/**
* Authenticates the application with the given code to receive an access token.
*
* @param string $code code sent by the authorization server to exchange for an access token.
* @return NostoOAuthToken
* @throws NostoException
*/
public function authenticate($code)
{
if (empty($code)) {
throw new NostoException('Invalid authentication token');
}
$request = new NostoHttpRequest();
$request->setUrl(self::$baseUrl . self::PATH_TOKEN);
$request->setReplaceParams(array('{cid}' => $this->clientId, '{sec}' => $this->clientSecret, '{uri}' => $this->redirectUrl, '{cod}' => $code));
$response = $request->get();
$result = $response->getJsonResult(true);
if ($response->getCode() !== 200) {
Nosto::throwHttpException('Failed to authenticate with code.', $request, $response);
}
if (empty($result['access_token'])) {
throw new NostoException('No "access_token" returned after authenticating with code');
}
if (empty($result['merchant_name'])) {
throw new NostoException('No "merchant_name" returned after authenticating with code');
}
return NostoOAuthToken::create($result);
}
/**
* @inheritdoc
*/
public function ssoLogin(NostoAccountMetaDataIframeInterface $meta)
{
$token = $this->getApiToken('sso');
if ($token === null) {
return false;
}
$request = new NostoHttpRequest();
$request->setUrl(NostoHttpRequest::$baseUrl . NostoHttpRequest::PATH_SSO_AUTH);
$request->setReplaceParams(array('{platform}' => $meta->getPlatform(), '{email}' => $meta->getEmail()));
$request->setContentType('application/x-www-form-urlencoded');
$request->setAuthBasic('', $token->getValue());
$response = $request->post(http_build_query(array('fname' => $meta->getFirstName(), 'lname' => $meta->getLastName())));
$result = $response->getJsonResult();
if ($response->getCode() !== 200) {
Nosto::throwHttpException('Unable to login employee to Nosto with SSO token.', $request, $response);
}
if (empty($result->login_url)) {
throw new NostoException('No "login_url" returned when logging in employee to Nosto');
}
return $result->login_url;
}
/**
* Signs the user in to Nosto via SSO.
*
* Requires that the account has a valid sso token associated with it.
*
* @param NostoAccount $account the account to sign into.
* @param NostoAccountMetaSingleSignOnInterface $meta the SSO meta-data.
* @return string a secure login url.
*
* @throws NostoException on failure.
*/
public function sso(NostoAccount $account, NostoAccountMetaSingleSignOnInterface $meta)
{
$token = $account->getApiToken(NostoApiToken::API_SSO);
if (is_null($token)) {
throw new NostoException(sprintf('No `%s` API token found for account "%s".', NostoApiToken::API_SSO, $account->getName()));
}
$request = new NostoHttpRequest();
$request->setUrl(NostoHttpRequest::$baseUrl . NostoHttpRequest::PATH_SSO_AUTH);
$request->setReplaceParams(array('{platform}' => $meta->getPlatform(), '{email}' => $meta->getEmail()));
$request->setContentType('application/x-www-form-urlencoded');
$request->setAuthBasic('', $token->getValue());
$response = $request->post(http_build_query(array('fname' => $meta->getFirstName(), 'lname' => $meta->getLastName())));
if ($response->getCode() !== 200) {
throw Nosto::createHttpException('Failed to sign into Nosto using Single Sign On.', $request, $response);
}
$result = $response->getJsonResult();
if (empty($result->login_url)) {
throw new NostoException('No "login_url" returned when logging in employee to Nosto');
}
return $result->login_url;
}
