/** * Identify client identifed from current request. * * @return array */ private function identifyClientFromRequest() { $clientId = $this->getRequest()->input('client_id', ''); $clientSecret = $this->getRequest()->input('client_secret', null); $redirectUri = $this->getRequest()->input('redirect_uri', null); try { $this->accessToken = $this->getResource()->determineAccessToken(); $sessionRepository = new FluentSession(); $sesion = $sessionRepository->validateAccessToken($this->accessToken); if ($sesion !== false) { $clientId = $sesion['client_id']; $clientSecret = $sesion['client_secret']; } unset($sessionRepository); unset($sesion); } catch (InvalidAccessTokenException $e) { } if (!empty($clientId)) { $clientRepository = new FluentClient(); $client = $clientRepository->getClient($clientId, $clientSecret, $redirectUri); if ($client !== false) { $client['id'] = $clientId; $client['secret'] = $client['client_secret']; unset($client['client_id']); unset($client['client_secret']); unset($client['redirect_uri']); unset($client['metadata']); $this->client = new OauthClient(); $this->client->fill($client); $this->client->exists = true; $this->client->syncOriginal(); } unset($client); } unset($clientId); unset($clientSecret); unset($redirectUri); }
/** * Handle logging in a user. * * @return Response */ public function login() { $status = 401; $input = $this->getUserInput(); $remember = isset($input['remember']) ? true : false; try { // Set login credentials $credentials = array('email' => $this->getApiServer()->getRequest()->getUser(), 'password' => $this->getApiServer()->getRequest()->getPassword()); // Try to authenticate the user $response = $this->getSentry()->authenticate($credentials, false); $status = 200; } catch (\Cartalyst\Sentry\Users\LoginRequiredException $e) { $response = array('message' => $this->getLocale()->t('Provided information is not valid.'), 'errors' => array(array('field' => 'email', 'message' => $this->getLocale()->t('Login field is required.')))); } catch (\Cartalyst\Sentry\Users\PasswordRequiredException $e) { $response = array('message' => $this->getLocale()->t('Provided information is not valid.'), 'errors' => array(array('field' => 'password', 'message' => $this->getLocale()->t('Password field is required.')))); } catch (\Cartalyst\Sentry\Users\WrongPasswordException $e) { $response = array('message' => $this->getLocale()->t('Provided information is not valid.'), 'errors' => array(array('field' => 'password', 'message' => $this->getLocale()->t('Wrong password, try again.')))); } catch (\Cartalyst\Sentry\Users\UserNotFoundException $e) { $response = array('message' => $this->getLocale()->t('User was not found.')); } catch (\Cartalyst\Sentry\Users\UserNotActivatedException $e) { $response = array('message' => $this->getLocale()->t('Your account is not yet activated.')); } catch (\Cartalyst\Sentry\Throttling\UserSuspendedException $e) { $response = array('message' => $this->getLocale()->t('Your account is suspended.')); } catch (\Cartalyst\Sentry\Throttling\UserBannedException $e) { $response = array('message' => $this->getLocale()->t('Your account is banned.')); } if ($status == 200) { $client = $this->getApiServer()->getClient(); $clientEndpoint = $client->endpoint; $clientScopeIds = $this->getApiServer()->getResource()->getScopeIds(); $clientScopes = $this->getApiServer()->getResource()->getScopes(); $scopes = array(); if (!empty($clientScopeIds)) { foreach ($clientScopeIds as $id) { $scopes[] = array('id' => $id); } } unset($clientScopeIds); if (!is_array($clientScopes)) { $clientScopes = array(); } // Create a new client endpoint if not exist if (!is_object($clientEndpoint)) { $redirectUri = $this->getApiServer()->getRequest()->getSchemeAndHttpHost(); $clientEndpoint = OauthClientEndpoint::create(array('client_id' => $client->id, 'redirect_uri' => $redirectUri)); } else { $redirectUri = $clientEndpoint->redirect_uri; } // Create a new authorization code $authCode = $this->getApiServer()->newAuthorizeRequest('user', $response->id, array('client_id' => $client->id, 'redirect_uri' => $redirectUri, 'scopes' => $scopes)); // Authorize the client to a user if (!empty($authCode)) { $params = array('grant_type' => 'authorization_code', 'client_id' => $client->id, 'client_secret' => $client->secret, 'redirect_uri' => $redirectUri, 'code' => $authCode, 'scope' => implode(',', $clientScopes), 'state' => time()); $authorizationResponse = $this->getApiServer()->performAccessTokenFlow(false, $params); if (array_key_exists('status', $authorizationResponse)) { $status = $authorizationResponse['status']; $headers = $authorizationResponse['headers']; unset($authorizationResponse['status']); unset($authorizationResponse['headers']); return $this->getApiServer()->resourceJson($authorizationResponse, $status, $headers); } Cookie::queue('ebriat', $authorizationResponse['access_token'], $authorizationResponse['expires_in'] / 60); Cookie::queue('ebrirt', $authorizationResponse['refresh_token'], Config::get('sule/api::oauth2.grant_types.refresh_token.refresh_token_ttl') / 60); // Fix user quota $quotaUsed = $this->getUserMeta('quota_used', $response); // if ((int) $quotaUsed < 0) { // $this->getFs()->fixUserQuotaUsed($response->getId()); // } unset($quotaUsed); // Merge user data with the new authorization data $authorizationResponse['user'] = new UserTemplate($response, array('available_mime_types' => Config::get('ebri::mime_types'))); $response = $authorizationResponse; unset($authorizationResponse); } else { $response = array('message' => $this->getLocale()->t('There was a problem while logging you in, please try again or contact customer support.')); $status = 500; } unset($scopes); unset($clientScopes); unset($client); } else { $user = $this->getUser(); if (!is_null($user)) { $client = $this->getApiServer()->getClient(); if (!is_null($client)) { $session = new FluentSession(); $session->deleteSession($client->id, 'user', $user->getId()); unset($session); $this->getSentry()->logout(); Cookie::queue('ebriat', '', -1); Cookie::queue('ebrirt', '', -1); } unset($client); } unset($user); } return $this->getApiServer()->resourceJson($response, $status); }