public function create(Request $request)
{
$operatorId = (int) Authorizer::getResourceOwnerId();
$operator = User::findOrFail($operatorId);
$data = $request->only(['client_id', 'name', 'homepage_url', 'logo_url', 'description', 'redirect_uri', 'scopes']);
$validator = Validator::make($data, ['client_id' => 'required|unique:apps,client_id', 'name' => 'required|max:256', 'homepage_url' => 'url', 'logo_url' => 'url', 'redirect_uri' => 'required|url']);
if ($validator->fails() === true) {
return response()->json(['error' => $validator->errors()], 400);
}
if (isset($data['scopes'])) {
$failed_list = $this->checkOAuthScope($data['scopes']);
if (count($failed_list) > 0) {
return response()->json(['error' => '存在非法的权限值:' . implode(',', $failed_list)], 400);
}
}
$data['author_id'] = $operatorId;
$data['secret'] = Hash::make(time());
$data['status'] = 0;
if ($operator->group === 1) {
$data['status'] = 1;
}
if (isset($data['description'])) {
$data['description'] = preg_replace('/<(.+?)>|<(\\/.+?)>/', '<$1>', $data['description']);
}
$app = new App($data);
$app->save();
if ($app->status > 0) {
$this->addOAuthClient($app);
}
$app = $this->unfoldAppInfo($app);
return response()->json($app, 201);
}
