/** * @param Application $app * * @return string token */ public function handleAuth(Application $app) { $code = $app->request()->get('code'); $state = $app->request()->get('state'); $key = sprintf('google.oauth2state.%s', session_id()); $sessionState = $this->redisClient->get($key); if (is_null($code)) { // If we don't have an authorization code then get one $url = $this->oauth2Provider->getAuthorizationUrl(); $this->redisClient->setex($key, 300, $this->oauth2Provider->state); $app->redirect($url); } elseif (empty($state) || isset($sessionState) && $state !== $sessionState) { // Check given state against previously stored one to mitigate CSRF attack $this->redisClient->del($key); throw new \RuntimeException('Invalid state'); } // clean session $this->redisClient->del($key); // Try to get an access token (using the authorization code grant) return $this->oauth2Provider->getAccessToken('authorization_code', ['code' => $code])->accessToken; }
/** * @param Application $app * * @return string token */ public function handleAuth(Application $app) { $oauthToken = $app->request()->get('oauth_token'); $oauthVerifier = $app->request()->get('oauth_verifier'); $key = sprintf('bitbucket.oauthCredential.%s', session_id()); $temporaryCredential = $this->redisClient->get($key); if (!empty($temporaryCredential)) { $temporaryCredential = unserialize($temporaryCredential); } if (empty($temporaryCredential)) { // If we don't have an authorization code then get one $temporaryCredential = $this->oauthProvider->getTemporaryCredentials(); $this->redisClient->setex($key, 300, serialize($temporaryCredential)); $app->redirect($this->oauthProvider->getAuthorizationUrl($temporaryCredential)); } elseif (empty($oauthVerifier) || empty($oauthToken)) { // Check callback $this->redisClient->del($key); throw new \RuntimeException('Invalid state'); } // clean session $this->redisClient->del($key); $tokenCredentials = $this->oauthProvider->getTokenCredentials($temporaryCredential, $oauthToken, $oauthVerifier); return $tokenCredentials->getIdentifier() . '@' . $tokenCredentials->getSecret(); }