public function testGetAccessTokenWithExpiredAccessTokenAndRefreshToken()
{
$client = new Client();
$mock = new MockPlugin();
$mock->addResponse(new Response(200, null, json_encode(array("access_token" => "my_new_access_token_value", "token_type" => "Bearer"))));
$client->addSubscriber($mock);
$api = new Api("foo", $this->clientConfig[0], $this->storage, $client);
$context = new Context("a_user", array("foo", "bar"));
$accessToken = new AccessToken(array("client_config_id" => "foo", "user_id" => "a_user", "token_type" => "bearer", "access_token" => "my_token_value", "scope" => Scope::fromString("foo bar"), "issue_time" => time() - 4000, "expires_in" => 3600));
$this->storage->storeAccessToken($accessToken);
$refreshToken = new RefreshToken(array("client_config_id" => "foo", "user_id" => "a_user", "refresh_token" => "my_refresh_token_value", "scope" => Scope::fromString("foo bar"), "issue_time" => time() - 10000));
$this->storage->storeRefreshToken($refreshToken);
$accessToken = $api->getAccessToken($context);
$this->assertEquals("my_new_access_token_value", $accessToken->getAccessToken());
//$this->assertFalse($accessToken);
}
public function testGetAccessTokenWithExpiredAccessTokenAndRefreshToken()
{
$client = new Client();
$mock = new MockPlugin();
$mock->addResponse(new Response(200, null, json_encode(array('access_token' => 'my_new_access_token_value', 'token_type' => 'Bearer'))));
$client->addSubscriber($mock);
$guzzle3Client = new Guzzle3Client($client);
$api = new Api('foo', $this->clientConfig[0], $this->storage, $guzzle3Client);
$context = new Context('a_user', array('foo', 'bar'));
$accessToken = new AccessToken(array('client_config_id' => 'foo', 'user_id' => 'a_user', 'token_type' => 'bearer', 'access_token' => 'my_token_value', 'scope' => Scope::fromString('foo bar'), 'issue_time' => time() - 4000, 'expires_in' => 3600));
$this->storage->storeAccessToken($accessToken);
$refreshToken = new RefreshToken(array('client_config_id' => 'foo', 'user_id' => 'a_user', 'refresh_token' => 'my_refresh_token_value', 'scope' => Scope::fromString('foo bar'), 'issue_time' => time() - 10000));
$this->storage->storeRefreshToken($refreshToken);
$accessToken = $api->getAccessToken($context);
$this->assertEquals('my_new_access_token_value', $accessToken->getAccessToken());
//$this->assertFalse($accessToken);
}
public function getToken()
{
$context = new Context($this->clientConfig->getClientId(), new Scope(array("read", "write")));
$accessToken = parent::getAccessToken($context);
if (false === $accessToken) {
// request for access token using client_credentials when invalid or expired.
$tokenRequest = new CodesWholesaleTokenRequest($this->httpClient, $this->clientConfig);
$tokenResponse = $tokenRequest->withClientCredentials();
if (false === $tokenResponse) {
// unable to fetch with new access token
return false;
}
$accessToken = new AccessToken(array("client_config_id" => $this->clientConfigId, "user_id" => $context->getUserId(), "scope" => $context->getScope(), "access_token" => $tokenResponse->getAccessToken(), "token_type" => $tokenResponse->getTokenType(), "issue_time" => time(), "expires_in" => $tokenResponse->getExpiresIn()));
$this->tokenStorage->storeAccessToken($accessToken);
}
if (false !== $accessToken) {
return $accessToken;
}
return false;
}
/**
* Tries to authenticate a user
* @param Request $request The request
* @return \Exception|RedirectResponse Returns an exception when authentication fails, or a redirect response when a redirect is required
* @throws \fkooman\OAuth\Client\Exception\ApiException
*/
public function tryAuthentication(Request $request)
{
$this->clientConfig->setRedirectUri($request->getUri());
if ($request->query->has('code') || $request->query->has('error')) {
try {
$this->callback->handleCallback($request->query->all());
} catch (AuthorizeException $ex) {
return $ex;
} catch (CallbackException $ex) {
return $ex;
}
}
if ($request->query->has('code')) {
$request->query->remove('code');
$request->query->remove('state');
$request->server->set('QUERY_STRING', http_build_query($request->query->all()));
return new RedirectResponse($request->getUri());
}
if (!$this->getAccessToken()) {
return new RedirectResponse($this->api->getAuthorizeUri($this->context));
}
}
<?php
require_once 'vendor/autoload.php';
require_once 'config.php';
use fkooman\OAuth\Client\ClientConfig;
use fkooman\OAuth\Client\SessionStorage;
use fkooman\OAuth\Client\Api;
use fkooman\OAuth\Client\Context;
use fkooman\OAuth\Client\Scope;
use fkooman\Guzzle\Plugin\BearerAuth\BearerAuth;
use fkooman\Guzzle\Plugin\BearerAuth\Exception\BearerErrorResponseException;
use Guzzle\Http\Client;
$clientConfig = new ClientConfig($config['client']);
$tokenStorage = new SessionStorage();
$httpClient = new Client();
$api = new Api("php-voot-client", $clientConfig, $tokenStorage, $httpClient);
$context = new Context("*****@*****.**", new Scope($config['scope']));
$accessToken = $api->getAccessToken($context);
if (false === $accessToken) {
/* no valid access token available, go to authorization server */
header("HTTP/1.1 302 Found");
header("Location: " . $api->getAuthorizeUri($context));
exit;
}
try {
$client = new Client();
$bearerAuth = new BearerAuth($accessToken->getAccessToken());
$client->addSubscriber($bearerAuth);
$response = $client->get($config['api_uri'])->send();
header("Content-Type: application/json");
echo $response->getBody();
<?php
require_once 'vendor/autoload.php';
use fkooman\OAuth\Client\Guzzle6Client;
use fkooman\OAuth\Client\ClientConfig;
use fkooman\OAuth\Client\SessionStorage;
use fkooman\OAuth\Client\Api;
use fkooman\OAuth\Client\Context;
$clientConfig = new ClientConfig(array('authorize_endpoint' => 'http://localhost/php-oauth-as/authorize.php', 'client_id' => 'php-oauth-client-example6', 'client_secret' => 'f00b4r', 'token_endpoint' => 'http://localhost/php-oauth-as/token.php'));
$tokenStorage = new SessionStorage();
$httpClient = new Guzzle6Client();
$api = new Api('foo', $clientConfig, $tokenStorage, $httpClient);
$context = new Context('*****@*****.**', array('authorizations'));
$accessToken = $api->getAccessToken($context);
if (false === $accessToken) {
/* no valid access token available, go to authorization server */
header('HTTP/1.1 302 Found');
header('Location: ' . $api->getAuthorizeUri($context));
exit;
}
echo 'Access Token: ' . $accessToken->getAccessToken();
