public function testRevokeRefreshTokenWithBogusTypeHint()
{
$tokenStorage = new Memory(array('refresh_tokens' => array('revoke' => array('mytoken'))));
$this->assertEquals(array('mytoken'), $tokenStorage->getRefreshToken('revoke'));
$accessToken = new AccessToken(new Memory(), $tokenStorage);
$accessToken->revokeToken('revoke', 'foo');
$this->assertFalse($tokenStorage->getRefreshToken('revoke'));
}
public function createAccessToken($client_id, $user_id, $scope = null, $includeRefreshToken = true)
{
$accessToken = parent::createAccessToken($client_id, $user_id, $scope, $includeRefreshToken);
if (isset($this->config['access_token_return_user_id']) && $this->config['access_token_return_user_id']) {
$accessToken['user_id'] = $user_id;
}
return $accessToken;
}
/**
* @param $config
* - store_encrypted_token_string (bool true)
* whether the entire encrypted string is stored,
* or just the token ID is stored
*/
public function __construct(PublicKeyInterface $publicKeyStorage = null, AccessTokenStorageInterface $tokenStorage = null, RefreshTokenInterface $refreshStorage = null, array $config = array(), EncryptionInterface $encryptionUtil = null)
{
$this->publicKeyStorage = $publicKeyStorage;
$config = array_merge(array('store_encrypted_token_string' => true, 'issuer' => ''), $config);
if (is_null($tokenStorage)) {
// a pass-thru, so we can call the parent constructor
$tokenStorage = new Memory();
}
if (is_null($encryptionUtil)) {
$encryptionUtil = new Jwt();
}
$this->encryptionUtil = $encryptionUtil;
parent::__construct($tokenStorage, $refreshStorage, $config);
}
public function getGitHubAuthorize(HttpFoundation\Request $request)
{
$code = $request->get('code');
$state = $request->get('state');
if (is_null($code) || is_null($state)) {
return new HttpFoundation\Response('Invalid GitHub Request Params', 400);
}
$user = $this->github->getUserFromOAuth($code, $state);
//Check to see if we already have this user. If so then set their
//ID so we update the user instead of creating a new one.
$dbUser = $this->userRepo->getAll(['githubId' => $user->githubId], 1);
if (!empty($dbUser)) {
$user->id = $dbUser[0]->id;
}
if ($this->userRepo->save($user)) {
//Add an access token to the user for this one time so that
//they have something to use to contact our service again.
$token = $this->tokenGenerator->createAccessToken('codemana', $user->id, 'user', true);
return new HttpFoundation\JsonResponse(['user' => $user, 'token' => $token]);
//TODO: The user no longer comes with any repositories. The front end is expected to fetch those separately.
}
return new HttpFoundation\Response('Failed Login', 500);
}
/**
* {@inheritDoc}
*/
public function createAccessToken($clientId, $userId, $scope = null, $includeRefreshToken = true)
{
$token = parent::createAccessToken($clientId, $userId, $scope, $includeRefreshToken);
$token['user_id'] = $userId;
return $token;
}
/**
* @param $data
* @return JsonModel|ApiProblemResponse
*/
private function googleAuth($data)
{
try {
$userManagerService = $this->getServiceLocator()->get('service_user');
$userManagerDao = $this->getServiceLocator()->get('dao_user_user_manager');
$requestHandler = $this->getServiceLocator()->get('Service\\RequestHandler');
$authService = $this->getServiceLocator()->get('library_backoffice_auth');
$oauth2ServerFactory = $this->getServiceLocator()->get('ZF\\OAuth2\\Service\\OAuth2Server');
if (!isset($data['token']) || !isset($data['grant_type']) || !isset($data['client_id']) || !isset($data['client_secret'])) {
throw new ApiException(Error::INCOMPLETE_PARAMETERS_CODE);
}
$userinfo = 'https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=' . $data['token'];
$googleInfo = @file_get_contents($userinfo);
if (!$googleInfo) {
throw new ApiException(Error::USER_NOT_FOUND_CODE);
}
$userInfoArray = json_decode($googleInfo, true);
$googleEmail = $userInfoArray['email'];
$columns = ['id', 'email', 'firstname', 'lastname', 'cityId' => 'city_id', 'countryId' => 'country_id', 'password'];
$userInfo = $userManagerDao->getUserByEmail($googleEmail, true, $columns);
if (!$userInfo) {
throw new ApiException(Error::USER_NOT_FOUND_CODE);
}
$server = call_user_func($oauth2ServerFactory, '/oauth');
$accessTokenStorage = $server->getStorage('access_token');
$refreshTokenStorage = $server->getStorage('refresh_token');
$accessToken = new AccessToken($accessTokenStorage, $accessTokenStorage);
$response = $accessToken->createAccessToken($data['client_id'], $userInfo['email'], null);
if (!$response) {
throw new ApiException(Error::INVALID_TOKEN_CODE);
}
return new JsonModel($response);
} catch (\Exception $e) {
return new ApiProblemResponse($requestHandler->handleException($e));
}
}
