Exemplo n.º 1
0
 /**
  * Processes an OAuth token request where an authorisation code is supplied.
  *
  * @param Request $request the OAuth token request
  * @param Response $response the OAuth response
  * @since 2.0
  */
 protected function tokenFromCode($request, $response)
 {
     // 1. Check code parameter
     if (!isset($request['code']) || $request['code'] == '') {
         $this->logger->log(LogLevel::ERROR, 'Token request failed: code not set');
         $response->setError('invalid_request', 'code not set');
         return;
     }
     // 2. Load the authorization and delete all tokens with this source
     $code = Code::decode($request['code']);
     $authorization = $code->getAuthorization();
     if ($authorization == null) {
         $this->logger->log(LogLevel::ERROR, 'Token request failed: Authorisation not found or expired');
         $response->setError('invalid_grant', 'Authorization code not found or expired');
         return;
     }
     $authorization->revokeTokensFromSource($code);
     // 3. Check for validity
     if (!$code->isValid()) {
         $this->logger->log(LogLevel::ERROR, 'Token request failed: Authorisation code not found or expired: ' . $request['code']);
         $response->setError('invalid_grant', 'Authorization code not found or expired');
         return;
     }
     // 4. Check request URI
     if ($code->getRedirectURI()) {
         if (!isset($request['redirect_uri']) || $code->getRedirectURI() != $request['redirect_uri']) {
             $this->logger->log(LogLevel::ERROR, 'Token request failed: redirect_uri in request <' . $request['redirect_uri'] . '> does not match authorisation code <' . $code->getRedirectURI() . '>');
             $response->setError('invalid_grant', 'redirect_uri does not match');
             return;
         }
     }
     $scope = $code->getScope();
     // If we issue, we delete the code so that it can't be used again
     $code->clear();
     $response->loadData($authorization->issueTokens($scope, SIMPLEID_SHORT_TOKEN_EXPIRES_IN, $code));
     // Call modules
     $this->mgr->invokeAll('oAuthToken', 'authorization_code', $authorization, $request, $response, $scope);
     return $authorization;
 }
Exemplo n.º 2
0
 /**
  * Creates an OAuth authorisation code.
  *
  * @param string $redirect_uri the redirect URI associated with the code
  * @param string|array $scope the allowed scope - this should be a subset of
  * the scope provided by the authorisation, or null if all of the authorisation's
  * scope is to be included
  * @param array $additional additional data to be stored in the code
  * @return string the authorisation code
  */
 public function issueCode($redirect_uri, $scope = null, $additional = array())
 {
     if ($scope == null) {
         $scope = $this->available_scope;
     }
     $code = Code::create($this, $redirect_uri, $scope, $additional);
     return $code->getCode();
 }