/**
* @param PersonInterface $subject
* @param ClientMetadata|null $metadata
* @return string
*/
public function getSubjectIdentifier(PersonInterface $subject, ClientMetadata $metadata = null)
{
$id = $subject->getId();
if ($metadata === null || $metadata->getSubjectType() !== 'pairwise') {
return $id;
}
if ($metadata->getSubjectType() === 'pairwise') {
$sectorIdentifier = $metadata->getSectorIdentifier();
$salt = $this->pairwiseSubjectIdSalt;
$pairwise = hash('sha256', $sectorIdentifier . $id . $salt);
return $pairwise;
}
}
/**
* @param ClientMetadata $metadata
* @param Constraint $constraint
*/
public function validate($metadata, Constraint $constraint)
{
if (!$metadata->getSectorIdentifierUri()) {
return;
}
$sectorIdentifierUri = $metadata->getSectorIdentifierUri();
/** @var Organization $organization */
$organization = $this->orgRepo->findOneBy(compact('sectorIdentifierUri'));
$success = $this->uriChecker->check($metadata, $sectorIdentifierUri);
if (!$success) {
$metadata->setOrganization(null);
}
if ($success && $organization instanceof Organization) {
$metadata->setOrganization($organization);
}
}
public function recheck(ClientMetadata $metadata)
{
$url = $metadata->getSectorIdentifierUri();
try {
if ($url !== null && !$this->check($metadata, $url)) {
$metadata->setOrganization(null);
$metadata->setSectorIdentifierUri(null);
$this->em->persist($metadata);
$this->em->flush($metadata);
}
} catch (HttpException $e) {
if ($e->getStatusCode() !== 200) {
$metadata->setOrganization(null);
}
}
return $metadata;
}
/**
* @param ClientMetadata $data
* @return Client
*/
private function registerClient(EntityManager $em, ClientMetadata $data)
{
if ($data->getClient() === null) {
$client = $data->toClient();
} else {
$client = $data->getClient();
}
if ($client->getName() === null) {
$firstUrl = $this->getHost($client->getRedirectUris()[0]);
$client->setName($firstUrl);
}
if ($client->getDescription() === null) {
$client->setDescription('');
}
if ($client->getTermsOfUseUrl() === null) {
$client->setTermsOfUseUrl('');
}
if ($client->getSiteUrl() === null) {
$client->setSiteUrl('');
}
if (count($data->getContacts()) > 0) {
$owners = $em->getRepository($this->getParameter('user.class'))->findByEmail($data->getContacts());
foreach ($owners as $person) {
if ($person->getConfirmationToken() !== null) {
continue;
}
$client->getOwners()->add($person);
}
}
$publicScopes = explode(' ', $this->getParameter('lc_public_scopes'));
$client->setAllowedScopes($publicScopes);
$em->persist($client);
$data->setClient($client);
$em->persist($data);
$em->flush();
return $client;
}
private function getOrganization(ClientMetadata $metadata = null)
{
if ($metadata === null) {
return null;
}
if ($metadata->getOrganization() === null && $metadata->getSectorIdentifierUri()) {
$sectorIdentifierUri = $metadata->getSectorIdentifierUri();
try {
$verified = $this->getSectorIdentifierUriChecker()->check($metadata, $sectorIdentifierUri);
} catch (HttpException $e) {
$verified = false;
}
$uri = parse_url($sectorIdentifierUri);
$domain = $uri['host'];
$organization = new Organization();
$organization->setDomain($domain)->setName($domain)->setTrusted(false)->setVerifiedAt($verified ? new \DateTime() : null);
return $organization;
}
return $metadata->getOrganization();
}