/** * Handle the request. * * @return void * * @since 12.3 */ public function execute() { // Verify that we have an OAuth 2.0 application. $this->initialise(); // Get the credentials for the request. $credentials = new ROauth2Credentials($this->request); $credentials->load(); // Getting the client object $client = $this->fetchClient($this->request->client_id); // Doing authentication using Joomla! users $credentials->doJoomlaAuthentication($client); // Load the JUser class on application for this client $this->app->loadIdentity($client->_identity); // Ensure the credentials are authorised. if ($credentials->getType() === ROauth2Credentials::TOKEN) { $this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.'); } // Ensure the credentials are authorised. if ($credentials->getType() !== ROauth2Credentials::AUTHORISED) { $this->respondError(400, 'invalid_request', 'The token has not been authorised by the resource owner.'); } // Convert the credentials to valid Token credentials for requesting protected resources. $credentials->convert(); // Build the response for the client. $response = array('access_token' => $credentials->getAccessToken(), 'expires_in' => 'P60M', 'refresh_token' => $credentials->getRefreshToken()); // Set the response code and body. $this->response->setHeader('status', '200')->setBody(json_encode($response))->respond(); }
/** * Handle the request. * * @return void * * @since 1.0 */ public function execute() { // Verify that we have an OAuth 2.0 application. $this->initialise(); // Generate temporary credentials for the client. $credentials = new ROauth2Credentials($this->request); $credentials->load(); // Getting the client object $client = $this->fetchClient($this->request->client_id); // Ensure the credentials are authorised. if ($credentials->getType() !== ROauth2Credentials::TOKEN) { $this->respondError(400, 'invalid_request', 'The token is not for a valid credentials yet.'); } // Ensure the credentials are authorised. if (!$credentials->sign()) { $this->respondError(400, 'unauthorized_client', 'Invalid sign'); } // Load the JUser class on application for this client $this->app->loadIdentity($client->_identity); }
/** * Handle the request. * * @return void * * @since 12.3 */ public function execute() { // Verify that we have an rest api application. $this->initialise(); // Generate temporary credentials for the client. $credentials = new ROauth2Credentials($this->request); $credentials->load(); // Getting the client object $client = $this->fetchClient($this->request->client_id); // Doing authentication using Joomla! users $credentials->doJoomlaAuthentication($client); // Load the JUser class on application for this client $this->app->loadIdentity($client->_identity); // Verify that we have a signed in user. if ($credentials->getTemporaryToken() !== $this->request->code) { $this->respondError(400, 'invalid_grant', 'Temporary token is not valid'); } // Ensure the credentials are temporary. if ((int) $credentials->getType() !== ROauth2Credentials::TEMPORARY) { $this->respondError(400, 'invalid_request', 'The token is not for a temporary credentials set.'); } // Verify that we have a signed in user. if ($this->app->getIdentity()->get('guest')) { $this->respondError(400, 'unauthorized_client', 'You must first sign in.'); } // Attempt to authorise the credentials for the current user. $credentials->authorise($this->app->getIdentity()->get('id')); /* if ($credentials->getCallbackUrl() && $credentials->getCallbackUrl() != 'oob') { $this->app->redirect($credentials->getCallbackUrl()); return; } */ // Build the response for the client. $response = array('oauth_code' => $credentials->getTemporaryToken(), 'oauth_state' => true); // Set the response code and body. $this->response->setHeader('status', '200')->setBody(json_encode($response))->respond(); exit; }