/**
* Logs the user in.
*
* @return \API\Document\User The user document
*/
public function loginGet($request)
{
// CSRF protection
$_SESSION['csrfToken'] = OAuth::generateCsrfToken();
}
/**
* @param [type] $request [description]
*
* @return [type] [description]
*/
public function authorizeGet($request)
{
// CSRF protection
$_SESSION['csrfToken'] = Util\OAuth::generateCsrfToken();
$params = new Set($request->get());
$requiredParams = ['response_type', 'client_id', 'redirect_uri', 'scope'];
//TODO: Use json-schema validator
foreach ($requiredParams as $requiredParam) {
if (!$params->has($requiredParam)) {
throw new \Exception('Parameter ' . $requiredParam . ' is missing!', Resource::STATUS_BAD_REQUEST);
}
}
if ($params->get('response_type') !== 'code') {
throw new \Exception('Invalid response_type specified.', Resource::STATUS_BAD_REQUEST);
}
$collection = $this->getDocumentManager()->getCollection('oAuthClients');
$cursor = $collection->find();
$cursor->where('clientId', $params->get('client_id'));
$clientDocument = $cursor->current();
if (null === $clientDocument) {
throw new \Exception('Invalid client_id', Resource::STATUS_BAD_REQUEST);
}
if ($params->get('redirect_uri') !== $clientDocument->getRedirectUri()) {
throw new \Exception('Redirect_uri mismatch!', Resource::STATUS_BAD_REQUEST);
}
$collection = $this->getDocumentManager()->getCollection('authScopes');
$scopeDocuments = [];
$scopes = explode(',', $params->get('scope'));
foreach ($scopes as $scope) {
$cursor = $collection->find();
$cursor->where('name', $scope);
$scopeDocument = $cursor->current();
if (null === $scopeDocument) {
throw new \Exception('Invalid scope given!', Resource::STATUS_BAD_REQUEST);
}
$scopeDocuments[] = $scopeDocument;
}
$this->client = $clientDocument;
$this->scopes = $scopeDocuments;
}
