public function action_do()
{
$params = Oauth2::parse_query();
try {
if (empty($params['code']) or isset($params['error'])) {
throw new Oauth2_Exception($params['error']);
}
$token = Remote::get($this->_configs['token_uri'], array(CURLOPT_POST => TRUE, CURLOPT_HTTPHEADER => array('Content-Type: application/x-www-form-urlencoded;charset=utf-8'), CURLOPT_POSTFIELDS => Oauth2::build_query(array('grant_type' => $this->_configs['grant_type'], 'code' => $params['code'], 'client_id' => $this->_configs['client_id'], 'redirect_uri' => $this->_configs['redirect_uri'], 'client_secret' => $this->_configs['client_secret']))));
$token = json_decode($token);
if (isset($token->error)) {
throw new Oauth2_Exception($token->error);
}
// Resource in json format
$resource = Remote::get($this->_configs['access_uri'], array(CURLOPT_POST => TRUE, CURLOPT_HTTPHEADER => array('Content-Type: application/x-www-form-urlencoded;charset=utf-8'), CURLOPT_POSTFIELDS => Oauth2::build_query(array('oauth_token' => $token->access_token, 'timestamp' => $_SERVER['REQUEST_TIME'], 'refresh_token' => $token->refresh_token, 'expires_in' => $token->expires_in, 'client_id' => $this->_configs['client_id']))));
$this->request->response = $resource;
} catch (Exception $e) {
$error = $e->getMessage();
}
if (isset($error)) {
switch ($error) {
case 'access_denied':
$this->request->response = 'You have denied this request.';
break;
default:
$this->request->response = 'There must be some errors happen in this connection, please contact our web master.' . "[{$error}]";
break;
}
}
}
/**
* state
* OPTIONAL. An opaque value used by the client to maintain state
* between the request and callback. The authorization server
* includes this value when redirecting the user-agent back to the
* client.
*
* scope
* OPTIONAL. The scope of the access request expressed as a list
* of space-delimited strings. The value of the "scope" parameter
* is defined by the authorization server. If the value contains
* multiple space-delimited strings, their order does not matter,
* and each string adds an additional access range to the
* requested scope.
*
* @access public
* @return void
*/
public function __construct($args = NULL)
{
$params = Oauth2::parse_query();
$this->client_id = Arr::get($params, 'client_id');
$this->redirect_uri = Arr::get($params, 'redirect_uri');
// OPTIONAL. An opaque value used by the client to maintain state between the request and callback.
if (NULL !== ($state = Arr::get($params, 'state'))) {
$this->state = $state;
}
// OPTIONAL. The scope of the access request expressed as a list of space-delimited strings.
if (NULL !== ($scope = Arr::get($params, 'scope'))) {
$this->scope = $scope;
}
}
/**
* format
* OPTIONAL. The response format requested by the client. Value
* MUST be one of "json", "xml", or "form".
*/
public function __construct($args = NULL)
{
$params = Oauth2::parse_query();
$this->client_id = Arr::get($params, 'client_id');
$this->client_secret = Arr::get($params, 'client_secret');
$this->refresh_token = Arr::get($params, 'refresh_token');
// OPTIONAL. An opaque value used by the client to maintain state between the request and callback.
if (NULL !== ($state = Arr::get($params, 'state'))) {
$this->state = $state;
}
if (NULL !== ($format = Arr::get($params, 'format'))) {
$this->format = $format;
}
if (empty($this->client_id) or empty($this->client_secret) or empty($this->refresh_token)) {
throw new Oauth2_Exception_Token('invalid_request');
}
}
/**
* the end-user authenticates directly with the authorization server, and grants client access to its protected resources
*
* @access public
* @return void
*/
public function action_authorize()
{
$response_type = Oauth2::get('response_type');
try {
if (method_exists($this, $response_type)) {
$response = $this->{$response_type}();
} else {
$params = Oauth2::parse_query();
$e = new Oauth2_Exception_Authorize('unsupported_response_type');
$e->state = Arr::get($params, 'state');
$e->redirect_uri = Arr::get($params, 'redirect_uri');
throw $e;
}
} catch (Oauth2_Exception $e) {
$response = (string) $e;
}
$this->request->status = 302;
#HTTP/1.1 302 Found
$this->request->headers['Content-Type'] = 'application/x-www-form-urlencoded';
$this->request->redirect($response);
}
/**
* scope
* OPTIONAL. The scope of the access request expressed as a list
* of space-delimited strings. The value of the "scope" parameter
* is defined by the authorization server. If the value contains
* multiple space-delimited strings, their order does not matter,
* and each string adds an additional access range to the
* requested scope.
* format
* OPTIONAL. The response format requested by the client. Value
* MUST be one of "json", "xml", or "form". Alternatively, the
* client MAY use the HTTP "Accept" header field with the desired
* media type. Defaults to "json" if omitted and no "Accept"
* header field is present.
*/
public function __construct($args = NULL)
{
$params = Oauth2::parse_query();
$this->client_id = Arr::get($params, 'client_id');
$this->client_secret = Arr::get($params, 'client_secret');
$this->username = Arr::get($params, 'username');
$this->password = Arr::get($params, 'password');
// OPTIONAL. An opaque value used by the client to maintain state between the request and callback.
if (NULL !== ($state = Arr::get($params, 'state'))) {
$this->state = $state;
}
// OPTIONAL. The scope of the access request expressed as a list of space-delimited strings.
if (NULL !== ($scope = Arr::get($params, 'scope'))) {
$this->scope = $scope;
}
// OPTIONAL. The scope of the access request expressed as a list of space-delimited strings.
if (NULL !== ($format = Arr::get($params, 'format'))) {
$this->format = $format;
}
if (empty($this->client_id) or empty($this->client_secret) or empty($this->username) or empty($this->password)) {
throw new Oauth2_Exception('invalid_request');
}
}
public static function access_denied_uri($redirect = NULL)
{
$params = Oauth2::parse_query();
if (!$redirect) {
$redirect = Arr::get($params, 'redirect_uri');
}
if ($state = Arr::get($params, 'state')) {
$state = '&state=' . $state;
}
return $redirect . '?error=access_denied' . $state;
}
