WebAuthController::redirectToOauthAdminConsent() - Code Metrics - metaclassing/PHP7-Laravel5-EnterpriseAuth - Measure and Improve Code Quality continuously with Scrutinizer

WebAuthController::redirectToOauthAdminConsent() A
last analyzed 2020-04-28 15:03 UTC

↳ Parent: WebAuthController

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	1
eloc	3
c	1
b	0
f	1
nc	1
nop	1
dl	0
loc	6
rs	10

<?php

namespace Metaclassing\EnterpriseAuth\Controllers;

use Illuminate\Routing\Controller;

class WebAuthController extends AuthController
{
    // Route to save unauthenticated users original page request and redirect to oauth provider redirect
    public function loginOrRegister(\Illuminate\Http\Request $request)
    {
        // This is what gets called after a user is redirected to /login by the framework
        $lastPage = $request->session()->get('url.intended');
        \Illuminate\Support\Facades\Log::info('AUTH loginOrRegister with request url '.$lastPage);

        // Make sure they are not going to end up in a redirect loop with the login route
        if ($lastPage && $lastPage != route('login')) {
            $request->session()->put('oauthIntendedUrl', $lastPage);
        }

        return redirect()->guest(config('enterpriseauth.routes.login'));
    }

    // Route to clear the session and redirect to oauth signout handler
    public function logout(\Illuminate\Http\Request $request)
    {
        auth()->logout();

        return redirect(config('enterpriseauth.routes.logout'));
    }

    // Route to redirect to oauth idp end-session endpoint
    public function logoutFromOauthProvider(\Illuminate\Http\Request $request)
    {
        $endSessionEndpoint = $this->azureActiveDirectory->endSessionEndpoint;

        return redirect($endSessionEndpoint);
    }

    // Route called to redirect administrative users to provide consent to access aad
    public function redirectToOauthAdminConsent(\Illuminate\Http\Request $request)
    {
        $url = $this->azureActiveDirectory->buildAdminConsentUrl(config('enterpriseauth.credentials.client_id'),
                                                                 config('enterpriseauth.credentials.callback_url'));
        //return new \Illuminate\Http\RedirectResponse($url);
        return redirect($url);
    }

    // Route called to redirect unauthenticated users to oauth identity provider
    public function redirectToOauthProvider(\Illuminate\Http\Request $request)
    {
        $url = $this->buildAuthUrl();
        //return new \Illuminate\Http\RedirectResponse($url);
        return redirect($url);
    }

    // Helper to build redirect url from azure AD tenant
    public function buildAuthUrl()
    {
        $url = $this->azureActiveDirectory->authorizationEndpoint
             .'?'
             .$this->buildAuthUrlQueryString();

        return $url;
    }

    // helper to build query string for oauth provider
    public function buildAuthUrlQueryString()
    {
        $fields = [
            'client_id'     => config('enterpriseauth.credentials.client_id'),
            'redirect_uri'  => config('enterpriseauth.credentials.callback_url'),
            'scope'         => 'https://graph.microsoft.com/.default',
            'response_type' => 'code',
        ];

        return http_build_query($fields);
    }

    // Route to handle response back from our oauth provider
    public function handleOauthResponse(\Illuminate\Http\Request $request)
    {
        // Handle user authentication responses
        if ($request->input('code')) {
            return $this->handleOauthLoginResponse($request);
        }
        if ($request->input('admin_consent')) {
            return 'Thank you';
        }
        throw new \Exception('Unhandled oauth response');
    }

    public function handleOauthLoginResponse(\Illuminate\Http\Request $request)
    {
        // Turn coke into pepsi
        $accessToken = $this->getAccessTokenFromCode($request->input('code'));
        // Get the associated laravel \App\User object
        $user = $this->validateOauthCreateOrUpdateUserAndGroups($accessToken);
        // Authenticate the users session
        auth()->login($user, true);

        // Check to see if there is an intended destination url saved
        $destination = $request->session()
                               ->get('oauthIntendedUrl');
        // If there is no intended destination url, use the default
        if (! $destination) {
            $destination = config('enterpriseauth.redirect_on_login');
        }
        \Illuminate\Support\Facades\Log::info('AUTH success USER ID '.$user->id.' with redirect url '.$destination);

        return redirect($destination);
    }

    // Turn coke into pepsi: Take the authorization code and turn it into an access token for graph api
    public function getAccessTokenFromCode($code)
    {
        $guzzle = new \GuzzleHttp\Client();
        $url = $this->azureActiveDirectory->tokenEndpoint;
        $parameters = [
            'headers' => [
                'Accept' => 'application/json',
            ],
            'form_params' => [
                'code'          => $code,
                'scope'         => 'https://graph.microsoft.com/.default',
                'client_id'     => config('enterpriseauth.credentials.client_id'),
                'client_secret' => config('enterpriseauth.credentials.client_secret'),
                'redirect_uri'  => config('enterpriseauth.credentials.callback_url'),
                'grant_type'    => 'authorization_code',
            ],
        ];
        $response = $guzzle->post($url, $parameters);
        $responseObject = json_decode($response->getBody());
        $accessToken = $responseObject->access_token;

