/** * Get Access Token * * @param string $code Access code sent by OAuth provider authorization callback * @param array $params Optional array of additional query parameters to send (key/value) * @return string */ public function getAccessToken($code, $params = array()) { $params['code'] = $code; $params['redirect_uri'] = $this->redirectUrl; $response = $this->client->getAccessToken($this->getTokenUrl(), 'authorization_code', $params); return $response; }
/** * @param array $params * @return string * @throws Exception */ public function authenticate(array $params) { if (!isset($params['code']) || empty($params['code'])) { throw new Exception('Authentication failed, invalid or empty code.'); } $oAuthConf = Config::$a['oauth']['providers'][$this->authProvider]; $client = new Client($oAuthConf['clientId'], $oAuthConf['clientSecret']); $client->setAccessTokenType(Client::ACCESS_TOKEN_OAUTH); $response = $client->getAccessToken('https://api.twitch.tv/kraken/oauth2/token', 'authorization_code', array('redirect_uri' => sprintf(Config::$a['oauth']['callback'], $this->authProvider), 'code' => $params['code'])); if (empty($response) || isset($response['error'])) { throw new Exception('Invalid access_token response'); } if (!isset($response['result']) || empty($response['result']) || !isset($response['result']['access_token'])) { throw new Exception('Failed request for access token'); } $client->setAccessToken($response['result']['access_token']); $response = $client->fetch('https://api.twitch.tv/kraken/user'); if (empty($response['result']) || isset($response['error'])) { throw new Exception('Invalid user details response'); } if (is_string($response['result'])) { throw new Exception(sprintf('Invalid auth result %s', $response['result'])); } $authCreds = $this->getAuthCredentials($params['code'], $response['result']); $authCredHandler = new AuthenticationRedirectionFilter(); return $authCredHandler->execute($authCreds); }
/** * @param array $params * @return string * @throws Exception */ public function authenticate(array $params) { if (!isset($params['code']) || empty($params['code'])) { throw new Exception('Authentication failed, invalid or empty code.'); } $oAuthConf = Config::$a['oauth']['providers'][$this->authProvider]; $client = new Client($oAuthConf['clientId'], $oAuthConf['clientSecret'], Client::AUTH_TYPE_AUTHORIZATION_BASIC); $client->setAccessTokenType(Client::ACCESS_TOKEN_BEARER); $response = $client->getAccessToken('https://ssl.reddit.com/api/v1/access_token', 'authorization_code', array('redirect_uri' => sprintf(Config::$a['oauth']['callback'], $this->authProvider), 'code' => $params['code'])); if (empty($response) || isset($response['error'])) { throw new Exception('Invalid access_token response'); } if (!isset($response['result']) || empty($response['result']) || !isset($response['result']['access_token'])) { throw new Exception('Failed request for access token'); } $client->setAccessToken($response['result']['access_token']); // Reddit requires a User-Agent $info = $client->fetch("https://oauth.reddit.com/api/v1/me.json", array(), 'GET', array('User-Agent' => 'destiny.gg/' . Config::version())); if (empty($info['result']) || !is_array($info['result']) || isset($info['error'])) { throw new Exception('Invalid user details response'); } $authCreds = $this->getAuthCredentials($params['code'], $info['result']); $authCredHandler = new AuthenticationRedirectionFilter(); return $authCredHandler->execute($authCreds); }
private function login() { try { // Make the call $auth_response = $this->oauth_client->getAccessToken('password', ['username' => '*****@*****.**', 'password' => 'Asdw1234##']); // Parse it $access_token = null !== $auth_response->getToken() ? $auth_response->getToken() : false; if (!$access_token) { throw new ApiException('Invalid access_token - Retry login.'); } // Set it and persist it, if needed $this->setAccessToken($access_token); // get user info from resource owner $resourceOwner = $this->oauth_client->getResourceOwner($auth_response); $user = $resourceOwner->toArray(); $this->setUser($user); return true; } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token exit($e->getMessage()); } }
/** * Gets information about the given access token. * * @link https://tools.ietf.org/html/draft-richer-oauth-introspection-06 * * @param $accessTokenToIntrospect * @return \Poniverse\AccessTokenInfo * @throws InvalidAccessTokenException * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function getAccessTokenInfo($accessTokenToIntrospect) { $token = $this->client->getAccessToken(Config::get('poniverse.urls.token'), Client::GRANT_TYPE_CLIENT_CREDENTIALS, [])['result']['access_token']; $request = \Httpful\Request::post($this->urls['api'] . 'meta/introspect?token=' . $accessTokenToIntrospect); /** @var Httpful\Response $result */ $result = $request->addHeader('Accept', 'application/json')->addHeader('Authorization', 'Bearer ' . $token)->send(); $data = json_decode($result, true); if (404 === $result->code) { throw new InvalidAccessTokenException('This access token is expired or invalid!'); } if (200 !== $result->code) { throw new \Symfony\Component\HttpKernel\Exception\HttpException(500, 'An unknown error occurred while contacting the Poniverse API.'); } $tokenInfo = new \Poniverse\AccessTokenInfo($accessTokenToIntrospect); $tokenInfo->setIsActive($data['active'])->setScopes($data['scope'])->setClientId($data['client_id']); return $tokenInfo; }
/** * Requests an OAuth2 access token and saves it in the Session * as an array representing the response and with key "accessToken". * * @param $code * @throws \OAuth2\Exception */ public function requestOAuth2AccessToken($code) { // Get OAuth2 settings $accessTokenUrl = Config::get('oauth.access_token_url'); $clientId = Config::get('oauth.client'); $clientSecret = Config::get('oauth.secret'); $redirectUrl = Config::get('oauth.redirect_uri'); $userAgent = Config::get('oauth.user_agent'); // Prepare OAuth2 client $client = new Client($clientId, $clientSecret, Client::AUTH_TYPE_AUTHORIZATION_BASIC); $client->setCurlOption(CURLOPT_USERAGENT, $userAgent); // Get access token $accessTokenResult = $this->read('accessToken'); if (null == $accessTokenResult) { $params = array('code' => $code, "redirect_uri" => $redirectUrl); $response = $client->getAccessToken($accessTokenUrl, "authorization_code", $params); $accessTokenResult = $response["result"]; $this->store('accessToken', $accessTokenResult); } // How to request any resource from Reddit // $client->setAccessToken($accessTokenResult["access_token"]); // $client->setAccessTokenType(Client::ACCESS_TOKEN_BEARER); // $this->model->response = $client->fetch("https://oauth.reddit.com/api/v1/me.json"); }
/** * @param array $params * @return string * @throws Exception */ public function authenticate(array $params) { if (!isset($params['code']) || empty($params['code'])) { throw new Exception('Authentication failed, invalid or empty code.'); } $authConf = Config::$a['oauth']['providers'][$this->authProvider]; $callback = sprintf(Config::$a['oauth']['callback'], $this->authProvider); $client = new Client($authConf['clientId'], $authConf['clientSecret']); $response = $client->getAccessToken('https://accounts.google.com/o/oauth2/token', 'authorization_code', array('redirect_uri' => $callback, 'code' => $params['code'])); if (empty($response) || isset($response['error'])) { throw new Exception('Invalid access_token response'); } if (!isset($response['result']) || empty($response['result']) || !isset($response['result']['access_token'])) { throw new Exception('Failed request for access token'); } $client->setAccessToken($response['result']['access_token']); $response = $client->fetch('https://www.googleapis.com/oauth2/v2/userinfo'); if (empty($response['result']) || isset($response['error'])) { throw new Exception('Invalid user details response'); } $authCreds = $this->getAuthCredentials($params['code'], $response['result']); $authCredHandler = new AuthenticationRedirectionFilter(); return $authCredHandler->execute($authCreds); }
/** * Exchanges the code from the URI parameters for an access token, id token and user info * @return Boolean Wheter it exchanged the code or not correctly */ private function exchangeCode() { if (!isset($_REQUEST['code'])) { return false; } $code = $_REQUEST['code']; $this->debugInfo("Code: " . $code); // Generate the url to the API that will give us the access token and id token $auth_url = $this->generateUrl('token'); // Make the call $auth0_response = $this->oauth_client->getAccessToken($auth_url, "authorization_code", array("code" => $code, "redirect_uri" => $this->redirect_uri)); // Parse it $auth0_response = $auth0_response['result']; $this->debugInfo(json_encode($auth0_response)); $access_token = isset($auth0_response['access_token']) ? $auth0_response['access_token'] : false; $id_token = isset($auth0_response['id_token']) ? $auth0_response['id_token'] : false; if (!$access_token) { throw new ApiException('Invalid access_token - Retry login.'); } // Set the access token in the oauth client for future calls to the Auth0 API $this->oauth_client->setAccessToken($access_token); $this->oauth_client->setAccessTokenType(Client::ACCESS_TOKEN_BEARER); // Set it and persist it, if needed $this->setAccessToken($access_token); $this->setIdToken($id_token); $token = Auth0JWT::decode($id_token, $this->client_id, $this->client_secret); $user = ApiUsers::get($this->domain, $id_token, $token->user_id); $this->setUser($user); return true; }
