/** * */ public function createAction() { $isPublic = (bool) ($this->params('public') ?: $this->showPrompt('public')); $description = $this->params('description') ?: $this->showPrompt('description'); $grantTypes = $this->params('grant-types') ?: $this->showPrompt('grant-types'); $redirectUri = $this->params('redirect-uri') ?: $this->showPrompt('redirect-uri'); $secret = null; $encryptedSecret = null; if (!$isPublic) { $secret = Rand::getString(32); $encryptedSecret = $this->password->create($secret); } if ($grantTypes) { $grantTypes = explode(',', $grantTypes); array_walk($grantTypes, function (&$grant) { $grant = trim($grant); }); } $client = new Client(null, $encryptedSecret, null, $grantTypes, $redirectUri, $description); $this->clientMapper->save($client); $this->getConsole()->writeLine(); $this->getConsole()->writeLine('* Client created *', Color::GREEN); if (!$isPublic) { $this->getConsole()->writeLine('The client secret was auto-generated and encrypted. Please store it safely.'); $this->getConsole()->writeLine("Don't ever disclose the client secret publicly", Color::YELLOW); $this->getConsole()->writeLine(); } $this->getConsole()->writeLine("UUID: \t\t" . $client->getUuid()); if (!$isPublic) { $this->getConsole()->writeLine("Secret: \t" . $secret); } $this->getConsole()->writeLine("Grant types: \t" . implode(', ', $client->getGrantTypes())); $this->getConsole()->writeLine("Description: \t" . $client->getDescription()); $this->getConsole()->writeLine("Redirect URI: \t" . $client->getRedirectUri()); }
/** * @param RequestInterface $request * @param ResponseInterface $response * * @return bool */ public function validateRequest(RequestInterface $request, ResponseInterface $response) { $providerName = $request->request('provider'); $providerUserId = $request->request('provider_user_id'); $providerAccessToken = $request->request('provider_access_token'); if (!$providerName || !$providerUserId || !$providerAccessToken) { $response->setError(400, 'invalid_request', 'One or more missing parameter: "provider", "provider_user_id" and "provider_access_token" are required'); return false; } $provider = isset($this->providers[$providerName]) ? $this->providers[$providerName] : null; if (!$provider instanceof ProviderInterface) { $response->setError(400, 'invalid_request', 'Unknown provider selected'); return false; } try { $errorMessage = ''; if (!$provider->validate($providerUserId, $providerAccessToken, $errorMessage)) { $response->setError(401, 'invalid_grant', 'Invalid third party credentials: ' . $errorMessage); return false; } } catch (ClientException $e) { $response->setError($e->getCode(), 'provider_client_error', $e->getMessage()); return false; } catch (Exception $e) { $response->setError(500, 'provider_error', $e->getMessage()); return false; } $token = $request->request('access_token'); $accessToken = $token ? $this->accessTokenMapper->findByToken($token) : null; if ($accessToken instanceof Entity\AccessToken && $accessToken->isExpired()) { $response->setError(401, 'invalid_grant', 'Access token is expired'); return false; } $thirdPartyUser = $this->thirdPartyMapper->findByProvider($provider); switch (true) { // a known user tries to connect with third party credentials owned by another user? issue an error case $accessToken instanceof Entity\AccessToken && $thirdPartyUser instanceof Entity\ThirdParty && $thirdPartyUser->getUser() !== $accessToken->getUser(): $response->setError(400, 'invalid_request', 'Another user is already registered with same credentials'); return false; // known third party credentials? update the data and grab the user form it // known third party credentials? update the data and grab the user form it case $thirdPartyUser instanceof Entity\ThirdParty: $thirdPartyUser->setData($provider->getUserData()); $user = $thirdPartyUser->getUser(); break; // valid access token? grab the user form it // valid access token? grab the user form it case $accessToken instanceof Entity\AccessToken: $user = $accessToken->getUser(); break; // no third party credentials or access token? it's a new user // no third party credentials or access token? it's a new user default: $userClass = $this->moduleOptions->getUserEntityClassName(); $user = new $userClass(); } // in case 3 and 4 we need to connect the user with new third party credentials if (!$thirdPartyUser instanceof Entity\ThirdParty) { $this->connectUserToThirdParty($user, $provider); } $this->userMapper->save($user); $this->user = $user; return true; }