You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Actually it is quite cool to use this as an auth service that handles different apps or resource servers. I want to use it as an central auth instance. So the only point that is missing actually for it is that I can login/register alternatively with Facebook or Google or something like this at the Auth Service.
So actually I need a new grant_type or? that takes up the signed_request that is returned e.g. by FaceBook and validated so that I can somehow create the new token for our system.
So add new granttype to config and storage map e.g.:
ExternalCredentials may look like this? (could not test it):
namespace api\components\auth;
use OAuth2\GrantType\GrantTypeInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
use OAuth2\ResponseType\AccessTokenInterface;
class ExternalCredentials implements GrantTypeInterface
{
private $userInfo;
protected $storage;
public function __construct(ExternalCredentialsInterface $storage)
{
$this->storage = $storage;
}
public function getQuerystringIdentifier()
{
return 'signed_request';
}
public function validateRequest(RequestInterface $request, ResponseInterface $response)
{
if (!$request->request("signed_request")) {
$response->setError(400, 'invalid_request', 'Missing parameters: "username" and "password" required');
return null;
}
if (!$this->storage->checkUserCredentials($request->request("signed_request"))) {
$response->setError(401, 'invalid_grant', 'Invalid signed request');
return null;
}
$userInfo = $this->storage->getUserDetails($request->request("signed_request"));
if (empty($userInfo)) {
$response->setError(400, 'invalid_grant', 'Unable to retrieve user information');
return null;
}
if (!isset($userInfo['user_id'])) {
throw new \LogicException("you must set the user_id on the array returned by getUserDetails");
}
$this->userInfo = $userInfo;
return true;
}
public function getClientId()
{
return null;
}
public function getUserId()
{
return $this->userInfo['user_id'];
}
public function getScope()
{
return isset($this->userInfo['scope']) ? $this->userInfo['scope'] : null;
}
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
{
return $accessToken->createAccessToken($client_id, $user_id, $scope);
}
}
And I have to manually add to filsh's and bshaffer's repo the new grant type? This seems not like the perfect way. How can I add my own grant_type?
The text was updated successfully, but these errors were encountered:
Actually it is quite cool to use this as an auth service that handles different apps or resource servers. I want to use it as an central auth instance. So the only point that is missing actually for it is that I can login/register alternatively with Facebook or Google or something like this at the Auth Service.
So actually I need a new grant_type or? that takes up the
signed_request
that is returned e.g. by FaceBook and validated so that I can somehow create the new token for our system.So add new granttype to config and storage map e.g.:
ExternalCredentials may look like this? (could not test it):
And I have to manually add to filsh's and bshaffer's repo the new grant type? This seems not like the perfect way. How can I add my own grant_type?
The text was updated successfully, but these errors were encountered: