public function login(ProviderInterface $provider, $code, $state) { if ($code === null) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $this->stateStorage->storeState($provider->state); return $authUrl; // Check given state against previously stored one to mitigate CSRF attack } elseif ($state === null || $state !== $this->stateStorage->loadState()) { $this->stateStorage->storeState(null); throw new InvalidStateException(); } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', ['code' => $code]); // Optional: Now you have a token you can look up a users profile data try { // We got an access token, let's now get the user's details $userDetails = $provider->getUserDetails($token); $this->managerEvent($this->manager); return $this->manager->persistOAuthAccount(get_class($provider), $token, $userDetails); } catch (IDPException $e) { throw new AuthenticationException(); } } }
/** * @return AccessToken */ public function refresh() { try { $this->token = $this->provider->getAccessToken('refresh_token', ['refresh_token' => $this->token->refreshToken]); } catch (BadResponseException $e) { throw new AccessTokenExpiredException(self::REFRESH_TOKEN_EXPIRED_MESSAGE); } return $this->token; }
public function authorize() { $request = $this->getRequest(); $session = $request->getSession(); if (!$request->query->has('code')) { // If we don't have an authorization code then get one $authUrl = $this->provider->getAuthorizationUrl(); $session->set('oauth2state', $this->provider->state); $response = new RedirectResponse($authUrl); $response->send(); } elseif (empty($request->query->get('state')) || $request->query->get('state') !== $session->get('oauth2state')) { $session->remove('oauth2state'); throw new \InvalidArgumentException('Invalid State'); } else { // Try to get an access token (using the authorization code grant) $this->token = $this->provider->getAccessToken('authorization_code', ['code' => $this->request->query->get('code')]); } return $this->token->accessToken; }