/** * @param GetResponseForAuthenticationEvent $event */ public function onAuthorizationRequest(GetResponseForAuthenticationEvent $event) { if ($event->getResponse() !== null) { return; } $request = $event->getRequest(); // Only act on response_type=token $responseType = $request->get("response_type"); if ($responseType !== "token") { return; } // Verify that implicit grants are allowed $client = $event->getClient(); if (!$client->isAllowedGrantType("implicit")) { return; } $user = $event->getUser(); $content = $this->getResponseContent($client, $user); $redirectUri = $request->get("redirect_uri"); $state = $request->get("state"); $queryData = ["state" => $state]; $queryString = http_build_query($queryData); $url = $redirectUri . "?" . $queryString; $response = new RedirectResponse($url); $response->setContent(json_encode($content)); $event->setResponse($response); }
/** * @param GetResponseForAuthenticationEvent $event */ public function onAuthorizationRequest(GetResponseForAuthenticationEvent $event) { if ($event->getResponse() !== null) { return; } $request = $event->getRequest(); // Only act on response_type=code $responseType = $request->get("response_type"); if ($responseType !== "code") { return; } // Verify that authorization_code grants are allowed $client = $event->getClient(); if (!$client->isAllowedGrantType("authorization_code")) { return; } $user = $event->getUser(); $redirectUri = $request->get("redirect_uri"); $authorizationCode = $this->authorizationCodeManager->createAuthorizationCode(); $authorizationCode->setClient($client); $authorizationCode->setUser($user); $authorizationCode->setRedirectUri($redirectUri); $this->authorizationCodeManager->saveAuthorizationCode($authorizationCode); $state = $request->get("state"); $queryData = ["code" => $authorizationCode->getCode(), "state" => $state]; $queryString = http_build_query($queryData); $url = $redirectUri . "?" . $queryString; $response = new RedirectResponse($url); $event->setResponse($response); }