public function postTestAuthorize() { if (!array_key_exists('X_ALLOW_TEST_AUTH', $_SERVER) || $_SERVER['X_ALLOW_TEST_AUTH'] != 'true') { return; } $data = ['eduPersonPrincipalName' => Input::get('eduPersonPrincipalName'), 'eduPersonScopedAffiliation' => Input::get('eduPersonScopedAffiliation'), 'sn' => Input::get('sn'), 'givenName' => Input::get('givenName'), 'mail' => Input::get('mail')]; $user = (object) $data; $userId = Input::get('eduPersonPrincipalName'); $owner = Owner::find($userId); if (!$owner) { $owner = new Owner(); $owner->id = $userId; } $owner->data = json_encode($user); $owner->save(); $params = Session::get('authorize-params'); $params['user_id'] = $user->eduPersonPrincipalName; if (Input::get('approve') !== null) { $code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params); Session::forget('authorize-params'); return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params)); } if (Input::get('deny') !== null) { Session::forget('authorize-params'); $url = AuthorizationServer::makeRedirectWithError($params); return new \Illuminate\Http\RedirectResponse((string) $url, 302, array()); } }
public function getAuthorizationCode() { // get the data from the check-authorization-params filter $params = Session::get('authorize-params'); // get the user id $params['user_id'] = Auth::user()->id; // check if the user approved or denied the authorization request if (Input::get('approve') !== null) { $code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params); Session::forget('authorize-params'); return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params)); } if (Input::get('deny') !== null) { Session::forget('authorize-params'); return Redirect::to(AuthorizationServer::makeRedirectWithError($params)); } }
Route::post('login', function () { $auth = Auth::attempt(['email' => Input::get('email'), 'password' => Input::get('password')]); return Redirect::to($auth ? 'authorize-form' : 'login'); }); // @see https://github.com/lucadegasperi/oauth2-server-laravel#authorization-code-flow Route::get('authorize-form', function () { return View::make('authorize-form'); }); Route::post('oauth/authorize', array('before' => 'check-authorization-params|auth|csrf', function () { // get the data from the check-authorization-params filter $params = Session::get('authorize-params'); // get the user id $params['user_id'] = Auth::user()->id; $code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params); Session::forget('authorize-params'); return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params)); // // check if the user approved or denied the authorization request // if (Input::get('approve') !== null) { // // $code = AuthorizationServer::newAuthorizeRequest('user', $params['user_id'], $params); // // Session::forget('authorize-params'); // // return Redirect::to(AuthorizationServer::makeRedirectWithCode($code, $params)); // } // // if (Input::get('deny') !== null) { // // Session::forget('authorize-params'); // // return Redirect::to(AuthorizationServer::makeRedirectWithError($params));