/**
* Retrieves the currently authenticate user's username.
*
* @return User
*
* @throws InvalidRequestException
* @throws AccessDeniedException
*/
public function getCurrentUser()
{
$this->server->isValidRequest();
// Choooo chooo!!
$ownerId = $this->server->getAccessToken()->getSession()->getOwnerId();
return $this->speakerRepository->findById($ownerId);
}
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
try {
$this->resourceServer->isValidRequest(true);
} catch (AccessDeniedException $e) {
throw new AuthenticationException(sprintf('OAuth token "%s" does not exist or is expired.', $token->getCredentials()));
}
$userIdentifier = $this->resourceServer->getAccessToken()->getSession()->getOwnerId();
try {
$user = $userProvider->loadUserByUsername($userIdentifier);
} catch (UsernameNotFoundException $e) {
$e->setUsername($userIdentifier);
throw $e;
}
return new PreAuthenticatedToken($user, $token->getCredentials(), $providerKey, $user->getRoles());
}
/**
* get the client id of the current request
* @return string
*/
public function getClientId()
{
if (!$this->checker->getAccessToken()) {
trigger_error("Non Access Token Request", E_USER_ERROR);
}
return $this->checker->getAccessToken()->getSession()->getClient()->getId();
}
public function getUser(Request $request)
{
try {
$this->Server->isValidRequest(true, $request->query('access_token'));
$ownerModel = $this->Server->getAccessToken()->getSession()->getOwnerType();
$ownerId = $this->Server->getAccessToken()->getSession()->getOwnerId();
$event = new Event('OAuthServer.getUser', $request, [$ownerModel, $ownerId]);
EventManager::instance()->dispatch($event);
if ($event->result) {
return $event->result;
} else {
$model = TableRegistry::get($ownerModel);
return $model->get($ownerId)->toArray();
}
} catch (OAuthException $e) {
$this->_exception = $e;
return false;
}
}
/**
* Get the client id of the current request.
*
* @return string
*/
public function getClientId()
{
return $this->checker->getAccessToken()->getSession()->getClient()->getId();
}
/**
* @return string
*/
public function getClientId()
{
return $this->resourceServer->getAccessToken()->getSession()->getClient()->getId();
}
function it_returns_the_client_id(ResourceServer $checker, AccessTokenEntity $accessTokenEntity, SessionEntity $sessionEntity, ClientEntity $clientEntity)
{
$clientEntity->getId()->willReturn('1')->shouldBeCalled();
$sessionEntity->getClient()->willReturn($clientEntity)->shouldBeCalled();
$accessTokenEntity->getSession()->willReturn($sessionEntity)->shouldBeCalled();
$checker->getAccessToken()->willReturn($accessTokenEntity)->shouldBeCalled();
$this->getClientId()->shouldReturn('1');
}
/**
* @param ResourceServer $resourceServer
* @param EmitterInterface $emitter
* @param string $ownerId
*/
private function resourceServerWillReturnOwnerId(ResourceServer $resourceServer, EmitterInterface $emitter, $ownerId)
{
$resourceServer->getEventEmitter()->willReturn($emitter);
$sessionEntity = new SessionEntity($resourceServer->getWrappedObject());
$sessionEntity->setOwner('user', $ownerId);
$accessTokenEntity = new AccessTokenEntity($resourceServer->getWrappedObject());
$accessTokenEntity->setSession($sessionEntity);
$resourceServer->getAccessToken()->willReturn($accessTokenEntity);
}
/**
* The route responsible for giving user information
*
* @param Router $router
* @param ResourceServer $resourceServer
* @return \Response
*/
private function userDetailsRoute(Router $router, ResourceServer $resourceServer)
{
$router->get(Config::get('laravel-oauth2-server.user_details_path'), function () use($resourceServer) {
try {
$accessToken = new AccessTokenEntity($resourceServer);
$accessToken->setId(Request::input('access_token'));
$resourceServer->isValidRequest(false, $accessToken);
$session = $resourceServer->getSessionStorage()->getByAccessToken($accessToken);
if (!($session->getOwnerType() === 'user' && $resourceServer->getAccessToken()->hasScope('uid'))) {