/** * Exchanges the code from the URI parameters for an access token, id token and user info * @return Boolean Whether it exchanged the code or not correctly */ private function exchangeCode() { if (!isset($_REQUEST['code'])) { return false; } $code = $_REQUEST['code']; $this->debugInfo("Code: " . $code); // Generate the url to the API that will give us the access token and id token $auth_url = $this->generateUrl('token'); // Make the call $response = $this->oauth_client->getAccessToken($auth_url, "authorization_code", array("code" => $code, "redirect_uri" => $this->redirect_uri), array('Auth0-Client' => ApiClient::getInfoHeadersData()->build())); $auth0_response = $response['result']; if ($response['code'] !== 200) { throw new ApiException($auth0_response['error'] . ': ' . $auth0_response['error_description']); } $this->debugInfo(json_encode($auth0_response)); $access_token = isset($auth0_response['access_token']) ? $auth0_response['access_token'] : false; $id_token = isset($auth0_response['id_token']) ? $auth0_response['id_token'] : false; if (!$access_token) { throw new ApiException('Invalid access_token - Retry login.'); } if (!$id_token) { // id_token is not mandatory anymore. There is no need to force openid connect $this->debugInfo('Missing id_token after code exchange. Remember to ask for openid scope.'); } // Set the access token in the oauth client for future calls to the Auth0 API $this->oauth_client->setAccessToken($access_token); $this->oauth_client->setAccessTokenType(Client::ACCESS_TOKEN_BEARER); // Set it and persist it, if needed $this->setAccessToken($access_token); $this->setIdToken($id_token); $userinfo_url = $this->generateUrl('user_info'); $user = $this->oauth_client->fetch($userinfo_url); $this->setUser($user["result"]); return true; }
public function getData() { $clientId = $this->getClientId(); $clientSecret = $this->getClientSecret(); $merchantId = $this->getMerchantId(); $amount = $this->getAmount(); $description = $this->getDescription(); $redirectUrl = $this->getRedirectUrl(); $oauth2path = $this->getPath(); define("CLIENT_ID", $clientId); define("CLIENT_SECRET", $clientSecret); define("REDIRECT_URI", $redirectUrl); define("AUTHORIZATION_ENDPOINT", "https://paguei.online/app/api/authorize"); define("TOKEN_ENDPOINT", "https://paguei.online/app/api/token"); $client = new OAuth2\Client(CLIENT_ID, CLIENT_SECRET); if (!isset($_GET['code'])) { $auth_url = $client->getAuthenticationUrl(AUTHORIZATION_ENDPOINT, REDIRECT_URI); header('Location: ' . $auth_url); die('Redirect'); } else { $params = array('code' => $_GET['code'], 'redirect_uri' => REDIRECT_URI); $response = $client->getAccessToken(TOKEN_ENDPOINT, 'authorization_code', $params); $info = $response['result']; $client->setAccessToken($info['access_token']); $id = $merchantId; $description = urlencode($description); $urlfetch = 'https://paguei.online/app/api/transfer'; $urlfetch2 = $urlfetch . '/' . $id . '/' . $amount . '/' . $description . '.json'; $response = $client->fetch($urlfetch2); return $response; } }
/** * Requests access token to Auth0 server, using authorization code. * * @param string $code Authorization code * * @return string */ protected final function getTokenFromCode($code) { $this->debugInfo("Code: " . $code); $auth_url = $this->generateUrl('token'); $auth0_response = $this->oauth_client->getAccessToken($auth_url, "authorization_code", array("code" => $code, "redirect_uri" => $this->redirect_uri)); $auth0_response = $auth0_response['result']; $this->debugInfo(json_encode($auth0_response)); $access_token = isset($auth0_response['access_token']) ? $auth0_response['access_token'] : false; if (!$access_token) { throw new ApiException('Invalid access_token - Retry login.'); } $this->oauth_client->setAccessToken($access_token); $this->oauth_client->setAccessTokenType(OAuth2\Client::ACCESS_TOKEN_BEARER); $this->setAccessToken($access_token); return $access_token; }