public function create(Request $request) { $operatorId = (int) Authorizer::getResourceOwnerId(); $operator = User::findOrFail($operatorId); $data = $request->only(['client_id', 'name', 'homepage_url', 'logo_url', 'description', 'redirect_uri', 'scopes']); $validator = Validator::make($data, ['client_id' => 'required|unique:apps,client_id', 'name' => 'required|max:256', 'homepage_url' => 'url', 'logo_url' => 'url', 'redirect_uri' => 'required|url']); if ($validator->fails() === true) { return response()->json(['error' => $validator->errors()], 400); } if (isset($data['scopes'])) { $failed_list = $this->checkOAuthScope($data['scopes']); if (count($failed_list) > 0) { return response()->json(['error' => '存在非法的权限值:' . implode(',', $failed_list)], 400); } } $data['author_id'] = $operatorId; $data['secret'] = Hash::make(time()); $data['status'] = 0; if ($operator->group === 1) { $data['status'] = 1; } if (isset($data['description'])) { $data['description'] = preg_replace('/<(.+?)>|<(\\/.+?)>/', '<$1>', $data['description']); } $app = new App($data); $app->save(); if ($app->status > 0) { $this->addOAuthClient($app); } $app = $this->unfoldAppInfo($app); return response()->json($app, 201); }