/**
*
*/
public function createAction()
{
$isPublic = (bool) ($this->params('public') ?: $this->showPrompt('public'));
$description = $this->params('description') ?: $this->showPrompt('description');
$grantTypes = $this->params('grant-types') ?: $this->showPrompt('grant-types');
$redirectUri = $this->params('redirect-uri') ?: $this->showPrompt('redirect-uri');
$secret = null;
$encryptedSecret = null;
if (!$isPublic) {
$secret = Rand::getString(32);
$encryptedSecret = $this->password->create($secret);
}
if ($grantTypes) {
$grantTypes = explode(',', $grantTypes);
array_walk($grantTypes, function (&$grant) {
$grant = trim($grant);
});
}
$client = new Client(null, $encryptedSecret, null, $grantTypes, $redirectUri, $description);
$this->clientMapper->save($client);
$this->getConsole()->writeLine();
$this->getConsole()->writeLine('* Client created *', Color::GREEN);
if (!$isPublic) {
$this->getConsole()->writeLine('The client secret was auto-generated and encrypted. Please store it safely.');
$this->getConsole()->writeLine("Don't ever disclose the client secret publicly", Color::YELLOW);
$this->getConsole()->writeLine();
}
$this->getConsole()->writeLine("UUID: \t\t" . $client->getUuid());
if (!$isPublic) {
$this->getConsole()->writeLine("Secret: \t" . $secret);
}
$this->getConsole()->writeLine("Grant types: \t" . implode(', ', $client->getGrantTypes()));
$this->getConsole()->writeLine("Description: \t" . $client->getDescription());
$this->getConsole()->writeLine("Redirect URI: \t" . $client->getRedirectUri());
}
/**
* @param RequestInterface $request
* @param ResponseInterface $response
*
* @return bool
*/
public function validateRequest(RequestInterface $request, ResponseInterface $response)
{
$providerName = $request->request('provider');
$providerUserId = $request->request('provider_user_id');
$providerAccessToken = $request->request('provider_access_token');
if (!$providerName || !$providerUserId || !$providerAccessToken) {
$response->setError(400, 'invalid_request', 'One or more missing parameter: "provider", "provider_user_id" and "provider_access_token" are required');
return false;
}
$provider = isset($this->providers[$providerName]) ? $this->providers[$providerName] : null;
if (!$provider instanceof ProviderInterface) {
$response->setError(400, 'invalid_request', 'Unknown provider selected');
return false;
}
try {
$errorMessage = '';
if (!$provider->validate($providerUserId, $providerAccessToken, $errorMessage)) {
$response->setError(401, 'invalid_grant', 'Invalid third party credentials: ' . $errorMessage);
return false;
}
} catch (ClientException $e) {
$response->setError($e->getCode(), 'provider_client_error', $e->getMessage());
return false;
} catch (Exception $e) {
$response->setError(500, 'provider_error', $e->getMessage());
return false;
}
$token = $request->request('access_token');
$accessToken = $token ? $this->accessTokenMapper->findByToken($token) : null;
if ($accessToken instanceof Entity\AccessToken && $accessToken->isExpired()) {
$response->setError(401, 'invalid_grant', 'Access token is expired');
return false;
}
$thirdPartyUser = $this->thirdPartyMapper->findByProvider($provider);
switch (true) {
// a known user tries to connect with third party credentials owned by another user? issue an error
case $accessToken instanceof Entity\AccessToken && $thirdPartyUser instanceof Entity\ThirdParty && $thirdPartyUser->getUser() !== $accessToken->getUser():
$response->setError(400, 'invalid_request', 'Another user is already registered with same credentials');
return false;
// known third party credentials? update the data and grab the user form it
// known third party credentials? update the data and grab the user form it
case $thirdPartyUser instanceof Entity\ThirdParty:
$thirdPartyUser->setData($provider->getUserData());
$user = $thirdPartyUser->getUser();
break;
// valid access token? grab the user form it
// valid access token? grab the user form it
case $accessToken instanceof Entity\AccessToken:
$user = $accessToken->getUser();
break;
// no third party credentials or access token? it's a new user
// no third party credentials or access token? it's a new user
default:
$userClass = $this->moduleOptions->getUserEntityClassName();
$user = new $userClass();
}
// in case 3 and 4 we need to connect the user with new third party credentials
if (!$thirdPartyUser instanceof Entity\ThirdParty) {
$this->connectUserToThirdParty($user, $provider);
}
$this->userMapper->save($user);
$this->user = $user;
return true;
}
