/**
* Query the provider for the resource owner.
*
* @param AccessToken $accessToken
*
* @throws IdentityProviderException
*
* @return ResourceOwnerInterface
*/
protected function getResourceOwner(AccessToken $accessToken)
{
if ($this->resourceOwner === null) {
$this->resourceOwner = $this->provider->getResourceOwner($accessToken);
}
return $this->resourceOwner;
}
protected function makeRegistrationRequest(AbstractProvider $provider, AccessToken $accessToken) : RegistrationRequest
{
/** @var GoogleUser $resourceOwner */
$resourceOwner = $provider->getResourceOwner($accessToken);
$email = $resourceOwner->getEmail();
$providerAccountId = (string) $resourceOwner->getId();
return new RegistrationRequest('google', $providerAccountId, $email, $resourceOwner);
}
/**
* @param Request $request
* @return \Psr\Http\Message\ResponseInterface|RedirectResponse
*/
public function handle(Request $request)
{
$redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery('');
$this->provider = $this->getProvider($redirectUri);
$session = $request->getAttribute('session');
$queryParams = $request->getQueryParams();
$code = array_get($queryParams, 'code');
$state = array_get($queryParams, 'state');
if (!$code) {
$authUrl = $this->provider->getAuthorizationUrl($this->getAuthorizationUrlOptions());
$session->set('oauth2state', $this->provider->getState());
return new RedirectResponse($authUrl . '&display=popup');
} elseif (!$state || $state !== $session->get('oauth2state')) {
$session->forget('oauth2state');
echo 'Invalid state. Please close the window and try again.';
exit;
}
$this->token = $this->provider->getAccessToken('authorization_code', compact('code'));
$owner = $this->provider->getResourceOwner($this->token);
$identification = $this->getIdentification($owner);
$suggestions = $this->getSuggestions($owner);
return $this->authResponse->make($request, $identification, $suggestions);
}
/**
* @param AbstractProvider $provider
* @param AccessToken $token
* @param string $providerName
* @param SS_HTTPRequest $request
*/
public function afterGetAccessToken(AbstractProvider $provider, AccessToken $token, $providerName, SS_HTTPRequest $request)
{
$user = $provider->getResourceOwner($token);
try {
$member = $this->memberFromResourceOwner($user, $providerName);
$this->owner->setMember($member);
} catch (TokenlessUserExistsException $e) {
return Security::permissionFailure($this->owner, $e->getMessage());
}
$result = $member->canLogIn();
if (!$result->valid()) {
return Security::permissionFailure($this->owner, $result->message());
}
$member->logIn();
}
/**
* Returns the "User" information (called a resource owner).
*
* @param AccessToken $accessToken
* @return \League\OAuth2\Client\Provider\ResourceOwnerInterface
*/
public function fetchUserFromToken(AccessToken $accessToken)
{
return $this->provider->getResourceOwner($accessToken);
}
/**
* Requests and returns the resource owner of given access token.
*
* @param AccessToken $token
* @return ResourceOwnerInterface
*/
public function getResourceOwner(AccessToken $token)
{
$this->openId = $this->getOpenId($token);
return parent::getResourceOwner($token);
}
