/** * Create a new OAuth2 authorization server * @return self */ public function __construct() { // Set Bearer as the default token type $this->setTokenType(new Bearer()); parent::__construct(); return $this; }
/** * This extended constructor is setting up * the underlying AuthorizationServer with * the grant types that GLPi Plugins support * on it's OAuth2 Framework */ public function __construct() { parent::__construct(); $this->setSessionStorage(OAuthHelper::getSessionStorage()); $this->setAccessTokenStorage(OAuthHelper::getAccessTokenStorage()); $this->setRefreshTokenStorage(OAuthHelper::getRefreshTokenStorage()); $this->setClientStorage(OAuthHelper::getClientStorage()); $this->setScopeStorage(OAuthHelper::getScopeStorage()); $this->setAuthCodeStorage(new AuthCodeStorage()); // Adding the password grant to able users to login by themselves $passwordGrant = new PasswordGrant(); $passwordGrant->setVerifyCredentialsCallback(function ($login, $password) { $user = User::where(function ($q) use($login) { return $q->where('email', '=', $login)->orWhere('username', '=', $login); }); $count = $user->count(); if ($count < 1) { return false; } if ($count > 1) { throw new \Exception('Dangerous, query result count > 1 when user tried' . ' to log with login "' . $login . '" ' . 'and password "' . $password . '"'); return false; } elseif ($count == 0) { return false; } else { $user = $user->first(); if ($user->assertPasswordIs($password)) { return $user->id; } else { return false; } } }); $this->addGrantType($passwordGrant); $appGrant = new ClientCredentialsGrant(); $this->addGrantType($appGrant); $refreshTokenGrant = new RefreshTokenGrant(); $this->addGrantType($refreshTokenGrant); }