        return $accessToken;
    }
}


1			<?php
2
3			namespace Metaclassing\EnterpriseAuth\Controllers;
4
5			use Illuminate\Routing\Controller;
6
7			class WebAuthController extends AuthController
8			{
9			// Route to save unauthenticated users original page request and redirect to oauth provider redirect
10			public function loginOrRegister(\Illuminate\Http\Request $request)
11			{
12			// This is what gets called after a user is redirected to /login by the framework
13			$lastPage = $request->session()->get('url.intended');
14			\Illuminate\Support\Facades\Log::info('AUTH loginOrRegister with request url '.$lastPage);
15
16			// Make sure they are not going to end up in a redirect loop with the login route
17			if ($lastPage && $lastPage != route('login')) {
18			$request->session()->put('oauthIntendedUrl', $lastPage);
19			}
20
21			return redirect()->guest(config('enterpriseauth.routes.login'));
22			}
23
24			// Route to clear the session and redirect to oauth signout handler
25			public function logout(\Illuminate\Http\Request $request)
26			{
27			auth()->logout();
28
29			return redirect(config('enterpriseauth.routes.logout'));
30			}
31
32			// Route to redirect to oauth idp end-session endpoint
33			public function logoutFromOauthProvider(\Illuminate\Http\Request $request)
34			{
35			$endSessionEndpoint = $this->azureActiveDirectory->endSessionEndpoint;
36
37			return redirect($endSessionEndpoint);
38			}
39
40			// Route called to redirect administrative users to provide consent to access aad
41			public function redirectToOauthAdminConsent(\Illuminate\Http\Request $request)
42			{
43			$url = $this->azureActiveDirectory->buildAdminConsentUrl(config('enterpriseauth.credentials.client_id'),
44			config('enterpriseauth.credentials.callback_url'));
45			//return new \Illuminate\Http\RedirectResponse($url);
46			return redirect($url);
47			}
48
49			// Route called to redirect unauthenticated users to oauth identity provider
50			public function redirectToOauthProvider(\Illuminate\Http\Request $request)
51			{
52			$url = $this->buildAuthUrl();
53			//return new \Illuminate\Http\RedirectResponse($url);
54			return redirect($url);
55			}
56
57			// Helper to build redirect url from azure AD tenant
58			public function buildAuthUrl()
59			{
60			$url = $this->azureActiveDirectory->authorizationEndpoint
61			.'?'
62			.$this->buildAuthUrlQueryString();
63
64			return $url;
65			}
66
67			// helper to build query string for oauth provider
68			public function buildAuthUrlQueryString()
69			{
70			$fields = [
71			'client_id' => config('enterpriseauth.credentials.client_id'),
72			'redirect_uri' => config('enterpriseauth.credentials.callback_url'),
73			'scope' => 'https://graph.microsoft.com/.default',
74			'response_type' => 'code',
75			];
76
77			return http_build_query($fields);
78			}
79
80			// Route to handle response back from our oauth provider
81			public function handleOauthResponse(\Illuminate\Http\Request $request)
82			{
83			// Handle user authentication responses
84			if ($request->input('code')) {
85			return $this->handleOauthLoginResponse($request);
86			}
87			if ($request->input('admin_consent')) {
88			return 'Thank you';
89			}
90			throw new \Exception('Unhandled oauth response');
91			}
92
93			public function handleOauthLoginResponse(\Illuminate\Http\Request $request)
94			{
95			// Turn coke into pepsi
96			$accessToken = $this->getAccessTokenFromCode($request->input('code'));
97			// Get the associated laravel \App\User object
98			$user = $this->validateOauthCreateOrUpdateUserAndGroups($accessToken);
99			// Authenticate the users session
100			auth()->login($user, true);
101
102			// Check to see if there is an intended destination url saved
103			$destination = $request->session()
104			->get('oauthIntendedUrl');
105			// If there is no intended destination url, use the default
106			if (! $destination) {
107			$destination = config('enterpriseauth.redirect_on_login');
108			}
109			\Illuminate\Support\Facades\Log::info('AUTH success USER ID '.$user->id.' with redirect url '.$destination);
110
111			return redirect($destination);
112			}
113
114			// Turn coke into pepsi: Take the authorization code and turn it into an access token for graph api
115			public function getAccessTokenFromCode($code)
116			{
117			$guzzle = new \GuzzleHttp\Client();
118			$url = $this->azureActiveDirectory->tokenEndpoint;
119			$parameters = [
120			'headers' => [
121			'Accept' => 'application/json',
122			],
123			'form_params' => [
124			'code' => $code,
125			'scope' => 'https://graph.microsoft.com/.default',
126			'client_id' => config('enterpriseauth.credentials.client_id'),
127			'client_secret' => config('enterpriseauth.credentials.client_secret'),
128			'redirect_uri' => config('enterpriseauth.credentials.callback_url'),
129			'grant_type' => 'authorization_code',
130			],
131			];
132			$response = $guzzle->post($url, $parameters);
133			$responseObject = json_decode($response->getBody());
134			$accessToken = $responseObject->access_token;
135
136			return $accessToken;
137			}
138			}
139

metaclassing / PHP7-Laravel5-EnterpriseAuth

WebAuthController::redirectToOauthAdminConsent() A last analyzed 2020-04-28 15:03 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

WebAuthController::redirectToOauthAdminConsent() A
last analyzed 2020-04-28 15:03 UTC