/** * {@inheritdoc} */ protected function calculateSessionState(ServerRequestInterface $request, AuthorizationInterface $authorization, $browser_state) { $origin = $this->getOriginUri($authorization->getRedirectUri()); $salt = Base64Url::encode(random_bytes(16)); $hash = hash('sha256', sprintf('%s%s%s%s', $authorization->getClient()->getPublicId(), $origin, $browser_state, $salt)); return sprintf('%s.%s', $hash, $salt); }
/** * {@inheritdoc} */ public function prepareAuthorization(AuthorizationInterface $authorization) { $token_type = $this->getTokenTypeFromRequest($authorization->getQueryParams()); $token = $this->getAccessTokenManager()->createAccessToken($authorization->getClient(), $authorization->getUserAccount(), $token_type->getTokenTypeInformation(), $authorization->getQueryParams(), $authorization->getScopes(), null, null, ['redirect_uri' => $authorization->getQueryParam('redirect_uri')]); $authorization->setData('access_token', $token); foreach ($this->listeners as $listener) { $listener->call($token); } return []; }
/** * @param \OAuth2\Endpoint\Authorization\AuthorizationInterface $authorization * * @return null|\OAuth2\Endpoint\Authorization\PreConfiguredAuthorization\PreConfiguredAuthorizationInterface */ private function findPreConfiguredAuthorization(AuthorizationInterface $authorization) { if (null !== $this->getPreConfiguredAuthorizationManager()) { return $this->getPreConfiguredAuthorizationManager()->findOnePreConfiguredAuthorization($authorization->getUserAccount()->getUserPublicId(), $authorization->getClient()->getPublicId(), $authorization->getScopes()); } }
/** * {@inheritdoc} */ public function prepareAuthorization(AuthorizationInterface $authorization) { $token_type = $this->getTokenTypeFromRequest($authorization->getQueryParams()); $token = $this->getAccessTokenManager()->createAccessToken($authorization->getClient(), $authorization->getUserAccount(), $token_type->getTokenTypeInformation(), $authorization->getQueryParams(), $authorization->getScopes(), null, null, ['redirect_uri' => $authorization->getRedirectUri()]); $authorization->setData('access_token', $token); return $token->toArray(); }
/** * {@inheritdoc} */ public function checkAuthorization(AuthorizationInterface $authorization) { if (false === $this->arePublicClientsAllowed() && true === $authorization->getClient()->isPublic()) { throw $this->getExceptionManager()->getBadRequestException(ExceptionManagerInterface::ERROR_INVALID_CLIENT, 'Public clients are not allowed to use the authorization code grant type.'); } }