/** * Add correct credentials to the token request if grant_type is authorization_code * * @param RequestEvent $event */ public function onTokenRequest(RequestEvent $event) { if ($event->getRequest() !== null) { return; } $credentialsProvider = $this->credentialsProvider; $server = $credentialsProvider->getServerCredentials(); if ($server->supports("authorization_code") === false) { return; } $authCode = $this->tokenManager->findToken("authorization_code"); if ($authCode === null) { return; } if ($authCode->isExpired()) { return; } $client = $credentialsProvider->getClientCredentials(); $code = $authCode->getToken(); $queryData = ["grant_type" => "authorization_code", "code" => $code, "client_id" => $client->getClientId(), "client_secret" => $client->getClientSecret(), "redirect_uri" => $client->getRedirectUri()]; $queryString = http_build_query($queryData); $uri = $server->getTokenUrl() . "?" . $queryString; $request = new Request("GET", $uri); $event->setRequest($request); }
/** * @param RequestEvent $event */ public function onTokenRequest(RequestEvent $event) { if ($event->getRequest() !== null) { return; } $server = $this->credentialsProvider->getServerCredentials(); if (!$server->supports("refresh_token")) { return; } $refreshToken = $this->tokenManager->findToken("refresh_token"); if ($refreshToken === null) { return; } if ($refreshToken->isExpired()) { return; } $client = $this->credentialsProvider->getClientCredentials(); $token = $refreshToken->getToken(); $requestArgs = ["grant_type" => "refresh_token", "refresh_token" => $token, "client_id" => $client->getClientId(), "client_secret" => $client->getClientSecret()]; $tokenUrl = $server->getTokenUrl(); $queryString = http_build_query($requestArgs); $uri = $tokenUrl . "?" . $queryString; $request = new Request("GET", $uri); $event->setRequest($request); }
/** * Validates the CSRF token * * @param ServerRequestEvent $event * * @throws CsrfException */ public function onAuthorizationResponse(ServerRequestEvent $event) { $arguments = $event->getServerRequest()->getQueryParams(); if (!isset($arguments['state'])) { throw new CsrfException(); } $stateToken = $this->tokenManager->findToken("state"); if ($stateToken === null) { throw new CsrfException(); } $state = $stateToken->getToken(); if ($state !== $arguments['state']) { throw new CsrfException(); } $this->tokenManager->removeToken($stateToken); }