public function testAuthorizationUrl()
{
$url = $this->provider->getAuthorizationUrl();
$uri = parse_url($url);
parse_str($uri['query'], $query);
$this->assertArrayHasKey('client_id', $query);
$this->assertArrayHasKey('redirect_uri', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->getState());
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request, array $routeParams = [])
{
session_start();
$provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']);
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]);
$_SESSION['oauth2state'] = $provider->getState();
return new RedirectResponse($authUrl);
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
echo 'Invalid state.';
exit;
}
$token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);
$owner = $provider->getResourceOwner($token);
$email = $owner->getEmail();
$username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName());
return $this->authenticate(compact('email'), compact('username'));
}
