/**
* @Get("/auth")
*/
public function authAction()
{
$storage = new OAuth2\Storage\Mongo(DI::getDefault()->getMongo());
$server = new \OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
}
/**
* Execute the Api Token operation.
*
* @return mixed RApi object with information on success, boolean false on failure.
*
* @since 1.2
*/
public function apiToken()
{
$request = OAuth2\Request::createFromGlobals();
$user = null;
// Implicit grant type and Authorization code grant type require user to be logged in before authorising
if ($request->request('grant_type') == 'implicit') {
$user = $this->getLoggedUser();
}
$this->response = $this->server->handleTokenRequest($request);
return $this;
}
/**
* Returns an OAuth2 access token to the client
*
* @param array $post Post data
*
* @return mixed
*/
function getToken($post)
{
$old_server_method = $_SERVER['REQUEST_METHOD'];
if (!empty($_SERVER['CONTENT_TYPE'])) {
$old_content_type = $_SERVER['CONTENT_TYPE'];
}
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$_POST = $post;
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') {
$val_array = array('password' => $_POST['password']);
$users = array($_POST['username'] => $val_array);
$user_credentials = array('user_credentials' => $users);
$storage = new OAuth2\Storage\Memory($user_credentials);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') {
$always_issue_new_refresh_token = array('always_issue_new_refresh_token' => true);
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $always_issue_new_refresh_token));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'authorization_code') {
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
} else {
$val_array = array('client_secret' => OAUTH_CLIENT_SECRET);
$clients = array(OAUTH_CLIENTID => $val_array);
$credentials = array('client_credentials' => $clients);
$storage = new OAuth2\Storage\Memory($credentials);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
}
$response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return');
$_SERVER['REQUEST_METHOD'] = $old_server_method;
if (!empty($old_content_type)) {
$_SERVER['CONTENT_TYPE'] = $old_content_type;
}
return json_decode($response, true);
}
$supportedScopes = apply_filters('wo_scopes', null, 20);
$memory = new OAuth2\Storage\Memory(array('default_scope' => $defaultScope, 'supported_scopes' => $supportedScopes));
$scopeUtil = new OAuth2\Scope($memory);
$server->setScopeUtil($scopeUtil);
/*
|--------------------------------------------------------------------------
| TOKEN CATCH
|--------------------------------------------------------------------------
|
| The following code is ran when a request is made to the server using the
| Authorization Code (implicit) Grant Type as well as request tokens
|
*/
if ($method == 'token') {
do_action('wo_before_token_method', array($_REQUEST));
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
exit;
}
/*
|--------------------------------------------------------------------------
| AUTHORIZATION CODE CATCH
|--------------------------------------------------------------------------
|
| The following code is ran when a request is made to the server using the
| Authorization Code (not implicit) Grant Type.
|
| 1. Check if the user is logged in (redirect if not)
| 2. Validate the request (client_id, redirect_uri)
| 3. Create the authorization request using the authentication user's user_id
|
*/
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
$response_type = $request->query('response_type') ? $request->query('response_type') : $request->request('response_type');
$grant_type = $request->query('grant_type') ? $request->query('grant_type') : $request->request('grant_type');
if ($request->server('REQUEST_METHOD') == 'POST') {
if (!empty($_POST)) {
if (!isset($grant_type) || $grant_type == '') {
//user submit the login form and verify the username and password.
//than Authorize the request and send back the code
$server->handleAuthorizeRequest($request, $response, true, 2);
echo $response->getHttpHeader('Location');
} else {
if ($grant_type == 'password') {
//app client use password model to authorize
$server->handleTokenRequest($request, $response);
//echo json_encode($response->getParameter('access_token'));
$response->send();
exit;
} else {
//invalid request
}
}
} else {
echo "error";
exit;
}
} else {
if ($request->server('REQUEST_METHOD') == 'GET') {
if ($response_type == "code" || $response_type == 'token') {
if (!$server->validateAuthorizeRequest($request, $response)) {
