From 82a7bb697a7c1e1e268ec1ce9fcbd7f13125afe5 Mon Sep 17 00:00:00 2001
From: MilesChou <jangconan@gmail.com>
Date: Sun, 25 Sep 2022 04:09:49 +0800
Subject: [PATCH] day11

---
 composer.json                        |  3 +-
 composer.lock                        | 71 +++++++++++++++++++++++-
 resources/views/auth/login.blade.php |  1 +
 routes/auth.php                      | 80 +++++++++++++++++++++++++---
 4 files changed, 146 insertions(+), 9 deletions(-)

diff --git a/composer.json b/composer.json
index c7ac75e..fd4186f 100644
--- a/composer.json
+++ b/composer.json
@@ -10,7 +10,8 @@
         "guzzlehttp/guzzle": "^7.2",
         "laravel/framework": "^9.19",
         "laravel/sanctum": "^3.0",
-        "laravel/tinker": "^2.7"
+        "laravel/tinker": "^2.7",
+        "ory/hydra-client": "^1.11"
     },
     "require-dev": {
         "fakerphp/faker": "^1.9.1",
diff --git a/composer.lock b/composer.lock
index 03a7836..9bacf91 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "8aa2c37b75fd192e897104bad53af86c",
+    "content-hash": "fa9c2b724da893822456666a987f3239",
     "packages": [
         {
             "name": "brick/math",
@@ -2443,6 +2443,75 @@
             ],
             "time": "2022-08-01T11:03:24+00:00"
         },
+        {
+            "name": "ory/hydra-client",
+            "version": "v1.11.8",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/ory/hydra-client-php.git",
+                "reference": "bd16acaacdb0393ecdc1b41216613c6dccf6647a"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/ory/hydra-client-php/zipball/bd16acaacdb0393ecdc1b41216613c6dccf6647a",
+                "reference": "bd16acaacdb0393ecdc1b41216613c6dccf6647a",
+                "shasum": ""
+            },
+            "require": {
+                "ext-curl": "*",
+                "ext-json": "*",
+                "ext-mbstring": "*",
+                "guzzlehttp/guzzle": "^7.3",
+                "guzzlehttp/psr7": "^1.7 || ^2.0",
+                "php": "^7.3 || ^8.0"
+            },
+            "require-dev": {
+                "friendsofphp/php-cs-fixer": "^2.12",
+                "phpunit/phpunit": "^8.0 || ^9.0"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Ory\\Hydra\\Client\\": "lib/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "Apache-2.0"
+            ],
+            "authors": [
+                {
+                    "name": "Ory GmbH",
+                    "homepage": "https://www.ory.sh"
+                }
+            ],
+            "description": "Documentation for all of Ory Hydra's APIs.",
+            "homepage": "https://github.com/ory/hydra-client-php",
+            "keywords": [
+                "api",
+                "openapi",
+                "openapi-generator",
+                "openapitools",
+                "php",
+                "rest",
+                "sdk"
+            ],
+            "support": {
+                "issues": "https://github.com/ory/hydra-client-php/issues",
+                "source": "https://github.com/ory/hydra-client-php/tree/v1.11.8"
+            },
+            "funding": [
+                {
+                    "url": "https://opencollective.com/ory",
+                    "type": "open_collective"
+                },
+                {
+                    "url": "https://www.patreon.com/_ory",
+                    "type": "patreon"
+                }
+            ],
+            "time": "2022-05-04T11:13:29+00:00"
+        },
         {
             "name": "phpoption/phpoption",
             "version": "1.9.0",
diff --git a/resources/views/auth/login.blade.php b/resources/views/auth/login.blade.php
index 21bd93e..f577157 100644
--- a/resources/views/auth/login.blade.php
+++ b/resources/views/auth/login.blade.php
@@ -14,6 +14,7 @@
 
         <form method="POST" action="{{ route('oauth2.login') }}">
             @csrf
+            <input type="hidden" name="challenge" value="{{ $challenge }}" />
 
