oauth2-server/examples/relational/authcode_grant.php

140 lines
3.8 KiB
PHP
Raw Normal View History

2014-05-23 20:55:09 +05:30
<?php
use \Orno\Http\Request;
use \Orno\Http\Response;
use \Orno\Http\JsonResponse;
2014-08-04 23:24:01 +05:30
use \Orno\Http\Exception\NotFoundException;
use \League\OAuth2\Server\ResourceServer;
2014-05-23 20:55:09 +05:30
use \RelationalExample\Storage;
use \RelationalExample\Model;
2014-08-04 23:24:01 +05:30
use Illuminate\Database\Capsule\Manager as Capsule;
use \League\Event\Emitter;
2014-05-23 20:55:09 +05:30
include __DIR__.'/vendor/autoload.php';
// Routing setup
2014-08-04 23:24:01 +05:30
$request = (new Request)->createFromGlobals();
2014-05-23 20:55:09 +05:30
$router = new \Orno\Route\RouteCollection;
2014-08-04 23:24:01 +05:30
$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
2014-05-23 20:55:09 +05:30
2014-08-04 23:24:01 +05:30
// Set up the OAuth 2.0 authorization server
2014-06-23 12:50:34 +05:30
$server = new \League\OAuth2\Server\AuthorizationServer;
$server->setSessionStorage(new Storage\SessionStorage);
$server->setAccessTokenStorage(new Storage\AccessTokenStorage);
$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage);
$server->setClientStorage(new Storage\ClientStorage);
$server->setScopeStorage(new Storage\ScopeStorage);
$server->setAuthCodeStorage(new Storage\AuthCodeStorage);
$authCodeGrant = new \League\OAuth2\Server\Grant\AuthCodeGrant();
2014-05-23 20:55:09 +05:30
$server->addGrantType($authCodeGrant);
2014-08-04 23:24:01 +05:30
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
2014-06-23 12:50:34 +05:30
$request = (new Request)->createFromGlobals();
2014-08-04 23:24:01 +05:30
$router = new \Orno\Route\RouteCollection;
2014-05-23 20:55:09 +05:30
$router->get('/authorize', function (Request $request) use ($server) {
// First ensure the parameters in the query string are correct
try {
2014-07-27 21:44:35 +05:30
2014-05-23 20:55:09 +05:30
$authParams = $server->getGrantType('authorization_code')->checkAuthorizeParams();
2014-07-27 21:44:35 +05:30
2014-05-23 20:55:09 +05:30
} catch (\Exception $e) {
2014-07-27 21:44:35 +05:30
return new Response(
json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]),
$e->httpStatusCode,
$e->getHttpHeaders()
);
2014-05-23 20:55:09 +05:30
}
// Normally at this point you would show the user a sign-in screen and ask them to authorize the requested scopes
// ...
2014-06-23 12:50:34 +05:30
// ...
// ...
2014-05-23 20:55:09 +05:30
// Create a new authorize request which will respond with a redirect URI that the user will be redirected to
2014-06-23 12:50:34 +05:30
$redirectUri = $server->getGrantType('authorization_code')->newAuthorizeRequest('user', 1, $authParams);
2014-05-23 20:55:09 +05:30
$response = new Response('', 200, [
'Location' => $redirectUri
]);
return $response;
});
2014-06-23 12:50:34 +05:30
$router->post('/access_token', function (Request $request) use ($server) {
try {
2014-07-27 21:44:35 +05:30
$response = $server->issueAccessToken();
2014-07-28 03:20:41 +05:30
return new Response(json_encode($response), 200);
2014-06-23 12:50:34 +05:30
2014-07-27 21:44:35 +05:30
} catch (\Exception $e) {
return new Response(
json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]),
$e->httpStatusCode,
$e->getHttpHeaders()
);
2014-06-23 12:50:34 +05:30
}
});
2014-05-23 20:55:09 +05:30
$dispatcher = $router->getDispatcher();
2014-08-04 23:24:01 +05:30
try {
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}