|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace App\Controller; |
|
4
|
|
|
|
|
5
|
|
|
use Bone\Mvc\Controller; |
|
6
|
|
|
use DateInterval; |
|
7
|
|
|
use DateTime; |
|
8
|
|
|
use Del\Common\ContainerService; |
|
9
|
|
|
use Exception; |
|
10
|
|
|
use League\OAuth2\Server\AuthorizationServer; |
|
11
|
|
|
use League\OAuth2\Server\Exception\OAuthServerException; |
|
12
|
|
|
use League\OAuth2\Server\Grant\PasswordGrant; |
|
13
|
|
|
use Psr\Http\Message\ResponseInterface; |
|
14
|
|
|
use Zend\Diactoros\Response; |
|
15
|
|
|
use Zend\Diactoros\Response\SapiEmitter; |
|
16
|
|
|
|
|
17
|
|
|
class OAuthController extends Controller |
|
18
|
|
|
{ |
|
19
|
|
|
/** @var AuthorizationServer $oauth2Server */ |
|
20
|
|
|
private $oauth2Server; |
|
21
|
|
|
|
|
22
|
|
|
public function init() |
|
23
|
|
|
{ |
|
24
|
|
|
$container = ContainerService::getInstance()->getContainer(); |
|
25
|
|
|
$clientRepository = $container['repository.Client']; |
|
26
|
|
|
$accessTokenRepository = $container['repository.AccessToken']; |
|
27
|
|
|
$scopeRepository = $container['repository.Scope']; |
|
28
|
|
|
$userRepository = $container['repository.User']; |
|
29
|
|
|
$refreshTokenRepository = $container['repository.RefreshToken']; |
|
30
|
|
|
|
|
31
|
|
|
// Setup the authorization server |
|
32
|
|
|
$server = new AuthorizationServer($clientRepository, $accessTokenRepository, $scopeRepository, |
|
33
|
|
|
'file://'.APPLICATION_PATH.'/data/keys/private.key', // path to private key |
|
34
|
|
|
'file://'.APPLICATION_PATH.'/data/keys/public.key' // path to public key |
|
35
|
|
|
); |
|
36
|
|
|
|
|
37
|
|
|
$grant = new PasswordGrant($userRepository, $refreshTokenRepository); |
|
38
|
|
|
|
|
39
|
|
|
$grant->setRefreshTokenTTL(new DateInterval('P1M')); // refresh tokens will expire after 1 month |
|
40
|
|
|
|
|
41
|
|
|
// Enable the password grant on the server with a token TTL of 1 hour |
|
42
|
|
|
$server->enableGrantType( |
|
43
|
|
|
$grant, |
|
44
|
|
|
new DateInterval('PT1H') // access tokens will expire after 1 month |
|
45
|
|
|
); |
|
46
|
|
|
$this->oauth2Server = $server; |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
|
|
50
|
|
|
/** |
|
51
|
|
|
* Sends a response with the time |
|
52
|
|
|
*/ |
|
53
|
|
|
public function pingAction() |
|
54
|
|
|
{ |
|
55
|
|
|
$date = new DateTime(); |
|
56
|
|
|
$this->sendJsonResponse(['pong' => $date->format('Y-m-d H:i:s')]); |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
|
|
|
|
60
|
|
|
public function accessTokenAction() |
|
61
|
|
|
{ |
|
62
|
|
|
/* @var AuthorizationServer $server */ |
|
63
|
|
|
$server = $this->oauth2Server; |
|
64
|
|
|
|
|
65
|
|
|
$request = $this->getRequest(); |
|
66
|
|
|
$response = new Response(); |
|
67
|
|
|
|
|
68
|
|
|
try { |
|
69
|
|
|
// Try to respond to the access token request |
|
70
|
|
|
$response = $server->respondToAccessTokenRequest($request, $response); |
|
71
|
|
|
} catch (OAuthServerException $exception) { |
|
72
|
|
|
$response = $exception->generateHttpResponse($response); |
|
73
|
|
|
} catch (Exception $exception) { |
|
74
|
|
|
$body = $response->getBody(); |
|
75
|
|
|
$body->write($exception->getMessage()); |
|
76
|
|
|
$response = $response->withStatus(500)->withBody($body); |
|
77
|
|
|
} |
|
78
|
|
|
$this->sendResponse($response); |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
/** |
|
82
|
|
|
* @param ResponseInterface $response |
|
83
|
|
|
*/ |
|
84
|
|
|
public function sendResponse(ResponseInterface $response) |
|
85
|
|
|
{ |
|
86
|
|
|
$emitter = new SapiEmitter(); |
|
87
|
|
|
$emitter->emit($response); |
|
88
|
|
|
exit(); |
|
|
|
|
|
|
89
|
|
|
} |
|
90
|
|
|
} |
|
91
|
|
|
|
delboy1978uk /
oauth2-api
An exit expression should only be used in rare cases. For example, if you write a short command line script.
In most cases however, using an
exitexpression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage.