/** * Logs the user in. * * @return \API\Document\User The user document */ public function loginGet($request) { // CSRF protection $_SESSION['csrfToken'] = OAuth::generateCsrfToken(); }
/** * @param [type] $request [description] * * @return [type] [description] */ public function authorizeGet($request) { // CSRF protection $_SESSION['csrfToken'] = Util\OAuth::generateCsrfToken(); $params = new Set($request->get()); $requiredParams = ['response_type', 'client_id', 'redirect_uri', 'scope']; //TODO: Use json-schema validator foreach ($requiredParams as $requiredParam) { if (!$params->has($requiredParam)) { throw new \Exception('Parameter ' . $requiredParam . ' is missing!', Resource::STATUS_BAD_REQUEST); } } if ($params->get('response_type') !== 'code') { throw new \Exception('Invalid response_type specified.', Resource::STATUS_BAD_REQUEST); } $collection = $this->getDocumentManager()->getCollection('oAuthClients'); $cursor = $collection->find(); $cursor->where('clientId', $params->get('client_id')); $clientDocument = $cursor->current(); if (null === $clientDocument) { throw new \Exception('Invalid client_id', Resource::STATUS_BAD_REQUEST); } if ($params->get('redirect_uri') !== $clientDocument->getRedirectUri()) { throw new \Exception('Redirect_uri mismatch!', Resource::STATUS_BAD_REQUEST); } $collection = $this->getDocumentManager()->getCollection('authScopes'); $scopeDocuments = []; $scopes = explode(',', $params->get('scope')); foreach ($scopes as $scope) { $cursor = $collection->find(); $cursor->where('name', $scope); $scopeDocument = $cursor->current(); if (null === $scopeDocument) { throw new \Exception('Invalid scope given!', Resource::STATUS_BAD_REQUEST); } $scopeDocuments[] = $scopeDocument; } $this->client = $clientDocument; $this->scopes = $scopeDocuments; }