throw new AccessDeniedException();
}
return response()->json(['id' => $session->getOwnerId()]);
} catch (InvalidRequestException $ire) {
return response()->json(['error' => $ire->getCode(), 'message' => $ire->getMessage()], $ire->httpStatusCode);
} catch (AccessDeniedException $acd) {
return response()->json(['error' => $acd->getCode(), 'message' => $acd->getMessage()], $acd->httpStatusCode);
} catch (Exception $e) {
return response()->json(['error' => $e->getCode(), 'message' => $e->getMessage()], 500);
}
});
}
use Orno\Http\Response;
use RelationalExample\Model;
use RelationalExample\Storage;
include __DIR__ . '/vendor/autoload.php';
// Set up the OAuth 2.0 resource server
$sessionStorage = new Storage\SessionStorage();
$accessTokenStorage = new Storage\AccessTokenStorage();
$clientStorage = new Storage\ClientStorage();
$scopeStorage = new Storage\ScopeStorage();
$server = new ResourceServer($sessionStorage, $accessTokenStorage, $clientStorage, $scopeStorage);
// Routing setup
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
// GET /tokeninfo
$router->get('/tokeninfo', function (Request $request) use($server) {
$accessToken = $server->getAccessToken();
$session = $server->getSessionStorage()->getByAccessToken($accessToken);
$token = ['owner_id' => $session->getOwnerId(), 'owner_type' => $session->getOwnerType(), 'access_token' => $accessToken, 'client_id' => $session->getClient()->getId(), 'scopes' => $accessToken->getScopes()];
return new Response(json_encode($token));
});
// GET /users
$router->get('/users', function (Request $request) use($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = ['username' => $result['username'], 'name' => $result['name']];
if ($server->getAccessToken()->hasScope('email')) {
$user['email'] = $result['email'];
}
if ($server->getAccessToken()->hasScope('photo')) {
$user['photo'] = $result['photo'];
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string $scope
* @return mixed
*/
public function handle(Request $request, Closure $next, $scope = '')
{
// Set up the OAuth 2.0 resource server
$server = new ResourceServer(new SessionStorage(), new AccessTokenStorage(), new ClientStorage(), new ScopeStorage());
$isError = false;
try {
// Check that access token is present
$server->isValidRequest();
} catch (OAuthException $e) {
// Catch an OAuth exception
$response = new Response(['error' => $e->errorType, 'message' => $e->getMessage()], $e->httpStatusCode, $e->getHttpHeaders());
$isError = true;
} catch (\Exception $e) {
$response = new Response(['error' => $e->getCode(), 'message' => $e->getMessage()], 500, []);
$isError = true;
}
if (!$isError) {
// Get session info
$session = $server->getSessionStorage()->getByAccessToken($server->getAccessToken());
if (!$session instanceof SessionEntity) {
$isError = true;
}
}
if (!$isError) {
// Get user info
$user = null;
if ($session->getOwnerType() === 'user') {
$user = User::find($session->getOwnerId());
if (!$user instanceof User) {
$isError = true;
}
}
}
if (!$isError) {
// Get client info
$client = $server->getClientStorage()->getCompleteBySession($session);
if (!$client instanceof ClientEntity) {
$isError = true;
}
}
if (!$isError) {
// Get scopes info
$scopes = $session->getScopes();
if (!empty($scope)) {
$isScopeFound = false;
if (!is_null($scopes) && is_array($scopes)) {
foreach ($scopes as $scopeEntity) {
if ($scopeEntity->getId() === $scope) {
$isScopeFound = true;
break;
}
}
}
if (!$isScopeFound) {
$response = new Response(['error' => 'invalid_client', 'message' => 'Client authentication failed.'], 401);
$isError = true;
}
}
}
if ($isError) {
$response->headers->set('Content-type', 'application/json');
return $response;
} else {
// Put the identified client & scopes into request
// for further app process
$request->merge(['identified_oauth' => ['client' => $client, 'user' => $user, 'scopes' => $scopes]]);
}
return $next($request);
}
