/** * Authorize action (/oauth/authorize) */ public function authorizeAction() { $request = $this->getOAuth2Request(); $response = new OAuth2Response(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { $parameters = $response->getParameters(); $errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null; return new ApiProblemResponse(new ApiProblem($response->getStatusCode(), $parameters['error_description'], $errorUri, $parameters['error'])); } $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(array('clientId' => $clientId)); $view->setTemplate('oauth/authorize'); return $view; } $is_authorized = $authorized === 'yes'; $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $this->getRequest()->getQuery('user_id', null)); if ($is_authorized) { $redirect = $response->getHttpHeader('Location'); if (!empty($redirect)) { return $this->redirect()->toUrl($redirect); } } $parameters = $response->getParameters(); $errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null; return new ApiProblemResponse(new ApiProblem($response->getStatusCode(), $parameters['error_description'], $errorUri, $parameters['error'])); }
/** * Stage 1: Client sends the user to this page * * User responds by accepting or denying * * @view oauth2/server/authorize.twig * @format HtmlFormat */ public function authorize() { static::$server->getResponse(static::$request); // validate the authorize request. if it is invalid, // redirect back to the client with the errors in tow if (!static::$server->validateAuthorizeRequest(static::$request)) { static::$server->getResponse()->send(); exit; } return array('queryString' => $_SERVER['QUERY_STRING']); }
/** * Authorize action (/oauth/authorize) */ public function authorizeAction() { $server = $this->getOAuth2Server($this->params('oauth')); $request = $this->getOAuth2Request(); $response = new OAuth2Response(); // validate the authorize request $isValid = $this->server->validateAuthorizeRequest($request, $response); if (!$isValid) { return $this->getErrorResponse($response); } $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(['clientId' => $clientId]); $view->setTemplate('oauth/authorize'); return $view; } $isAuthorized = $authorized === 'yes'; $userIdProvider = $this->userIdProvider; $this->server->handleAuthorizeRequest($request, $response, $isAuthorized, $userIdProvider($this->getRequest())); $redirect = $response->getHttpHeader('Location'); if (!empty($redirect)) { return $this->redirect()->toUrl($redirect); } return $this->getErrorResponse($response); }
public function authorize() { $this->getUserProvider()->verifyUser(); $request = Request::createFromGlobals(); $response = new Response(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { $response->send(); die; } $client_id = $request->query("client_id"); $client = $this->storage->getClientDetails($client_id); $user_id = $this->getUserProvider()->getUserId(); $is_authorized = $this->authorized($client_id, $user_id); // display an authorization form if (empty($_POST) && !$is_authorized) { $html = Tpl::authorize($client); exit($html); } // print the authorization code if the user has authorized your client $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $user_id); if ($is_authorized) { // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40); $response->send(); //exit("SUCCESS! Authorization Code: $code"); } $response->send(); }
protected function authorize(OAuth2Request $request) { $response = new OAuth2Response(); $authService = $this->getAuthenticationService(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { return $this->handleResponse($response); } if (!$authService->hasIdentity()) { return $this->handleNoIdentity(); } $identityId = $authService->getIdentity(); //TODO request authorization from an user /** $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(array('clientId' => $clientId)); $view->setTemplate('oauth/authorize'); return $view; } $is_authorized = ($authorized === 'yes'); */ $is_authorized = true; $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $identityId); return $this->handleResponse($response); }
/** * Invoke this route callback. * * @param ServerRequestInterface $request Represents the current HTTP request. * @param ResponseInterface $response Represents the current HTTP response. * @param array $arguments Values for the current route’s named placeholders. * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, array $arguments = []) { $oauth2Request = Http\RequestBridge::toOAuth2($request); $oauth2Response = new OAuth2\Response(); if (!$this->server->validateAuthorizeRequest($oauth2Request, $oauth2Response)) { return Http\ResponseBridge::fromOAuth2($oauth2Response); } $authorized = $oauth2Request->request('authorized'); if (empty($authorized)) { $response = Http\ResponseBridge::fromOAuth2($oauth2Response); $this->view->render($response, $this->template, ['client_id' => $oauth2Request->query('client_id')]); return $response->withHeader('Content-Type', 'text/html'); } $this->server->handleAuthorizeRequest($oauth2Request, $oauth2Response, $authorized === 'yes'); return Http\ResponseBridge::fromOAuth2($oauth2Response); }
/** * Call this class as a function. * * @return void */ public function __invoke() { $request = MessageBridge::newOAuth2Request($this->slim->request()); $response = new OAuth2\Response(); $isValid = $this->server->validateAuthorizeRequest($request, $response); if (!$isValid) { MessageBridge::mapResponse($response, $this->slim->response()); return; } $authorized = $this->slim->request()->params('authorized'); if (empty($authorized)) { $this->slim->render($this->template, ['client_id' => $request->query('client_id', false)]); return; } //@TODO implement user_id $this->server->handleAuthorizeRequest($request, $response, $authorized === 'yes'); MessageBridge::mapResponse($response, $this->slim->response()); }
public function handleAuthorizeRequest(HttpRequest $httpRequest, HttpResponse $httpResponse, $isAuthorized, $userId) { $format = $this->determineFormat($httpRequest); $oauthRequest = $this->buildRequest($httpRequest); $oauthResponse = new OAuthResponse(); $isValid = $this->server->validateAuthorizeRequest($oauthRequest, $oauthResponse); if (!$isValid) { return $this->buildResponse($format, $httpResponse, $oauthResponse); } $oauthResponse = $this->server->handleAuthorizeRequest($oauthRequest, $oauthResponse, $isAuthorized, $userId); return $this->buildResponse($format, $httpResponse, $oauthResponse); }