/** * Issue request with the Auth Code Grant. * * @param Illuminate\Http\Request $request * @return Response */ public function issueAuthorize(Request $request) { $params = Authorizer::getAuthCodeRequestParams(); $params['user_id'] = Auth::user()->id; $redirectUri = ''; // if the user has allowed the client to access its data, redirect back to the client with an auth code if ($request->input('approve') !== null) { $redirectUri = Authorizer::issueAuthCode('user', $params['user_id'], $params); } // if the user has denied the client to access its data, redirect back to the client with an error message if ($request->input('deny') !== null) { $redirectUri = Authorizer::authCodeRequestDeniedRedirectUri(); } return Redirect::to($redirectUri); }
}); Route::get('oauth/authorize', ['as' => 'oauth.authorize.get', 'middleware' => ['check-authorization-params', 'auth'], function () { // display a form where the user can authorize the client to access it's data $authParams = Authorizer::getAuthCodeRequestParams(); $formParams = array_except($authParams, 'client'); $formParams['client_id'] = $authParams['client']->getId(); return View::make('oauth.authorization-form', ['params' => $formParams, 'client' => $authParams['client']]); }]); Route::post('oauth/authorize', ['as' => 'oauth.authorize.post', 'middleware' => ['csrf', 'check-authorization-params', 'auth'], function () { $params = Authorizer::getAuthCodeRequestParams(); $params['user_id'] = Auth::user()->id; $redirectUri = ''; // if the user has allowed the client to access its data, redirect back to the client with an auth code if (Input::get('approve') !== null) { $redirectUri = Authorizer::issueAuthCode('user', $params['user_id'], $params); } // if the user has denied the client to access its data, redirect back to the client with an error message if (Input::get('deny') !== null) { $redirectUri = Authorizer::authCodeRequestDeniedRedirectUri(); } return Redirect::to($redirectUri); }]); Route::post('oauth/access_token', ['as' => 'access_token', function () { header('Content-Type:application/json; charset=utf-8'); return Response::json(Authorizer::issueAccessToken()); }]); Route::get('/callback', function () { if (Input::has('code')) { return view('callback'); } });