithubData($userDetails, $user, $token->accessToken);
} else {
$profile = $this->profiles->updateToken($profile, $token->accessToken);
$user = $profile->user;
}
return $user;
}
/**
*
*/
public function authorize()
{
$this->view->disable();
$provider = new Github(['clientId' => $this->clientId, 'clientSecret' => $this->clientSecret, 'redirectUri' => $this->redirectUriAuthorize]);
$code = $this->request->getQuery('code');
$state = $this->request->getQuery('state');
if (!isset($code)) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$this->session->set('oauth2state', $provider->state);
return $this->response->redirect($authUrl);
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($state) || $state !== $this->session->get('oauth2state')) {
$this->session->remove('oauth2state');
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', ['code' => $code]);
$uid = $provider->getUserUid($token);
$userDetails = $provider->getUserDetails($token);
return array($uid, $token, $userDetails);
}
}
