public function __construct(Request $request) { $this->setGrantType($request->getPostParameter('grant_type')); $this->setCode($request->getPostParameter('code')); $this->setRedirectUri($request->getPostParameter('redirect_uri')); $this->setClientId($request->getPostParameter('client_id')); $this->setRefreshToken($request->getPostParameter('refresh_token')); $this->setScope($request->getPostParameter('scope')); // some additional validation if ('authorization_code' === $this->getGrantType() && null === $this->getCode()) { throw new BadRequestException('invalid_requst', 'for authorization_code grant type a code must be provided'); } if ('refresh_token' === $this->getGrantType() && null === $this->getRefreshToken()) { throw new BadRequestException('invalid_request', 'for refresh_token grant type a refresh_token must be provided'); } }
public function postAuthorization(Request $request, UserInfoInterface $userInfo) { $authorizeRequest = new AuthorizeRequest($request); $clientId = $authorizeRequest->getClientId(); $responseType = $authorizeRequest->getResponseType(); $redirectUri = $authorizeRequest->getRedirectUri(); $scope = $authorizeRequest->getScope(); $state = $authorizeRequest->getState(); $clientData = $this->storage->getClient($clientId); if (false === $clientData) { throw new BadRequestException('client not registered'); } // if no redirect_uri is part of the query parameter, use the one from // the client registration if (null === $redirectUri) { $redirectUri = $clientData->getRedirectUri(); } if ('approve' !== $request->getPostParameter('approval')) { return new ClientResponse($clientData, $request, $redirectUri, array('error' => 'access_denied', 'error_description' => 'not authorized by resource owner')); } $this->addApproval($clientData, $userInfo->getUserId(), $scope); // redirect to self return new RedirectResponse($request->getUrl()->toString(), 302); }
private function runService(Request $request) { // support method override when _METHOD is set in a form POST if ('POST' === $request->getMethod()) { $methodOverride = $request->getPostParameter('_METHOD'); if (null !== $methodOverride) { $request->setMethod($methodOverride); } } foreach ($this->routes as $route) { if (false !== ($availableRouteCallbackParameters = $route->isMatch($request->getMethod(), $request->getUrl()->getPathInfo()))) { return $this->executeCallback($request, $route, $availableRouteCallbackParameters); } } // figure out all supported methods by all routes $supportedMethods = []; foreach ($this->routes as $route) { $routeMethods = $route->getMethods(); foreach ($routeMethods as $method) { if (!in_array($method, $supportedMethods)) { $supportedMethods[] = $method; } } } // requested method supported, document is just not available if (in_array($request->getMethod(), $supportedMethods)) { throw new NotFoundException('url not found', $request->getUrl()->getRoot() . mb_substr($request->getUrl()->getPathInfo(), 1)); } // requested method net supported... throw new MethodNotAllowedException($request->getMethod(), $supportedMethods); }