public function postTestAuthorize()
{
if (!array_key_exists('X_ALLOW_TEST_AUTH', $_SERVER) || $_SERVER['X_ALLOW_TEST_AUTH'] != 'true') {
return;
}
$data = ['eduPersonPrincipalName' => Input::get('eduPersonPrincipalName'), 'eduPersonScopedAffiliation' => Input::get('eduPersonScopedAffiliation'), 'sn' => Input::get('sn'), 'givenName' => Input::get('givenName'), 'mail' => Input::get('mail')];
$user = (object) $data;
$userId = Input::get('eduPersonPrincipalName');
$owner = Owner::find($userId);
if (!$owner) {
$owner = new Owner();
$owner->id = $userId;
}
$owner->data = json_encode($user);
$owner->save();
$params = Session::get('authorize-params');
$params['user_id'] = $user->eduPersonPrincipalName;
if (Input::get('approve') !== null) {
$code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params);
Session::forget('authorize-params');
return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params));
}
if (Input::get('deny') !== null) {
Session::forget('authorize-params');
$url = AuthorizationServer::makeRedirectWithError($params);
return new \Illuminate\Http\RedirectResponse((string) $url, 302, array());
}
}
public function getAuthorizationCode()
{
// get the data from the check-authorization-params filter
$params = Session::get('authorize-params');
// get the user id
$params['user_id'] = Auth::user()->id;
// check if the user approved or denied the authorization request
if (Input::get('approve') !== null) {
$code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params);
Session::forget('authorize-params');
return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params));
}
if (Input::get('deny') !== null) {
Session::forget('authorize-params');
return Redirect::to(AuthorizationServer::makeRedirectWithError($params));
}
}
Route::post('login', function () {
$auth = Auth::attempt(['email' => Input::get('email'), 'password' => Input::get('password')]);
return Redirect::to($auth ? 'authorize-form' : 'login');
});
// @see https://github.com/lucadegasperi/oauth2-server-laravel#authorization-code-flow
Route::get('authorize-form', function () {
return View::make('authorize-form');
});
Route::post('oauth/authorize', array('before' => 'check-authorization-params|auth|csrf', function () {
// get the data from the check-authorization-params filter
$params = Session::get('authorize-params');
// get the user id
$params['user_id'] = Auth::user()->id;
$code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params);
Session::forget('authorize-params');
return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params));
// // check if the user approved or denied the authorization request
// if (Input::get('approve') !== null) {
//
// $code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params);
//
// Session::forget('authorize-params');
//
// return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params));
// }
//
// if (Input::get('deny') !== null) {
//
// Session::forget('authorize-params');
//
// return Redirect::to(AuthorizationServer::makeRedirectWithError($params));
