public function onPreAuthorizationProcess(OAuthEvent $event)
 {
     /** @var Client $client */
     $client = $event->getClient();
     if ($client->isSkipClientAuth()) {
         $event->setAuthorizedClient(true);
     } else {
         /** @var UserInterface $user */
         $user = $event->getUser();
         //if there is already a token, don't prompt the request for the permissions again
         //@TODO need to verify you asking for the same permissions!
         $event->setAuthorizedClient($this->accessTokenManager->findTokenBy(['client' => $client, 'user' => $user]) != null);
     }
 }
Esempio n. 2
0
 /**
  * {@inheritdoc}
  * @param Request $request
  * @return Response
  */
 public function onLogoutSuccess(Request $request)
 {
     if ($accessToken = $this->accessTokenManager->findTokenByToken($request->get('access_token'))) {
         $this->accessTokenManager->deleteToken($accessToken);
     }
     if ($accessToken = $this->accessTokenManager->findTokenByToken($request->cookies->get('access_token'))) {
         $this->accessTokenManager->deleteToken($accessToken);
     }
     if ($accessToken = $request->server->get('HTTP_AUTHORIZATION')) {
         if ($accessTokenObj = $this->accessTokenManager->findTokenByToken(substr($accessToken, 7))) {
             $this->accessTokenManager->deleteToken($accessTokenObj);
         }
     }
     if ($refreshToken = $this->refreshTokenManager->findTokenByToken($request->cookies->get('refresh_token'))) {
         $this->refreshTokenManager->deleteToken($refreshToken);
     }
     $request->headers->remove('Authorization');
     $request->server->remove('HTTP_AUTHORIZATION');
     $request->cookies->remove('access_token');
     $request->cookies->remove('refresh_token');
     $response = Response::create();
     $response->headers->clearCookie('access_token');
     $response->headers->clearCookie('refresh_token');
     return $response;
 }
 public function createAccessToken($tokenString, IOAuth2Client $client, $data, $expires, $scope = null)
 {
     if (!$client instanceof ClientInterface) {
         throw new \InvalidArgumentException('Client has to implement the ClientInterface');
     }
     $token = $this->accessTokenManager->createToken();
     $token->setToken($tokenString);
     $token->setClient($client);
     $token->setExpiresAt($expires);
     $token->setScope($scope);
     if (null !== $data) {
         $token->setUser($data);
     }
     $this->accessTokenManager->updateToken($token);
     return $token;
 }