/**
* @param \Symfony\Component\Form\FormInterface $form
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization
* @param \SpomkyLabs\OAuth2ServerBundle\Plugin\AuthorizationEndpointPlugin\Form\Model\AuthorizationModel $authorization_model
*
* @return bool
*/
public function handle(FormInterface $form, ServerRequestInterface $request, AuthorizationInterface $authorization, AuthorizationModel $authorization_model)
{
if ('POST' !== $request->getMethod()) {
return false;
}
$httpFoundationFactory = new HttpFoundationFactory();
$symfony_request = $httpFoundationFactory->createRequest($request);
$form->submit($symfony_request->get($form->getName()));
if (!$form->isValid()) {
return false;
}
$button = $form->get('accept');
if (!$button instanceof ClickableInterface) {
throw new InvalidArgumentException('Unable to find the button named "accept".');
}
$authorization->setAuthorized($button->isClicked());
$refused_scopes = array_diff($authorization->getScopes(), $authorization_model->getScopes());
foreach ($refused_scopes as $refused_scope) {
$authorization->removeScope($refused_scope);
}
return true;
}
/**
* @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization
*
* @return bool
*/
private function isOfflineAccess(AuthorizationInterface $authorization)
{
// The scope offline_access is not requested
if (!in_array('offline_access', $authorization->getScopes())) {
return false;
}
// The scope offline_access is requested but prompt is not consent
// The scope offline_access is ignored
if (!$authorization->hasQueryParam('prompt') || !in_array('consent', $authorization->getQueryParam('prompt'))) {
$authorization->removeScope('offline_access');
return false;
}
return true;
}
