2023-09-29 14:47:36 +08:00
|
|
|
<?php
|
|
|
|
|
2023-09-29 14:49:12 +08:00
|
|
|
/*
|
|
|
|
* This file is part of foskym/flarum-oauth-center.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2023 FoskyM.
|
|
|
|
*
|
|
|
|
* For the full copyright and license information, please view the LICENSE.md
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
*/
|
2023-09-29 14:47:36 +08:00
|
|
|
namespace FoskyM\OAuthCenter\Controllers;
|
|
|
|
use Flarum\User\User;
|
|
|
|
use Flarum\Http\RequestUtil;
|
|
|
|
use FoskyM\OAuthCenter\OAuth;
|
|
|
|
use Illuminate\Support\Arr;
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
|
|
use Psr\Http\Server\RequestHandlerInterface;
|
|
|
|
use Laminas\Diactoros\Response\JsonResponse;
|
|
|
|
use Flarum\Settings\SettingsRepositoryInterface;
|
|
|
|
use Flarum\Group\Group;
|
|
|
|
|
|
|
|
class AuthorizeController implements RequestHandlerInterface
|
|
|
|
{
|
|
|
|
protected $settings;
|
|
|
|
public function __construct(SettingsRepositoryInterface $settings)
|
|
|
|
{
|
|
|
|
$this->settings = $settings;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function handle(ServerRequestInterface $request): ResponseInterface
|
|
|
|
{
|
|
|
|
$actor = RequestUtil::getActor($request);
|
|
|
|
$actor->assertRegistered();
|
|
|
|
|
2024-02-25 04:55:37 +08:00
|
|
|
if (!$actor->hasPermission('rhodes-island-oauth-center.use-oauth')) {
|
2023-10-13 20:56:45 +08:00
|
|
|
return new JsonResponse([ 'error' => 'no_permission', 'error_description' => 'Don\'t have the permissions of oauth' ]);
|
2023-10-13 20:30:09 +08:00
|
|
|
}
|
|
|
|
|
2023-09-29 14:47:36 +08:00
|
|
|
$params = $request->getParsedBody();
|
|
|
|
|
2023-10-01 22:10:21 +08:00
|
|
|
$oauth = new OAuth($this->settings);
|
2023-09-29 14:47:36 +08:00
|
|
|
$server = $oauth->server();
|
|
|
|
$request = $oauth->request()::createFromGlobals();
|
|
|
|
$response = $oauth->response();
|
|
|
|
|
|
|
|
if (!$server->validateAuthorizeRequest($request, $response)) {
|
2023-10-01 22:10:21 +08:00
|
|
|
return new JsonResponse(json_decode($response->getResponseBody(), true));
|
2023-09-29 14:47:36 +08:00
|
|
|
}
|
|
|
|
|
2023-10-01 22:28:20 +08:00
|
|
|
$is_authorized = Arr::get($params, 'is_authorized', 0);
|
2023-09-29 14:47:36 +08:00
|
|
|
$server->handleAuthorizeRequest($request, $response, $is_authorized, $actor->id);
|
|
|
|
if ($is_authorized) {
|
2023-10-02 06:44:14 +08:00
|
|
|
// $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
|
2023-10-01 22:36:27 +08:00
|
|
|
return new JsonResponse([
|
2023-10-02 06:44:14 +08:00
|
|
|
'location' => $response->getHttpHeader('Location')
|
2023-10-01 22:36:27 +08:00
|
|
|
]);
|
2023-09-29 14:47:36 +08:00
|
|
|
}
|
2023-10-02 03:37:57 +08:00
|
|
|
|
2023-10-01 22:10:21 +08:00
|
|
|
return new JsonResponse(json_decode($response->getResponseBody(), true));
|
2023-09-29 14:47:36 +08:00
|
|
|
}
|
|
|
|
}
|