getAuthorizeParams() protected method

- The redirect_uri is OPTIONAL as per draft 20. But your implementation can enforce it by setting CONFIG_ENFORCE_INPUT_REDIRECT to true. - The state is OPTIONAL but recommended to enforce CSRF. Draft 21 states, however, that CSRF protection is MANDATORY. You can enforce this by setting the CONFIG_ENFORCE_STATE to true.
See also: http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4.1.1
See also: http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-10.12
protected getAuthorizeParams ( Request $request = null ) : array
$request Symfony\Component\HttpFoundation\Request
return array
Exemplo n.º 1
0
 /**
  * Tests OAuth2->getAuthorizeParams()
  */
 public function testGetAuthorizeParams()
 {
     // TODO Auto-generated OAuth2Test->testGetAuthorizeParams()
     $this->markTestIncomplete("getAuthorizeParams test not implemented");
     $this->fixture->getAuthorizeParams();
 }
Exemplo n.º 2
0
}
*/
$oauth = new OAuth2(new OAuth2StoragePDO(newPDO()));
if ($_POST) {
    $userId = 123;
    // Use whatever method you have for identifying users.
    try {
        $response = $oauth->finishClientAuthorization($_POST["accept"] == "Yep", $userId);
        $response->send();
    } catch (OAuth2ServerException $e) {
        $e->getHttpResponse()->send();
    }
    exit;
}
try {
    $auth_params = $oauth->getAuthorizeParams();
} catch (OAuth2ServerException $oauthError) {
    $oauthError->sendHttpResponse();
}
?>
<html>
    <head>
    <title>Authorize</title>
    <script>
        if (top != self) {
                window.document.write("<div style='background:black; opacity:0.5; filter: alpha (opacity = 50); position: absolute; top:0px; left: 0px;"
                + "width: 9999px; height: 9999px; zindex: 1000001' onClick='top.location.href=window.location.href'></div>");
        }
    </script>
    </head>
    <body>