1 | <?php |
||
2 | |||
3 | /* |
||
4 | * @copyright 2014 Mautic Contributors. All rights reserved |
||
5 | * @author Mautic |
||
6 | * |
||
7 | * @link http://mautic.org |
||
8 | * |
||
9 | * @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html |
||
10 | */ |
||
11 | |||
12 | namespace Mautic\ApiBundle\Controller\oAuth2; |
||
13 | |||
14 | use FOS\OAuthServerBundle\Event\OAuthEvent; |
||
15 | use FOS\OAuthServerBundle\Form\Handler\AuthorizeFormHandler; |
||
16 | use FOS\OAuthServerBundle\Model\ClientManagerInterface; |
||
17 | use OAuth2\OAuth2; |
||
18 | use Symfony\Bundle\FrameworkBundle\Templating\EngineInterface; |
||
19 | use Symfony\Component\EventDispatcher\EventDispatcherInterface; |
||
20 | use Symfony\Component\Form\Form; |
||
21 | use Symfony\Component\HttpFoundation\Request; |
||
22 | use Symfony\Component\HttpFoundation\RequestStack; |
||
23 | use Symfony\Component\HttpFoundation\Session\SessionInterface; |
||
24 | use Symfony\Component\Routing\Generator\UrlGeneratorInterface; |
||
25 | use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; |
||
26 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
||
27 | use Symfony\Component\Security\Core\User\UserInterface; |
||
28 | |||
29 | class AuthorizeController extends \FOS\OAuthServerBundle\Controller\AuthorizeController |
||
30 | { |
||
31 | /** |
||
32 | * @var SessionInterface |
||
33 | */ |
||
34 | private $session; |
||
35 | |||
36 | /** |
||
37 | * @var Form |
||
38 | */ |
||
39 | private $authorizeForm; |
||
40 | |||
41 | /** |
||
42 | * @var AuthorizeFormHandler |
||
43 | */ |
||
44 | private $authorizeFormHandler; |
||
45 | |||
46 | /** |
||
47 | * @var OAuth2 |
||
48 | */ |
||
49 | private $oAuth2Server; |
||
50 | |||
51 | /** |
||
52 | * @var EngineInterface |
||
53 | */ |
||
54 | private $templating; |
||
55 | |||
56 | /** |
||
57 | * @var TokenStorageInterface |
||
58 | */ |
||
59 | private $tokenStorage; |
||
60 | |||
61 | /** |
||
62 | * @var EventDispatcherInterface |
||
63 | */ |
||
64 | private $eventDispatcher; |
||
65 | |||
66 | /** |
||
67 | * This constructor must be duplicated from the extended class so our custom code could access the properties. |
||
68 | */ |
||
69 | public function __construct( |
||
70 | RequestStack $requestStack, |
||
71 | Form $authorizeForm, |
||
72 | AuthorizeFormHandler $authorizeFormHandler, |
||
73 | OAuth2 $oAuth2Server, |
||
74 | EngineInterface $templating, |
||
75 | TokenStorageInterface $tokenStorage, |
||
76 | UrlGeneratorInterface $router, |
||
77 | ClientManagerInterface $clientManager, |
||
78 | EventDispatcherInterface $eventDispatcher, |
||
79 | SessionInterface $session = null, |
||
80 | $templateEngineType = 'php' |
||
81 | ) { |
||
82 | $this->session = $session; |
||
83 | $this->authorizeForm = $authorizeForm; |
||
84 | $this->authorizeFormHandler = $authorizeFormHandler; |
||
85 | $this->oAuth2Server = $oAuth2Server; |
||
86 | $this->templating = $templating; |
||
87 | $this->tokenStorage = $tokenStorage; |
||
88 | $this->eventDispatcher = $eventDispatcher; |
||
89 | |||
90 | parent::__construct( |
||
91 | $requestStack, |
||
92 | $authorizeForm, |
||
93 | $authorizeFormHandler, |
||
94 | $oAuth2Server, |
||
95 | $templating, |
||
96 | $tokenStorage, |
||
97 | $router, |
||
98 | $clientManager, |
||
99 | $eventDispatcher, |
||
100 | $session, |
||
101 | $templateEngineType |
||
102 | ); |
||
103 | } |
||
104 | |||
105 | /** |
||
106 | * @return \FOS\OAuthServerBundle\Controller\Response|\Symfony\Component\HttpFoundation\Response |
||
0 ignored issues
–
show
|
|||
107 | * |
||
108 | * @throws \OAuth2\OAuth2RedirectException |
||
109 | * @throws AccessDeniedException |
||
110 | */ |
||
111 | public function authorizeAction(Request $request) |
||
112 | { |
||
113 | $user = $this->tokenStorage->getToken()->getUser(); |
||
114 | |||
115 | if (!$user instanceof UserInterface) { |
||
116 | throw new AccessDeniedException('This user does not have access to this section.'); |
||
117 | } |
||
118 | |||
119 | if (true === $this->session->get('_fos_oauth_server.ensure_logout')) { |
||
120 | $this->session->invalidate(600); |
||
121 | $this->session->set('_fos_oauth_server.ensure_logout', true); |
||
122 | } |
||
123 | |||
124 | $event = new OAuthEvent($user, $this->getClient()); |
||
125 | |||
126 | $this->eventDispatcher->dispatch( |
||
127 | OAuthEvent::PRE_AUTHORIZATION_PROCESS, |
||
128 | $event |
||
129 | ); |
||
130 | |||
131 | if ($event->isAuthorizedClient()) { |
||
132 | $scope = $request->get('scope', null); |
||
133 | |||
134 | return $this->oAuth2Server->finishClientAuthorization(true, $user, $request, $scope); |
||
135 | } |
||
136 | |||
137 | if (true === $this->authorizeFormHandler->process()) { |
||
138 | return $this->processSuccess($user, $this->authorizeFormHandler, $request); |
||
139 | } |
||
140 | |||
141 | return $this->templating->renderResponse( |
||
142 | 'MauticApiBundle:Authorize:oAuth2/authorize.html.php', |
||
143 | [ |
||
144 | 'form' => $this->authorizeForm->createView(), |
||
145 | 'client' => $this->getClient(), |
||
146 | ] |
||
147 | ); |
||
148 | } |
||
149 | } |
||
150 |
The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g.
excluded_paths: ["lib/*"]
, you can move it to the dependency path list as follows:For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths