/** * Complete the client credentials grant * * @return array * * @throws */ public function completeFlow() { $selfClient = app('selfClient'); // Get the required params if (is_null($selfClient)) { throw new Exception\InvalidClientException(); } // Validate client ID and client secret $client = $this->server->getClientStorage()->get($selfClient->id, $selfClient->secret, null, $this->getIdentifier()); if ($client instanceof ClientEntity === false) { $this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest())); throw new Exception\InvalidClientException(); } // Create a new session $session = new SessionEntity($this->server); $session->setOwner('client', $client->getId()); $session->associateClient($client); // Generate an access token $accessToken = new AccessTokenEntity($this->server); $accessToken->setId(SecureKey::generate()); $accessToken->setExpireTime($this->getAccessTokenTTL() + time()); foreach ($session->getScopes() as $scope) { $accessToken->associateScope($scope); } // Save everything $session->save(); $accessToken->setSession($session); $accessToken->save(); $oauthClient = new GenericProvider(['clientId' => $selfClient->id, 'clientSecret' => $selfClient->secret, 'redirectUri' => null, 'urlAuthorize' => null, 'urlAccessToken' => null, 'urlResourceOwnerDetails' => null]); $accessToken = new AccessToken(['access_token' => $accessToken->getId(), 'expires' => $accessToken->getExpireTime()]); return function ($method, $url, $options = []) use($oauthClient, $accessToken) { return $oauthClient->getAuthenticatedRequest($method, $url, $accessToken, $options); }; }
/** * Authenticate on AdForm API using the password grant * * @throws OauthException if authentication fails */ public function authenticate() { $urlAccessToken = Client::BASE_URL . '/v1/token'; // we are using a very simple password grant AdForm // doesn't event return a Refresh Token AF $provider = new GenericProvider(['clientId' => '', 'clientSecret' => '', 'redirectUri' => '', 'urlAuthorize' => '', 'urlAccessToken' => $urlAccessToken, 'urlResourceOwnerDetails' => '']); try { $this->accessToken = $provider->getAccessToken('password', ['username' => $this->username, 'password' => $this->password]); } catch (IdentityProviderException $e) { throw OauthException::connect($e->getMessage()); } }
/** * Constructor. * * @param array $options * @param array $collaborators */ public function __construct(array $options = [], array $collaborators = []) { if (empty($options)) { $options = ['urlAuthorize' => 'invalid', 'urlAccessToken' => 'invalid', 'urlResourceOwnerDetails' => 'invalid']; } parent::__construct($options, $collaborators); }
/** * Process data returned as callback from the client * * @param string $user_id * @param string $profile_id * @param array $data * @return \App\Models\Provider * @throws \Exception */ public function handleCallback($user_id, $profile_id, $data = []) { if (empty($data['state']) || $data['state'] !== $data['local_state']) { throw new \Exception('Invalid state'); } // Try to get an access token using the authorization code grant. $this->token = $this->client->getAccessToken('authorization_code', ['code' => $data['code']]); }
/** * Set Http Client for making request. * * @return self */ protected function setClient() { //Create a new client $client = new Client(['base_uri' => $this->getEndPoint()]); //Set client on our provider $this->agefiProvider->setHttpClient($client); //Return calling object return $this; }
public function adidasAction(Request $request) { $session = $request->getSession(); //$session->set('foo', 'bar'); //$foo = $session->get('foo'); $provider = new GenericProvider(['clientId' => 'demoapp', 'clientSecret' => 'demopass', 'redirectUri' => 'http://localhost/micoach-api/symfony/web/app_dev.php/adidas', 'urlAuthorize' => 'https://pf.adidas.com/as/authorization.oauth2', 'urlAccessToken' => 'https://api.micoach.com/oauth/token', 'urlResourceOwnerDetails' => 'https://api.micoach.com/v3/users/me']); //print_r($provider); //echo $provider->getAuthorizationUrl() . '<br>'; //echo $provider->getState() . '<br>'; if (!$request->query->has('code')) { $authorizationUrl = $provider->getAuthorizationUrl(); $session->set('oauth2state', $provider->getState()); //$request->query->get('code') return $this->redirect($authorizationUrl); } if (!$request->query->has('state') || $request->query->get('state') != $session->get('oauth2state')) { return new Response('Invalid state'); } try { // Try to get an access token using the authorization code grant. $accessToken = $provider->getAccessToken('authorization_code', ['code' => $request->query->get('code')]); // We have an access token, which we may use in authenticated // requests against the service provider's API. echo $accessToken->getToken() . "\n"; echo $accessToken->getRefreshToken() . "\n"; echo $accessToken->getExpires() . "\n"; echo ($accessToken->hasExpired() ? 'expired' : 'not expired') . "\n"; // Using the access token, we may look up details about the // resource owner. $resourceOwner = $provider->getResourceOwner($accessToken); $result = var_export($resourceOwner->toArray()); return new Response($result); } catch (IdentityProviderException $e) { // Failed to get the access token or user details. return new Response($e->getMessage()); } //$buzz = $this->container->get('buzz'); //$response = $buzz->get($provider->getAuthorizationUrl()); //echo $response->getContent(); return new Response(''); }
/** * Authenticate with Slack and cache the access token * * @param Request $request * @return \Illuminate\Http\RedirectResponse */ public function slack(Request $request) { if (Cache::has('slack_token')) { return redirect('/'); } $provider = new Provider\GenericProvider(['clientId' => env('SLACK_CLIENT_ID'), 'clientSecret' => env('SLACK_CLIENT_SECRET'), 'redirectUri' => url('auth/slack'), 'urlAuthorize' => 'https://slack.com/oauth/authorize', 'urlAccessToken' => 'https://slack.com/api/oauth.access', 'urlResourceOwnerDetails' => '']); if (!$request->get('code')) { $authorizationUrl = $provider->getAuthorizationUrl(); $request->session()->put('oauth2state', $provider->getState()); return redirect($authorizationUrl); } elseif (empty($request->get('state')) || $request->get('state') !== $request->session()->get('oauth2state')) { $request->session()->forget('oauth2state'); exit('Invalid state'); } else { try { $accessToken = $provider->getAccessToken('authorization_code', ['code' => $request->get('code')]); $token = $accessToken->getToken(); Cache::put('slack_token', $token, 60 * 24 * 30); } catch (IdentityProviderException $e) { exit($e->getMessage()); } } return redirect('/'); }
public function __construct(array $options = array(), array $collaborators = array()) { if (!array_key_exists('url', $options)) { throw new InvalidArgumentException('Required options not defined: url'); } $this->apiUrl = $options['url'] . '/api/v2'; if (!array_key_exists('urlAuthorize', $options)) { $options['urlAuthorize'] = $options['url'] . '/oauth2/authorize'; } if (!array_key_exists('urlAccessToken', $options)) { $options['urlAccessToken'] = $options['url'] . '/oauth2/token'; } if (!array_key_exists('urlResourceOwnerDetails', $options)) { $options['urlResourceOwnerDetails'] = null; } parent::__construct($options, $collaborators); }
protected function getConfigurableOptions() { return array_merge(parent::getConfigurableOptions(), ['verify']); }
protected function checkResponse(ResponseInterface $response, $data) { if (!empty($data['errors'])) { $errors = $data['errors']; throw new ResponseException($errors); } parent::checkResponse($response, $data); }
public function getAccessToken($grant = 'client_credentials', array $options = []) { if ($this->accessTokenHash !== null) { return $this->accessTokenHash; } return parent::getAccessToken($grant, $options); }