             <!-- Email Address -->
             <div>
diff --git a/routes/auth.php b/routes/auth.php
index 1f375ab..329fa2b 100644
--- a/routes/auth.php
+++ b/routes/auth.php
@@ -8,7 +8,14 @@
 use App\Http\Controllers\Auth\PasswordResetLinkController;
 use App\Http\Controllers\Auth\RegisteredUserController;
 use App\Http\Controllers\Auth\VerifyEmailController;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Redirect;
 use Illuminate\Support\Facades\Route;
+use Ory\Hydra\Client\Api\AdminApi;
+use Ory\Hydra\Client\Model\AcceptLoginRequest;
+use Ory\Hydra\Client\Model\RejectRequest;
 
 Route::middleware('guest')->group(function () {
     Route::get('register', [RegisteredUserController::class, 'create'])
@@ -27,7 +34,11 @@
             'state' => '1a2b3c4d',
         ]);
 
-        return redirect($authorizeUri . '?' . $query);
+        $authenticationRequest = $authorizeUri . '?' . $query;
+
+        Log::info('Authentication Request: ' . $authenticationRequest);
+
+        return redirect($authenticationRequest);
     })->name('login');
 
     Route::get('callback', function () {
@@ -70,16 +81,71 @@
         ->name('logout');
 });
 
-Route::get('/oauth2/login', function () {
-    return view('auth.login');
+Route::get('/oauth2/login', function (Request $request, AdminApi $adminApi) {
+    $adminApi->getConfig()->setHost('http://127.0.0.1:4445');
+
+    $loginChallenge = $request->input('login_challenge');
+
+    if(empty($loginChallenge)) {
+        throw new \RuntimeException('No login_challenge');
+    }
+
+    try {
+        $loginRequest = $adminApi->getLoginRequest($loginChallenge);
+    } catch (\Throwable $e) {
+        throw new \RuntimeException('Hydra Server error: ' . $e->getMessage());
+    }
+
+    Log::debug('Login Request', json_decode((string)$loginRequest, true));
+
+    return view('auth.login', [
+        'challenge' => $loginChallenge,
+    ]);
 })->name('oauth2.login');
 
-Route::post('/oauth2/login', function(\App\Http\Requests\Auth\LoginRequest $request) {
-    $request->authenticate();
+Route::post('/oauth2/login', function(Request $request, AdminApi $adminApi) {
+    $adminApi->getConfig()->setHost('http://127.0.0.1:4445');
+
+    $loginChallenge = $request->input('challenge');
+
+    if(empty($loginChallenge)) {
+        throw new \RuntimeException('No login_challenge');
+    }
+
+    if (!Auth::once($request->only('email', 'password'))) {
+        return Redirect::back();
+
+//        $rejectRequest = new RejectRequest([
+//            'error' => '...',
+//
+//            'error_description' => '...',
+//        ]);
+//
+//        $completedRequest = $adminApi->acceptLoginRequest($loginChallenge, $rejectRequest);
+//
+//        return Redirect::away($completedRequest->getRedirectTo());
+    }
+
+    $user = Auth::user();
+
+    $acceptLoginRequest = new AcceptLoginRequest([
+        'context' => new stdClass(),
+        'remember' => $request->boolean('remember'),
+        'rememberFor' => 0,
+        'subject' => (string)$user->getAuthIdentifier(),
+    ]);
+
+    Log::debug('Accept Login Request: ', json_decode((string)$acceptLoginRequest, true));
+
+    try {
+        $completedRequest = $adminApi->acceptLoginRequest($loginChallenge, $acceptLoginRequest);
+    } catch (\Throwable $e) {
+        throw new \RuntimeException('Hydra Server error: ' . $e->getMessage());
+    }
 
-    $request->session()->regenerate();
+    Log::debug('Completed Request: ', json_decode((string)$completedRequest, true));
 
-    return 'OAuth 2.0 身分驗證完成';
+    return Redirect::away($completedRequest->getRedirectTo());
 });
 
 Route::get('/oauth2/consent', function () {