/** * Stage 2: User response is captured here * * Success or failure is communicated back to the Client using the redirect * url provided by the client * * On success authorization code is sent along * * @format JsonFormat,UploadFormat */ public function postAuthorize($authorize = null, $userId = null, $returnResponse = false) { @session_start(); if (! isset($_SESSION['USER_LOGGED'])) { throw new RestException(400, "Local Authentication Error, user session is not started."); } if (empty($userId)) { $userId = $_SESSION['USER_LOGGED']; } if (empty($authorize)) { $authorize = array_key_exists('cancel', $_REQUEST)? false: true; } $request = \OAuth2\Request::createFromGlobals(); $response = new \OAuth2\Response(); $response = $this->server->handleAuthorizeRequest( $request, $response, (bool)$authorize, $userId ); if ($returnResponse) { return $response; } else { $response->send(); exit(0); } }
public function testAddingResponseType() { $storage = $this->getMock('OAuth2_Storage_Memory'); $storage->expects($this->any())->method('getClientDetails')->will($this->returnValue(array('client_id' => 'some_client'))); $storage->expects($this->any())->method('checkRestrictedGrantType')->will($this->returnValue(true)); // add with the "code" key explicitly set $codeType = new OAuth2_ResponseType_AuthorizationCode($storage); $server = new OAuth2_Server(); $server->addStorage($storage); $server->addResponseType($codeType); $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); // add with the "code" key not set $codeType = new OAuth2_ResponseType_AuthorizationCode($storage); $server = new OAuth2_Server(array($storage), array(), array(), array($codeType)); $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); }