Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added Auth0 as an Oauth2 IdP (Oauth2)
- Loading branch information
Showing
7 changed files
with
168 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
<?php | ||
|
||
namespace OAuth\Plugin; | ||
|
||
use OAuth\OAuth2\Service\Auth0; | ||
|
||
class Auth0Adapter extends AbstractAdapter { | ||
|
||
/** | ||
* Retrieve the user's data | ||
* | ||
* The array needs to contain at least 'user', 'email', 'name' and optional 'grps' | ||
* | ||
* @return array | ||
*/ | ||
public function getUser() { | ||
$JSON = new \JSON(JSON_LOOSE_TYPE); | ||
$data = array(); | ||
|
||
$response = $this->oAuth->request('/userinfo'); | ||
$result = $JSON->decode($response); | ||
|
||
if( !empty($result['username']) ) | ||
{ | ||
$data['user'] = $result['username']; | ||
} | ||
else | ||
{ | ||
$data['user'] = isset($result['name']) ? $result['name'] : $result['email']; | ||
} | ||
$data['name'] = isset($result['name']) ? $result['name'] : $result['email']; | ||
$data['mail'] = $result['email']; | ||
|
||
return $data; | ||
} | ||
|
||
/** | ||
* Access to user and his email addresses | ||
* | ||
* @return array | ||
*/ | ||
public function getScope() { | ||
return array(Auth0::SCOPE_OPENID); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
<?php | ||
|
||
namespace OAuth\OAuth2\Service; | ||
|
||
use OAuth\Common\Exception\Exception; | ||
use OAuth\OAuth2\Token\StdOAuth2Token; | ||
use OAuth\Common\Http\Exception\TokenResponseException; | ||
use OAuth\Common\Http\Uri\Uri; | ||
use OAuth\Common\Consumer\CredentialsInterface; | ||
use OAuth\Common\Http\Client\ClientInterface; | ||
use OAuth\Common\Storage\TokenStorageInterface; | ||
use OAuth\Common\Http\Uri\UriInterface; | ||
|
||
class Auth0 extends AbstractService | ||
{ | ||
|
||
const SCOPE_OPENID = 'openid'; | ||
protected $domain; | ||
|
||
public function __construct( | ||
CredentialsInterface $credentials, | ||
ClientInterface $httpClient, | ||
TokenStorageInterface $storage, | ||
$scopes = array(), | ||
UriInterface $baseApiUri = null | ||
) { | ||
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri); | ||
|
||
$hlp = plugin_load('helper', 'oauth'); | ||
$this->domain = $hlp->getConf('auth0-domain'); | ||
|
||
if (null === $baseApiUri) { | ||
$this->baseApiUri = new Uri("https://{$this->domain}/"); | ||
} | ||
} | ||
|
||
protected function getAuthorizationMethod() | ||
{ | ||
return static::AUTHORIZATION_METHOD_HEADER_BEARER; | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function getAuthorizationEndpoint() | ||
{ | ||
return new Uri("https://{$this->domain}/authorize/"); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function getAccessTokenEndpoint() | ||
{ | ||
return new Uri("https://{$this->domain}/oauth/token/"); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
protected function parseAccessTokenResponse($responseBody) | ||
{ | ||
$JSON = new \JSON(JSON_LOOSE_TYPE); | ||
$data = $JSON->decode($responseBody); | ||
|
||
if (null === $data || !is_array($data)) { | ||
throw new TokenResponseException('Unable to parse response.'); | ||
} elseif (isset($data['error'])) { | ||
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"'); | ||
} | ||
|
||
$token = new StdOAuth2Token(); | ||
$token->setAccessToken($data['access_token']); | ||
|
||
if (isset($data['expires'])) { | ||
$token->setLifeTime($data['expires']); | ||
} | ||
|
||
if (isset($data['refresh_token'])) { | ||
$token->setRefreshToken($data['refresh_token']); | ||
unset($data['refresh_token']); | ||
} | ||
|
||
unset($data['access_token']); | ||
unset($data['expires']); | ||
|
||
$token->setExtraParams($data); | ||
|
||
return $token; | ||
} | ||
|
||
public function getDialogUri($dialogPath, array $parameters) | ||
{ | ||
if (!isset($parameters['redirect_uri'])) { | ||
throw new Exception("Redirect uri is mandatory for this request"); | ||
} | ||
|
||
$parameters['client_id'] = $this->credentials->getConsumerId(); | ||
$baseUrl = "https://{$this->domain}/authorize/"; | ||
$query = http_build_query($parameters); | ||
return new Uri($baseUrl . '?' . $query); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters