public function getAccessToken($grant, array $options = [])
{
if ($this->authWithResource) {
$options['resource'] = $this->resource ? $this->resource : $this->urlAPI;
}
return parent::getAccessToken($grant, $options);
}
public function getAccessToken($grant = 'client-credentials', $params = [])
{
$token = unserialize($this->cache->load(self::TOKEN_KEY));
if (!$token) {
$token = parent::getAccessToken($grant, $params);
$this->cache->save(serialize($token), self::TOKEN_KEY, [], $token->expires - time());
}
return $token;
}
/**
* Get an access token from the OAuth provider.
*
* @param string $grantType One of the following:
* - 'authorization_code'
* - 'password'
* - 'refresh_token'
* @param array $options
* @param string $code
*
* @return AccessToken
*/
protected function getAccessToken($grantType, array $options)
{
// Try to get an access token using the authorization code grant.
$accessToken = $this->provider->getAccessToken($grantType, $options);
$this->setDebugMessage('OAuth token received: ' . json_encode($accessToken));
try {
$accessToken->hasExpired();
return $accessToken;
} catch (\RuntimeException $e) {
return new AccessToken(['access_token' => $accessToken->getToken(), 'resource_owner_id' => $accessToken->getResourceOwnerId(), 'refresh_token' => $accessToken->getRefreshToken(), 'expires_in' => 3600]);
}
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request)
{
$redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery('');
$this->provider = $this->getProvider($redirectUri);
$session = $request->getAttribute('session');
$queryParams = $request->getQueryParams();
$code = array_get($queryParams, 'code');
$state = array_get($queryParams, 'state');
if (!$code) {
$authUrl = $this->provider->getAuthorizationUrl($this->getAuthorizationUrlOptions());
$session->set('oauth2state', $this->provider->getState());
return new RedirectResponse($authUrl . '&display=popup');
} elseif (!$state || $state !== $session->get('oauth2state')) {
$session->forget('oauth2state');
echo 'Invalid state. Please close the window and try again.';
exit;
}
$this->token = $this->provider->getAccessToken('authorization_code', compact('code'));
$owner = $this->provider->getResourceOwner($this->token);
$identification = $this->getIdentification($owner);
$suggestions = $this->getSuggestions($owner);
return $this->authResponse->make($request, $identification, $suggestions);
}
/**
* Call this after the user is redirected back to get the access token.
*
* @return \League\OAuth2\Client\Token\AccessToken
*
* @throws InvalidStateException
* @throws MissingAuthorizationCodeException
* @throws IdentityProviderException If token cannot be fetched
*/
public function getAccessToken()
{
if (!$this->isStateless) {
$expectedState = $this->getSession()->get(self::OAUTH2_SESSION_STATE_KEY);
$actualState = $this->getCurrentRequest()->query->get('state');
if (!$actualState || $actualState !== $expectedState) {
throw new InvalidStateException('Invalid state');
}
}
$code = $this->getCurrentRequest()->get('code');
if (!$code) {
throw new MissingAuthorizationCodeException('No "code" parameter was found (usually this is a query parameter)!');
}
return $this->provider->getAccessToken('authorization_code', ['code' => $code]);
}
/**
* {@inheritDoc}
*
* @see https://github.com/reddit/reddit/wiki/OAuth2
*/
public function getAccessToken($grant = "authorization_code", $params = [])
{
// Allow Reddit-specific 'installed_client' to be specified as a string,
// keeping consistent with the other grant types.
if ($grant === "installed_client") {
$grant = new InstalledClient();
}
return parent::getAccessToken($grant, $params);
}
/**
* Capturar accessToken.
* @param mixed $grant
* @param array $options
* @return AccessToken
*/
public function getAccessToken($grant, array $options = [])
{
return $this->token = parent::getAccessToken($grant, $options);
}
/**
* @inheritdoc
*/
public function getAccessToken($grant = 'authorization_code', array $params = [])
{
if (!isset($params['resource'])) {
// Set to default Access Token Resource
$params['resource'] = self::ACCESS_TOKEN_RESOURCE;
}
return parent::getAccessToken($grant, $params);
}
public function getAccessToken($grant = 'authorization_code', $params = [])
{
$params['type'] = 'web_server';
return parent::getAccessToken($grant, $params);
}
/**
* Save a profile registration form.
