public function getOAuth()
{
$code = $this->poniverse->getClient()->getAccessToken(Config::get('poniverse.urls')['token'], 'authorization_code', ['code' => Input::query('code'), 'redirect_uri' => action('AuthController@getOAuth')]);
if ($code['code'] != 200) {
if ($code['code'] == 400 && $code['result']['error_description'] == 'The authorization code has expired' && !isset($this->request['login_attempt'])) {
return Redirect::to($this->poniverse->getAuthenticationUrl('login_attempt'));
}
return Redirect::to('/')->with('message', 'Unfortunately we are having problems attempting to log you in at the moment. Please try again at a later time.');
}
$this->poniverse->setAccessToken($code['result']['access_token']);
$poniverseUser = $this->poniverse->getUser();
$token = DB::table('oauth2_tokens')->where('external_user_id', '=', $poniverseUser['id'])->where('service', '=', 'poniverse')->first();
$setData = ['access_token' => $code['result']['access_token'], 'expires' => date('Y-m-d H:i:s', strtotime("+" . $code['result']['expires_in'] . " Seconds", time())), 'type' => $code['result']['token_type']];
if (isset($code['result']['refresh_token']) && !empty($code['result']['refresh_token'])) {
$setData['refresh_token'] = $code['result']['refresh_token'];
}
if ($token) {
//User already exists, update access token and refresh token if provided.
DB::table('oauth2_tokens')->where('id', '=', $token->id)->update($setData);
return $this->loginRedirect(User::find($token->user_id));
}
// Check by login name to see if they already have an account
$user = User::findOrCreate($poniverseUser['username'], $poniverseUser['display_name'], $poniverseUser['email']);
if ($user->wasRecentlyCreated) {
return $this->loginRedirect($user);
}
// We need to insert a new token row :O
$setData['user_id'] = $user->id;
$setData['external_user_id'] = $poniverseUser['id'];
$setData['service'] = 'poniverse';
DB::table('oauth2_tokens')->insert($setData);
return $this->loginRedirect($user);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string $requiredScope
* @return mixed
* @throws \OAuth2\Exception
*/
public function handle(Request $request, Closure $next, $requiredScope)
{
// Ensure this is a valid OAuth client.
$accessToken = $this->determineAccessToken($request, false);
// check that access token is valid at Poniverse.net
$accessTokenInfo = $this->poniverse->getAccessTokenInfo($accessToken);
if (!$accessTokenInfo->getIsActive()) {
throw new AccessDeniedHttpException('This access token is expired or invalid!');
}
if (!in_array($requiredScope, $accessTokenInfo->getScopes())) {
throw new AccessDeniedHttpException("This access token lacks the '{$requiredScope}' scope!");
}
// Log in as the given user, creating the account if necessary.
$this->poniverse->setAccessToken($accessToken);
$this->session->put('api_client_id', $accessTokenInfo->getClientId());
$poniverseUser = $this->poniverse->getUser();
$user = User::findOrCreate($poniverseUser['username'], $poniverseUser['display_name'], $poniverseUser['email']);
$this->auth->onceUsingId($user);
return $next($request);
}
