public function testRevokeRefreshTokenWithBogusTypeHint() { $tokenStorage = new Memory(array('refresh_tokens' => array('revoke' => array('mytoken')))); $this->assertEquals(array('mytoken'), $tokenStorage->getRefreshToken('revoke')); $accessToken = new AccessToken(new Memory(), $tokenStorage); $accessToken->revokeToken('revoke', 'foo'); $this->assertFalse($tokenStorage->getRefreshToken('revoke')); }
public function createAccessToken($client_id, $user_id, $scope = null, $includeRefreshToken = true) { $accessToken = parent::createAccessToken($client_id, $user_id, $scope, $includeRefreshToken); if (isset($this->config['access_token_return_user_id']) && $this->config['access_token_return_user_id']) { $accessToken['user_id'] = $user_id; } return $accessToken; }
/** * @param $config * - store_encrypted_token_string (bool true) * whether the entire encrypted string is stored, * or just the token ID is stored */ public function __construct(PublicKeyInterface $publicKeyStorage = null, AccessTokenStorageInterface $tokenStorage = null, RefreshTokenInterface $refreshStorage = null, array $config = array(), EncryptionInterface $encryptionUtil = null) { $this->publicKeyStorage = $publicKeyStorage; $config = array_merge(array('store_encrypted_token_string' => true, 'issuer' => ''), $config); if (is_null($tokenStorage)) { // a pass-thru, so we can call the parent constructor $tokenStorage = new Memory(); } if (is_null($encryptionUtil)) { $encryptionUtil = new Jwt(); } $this->encryptionUtil = $encryptionUtil; parent::__construct($tokenStorage, $refreshStorage, $config); }
public function getGitHubAuthorize(HttpFoundation\Request $request) { $code = $request->get('code'); $state = $request->get('state'); if (is_null($code) || is_null($state)) { return new HttpFoundation\Response('Invalid GitHub Request Params', 400); } $user = $this->github->getUserFromOAuth($code, $state); //Check to see if we already have this user. If so then set their //ID so we update the user instead of creating a new one. $dbUser = $this->userRepo->getAll(['githubId' => $user->githubId], 1); if (!empty($dbUser)) { $user->id = $dbUser[0]->id; } if ($this->userRepo->save($user)) { //Add an access token to the user for this one time so that //they have something to use to contact our service again. $token = $this->tokenGenerator->createAccessToken('codemana', $user->id, 'user', true); return new HttpFoundation\JsonResponse(['user' => $user, 'token' => $token]); //TODO: The user no longer comes with any repositories. The front end is expected to fetch those separately. } return new HttpFoundation\Response('Failed Login', 500); }
/** * {@inheritDoc} */ public function createAccessToken($clientId, $userId, $scope = null, $includeRefreshToken = true) { $token = parent::createAccessToken($clientId, $userId, $scope, $includeRefreshToken); $token['user_id'] = $userId; return $token; }
/** * @param $data * @return JsonModel|ApiProblemResponse */ private function googleAuth($data) { try { $userManagerService = $this->getServiceLocator()->get('service_user'); $userManagerDao = $this->getServiceLocator()->get('dao_user_user_manager'); $requestHandler = $this->getServiceLocator()->get('Service\\RequestHandler'); $authService = $this->getServiceLocator()->get('library_backoffice_auth'); $oauth2ServerFactory = $this->getServiceLocator()->get('ZF\\OAuth2\\Service\\OAuth2Server'); if (!isset($data['token']) || !isset($data['grant_type']) || !isset($data['client_id']) || !isset($data['client_secret'])) { throw new ApiException(Error::INCOMPLETE_PARAMETERS_CODE); } $userinfo = 'https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=' . $data['token']; $googleInfo = @file_get_contents($userinfo); if (!$googleInfo) { throw new ApiException(Error::USER_NOT_FOUND_CODE); } $userInfoArray = json_decode($googleInfo, true); $googleEmail = $userInfoArray['email']; $columns = ['id', 'email', 'firstname', 'lastname', 'cityId' => 'city_id', 'countryId' => 'country_id', 'password']; $userInfo = $userManagerDao->getUserByEmail($googleEmail, true, $columns); if (!$userInfo) { throw new ApiException(Error::USER_NOT_FOUND_CODE); } $server = call_user_func($oauth2ServerFactory, '/oauth'); $accessTokenStorage = $server->getStorage('access_token'); $refreshTokenStorage = $server->getStorage('refresh_token'); $accessToken = new AccessToken($accessTokenStorage, $accessTokenStorage); $response = $accessToken->createAccessToken($data['client_id'], $userInfo['email'], null); if (!$response) { throw new ApiException(Error::INVALID_TOKEN_CODE); } return new JsonModel($response); } catch (\Exception $e) { return new ApiProblemResponse($requestHandler->handleException($e)); } }