*
* @param Profile $entity
* @param Form $form
* @param AbstractProvider $provider
* @param string $providerName
*
* @return FormEntityHandler
*/
public function saveProfileRegisterForm(Profile $entity, Form $form, AbstractProvider $provider, $providerName)
{
// Create and store the account record
$account = $this->createAccount($entity);
$guid = $account->getGuid();
// Create the event
$event = new MembersProfileEvent($account);
// Create verification meta
$this->createAccountVerificationKey($event, $guid);
// Create a local OAuth account record
$password = $form->get('password')->getData();
if ($password) {
$this->createLocalOauthAccount($guid, $password);
$this->createLocalProviderEntity($guid);
}
// Create a provider entry
if ($this->session->isTransitional()) {
$accessToken = $this->session->getTransitionalProvider()->getAccessToken();
$this->convertTransitionalProviderToEntity($guid);
} else {
$accessToken = $provider->getAccessToken('password', ['guid' => $account->getGuid()]);
}
// Set up the initial session.
$this->session->addAccessToken($providerName, $accessToken)->createAuthorisation($guid);
// Dispatch the account profile post-save event
$this->eventDispatcher->dispatch(MembersEvents::MEMBER_PROFILE_REGISTER, $event);
return $this;
}
/**
* @expectedException InvalidArgumentException
*/
public function testInvalidGrantObject()
{
$grant = new \StdClass();
$this->provider->getAccessToken($grant, ['invalid_parameter' => 'none']);
}
public function getAccessToken($grant = 'authorization_code', array $params = [])
{
$accessToken = parent::getAccessToken($grant, $params);
return $accessToken;
}
public function getAccessToken($grant = 'authorization_code', $params = [])
{
return parent::getAccessToken($grant, $params);
}
public function getAccessToken($grant, array $params = [])
{
return parent::getAccessToken($grant, $params);
}
/**
* Provides support for token renewal instead of token refreshing.
*
* {@inheritdoc}
*
* @return AccessToken
*/
public function getAccessToken($grant = 'authorization_code', $params = [])
{
if ($grant === 'refresh_token' || $grant instanceof RefreshToken) {
throw new \InvalidArgumentException('Square does not support refreshing tokens, please use renew_token instead');
}
if (is_string($grant) && $grant === 'renew_token') {
$grant = new RenewToken();
}
if (!$grant instanceof RenewToken) {
return parent::getAccessToken($grant, $params);
}
$requestParams = $grant->prepRequestParams([], $params);
$headers = ['Authorization' => 'Client ' . $this->clientSecret, 'Accept' => 'application/json'];
try {
$request = $this->getHttpClient()->post($this->urlRenewToken(), $headers)->setBody(json_encode($requestParams), 'application/json')->send();
$response = $request->getBody();
} catch (BadResponseException $e) {
// @codeCoverageIgnoreStart
$response = $e->getResponse()->getBody();
// @codeCoverageIgnoreEnd
}
$result = json_decode($response, true);
if (!empty($result['error']) || !empty($e)) {
// @codeCoverageIgnoreStart
throw new IDPException($result);
// @codeCoverageIgnoreEnd
}
$result = $this->prepareAccessTokenResult($result);
return $grant->handleResponse($result);
}
/**
* @param $grant
* @param array $params
*/
public function getAccessToken($grant = 'authorization_code', array $params = [])
{
if (isset($params['refresh_token'])) {
throw new LightspeedProviderException('Lightspeed does not support token refreshing.');
}
return parent::getAccessToken($grant, $params);
}
/**
* {@inheritdoc}
*/
public function authenticate(RequestInterface $request)
{
// TODO: add error handling
// TODO: support other grant types?
$accessToken = $this->provider->getAccessToken('client_credentials');
return $request->withHeader('Authorization', 'Bearer ' . $accessToken);
}
