/** * @param \Symfony\Component\Form\FormInterface $form * @param \Psr\Http\Message\ServerRequestInterface $request * @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization * @param \SpomkyLabs\OAuth2ServerBundle\Plugin\AuthorizationEndpointPlugin\Form\Model\AuthorizationModel $authorization_model * * @return bool */ public function handle(FormInterface $form, ServerRequestInterface $request, AuthorizationInterface $authorization, AuthorizationModel $authorization_model) { if ('POST' !== $request->getMethod()) { return false; } $httpFoundationFactory = new HttpFoundationFactory(); $symfony_request = $httpFoundationFactory->createRequest($request); $form->submit($symfony_request->get($form->getName())); if (!$form->isValid()) { return false; } $button = $form->get('accept'); if (!$button instanceof ClickableInterface) { throw new InvalidArgumentException('Unable to find the button named "accept".'); } $authorization->setAuthorized($button->isClicked()); $refused_scopes = array_diff($authorization->getScopes(), $authorization_model->getScopes()); foreach ($refused_scopes as $refused_scope) { $authorization->removeScope($refused_scope); } return true; }
/** * {@inheritdoc} */ protected function processConsentScreen(AuthorizationInterface $authorization, ServerRequestInterface $request, ResponseInterface &$response) { $options = $this->processConsentScreenOptions($authorization); $ui_locale = $this->getUiLocale($authorization); $options = array_merge($options, ['locale' => $ui_locale, 'scopes' => $authorization->getScopes(), 'allow_scope_selection' => $this->allow_scope_selection]); $authorization_model = new AuthorizationModel(); $authorization_model->setScopes($authorization->getScopes()); $form = $this->form_factory->createForm($options, $authorization_model); if ('POST' === $request->getMethod()) { $this->event_dispatcher->dispatch(Events::OAUTH2_PRE_AUTHORIZATION, new PreAuthorizationEvent($authorization)); $result = $this->form_handler->handle($form, $request, $authorization, $authorization_model); if (true === $result) { $this->processAuthorization($request, $response, $authorization); $this->event_dispatcher->dispatch(Events::OAUTH2_POST_AUTHORIZATION, new PostAuthorizationEvent($authorization)); return ['save_authorization' => $authorization_model->isSaveConfiguration()]; } } $this->prepareResponse($authorization, $response, $form, $ui_locale); }