/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery(''); $server = new Twitter(['identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $redirectUri]); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $oAuthToken = array_get($queryParams, 'oauth_token'); $oAuthVerifier = array_get($queryParams, 'oauth_verifier'); if (!$oAuthToken || !$oAuthVerifier) { $temporaryCredentials = $server->getTemporaryCredentials(); $session->set('temporary_credentials', serialize($temporaryCredentials)); $session->save(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($session->get('temporary_credentials')); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $oAuthToken, $oAuthVerifier); $user = $server->getUserDetails($tokenCredentials); $identification = ['twitter_id' => $user->uid]; $suggestions = ['username' => $user->nickname, 'avatarUrl' => str_replace('_normal', '', $user->imageUrl)]; return $this->authResponse->make($request, $identification, $suggestions); }
/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery(''); $this->provider = $this->getProvider($redirectUri); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $code = array_get($queryParams, 'code'); $state = array_get($queryParams, 'state'); if (!$code) { $authUrl = $this->provider->getAuthorizationUrl($this->getAuthorizationUrlOptions()); $session->set('oauth2state', $this->provider->getState()); return new RedirectResponse($authUrl . '&display=popup'); } elseif (!$state || $state !== $session->get('oauth2state')) { $session->forget('oauth2state'); echo 'Invalid state. Please close the window and try again.'; exit; } $this->token = $this->provider->getAccessToken('authorization_code', compact('code')); $owner = $this->provider->getResourceOwner($this->token); $identification = $this->getIdentification($owner); $suggestions = $this->getSuggestions($owner); return $this->authResponse->make($request, $identification, $suggestions); }
/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = $request->getOriginalRequest()->getUri()->withQuery(''); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $oidSig = array_get($queryParams, 'openid_sig'); if (!$oidSig) { return new RedirectResponse((string) (new Uri(SteamAuthController::LOGIN_URL))->withQuery(http_build_query(['openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.mode' => 'checkid_setup', 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to' => (string) $redirectUri, 'openid.realm' => (string) $redirectUri->withPath('')]))); } $query = ['openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.sig' => array_get($queryParams, 'openid_sig')]; foreach (explode(',', array_get($queryParams, 'openid_signed')) as $param) { $query['openid.' . $param] = array_get($queryParams, 'openid_' . $param); } // do not let overwrite this one via openid_signed $query['openid.mode'] = 'check_authentication'; $client = new Client(); try { $res = $client->request('POST', SteamAuthController::LOGIN_URL, ['form_params' => $query]); } catch (Exception $e) { return new Response("Can't Verify OpenID", 500); } if ($res->getStatusCode() === 200 and preg_match("/^is_valid:true+\$/im", (string) $res->getBody()) === 1) { if ($steam_id = array_get($queryParams, 'openid_claimed_id') and $steam_id = basename($steam_id) and is_numeric($steam_id)) { try { $res = $client->request('GET', SteamAuthController::API_URL, ['query' => ['key' => $this->settings->get('sijad-auth-steam.api_key'), 'steamids' => $steam_id]]); } catch (Exception $e) { return new Response("Can't Get User Info", 500); } if ($info = json_decode((string) $res->getBody(), true)) { $identification = ['steam_id' => $steam_id]; $suggestions = ['username' => $info['response']['players'][0]['personaname'], 'avatarUrl' => $info['response']['players'][0]['avatarfull']]; return $this->authResponse->make($request, $identification, $suggestions); } } } return new Response("Can't Get User Info", 500); }