-
Notifications
You must be signed in to change notification settings - Fork 279
/
Copy pathAuthorize.php
58 lines (47 loc) · 2.04 KB
/
Authorize.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
namespace OAuth2Demo\Server\Controllers;
use Silex\Application;
class Authorize
{
// Connects the routes in Silex
public static function addRoutes($routing)
{
$routing->get('/authorize', array(new self(), 'authorize'))->bind('authorize');
$routing->post('/authorize', array(new self(), 'authorizeFormSubmit'))->bind('authorize_post');
}
/**
* The user is directed here by the client in order to authorize the client app
* to access his/her data
*/
public function authorize(Application $app)
{
// get the oauth server (configured in src/OAuth2Demo/Server/Server.php)
$server = $app['oauth_server'];
// get the oauth response (configured in src/OAuth2Demo/Server/Server.php)
$response = $app['oauth_response'];
// validate the authorize request. if it is invalid, redirect back to the client with the errors in tow
if (!$server->validateAuthorizeRequest($app['request'], $response)) {
return $server->getResponse();
}
// display the "do you want to authorize?" form
return $app['twig']->render('server/authorize.twig', array(
'client_id' => $app['request']->query->get('client_id'),
'response_type' => $app['request']->query->get('response_type')
));
}
/**
* This is called once the user decides to authorize or cancel the client app's
* authorization request
*/
public function authorizeFormSubmit(Application $app)
{
// get the oauth server (configured in src/OAuth2Demo/Server/Server.php)
$server = $app['oauth_server'];
// get the oauth response (configured in src/OAuth2Demo/Server/Server.php)
$response = $app['oauth_response'];
// check the form data to see if the user authorized the request
$authorized = (bool) $app['request']->request->get('authorize');
// call the oauth server and return the response
return $server->handleAuthorizeRequest($app['request'], $response, $authorized);
}
}