/**
* @param Request $request
* @return \Illuminate\Http\RedirectResponse|\Laravel\Lumen\Http\Redirector
*/
public function callback(Request $request)
{
$state = $request->get('state');
$sessionState = Session::get('google.oauth2state');
$code = $request->get('code');
if ($request->get('error')) {
$request->session()->flash('error', 'auth.error');
return redirect(route('auth.loginForm'));
}
if (empty($state) || $state !== $sessionState) {
Session::forget('google.oauth2state');
$request->session()->flash('error', 'auth.error');
return redirect(route('auth.loginForm'));
}
$token = $this->provider->getAccessToken('authorization_code', ['code' => $code]);
try {
/** @var GoogleUser $ownerDetails */
$ownerDetails = $this->provider->getResourceOwner($token);
$email = $ownerDetails->getEmail();
// if we already have the email in DB we log the user
if (!$this->repository->exists(['email' => $email])) {
$lastName = $ownerDetails->getLastName();
$firstName = $ownerDetails->getFirstName();
$this->createUser($firstName, $lastName, $email);
}
// we try to logged in the user with the email and the google oauth access token
Input::merge(['client_id' => Config::get('oauth2.web_client.client_id')]);
Input::merge(['client_secret' => Config::get('oauth2.web_client.client_secret')]);
Input::merge(['grant_type' => 'google']);
Input::merge(['username' => $email]);
Input::merge(['password' => $token->getToken()]);
try {
Authorizer::issueAccessToken();
return redirect('/');
} catch (\Exception $e) {
$request->session()->flash('error', 'auth.login_error');
return redirect(route('auth.loginForm'));
}
} catch (ModelNotValid $e) {
$request->session()->flash('error', 'auth.error');
Log::warn($e->getMessage());
return redirect(route('auth.loginForm'));
} catch (\Exception $e) {
$request->session()->flash('error', 'auth.error');
Log::warn($e->getMessage());
return redirect(route('auth.loginForm'));
}
}
