forum-oauth-center/src/Controllers/AuthorizeController.php

<?php

/*
 * This file is part of foskym/flarum-oauth-center.
 *
 * Copyright (c) 2023 FoskyM.
 *
 * For the full copyright and license information, please view the LICENSE.md
 * file that was distributed with this source code.
 */
namespace RhodesIsland\OAuthCenter\Controllers;
use Flarum\Http\RequestUtil;
use RhodesIsland\OAuthCenter\Models\Record;
use RhodesIsland\OAuthCenter\OAuth;
use Illuminate\Support\Arr;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Laminas\Diactoros\Response\JsonResponse;
use Flarum\Settings\SettingsRepositoryInterface;

class AuthorizeController implements RequestHandlerInterface
{
    protected $settings;
    public function __construct(SettingsRepositoryInterface $settings)
    {
        $this->settings = $settings;
    }

    public function handle(ServerRequestInterface $request): ResponseInterface
    {
        $actor = RequestUtil::getActor($request);
        $actor->assertRegistered();

        if (!$actor->hasPermission('rhodes-island-oauth-center.use-oauth')) {
            // TODO: i18n description
            return new JsonResponse([ 'error' => 'no_permission', 'error_description' => 'Don\'t have the permissions of oauth' ]);
        }

        $params = $request->getParsedBody();

        $oauth = new OAuth($this->settings);
        $server = $oauth->server();
        $request = $oauth->request()::createFromGlobals();
        $response = $oauth->response();

        if (!$server->validateAuthorizeRequest($request, $response)) {
            return new JsonResponse($response->getParameters(), $response->getStatusCode(), $response->getHttpHeaders());
        }

        $is_authorized = Arr::get($params, 'is_authorized', 0);
        $server->handleAuthorizeRequest($request, $response, $is_authorized, $actor->id);

        if ($is_authorized) {
            /*Record::create([
				'client_id' => Arr::get($params, 'client_id'),
				'user_id' => $actor->id,
				'authorized_at' => date('Y-m-d H:i:s')
			]);*/
            return new JsonResponse([
                "redirect" => $response->getHttpHeader("Location")
            ]);
        }

        return new JsonResponse($response->getParameters(), $response->getStatusCode(), $response->getHttpHeaders());
    }
}
chore: add authorize page 2023-09-29 14:47:36 +08:00			`<?php`

chore: copyright 2023-09-29 14:49:12 +08:00			`/*`
			`* This file is part of foskym/flarum-oauth-center.`
			`*`
			`* Copyright (c) 2023 FoskyM.`
			`*`
			`* For the full copyright and license information, please view the LICENSE.md`
			`* file that was distributed with this source code.`
			`*/`
chore: rename namespace to avoid conflict 2024-03-09 23:23:39 +08:00			`namespace RhodesIsland\OAuthCenter\Controllers;`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`use Flarum\Http\RequestUtil;`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`use RhodesIsland\OAuthCenter\Models\Record;`
chore: rename namespace to avoid conflict 2024-03-09 23:23:39 +08:00			`use RhodesIsland\OAuthCenter\OAuth;`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`use Illuminate\Support\Arr;`
			`use Psr\Http\Message\ResponseInterface;`
			`use Psr\Http\Message\ServerRequestInterface;`
			`use Psr\Http\Server\RequestHandlerInterface;`
			`use Laminas\Diactoros\Response\JsonResponse;`
			`use Flarum\Settings\SettingsRepositoryInterface;`

			`class AuthorizeController implements RequestHandlerInterface`
			`{`
			`protected $settings;`
			`public function __construct(SettingsRepositoryInterface $settings)`
			`{`
			`$this->settings = $settings;`
			`}`

			`public function handle(ServerRequestInterface $request): ResponseInterface`
			`{`
			`$actor = RequestUtil::getActor($request);`
			`$actor->assertRegistered();`

rewrite: frontend 2024-02-25 04:55:37 +08:00			`if (!$actor->hasPermission('rhodes-island-oauth-center.use-oauth')) {`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`// TODO: i18n description`
fix: check permissions in grant type of user credentials 2023-10-13 20:56:45 +08:00			`return new JsonResponse([ 'error' => 'no_permission', 'error_description' => 'Don\'t have the permissions of oauth' ]);`
feat: add oauth group permission 2023-10-13 20:30:09 +08:00			`}`

chore: add authorize page 2023-09-29 14:47:36 +08:00			`$params = $request->getParsedBody();`

fix: oauth 2023-10-01 22:10:21 +08:00			`$oauth = new OAuth($this->settings);`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`$server = $oauth->server();`
			`$request = $oauth->request()::createFromGlobals();`
			`$response = $oauth->response();`

			`if (!$server->validateAuthorizeRequest($request, $response)) {`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`return new JsonResponse($response->getParameters(), $response->getStatusCode(), $response->getHttpHeaders());`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`}`

fix: authorize 2023-10-01 22:28:20 +08:00			`$is_authorized = Arr::get($params, 'is_authorized', 0);`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`$server->handleAuthorizeRequest($request, $response, $is_authorized, $actor->id);`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00
chore: add authorize page 2023-09-29 14:47:36 +08:00			`if ($is_authorized) {`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`/*Record::create([`
			`'client_id' => Arr::get($params, 'client_id'),`
			`'user_id' => $actor->id,`
			`'authorized_at' => date('Y-m-d H:i:s')`
			`]);*/`
fix: authorize 2023-10-01 22:36:27 +08:00			`return new JsonResponse([`
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`"redirect" => $response->getHttpHeader("Location")`
fix: authorize 2023-10-01 22:36:27 +08:00			`]);`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`}`
feat: unset csrf in oauth 2023-10-02 03:37:57 +08:00
add: serverside record models chore: ui improvements fix: login modal fail to show if not logged in fix: cannot set null for nullable fields 2024-04-05 12:42:19 +08:00			`return new JsonResponse($response->getParameters(), $response->getStatusCode(), $response->getHttpHeaders());`
chore: add authorize page 2023-09-29 14:47:36 +08:00			`}`
			`}`