/**
* Request access token
*
* This is the second step of oAuth authentication
*
* This implementation tries to abstract away differences between oAuth1 and oAuth2,
* but might need to be overwritten for specific services
*
* @return bool
*/
public function checkToken()
{
global $INPUT;
if (is_a($this->oAuth, 'OAuth\\OAuth2\\Service\\AbstractService')) {
/* oAuth2 handling */
if (!$INPUT->get->has('code')) {
return false;
}
$state = $INPUT->get->str('state', null);
try {
$this->oAuth->requestAccessToken($INPUT->get->str('code'), $state);
} catch (TokenResponseException $e) {
msg($e->getMessage(), -1);
return false;
}
} else {
/* oAuth1 handling */
if (!$INPUT->get->has('oauth_token')) {
return false;
}
$token = $this->storage->retrieveAccessToken($this->getServiceName());
// This was a callback request from BitBucket, get the token
try {
$this->oAuth->requestAccessToken($INPUT->get->str('oauth_token'), $INPUT->get->str('oauth_verifier'), $token->getRequestTokenSecret());
} catch (TokenResponseException $e) {
msg($e->getMessage(), -1);
return false;
}
}
return true;
}
/**
* Request access token
*
* This is the second step of oAuth authentication
*
* This implementation tries to abstract away differences between oAuth1 and oAuth2,
* but might need to be overwritten for specific services
*
* @return bool
*/
public function checkToken()
{
global $INPUT;
if (is_a($this->oAuth, 'OAuth\\OAuth2\\Service\\AbstractService')) {
/* oAuth2 handling */
if (!$INPUT->get->has('code')) {
return false;
}
$state = $INPUT->get->str('state', null);
try {
$this->oAuth->requestAccessToken($INPUT->get->str('code'), $state);
} catch (TokenResponseException $e) {
msg($e->getMessage(), -1);
return false;
}
} else {
/* oAuth1 handling */
if (!$INPUT->get->has('oauth_token')) {
return false;
}
$token = $this->storage->retrieveAccessToken($this->getServiceName());
// This was a callback request from BitBucket, get the token
try {
$this->oAuth->requestAccessToken($INPUT->get->str('oauth_token'), $INPUT->get->str('oauth_verifier'), $token->getRequestTokenSecret());
} catch (TokenResponseException $e) {
msg($e->getMessage(), -1);
return false;
}
}
$validDomains = $this->hlp->getValidDomains();
if (count($validDomains) > 0) {
$userData = $this->getUser();
if (!$this->hlp->checkMail($userData['mail'])) {
msg(sprintf($this->hlp->getLang("rejectedEMail"), join(', ', $validDomains)), -1);
send_redirect(wl('', array('do' => 'login'), false, '&'));
}
}
return true;
}
/**
* Retrieves and stores the OAuth2 access token after a successful authorization.
*
* @param string $code The access code from the callback.
* @return TokenInterface $token
* @throws TokenResponseException
* @throws ErrorException
* @throws InvalidStateException
*/
public function requestAccessToken($code)
{
if (isset($this->state) && $this->service->getValidateState()) {
if (!isset($_GET['state']) || !$this->state->validateId($_GET['state'])) {
throw new InvalidStateException('The valid "state" argument required.');
}
}
return parent::requestAccessToken($code);
}