public function getApprovals(Request $request, UserInfoInterface $userInfo)
 {
     $approvals = $this->db->getApprovals($userInfo->getUserId());
     $response = new Response();
     $response->setBody($this->templateManager->render('approvals', array('approvals' => $approvals)));
     return $response;
 }
 public function getClients()
 {
     $clients = $this->db->getClients();
     $response = new Response();
     $response->setBody($this->templateManager->render('clients', array('clients' => $clients)));
     return $response;
 }
Exemple #3
0
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
require_once dirname(__DIR__) . '/vendor/autoload.php';
use fkooman\Rest\Service;
use fkooman\Http\Response;
use fkooman\Http\Session;
$session = new Session('foo');
$service = new Service();
$service->get('/', function () {
    $response = new Response(200, 'text/plain');
    $response->setBody('Welcome!');
    return $response;
});
$service->get('/:key', function ($key) use($session) {
    $newCount = $session->has($key) ? $session->get($key) + 1 : 1;
    $session->set($key, $newCount);
    $response = new Response(200, 'text/plain');
    $response->setBody(sprintf('count: %d', $newCount));
    return $response;
});
$service->run()->send();
 public function deleteDocument(Request $request, TokenInfo $tokenInfo)
 {
     $path = new Path($request->getUrl()->getPathInfo());
     if ($path->getUserId() !== $tokenInfo->getUserId()) {
         throw new ForbiddenException('path does not match authorized subject');
     }
     if (!$this->hasWriteScope($tokenInfo->getScope(), $path->getModuleName())) {
         throw new ForbiddenException('path does not match authorized scope');
     }
     // need to get the version before the delete
     $documentVersion = $this->remoteStorage->getVersion($path);
     $ifMatch = $this->stripQuotes($request->getHeader('If-Match'));
     // if document does not exist, and we have If-Match header set we should
     // return a 412 instead of a 404
     if (null !== $ifMatch && !in_array($documentVersion, $ifMatch)) {
         throw new PreconditionFailedException('version mismatch');
     }
     if (null === $documentVersion) {
         throw new NotFoundException(sprintf('document "%s" not found', $path->getPath()));
     }
     $ifMatch = $this->stripQuotes($request->getHeader('If-Match'));
     if (null !== $ifMatch && !in_array($documentVersion, $ifMatch)) {
         throw new PreconditionFailedException('version mismatch');
     }
     $x = $this->remoteStorage->deleteDocument($path, $ifMatch);
     $rsr = new Response();
     $rsr->setHeader('ETag', '"' . $documentVersion . '"');
     $rsr->setBody($x);
     return $rsr;
 }
 private function addNoCache(Response &$response)
 {
     $response->setHeader('Expires', 0);
     $response->setHeader('Cache-Control', 'no-cache');
 }
 public function getAuthorization(Request $request, UserInfoInterface $userInfo)
 {
     $authorizeRequest = new AuthorizeRequest($request);
     $clientId = $authorizeRequest->getClientId();
     $responseType = $authorizeRequest->getResponseType();
     $redirectUri = $authorizeRequest->getRedirectUri();
     $scope = $authorizeRequest->getScope();
     $state = $authorizeRequest->getState();
     $clientData = $this->storage->getClient($clientId);
     if (false === $clientData) {
         throw new BadRequestException('client not registered');
     }
     if (null === $redirectUri) {
         $redirectUri = $clientData->getRedirectUri();
     } else {
         if (!$clientData->verifyRedirectUri($redirectUri, $this->allowRegExpRedirectUriMatch)) {
             throw new BadRequestException('specified redirect_uri not the same as registered redirect_uri');
         }
         // we now use the provided redirect_uri...
     }
     if ($responseType !== $clientData->getType()) {
         return new ClientResponse($clientData, $request, $redirectUri, array('error' => 'unsupported_response_type', 'error_description' => 'response_type not supported by client profile'));
     }
     $scopeObj = new Scope($scope);
     $allowedScopeObj = new Scope($clientData->getAllowedScope());
     if (!$scopeObj->hasOnlyScope($allowedScopeObj)) {
         return new ClientResponse($clientData, $request, $redirectUri, array('error' => 'invalid_scope', 'error_description' => 'not authorized to request this scope'));
     }
     if ($clientData->getDisableUserConsent()) {
         // we do not require approval by the user, add implicit approval
         $this->addApproval($clientData, $userInfo->getUserId(), $scope);
     }
     $approval = $this->storage->getApprovalByResourceOwnerId($clientId, $userInfo->getUserId());
     $approvedScopeObj = new Scope($approval['scope']);
     if (false === $approval || false === $scopeObj->hasOnlyScope($approvedScopeObj)) {
         // we do not yet have an approval at all, or client wants more
         // permissions, so we ask the user for approval
         $response = new Response();
         $response->setBody($this->templateManager->render('askAuthorization', array('resourceOwnerId' => $userInfo->getUserId(), 'sslEnabled' => 'https' === $request->getUrl()->getScheme(), 'contactEmail' => $clientData->getContactEmail(), 'scopes' => $scopeObj->toArray(), 'clientName' => $clientData->getName(), 'clientId' => $clientData->getId(), 'clientDescription' => $clientData->getDescription())));
         return $response;
     } else {
         // we already have approval
         if ('token' === $responseType) {
             // implicit grant
             // FIXME: return existing access token if it exists for this exact client, resource owner and scope?
             $accessToken = $this->io->getRandomHex();
             $this->storage->storeAccessToken($accessToken, $this->io->getTime(), $clientId, $userInfo->getUserId(), $scope, $this->accessTokenExpiry);
             return new ClientResponse($clientData, $request, $redirectUri, array('access_token' => $accessToken, 'expires_in' => $this->accessTokenExpiry, 'token_type' => 'bearer', 'scope' => $scope));
         } else {
             // authorization code grant
             $authorizationCode = $this->io->getRandomHex();
             $this->storage->storeAuthorizationCode($authorizationCode, $userInfo->getUserId(), $this->io->getTime(), $clientId, $authorizeRequest->getRedirectUri(), $scope);
             return new ClientResponse($clientData, $request, $redirectUri, array('code' => $authorizationCode));
         }
     }
 }
Exemple #7
0
 private function executeCallback(Request $request, Route $route, array $availableRouteCallbackParameters)
 {
     if (null !== $this->pluginRegistry) {
         $pluginResponse = $this->pluginRegistry->run($request, $route);
         if ($pluginResponse instanceof Response) {
             // received Response from plugin, return this immediately
             return $pluginResponse;
         }
         $availableRouteCallbackParameters = array_merge($availableRouteCallbackParameters, $pluginResponse);
     }
     $availableRouteCallbackParameters[get_class($request)] = $request;
     $response = $route->executeCallback($availableRouteCallbackParameters);
     if (!$response instanceof Response) {
         // if the response is a string, we assume it needs to be sent back
         // to the client as text/html
         if (!is_string($response)) {
             throw new RuntimeException('callback return value must be Response object or string');
         }
         $htmlResponse = new Response();
         $htmlResponse->setBody($response);
         return $htmlResponse;
     }
     return $response;
 }