forum-oauth-center/src/Controllers/AuthorizeController.php

63 lines
2.1 KiB
PHP
Raw Normal View History

2023-09-29 14:47:36 +08:00
<?php
2023-09-29 14:49:12 +08:00
/*
* This file is part of foskym/flarum-oauth-center.
*
* Copyright (c) 2023 FoskyM.
*
* For the full copyright and license information, please view the LICENSE.md
* file that was distributed with this source code.
*/
2023-09-29 14:47:36 +08:00
namespace FoskyM\OAuthCenter\Controllers;
use Flarum\User\User;
use Flarum\Http\RequestUtil;
use FoskyM\OAuthCenter\OAuth;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Laminas\Diactoros\Response\JsonResponse;
use Flarum\Settings\SettingsRepositoryInterface;
use Flarum\Group\Group;
class AuthorizeController implements RequestHandlerInterface
{
protected $settings;
public function __construct(SettingsRepositoryInterface $settings)
{
$this->settings = $settings;
}
public function handle(ServerRequestInterface $request): ResponseInterface
{
$actor = RequestUtil::getActor($request);
$actor->assertRegistered();
2024-02-25 04:55:37 +08:00
if (!$actor->hasPermission('rhodes-island-oauth-center.use-oauth')) {
return new JsonResponse([ 'error' => 'no_permission', 'error_description' => 'Don\'t have the permissions of oauth' ]);
2023-10-13 20:30:09 +08:00
}
2023-09-29 14:47:36 +08:00
$params = $request->getParsedBody();
2023-10-01 22:10:21 +08:00
$oauth = new OAuth($this->settings);
2023-09-29 14:47:36 +08:00
$server = $oauth->server();
$request = $oauth->request()::createFromGlobals();
$response = $oauth->response();
if (!$server->validateAuthorizeRequest($request, $response)) {
2023-10-01 22:10:21 +08:00
return new JsonResponse(json_decode($response->getResponseBody(), true));
2023-09-29 14:47:36 +08:00
}
2023-10-01 22:28:20 +08:00
$is_authorized = Arr::get($params, 'is_authorized', 0);
2023-09-29 14:47:36 +08:00
$server->handleAuthorizeRequest($request, $response, $is_authorized, $actor->id);
if ($is_authorized) {
2023-10-02 06:44:14 +08:00
// $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
2023-10-01 22:36:27 +08:00
return new JsonResponse([
2023-10-02 06:44:14 +08:00
'location' => $response->getHttpHeader('Location')
2023-10-01 22:36:27 +08:00
]);
2023-09-29 14:47:36 +08:00
}
2023-10-02 03:37:57 +08:00
2023-10-01 22:10:21 +08:00
return new JsonResponse(json_decode($response->getResponseBody(), true));
2023-09-29 14:47:36 +08:00
}
}