/
PassportController.php
105 lines (84 loc) · 3.13 KB
/
PassportController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php
namespace FoF\Passport\Controllers;
use Exception;
use FoF\Passport\Events\SendingResponse;
use FoF\Passport\Providers\PassportProvider;
use Flarum\Forum\Auth\Registration;
use Flarum\Forum\Auth\ResponseFactory;
use Flarum\Settings\SettingsRepositoryInterface;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Laminas\Diactoros\Response\RedirectResponse;
use Flarum\Http\UrlGenerator;
class PassportController implements RequestHandlerInterface
{
protected $settings;
protected $response;
protected $events;
protected $url;
public function __construct(ResponseFactory $response, SettingsRepositoryInterface $settings, Dispatcher $events, UrlGenerator $url)
{
$this->response = $response;
$this->settings = $settings;
$this->events = $events;
$this->url = $url;
}
protected function getProvider($redirectUri)
{
return new PassportProvider([
'clientId' => $this->settings->get('fof-passport.app_id'),
'clientSecret' => $this->settings->get('fof-passport.app_secret'),
'redirectUri' => $redirectUri,
'settings' => $this->settings
]);
}
/**
* @return array
*/
protected function getAuthorizationUrlOptions()
{
$scopes = $this->settings->get('fof-passport.app_oauth_scopes', '');
return ['scope' => $scopes];
}
public function handle(ServerRequestInterface $request): ResponseInterface
{
$redirectUri = $this->url->to('forum')->route('auth.passport');
$provider = $this->getProvider($redirectUri);
$session = $request->getAttribute('session');
$queryParams = $request->getQueryParams();
if ($error = Arr::get($queryParams, 'error')) {
$hint = Arr::get($queryParams, 'hint');
throw new Exception("$error: $hint");
}
$code = Arr::get($queryParams, 'code');
if (!$code) {
$authUrl = $provider->getAuthorizationUrl($this->getAuthorizationUrlOptions());
$session->put('oauth2state', $provider->getState());
return new RedirectResponse($authUrl);
}
$state = Arr::get($queryParams, 'state');
if (!$state || $state !== $session->get('oauth2state')) {
$session->remove('oauth2state');
throw new Exception('Invalid state');
}
$token = $provider->getAccessToken('authorization_code', compact('code'));
$user = $provider->getResourceOwner($token);
$response = $this->response->make(
'passport', $user->getId(),
function (Registration $registration) use ($user, $provider, $token) {
$registration
->provideTrustedEmail($user->getEmail())
->setPayload($user->toArray());
}
);
$this->events->dispatch(new SendingResponse(
$response,
$user,
$token
));
return $response;
}
}