/** * Authorize action (/oauth/authorize) */ public function authorizeAction() { $server = $this->getOAuth2Server($this->params('oauth')); $request = $this->getOAuth2Request(); $response = new OAuth2Response(); // validate the authorize request $isValid = $this->server->validateAuthorizeRequest($request, $response); if (!$isValid) { return $this->getErrorResponse($response); } $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(['clientId' => $clientId]); $view->setTemplate('oauth/authorize'); return $view; } $isAuthorized = $authorized === 'yes'; $userIdProvider = $this->userIdProvider; $this->server->handleAuthorizeRequest($request, $response, $isAuthorized, $userIdProvider($this->getRequest())); $redirect = $response->getHttpHeader('Location'); if (!empty($redirect)) { return $this->redirect()->toUrl($redirect); } return $this->getErrorResponse($response); }
protected function authorize(OAuth2Request $request) { $response = new OAuth2Response(); $authService = $this->getAuthenticationService(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { return $this->handleResponse($response); } if (!$authService->hasIdentity()) { return $this->handleNoIdentity(); } $identityId = $authService->getIdentity(); //TODO request authorization from an user /** $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(array('clientId' => $clientId)); $view->setTemplate('oauth/authorize'); return $view; } $is_authorized = ($authorized === 'yes'); */ $is_authorized = true; $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $identityId); return $this->handleResponse($response); }
public function authorize() { $this->getUserProvider()->verifyUser(); $request = Request::createFromGlobals(); $response = new Response(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { $response->send(); die; } $client_id = $request->query("client_id"); $client = $this->storage->getClientDetails($client_id); $user_id = $this->getUserProvider()->getUserId(); $is_authorized = $this->authorized($client_id, $user_id); // display an authorization form if (empty($_POST) && !$is_authorized) { $html = Tpl::authorize($client); exit($html); } // print the authorization code if the user has authorized your client $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $user_id); if ($is_authorized) { // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40); $response->send(); //exit("SUCCESS! Authorization Code: $code"); } $response->send(); }
/** * Authorize action (/oauth/authorize) */ public function authorizeAction() { $request = $this->getOAuth2Request(); $response = new OAuth2Response(); // validate the authorize request if (!$this->server->validateAuthorizeRequest($request, $response)) { $parameters = $response->getParameters(); $errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null; return new ApiProblemResponse(new ApiProblem($response->getStatusCode(), $parameters['error_description'], $errorUri, $parameters['error'])); } $authorized = $request->request('authorized', false); if (empty($authorized)) { $clientId = $request->query('client_id', false); $view = new ViewModel(array('clientId' => $clientId)); $view->setTemplate('oauth/authorize'); return $view; } $is_authorized = $authorized === 'yes'; $this->server->handleAuthorizeRequest($request, $response, $is_authorized, $this->getRequest()->getQuery('user_id', null)); if ($is_authorized) { $redirect = $response->getHttpHeader('Location'); if (!empty($redirect)) { return $this->redirect()->toUrl($redirect); } } $parameters = $response->getParameters(); $errorUri = isset($parameters['error_uri']) ? $parameters['error_uri'] : null; return new ApiProblemResponse(new ApiProblem($response->getStatusCode(), $parameters['error_description'], $errorUri, $parameters['error'])); }
/** * Invoke this route callback. * * @param ServerRequestInterface $request Represents the current HTTP request. * @param ResponseInterface $response Represents the current HTTP response. * @param array $arguments Values for the current route’s named placeholders. * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, array $arguments = []) { $oauth2Request = Http\RequestBridge::toOAuth2($request); $oauth2Response = new OAuth2\Response(); if (!$this->server->validateAuthorizeRequest($oauth2Request, $oauth2Response)) { return Http\ResponseBridge::fromOAuth2($oauth2Response); } $authorized = $oauth2Request->request('authorized'); if (empty($authorized)) { $response = Http\ResponseBridge::fromOAuth2($oauth2Response); $this->view->render($response, $this->template, ['client_id' => $oauth2Request->query('client_id')]); return $response->withHeader('Content-Type', 'text/html'); } $this->server->handleAuthorizeRequest($oauth2Request, $oauth2Response, $authorized === 'yes'); return Http\ResponseBridge::fromOAuth2($oauth2Response); }
/** * Call this class as a function. * * @return void */ public function __invoke() { $request = MessageBridge::newOAuth2Request($this->slim->request()); $response = new OAuth2\Response(); $isValid = $this->server->validateAuthorizeRequest($request, $response); if (!$isValid) { MessageBridge::mapResponse($response, $this->slim->response()); return; } $authorized = $this->slim->request()->params('authorized'); if (empty($authorized)) { $this->slim->render($this->template, ['client_id' => $request->query('client_id', false)]); return; } //@TODO implement user_id $this->server->handleAuthorizeRequest($request, $response, $authorized === 'yes'); MessageBridge::mapResponse($response, $this->slim->response()); }
public function handleAuthorizeRequest(\OAuth2\RequestInterface $request = null, \OAuth2\ResponseInterface $response = null, $isAuthorized = false, $userId = null) { if ($request === null) { $request = $this->module->getRequest(); } if ($response === null) { $response = $this->module->getResponse(); } return parent::handleAuthorizeRequest($request, $response, $isAuthorized, $userId); }
public function handleAuthorizeRequest(HttpRequest $httpRequest, HttpResponse $httpResponse, $isAuthorized, $userId) { $format = $this->determineFormat($httpRequest); $oauthRequest = $this->buildRequest($httpRequest); $oauthResponse = new OAuthResponse(); $isValid = $this->server->validateAuthorizeRequest($oauthRequest, $oauthResponse); if (!$isValid) { return $this->buildResponse($format, $httpResponse, $oauthResponse); } $oauthResponse = $this->server->handleAuthorizeRequest($oauthRequest, $oauthResponse, $isAuthorized, $userId); return $this->buildResponse($format, $httpResponse, $oauthResponse); }
/** * Handle submission from login form (Part 2 of the "Authorization Code" grant type) * * @link http://tools.ietf.org/html/rfc6749#section-4.1.1 Authorization Request * @param Request $request * @return Response */ public function authorizeFormSubmit(Request $request) { $user = $this->getUserFromRequest($request); if (!$user) { return $this->createInvalidCredentialResponse(); } $attemptedPassword = $request->get('password'); $hashedPassword = $user->getPassword(); $correctPassword = $this->verifyPassword($attemptedPassword, $hashedPassword); if (!$correctPassword) { return $this->createInvalidCredentialResponse(); } // Automatically authorize the user $authorized = true; // The OAuth2 library assumes variables as GET params, but for security purposes they are POST. Convert here. $requestData = $request->getMethod() === 'GET' ? $request->query : $request->request; $oauthRequest = new OAuthRequest($requestData->all()); $oauthResponse = new BridgeResponse(); $response = $this->server->handleAuthorizeRequest($oauthRequest, $oauthResponse, $authorized, $user->getId()); return $response; }
public function testAddingResponseType() { $storage = $this->getMock('OAuth2\\Storage\\Memory'); $storage->expects($this->any())->method('getClientDetails')->will($this->returnValue(array('client_id' => 'some_client'))); $storage->expects($this->any())->method('checkRestrictedGrantType')->will($this->returnValue(true)); // add with the "code" key explicitly set $codeType = new AuthorizationCode($storage); $server = new Server(); $server->addStorage($storage); $server->addResponseType($codeType); $request = new Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); // add with the "code" key not set $codeType = new AuthorizationCode($storage); $server = new Server(array($storage), array(), array(), array($codeType)); $request = new Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); }
/** * Stage 2: User response is captured here * * Success or failure is communicated back to the Client using the redirect * url provided by the client * * On success authorization code is sent along * * * @param bool $authorize * * @return \OAuth2\Response * * @format JsonFormat,UploadFormat */ public function postAuthorize($authorize = false) { static::$server->handleAuthorizeRequest(static::$request, new Response(), (bool) $authorize)->send(); exit; }