/** * @param Request $request * @param array $routeParams * @return RedirectResponse|EmptyResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Github(['clientId' => $this->settings->get('github.client_id'), 'clientSecret' => $this->settings->get('github.client_secret'), 'redirectUri' => $this->url->toRoute('github.login')]); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['user:email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getNickname()); return $this->authenticated(compact('email'), compact('username')); }
/** * Authenticate with GitHub and cache the access token * * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function github(Request $request) { if (Cache::has('github_token')) { return redirect('/'); } $provider = new Provider\Github(['clientId' => env('GITHUB_CLIENT_ID'), 'clientSecret' => env('GITHUB_CLIENT_SECRET'), 'redirectUri' => url('auth/github')]); if (!$request->get('code')) { $authorizationUrl = $provider->getAuthorizationUrl(['scope' => ['notifications']]); $request->session()->put('oauth2state', $provider->getState()); return redirect($authorizationUrl); } elseif (empty($request->get('state')) || $request->get('state') !== $request->session()->get('oauth2state')) { $request->session()->forget('oauth2state'); exit('Invalid state'); } else { try { $accessToken = $provider->getAccessToken('authorization_code', ['code' => $request->get('code')]); $token = $accessToken->getToken(); Cache::put('github_token', $token, 60 * 24 * 30); } catch (IdentityProviderException $e) { exit($e->getMessage()); } } return redirect('/'); }