1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
declare(strict_types=1); |
4
|
|
|
|
5
|
|
|
/* |
6
|
|
|
* The MIT License (MIT) |
7
|
|
|
* |
8
|
|
|
* Copyright (c) 2014-2018 Spomky-Labs |
9
|
|
|
* |
10
|
|
|
* This software may be modified and distributed under the terms |
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
12
|
|
|
*/ |
13
|
|
|
|
14
|
|
|
namespace OAuth2Framework\Component\AuthorizationEndpoint; |
15
|
|
|
|
16
|
|
|
use Http\Message\ResponseFactory; |
17
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\Exception\OAuth2AuthorizationException; |
18
|
|
|
use OAuth2Framework\Component\Core\Message\OAuth2Error; |
19
|
|
|
use Psr\Http\Message\ResponseInterface; |
20
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
21
|
|
|
use Psr\Http\Server\RequestHandlerInterface; |
22
|
|
|
use Symfony\Component\HttpFoundation\Session\SessionInterface; |
23
|
|
|
|
24
|
|
|
abstract class LoginEndpoint extends AbstractEndpoint |
25
|
|
|
{ |
26
|
|
|
private $loginHandler; |
27
|
|
|
|
28
|
|
|
public function __construct(ResponseFactory $responseFactory, SessionInterface $session, LoginHandler $loginHandler) |
29
|
|
|
{ |
30
|
|
|
parent::__construct($responseFactory, $session); |
31
|
|
|
$this->loginHandler = $loginHandler; |
32
|
|
|
} |
33
|
|
|
|
34
|
|
|
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface |
35
|
|
|
{ |
36
|
|
|
$authorizationId = $this->getAuthorizationId($request); |
37
|
|
|
$authorization = $this->getAuthorization($authorizationId); |
38
|
|
|
try { |
39
|
|
|
$this->loginHandler->prepare($request, $authorizationId, $authorization); |
40
|
|
|
if (!$this->loginHandler->hasBeenProcessed($request, $authorizationId, $authorization)) { |
41
|
|
|
if (!$this->loginHandler->isValid($request, $authorizationId, $authorization)) { |
42
|
|
|
throw new OAuth2AuthorizationException(OAuth2Error::ERROR_LOGIN_REQUIRED, 'The resource owner is not logged in.', $authorization); |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
$redirectTo = $this->getRouteFor('oauth2_server_consent_endpoint', $authorizationId); |
46
|
|
|
|
47
|
|
|
return $this->createRedirectResponse($redirectTo); |
48
|
|
|
} |
49
|
|
|
|
50
|
|
|
return $this->loginHandler->process($request, $authorizationId, $authorization); |
51
|
|
|
} catch (OAuth2Error $e) { |
52
|
|
|
throw new OAuth2AuthorizationException($e->getMessage(), $e->getErrorDescription(), $authorization); |
53
|
|
|
} catch (\Exception $e) { |
54
|
|
|
throw new OAuth2AuthorizationException(OAuth2Error::ERROR_INVALID_REQUEST, $e->getMessage(), $authorization); |
55
|
|
|
} |
56
|
|
|
} |
57
|
|
|
|
58
|
|
|
abstract protected function getRouteFor(string $action, string $authorizationId): string; |
59
|
|
|
} |
60
|
|
|
|