コード例 #1
0
 /**
  * @param \Symfony\Component\Form\FormInterface                                                                $form
  * @param \Psr\Http\Message\ServerRequestInterface                                                             $request
  * @param \OAuth2\Endpoint\Authorization\AuthorizationInterface                                                $authorization
  * @param \SpomkyLabs\OAuth2ServerBundle\Plugin\AuthorizationEndpointPlugin\Form\Model\AuthorizationModel      $authorization_model
  *
  * @return bool
  */
 public function handle(FormInterface $form, ServerRequestInterface $request, AuthorizationInterface $authorization, AuthorizationModel $authorization_model)
 {
     if ('POST' !== $request->getMethod()) {
         return false;
     }
     $httpFoundationFactory = new HttpFoundationFactory();
     $symfony_request = $httpFoundationFactory->createRequest($request);
     $form->submit($symfony_request->get($form->getName()));
     if (!$form->isValid()) {
         return false;
     }
     $button = $form->get('accept');
     if (!$button instanceof ClickableInterface) {
         throw new InvalidArgumentException('Unable to find the button named "accept".');
     }
     $authorization->setAuthorized($button->isClicked());
     $refused_scopes = array_diff($authorization->getScopes(), $authorization_model->getScopes());
     foreach ($refused_scopes as $refused_scope) {
         $authorization->removeScope($refused_scope);
     }
     return true;
 }
コード例 #2
0
 /**
  * @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization
  *
  * @return bool
  */
 private function isOfflineAccess(AuthorizationInterface $authorization)
 {
     // The scope offline_access is not requested
     if (!in_array('offline_access', $authorization->getScopes())) {
         return false;
     }
     // The scope offline_access is requested but prompt is not consent
     // The scope offline_access is ignored
     if (!$authorization->hasQueryParam('prompt') || !in_array('consent', $authorization->getQueryParam('prompt'))) {
         $authorization->removeScope('offline_access');
         return false;
     }
     return true;
 }