/** * When the security token is created, populate it with user information from the service API. * * @param FilterTokenEvent $event */ public function onFilterToken(FilterTokenEvent $event) { $token = $event->getToken(); $service = $token->getService(); $oauthService = $this->registry->getService($service); $config = $this->config[$service]; $serviceName = OAuthServiceRegistry::getServiceName($oauthService); $accessToken = $oauthService->getStorage()->retrieveAccessToken($serviceName); $token->setAccessToken($accessToken); $callback = isset($config['user_callback']) && is_callable($config['user_callback']) ? $config['user_callback'] : array($this, 'defaultUserCallback'); if (isset($config['user_endpoint'])) { $rawUserInfo = json_decode($oauthService->request($config['user_endpoint']), true); } call_user_func($callback, $token, $rawUserInfo, $oauthService); }
/** * {@inheritDoc} */ protected function attemptAuthentication(Request $request) { $service = $request->attributes->get('service'); $oauthService = $this->registry->getService($service); // redirect to auth provider if initiating if ($this->httpUtils->checkRequestPath($request, $this->options['login_route'])) { if ($this->options['post_only'] && !$request->isMethod('post')) { if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication method not supported: %s.', $request->getMethod())); } return null; } // CSRF checking only upon login if (null !== $this->csrfTokenManager) { $csrfToken = $request->get($this->options['csrf_parameter'], null, true); if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) { throw new InvalidCsrfTokenException('Invalid CSRF token.'); } } $authorizationParameters = array(); if ($oauthService instanceof OAuth1ServiceInterface) { $token = $oauthService->requestRequestToken(); $authorizationParameters = array('oauth_token' => $token->getRequestToken()); } $authorizationUri = $oauthService->getAuthorizationUri($authorizationParameters); return $this->httpUtils->createRedirectResponse($request, $authorizationUri->getAbsoluteUri()); } // request access token upon callback if ($this->httpUtils->checkRequestPath($request, $this->options['callback_route'])) { if ($request->query->has('error')) { throw new AuthenticationException($request->query->get('error_description', $request->query->get('error'))); } if ($oauthService instanceof OAuth1ServiceInterface) { try { $serviceName = OAuthServiceRegistry::getServiceName($oauthService); $token = $oauthService->getStorage()->retrieveAccessToken($serviceName); } catch (StorageException $exception) { throw new AuthenticationException('Could not retrieve access token.', null, $exception); } if (!$request->query->has('oauth_token') || !$request->query->has('oauth_verifier')) { throw new AuthenticationException('Token parameters missing.'); } $oauthService->requestAccessToken($request->query->get('oauth_token'), $request->query->get('oauth_verifier'), $token->getRequestTokenSecret()); } else { if (!$request->query->has('code')) { throw new AuthenticationException('Token parameters missing.'); } $oauthService->requestAccessToken($request->query->get('code')); } // the access token is now stored in the session, redirect back to check_path return $this->httpUtils->createRedirectResponse($request, $this->options['check_route']); } $authToken = new OAuthToken($this->providerKey); $authToken->setService($this->registry->mapServiceName($service)); if (null !== $this->dispatcher) { $this->dispatcher->dispatch(OAuthEvents::TOKEN, new FilterTokenEvent($authToken)); } return $this->authenticationManager->authenticate($authToken); }