public function buildToken(Request $req, $firewallName) { $token = $this->provider->getAccessToken('authorization_code', ['code' => $req->query->get('code')]); $providerKey = $req->attributes->get('provider'); // We got an access token, let's now get the user's details /** @var \League\OAuth2\Client\Entity\User */ $userDetails = $this->provider->getUserDetails($token); $internToken = new Token($firewallName, $providerKey, $userDetails->uid, [self::IDENTIFIED]); $internToken->setAttribute('nickname', $userDetails->name); $internToken->setAttribute('gender', ($userDetails->gender = 'male') ? 'xy' : 'xx'); $this->logger->debug('facebook', $userDetails->getArrayCopy()); return $internToken; }
public function testUserData() { $postResponse = m::mock('Guzzle\\Http\\Message\\Response'); $postResponse->shouldReceive('getBody')->times(1)->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&uid=1'); $getResponse = m::mock('Guzzle\\Http\\Message\\Response'); $getResponse->shouldReceive('getBody')->andReturn('{"id": 12345, "name": "mock_name", "username": "******", "first_name": "mock_first_name", "last_name": "mock_last_name", "email": "mock_email", "Location": "mock_home", "bio": "mock_description", "link": "mock_facebook_url"}'); $getResponse->shouldReceive('getInfo')->andReturn(['url' => 'mock_image_url']); $client = m::mock('Guzzle\\Service\\Client'); $client->shouldReceive('setBaseUrl')->times(5); $client->shouldReceive('post->send')->times(1)->andReturn($postResponse); $client->shouldReceive('get->send')->andReturn($getResponse); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $user = $this->provider->getUserDetails($token); $this->assertEquals(12345, $this->provider->getUserUid($token)); $this->assertEquals(['mock_first_name', 'mock_last_name'], $this->provider->getUserScreenName($token)); $this->assertEquals('mock_email', $this->provider->getUserEmail($token)); $this->assertEquals('mock_email', $user->email); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()); return $this->authenticate(compact('email'), compact('username')); }
public function testProperlyHandlesErrorResponses() { $postResponse = m::mock('Psr\\Http\\Message\\ResponseInterface'); $postResponse->shouldReceive('getHeader')->times(1)->andReturn('application/json'); $postResponse->shouldReceive('getBody')->times(1)->andReturn('{"error":{"message":"Foo auth error","type":"OAuthException","code":191}}'); $client = m::mock('GuzzleHttp\\ClientInterface'); $client->shouldReceive('send')->times(1)->andReturn($postResponse); $this->provider->setHttpClient($client); $errorMessage = ''; $errorCode = 0; try { $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); } catch (IdentityProviderException $e) { $errorMessage = $e->getMessage(); $errorCode = $e->getCode(); } $this->assertEquals('OAuthException: Foo auth error', $errorMessage); $this->assertEquals(191, $errorCode); }
/** * It will return uid, token and information user to save database * * @return array */ public function authorize() { $this->view->disable(); $provider = new Facebook(['clientId' => $this->clientId, 'clientSecret' => $this->clientSecret, 'redirectUri' => $this->redirectUriAuthorize]); $code = $this->request->getQuery('code'); $state = $this->request->getQuery('state'); if (!isset($code)) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $this->session->set('oauth2state', $provider->state); return $this->response->redirect($authUrl); // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($state) || $state !== $this->session->get('oauth2state')) { $this->session->remove('oauth2state'); exit('Invalid state'); } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', ['code' => $code]); $uid = $provider->getUserUid($token); $userDetails = $provider->getUserDetails($token); return array($uid, $token, $userDetails); } }
/** * Refresh Facebook access token * @return AccessToken */ public function getRefreshToken(AccessToken $token) { $token = $this->facebookProvider->getAccessToken($this->grantRefreshToken, ['refreshToken' => $token->refreshToken]); return $token; }