/** * Check authorise parameters * * @param array $inputParams Optional array of parsed $_GET keys * @throws \OAuth2\Exception\ClientException * @return array Authorise request parameters */ public function checkAuthoriseParams($inputParams = array()) { // Auth params $authParams = $this->authServer->getParam(array('client_id', 'redirect_uri', 'response_type', 'scope', 'state', 'nonce'), 'get', $inputParams); if (is_null($authParams['client_id'])) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0); } if (is_null($authParams['redirect_uri'])) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'redirect_uri'), 0); } if ($this->authServer->stateParamRequired() === true && is_null($authParams['state'])) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'state'), 0); } if ($this->authServer->nonceParamRequired() === true && is_null($authParams['nonce'])) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'nonce'), 0); } // Validate client ID and redirect URI $clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], null, $authParams['redirect_uri'], $this->identifier); if ($clientDetails === false) { throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8); } $authParams['client_details'] = $clientDetails; if (is_null($authParams['response_type'])) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'response_type'), 0); } // Ensure response type is one that is recognised if (!in_array($authParams['response_type'], $this->authServer->getResponseTypes())) { throw new Exception\ClientException($this->authServer->getExceptionMessage('unsupported_response_type'), 3); } // Validate scopes $scopes = explode($this->authServer->getScopeDelimeter(), $authParams['scope']); //dd($scopes); for ($i = 0; $i < count($scopes); $i++) { $scopes[$i] = trim($scopes[$i]); if ($scopes[$i] === '') { unset($scopes[$i]); } // Remove any junk scopes } if ($this->authServer->scopeParamRequired() === true && $this->authServer->getDefaultScope() === null && count($scopes) === 0) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0); } elseif (count($scopes) === 0 && $this->authServer->getDefaultScope() !== null) { if (is_array($this->authServer->getDefaultScope())) { $scopes = $this->authServer->getDefaultScope(); } else { $scopes = array($this->authServer->getDefaultScope()); } } $authParams['scopes'] = array(); foreach ($scopes as $scope) { $scopeDetails = $this->authServer->getStorage('scope')->getScope($scope, $authParams['client_id'], $this->identifier); if ($scopeDetails === false) { throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_scope'), $scope), 4); } $authParams['scopes'][] = $scopeDetails; } return $authParams; }