/** * @param string $token * * @return UserProfileInterface|null */ protected function getTokenInfo($token) { try { // Get the Facebook\GraphNodes\GraphUser object for the current user. $response = $this->facebook->get('/me?fields=id,name,email,first_name,last_name', $token); $user = $response->getGraphUser(); // check if we can get user identifier if (empty($user->getId())) { return null; } // do not accept tokens generated not for our application even if they are valid, // to protect against "man in the middle" attack $tokenMetadata = $this->facebook->getOAuth2Client()->debugToken($token); // this is not required, but lets be sure because facebook API changes very often $tokenMetadata->validateAppId($this->facebook->getApp()->getId()); $userProfile = new UserProfile(); $userProfile->setIdentifier($user->getId()); $userProfile->setDisplayName($user->getName()); $userProfile->setFirstName($user->getFirstName()); $userProfile->setLastName($user->getLastName()); $userProfile->setEmail($user->getEmail()); // facebook doesn't allow login with not verified email if (!empty($user->getEmail())) { $userProfile->setEmailVerified(true); } return $userProfile; } catch (FacebookSDKException $e) { return null; } }
/** * @param string $token * * @return UserProfileInterface|null */ protected function getTokenInfo($token) { try { $response = $this->httpClient->request('GET', 'https://www.googleapis.com/oauth2/v3/tokeninfo', ['query' => ['id_token' => $token]]); $tokenInfo = json_decode($response->getBody()->getContents(), true); // check if we can get user identifier if (empty($tokenInfo) || empty($tokenInfo['sub'])) { return null; } // do not accept tokens generated not for our application even if they are valid, // to protect against "man in the middle" attack if ($tokenInfo['aud'] != $this->options['audience']) { return null; } $userProfile = new UserProfile(); $userProfile->setIdentifier($tokenInfo['sub']); $userProfile->setDisplayName(isset($tokenInfo['name']) ? $tokenInfo['name'] : null); $userProfile->setFirstName(isset($tokenInfo['given_name']) ? $tokenInfo['given_name'] : null); $userProfile->setLastName(isset($tokenInfo['family_name']) ? $tokenInfo['family_name'] : null); $userProfile->setEmail(isset($tokenInfo['email']) ? $tokenInfo['email'] : null); $userProfile->setEmailVerified(isset($tokenInfo['email_verified']) ? $tokenInfo['email_verified'] : false); return $userProfile; } catch (ClientException $e) { return null; } }