public function testGetAccessTokenWithoutToken() { $client = new Client(); $mock = new MockPlugin(); $mock->addResponse(new Response(200)); $client->addSubscriber($mock); $api = new Api("foo", $this->clientConfig[0], $this->storage, $client); $context = new Context("a_user", array("foo", "bar")); $this->assertFalse($api->getAccessToken($context)); $this->assertEquals("http://www.example.org/authorize?client_id=foo&response_type=code&state=my_custom_state&scope=bar+foo", $api->getAuthorizeUri($context, "my_custom_state")); }
/** * Tries to authenticate a user * @param Request $request The request * @return \Exception|RedirectResponse Returns an exception when authentication fails, or a redirect response when a redirect is required * @throws \fkooman\OAuth\Client\Exception\ApiException */ public function tryAuthentication(Request $request) { $this->clientConfig->setRedirectUri($request->getUri()); if ($request->query->has('code') || $request->query->has('error')) { try { $this->callback->handleCallback($request->query->all()); } catch (AuthorizeException $ex) { return $ex; } catch (CallbackException $ex) { return $ex; } } if ($request->query->has('code')) { $request->query->remove('code'); $request->query->remove('state'); $request->server->set('QUERY_STRING', http_build_query($request->query->all())); return new RedirectResponse($request->getUri()); } if (!$this->getAccessToken()) { return new RedirectResponse($this->api->getAuthorizeUri($this->context)); } }
use fkooman\OAuth\Client\Api; use fkooman\OAuth\Client\Context; use fkooman\OAuth\Client\Scope; use fkooman\Guzzle\Plugin\BearerAuth\BearerAuth; use fkooman\Guzzle\Plugin\BearerAuth\Exception\BearerErrorResponseException; use Guzzle\Http\Client; $clientConfig = new ClientConfig($config['client']); $tokenStorage = new SessionStorage(); $httpClient = new Client(); $api = new Api("php-voot-client", $clientConfig, $tokenStorage, $httpClient); $context = new Context("*****@*****.**", new Scope($config['scope'])); $accessToken = $api->getAccessToken($context); if (false === $accessToken) { /* no valid access token available, go to authorization server */ header("HTTP/1.1 302 Found"); header("Location: " . $api->getAuthorizeUri($context)); exit; } try { $client = new Client(); $bearerAuth = new BearerAuth($accessToken->getAccessToken()); $client->addSubscriber($bearerAuth); $response = $client->get($config['api_uri'])->send(); header("Content-Type: application/json"); echo $response->getBody(); } catch (BearerErrorResponseException $e) { if ("invalid_token" === $e->getBearerReason()) { // the token we used was invalid, possibly revoked, we throw it away $api->deleteAccessToken($context); $api->deleteRefreshToken($context); /* no valid access token available, go to authorization server */
<?php require_once 'vendor/autoload.php'; use fkooman\OAuth\Client\Guzzle6Client; use fkooman\OAuth\Client\ClientConfig; use fkooman\OAuth\Client\SessionStorage; use fkooman\OAuth\Client\Api; use fkooman\OAuth\Client\Context; $clientConfig = new ClientConfig(array('authorize_endpoint' => 'http://localhost/php-oauth-as/authorize.php', 'client_id' => 'php-oauth-client-example6', 'client_secret' => 'f00b4r', 'token_endpoint' => 'http://localhost/php-oauth-as/token.php')); $tokenStorage = new SessionStorage(); $httpClient = new Guzzle6Client(); $api = new Api('foo', $clientConfig, $tokenStorage, $httpClient); $context = new Context('*****@*****.**', array('authorizations')); $accessToken = $api->getAccessToken($context); if (false === $accessToken) { /* no valid access token available, go to authorization server */ header('HTTP/1.1 302 Found'); header('Location: ' . $api->getAuthorizeUri($context)); exit; } echo 'Access Token: ' . $accessToken->getAccessToken();