/**
  * {@inheritdoc}
  */
 public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
 {
     if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
         throw new \LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
     }
     $finalRedirectUri = $authorizationRequest->getRedirectUri() === null ? is_array($authorizationRequest->getClient()->getRedirectUri()) ? $authorizationRequest->getClient()->getRedirectUri()[0] : $authorizationRequest->getClient()->getRedirectUri() : $authorizationRequest->getRedirectUri();
     // The user approved the client, redirect them back with an auth code
     if ($authorizationRequest->isAuthorizationApproved() === true) {
         $authCode = $this->issueAuthCode($this->authCodeTTL, $authorizationRequest->getClient(), $authorizationRequest->getUser()->getIdentifier(), $authorizationRequest->getRedirectUri(), $authorizationRequest->getScopes());
         $response = new RedirectResponse();
         $response->setRedirectUri($this->makeRedirectUri($finalRedirectUri, ['code' => $this->encrypt(json_encode(['client_id' => $authCode->getClient()->getIdentifier(), 'redirect_uri' => $authCode->getRedirectUri(), 'auth_code_id' => $authCode->getIdentifier(), 'scopes' => $authCode->getScopes(), 'user_id' => $authCode->getUserIdentifier(), 'expire_time' => (new \DateTime())->add($this->authCodeTTL)->format('U'), 'code_challenge' => $authorizationRequest->getCodeChallenge(), 'code_challenge_method  ' => $authorizationRequest->getCodeChallengeMethod()])), 'state' => $authorizationRequest->getState()]));
         return $response;
     }
     // The user denied the client, redirect them back with an error
     throw OAuthServerException::accessDenied('The user denied the request', $this->makeRedirectUri($finalRedirectUri, ['state' => $authorizationRequest->getState()]));
 }
예제 #2
0
 /**
  * {@inheritdoc}
  */
 public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
 {
     if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
         throw new \LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
     }
     $finalRedirectUri = $authorizationRequest->getRedirectUri() === null ? is_array($authorizationRequest->getClient()->getRedirectUri()) ? $authorizationRequest->getClient()->getRedirectUri()[0] : $authorizationRequest->getClient()->getRedirectUri() : $authorizationRequest->getRedirectUri();
     // The user approved the client, redirect them back with an access token
     if ($authorizationRequest->isAuthorizationApproved() === true) {
         $accessToken = $this->issueAccessToken($this->accessTokenTTL, $authorizationRequest->getClient(), $authorizationRequest->getUser()->getIdentifier(), $authorizationRequest->getScopes());
         $response = new RedirectResponse();
         $response->setRedirectUri($this->makeRedirectUri($finalRedirectUri, ['access_token' => (string) $accessToken->convertToJWT($this->privateKey), 'token_type' => 'bearer', 'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), 'state' => $authorizationRequest->getState()], '#'));
         return $response;
     }
     // The user denied the client, redirect them back with an error
     throw OAuthServerException::accessDenied('The user denied the request', $this->makeRedirectUri($finalRedirectUri, ['state' => $authorizationRequest->getState()]));
 }