public function testAuthorizationUrl() { $url = $this->provider->getAuthorizationUrl(); $uri = parse_url($url); parse_str($uri['query'], $query); $this->assertArrayHasKey('client_id', $query); $this->assertArrayHasKey('redirect_uri', $query); $this->assertArrayHasKey('state', $query); $this->assertArrayHasKey('scope', $query); $this->assertArrayHasKey('response_type', $query); $this->assertArrayHasKey('approval_prompt', $query); $this->assertNotNull($this->provider->getState()); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()); return $this->authenticate(compact('email'), compact('username')); }