diff --git a/examples/public/implicit.php b/examples/public/implicit.php index a9313017..d5bce903 100644 --- a/examples/public/implicit.php +++ b/examples/public/implicit.php @@ -3,6 +3,7 @@ use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Grant\ImplicitGrant; use League\OAuth2\Server\Server; +use OAuth2ServerExamples\Entities\UserEntity; use OAuth2ServerExamples\Repositories\AccessTokenRepository; use OAuth2ServerExamples\Repositories\ClientRepository; use OAuth2ServerExamples\Repositories\ScopeRepository; @@ -38,21 +39,30 @@ $app = new App([ ); // Enable the implicit grant on the server with a token TTL of 1 hour - $server->enableGrantType( - new ImplicitGrant($userRepository), - new \DateInterval('PT1H') - ); + $server->enableGrantType(new ImplicitGrant($userRepository, new \DateInterval('PT1H'))); return $server; }, ]); -$app->any('/authorize', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { +$app->get('/authorize', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { /* @var \League\OAuth2\Server\Server $server */ $server = $app->getContainer()->get(Server::class); try { - return $server->respondToRequest($request, $response); + // Validate the HTTP request and return an AuthorizationRequest object. + // The auth request object can be serialized into a user's session + $authRequest = $server->validateAuthorizationRequest($request); + + // Once the user has logged in set the user on the AuthorizationRequest + $authRequest->setUser(new UserEntity()); + + // Once the user has approved or denied the client update the status + // (true = approved, false = denied) + $authRequest->setAuthorizationApproved(true); + + // Return the HTTP redirect response + return $server->completeAuthorizationRequest($authRequest, $response); } catch (OAuthServerException $exception) { return $exception->generateHttpResponse($response); } catch (\Exception $exception) {