2017-05-18 15:15:53 +01:00
|
|
|
|
<?php
|
|
|
|
|
|
|
2018-01-15 14:02:13 +00:00
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
2017-05-18 15:15:53 +01:00
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
|
|
|
|
|
|
|
|
use IndieAuth\Client;
|
|
|
|
|
|
use App\Services\TokenService;
|
2018-01-31 22:21:57 +00:00
|
|
|
|
use Illuminate\Http\JsonResponse;
|
2017-05-18 15:15:53 +01:00
|
|
|
|
|
|
|
|
|
|
class TokenEndpointController extends Controller
|
|
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* The IndieAuth Client.
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected $client;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* The Token handling service.
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected $tokenService;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Inject the dependencies.
|
|
|
|
|
|
*
|
2018-01-15 14:02:13 +00:00
|
|
|
|
* @param \IndieAuth\Client $client
|
|
|
|
|
|
* @param \App\Services\TokenService $tokenService
|
2017-05-18 15:15:53 +01:00
|
|
|
|
*/
|
|
|
|
|
|
public function __construct(
|
2017-09-04 19:34:39 +01:00
|
|
|
|
Client $client,
|
|
|
|
|
|
TokenService $tokenService
|
2017-05-18 15:15:53 +01:00
|
|
|
|
) {
|
2017-09-04 19:34:39 +01:00
|
|
|
|
$this->client = $client;
|
|
|
|
|
|
$this->tokenService = $tokenService;
|
2017-05-18 15:15:53 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* If the user has auth’d via the IndieAuth protocol, issue a valid token.
|
|
|
|
|
|
*
|
2018-01-31 22:21:57 +00:00
|
|
|
|
* @return \Illuminate\Http\JsonResponse
|
2017-05-18 15:15:53 +01:00
|
|
|
|
*/
|
2018-01-31 22:21:57 +00:00
|
|
|
|
public function create(): JsonResponse
|
2017-05-18 15:15:53 +01:00
|
|
|
|
{
|
2018-01-15 14:02:13 +00:00
|
|
|
|
$authorizationEndpoint = $this->client->discoverAuthorizationEndpoint(normalize_url(request()->input('me')));
|
2017-05-18 15:15:53 +01:00
|
|
|
|
if ($authorizationEndpoint) {
|
|
|
|
|
|
$auth = $this->client->verifyIndieAuthCode(
|
|
|
|
|
|
$authorizationEndpoint,
|
2018-01-15 14:02:13 +00:00
|
|
|
|
request()->input('code'),
|
|
|
|
|
|
request()->input('me'),
|
|
|
|
|
|
request()->input('redirect_uri'),
|
|
|
|
|
|
request()->input('client_id')
|
2017-05-18 15:15:53 +01:00
|
|
|
|
);
|
|
|
|
|
|
if (array_key_exists('me', $auth)) {
|
|
|
|
|
|
$scope = $auth['scope'] ?? '';
|
|
|
|
|
|
$tokenData = [
|
2018-01-15 14:02:13 +00:00
|
|
|
|
'me' => request()->input('me'),
|
|
|
|
|
|
'client_id' => request()->input('client_id'),
|
2017-05-18 15:15:53 +01:00
|
|
|
|
'scope' => $scope,
|
|
|
|
|
|
];
|
|
|
|
|
|
$token = $this->tokenService->getNewToken($tokenData);
|
2018-01-31 22:21:57 +00:00
|
|
|
|
$content = [
|
2018-01-15 14:02:13 +00:00
|
|
|
|
'me' => request()->input('me'),
|
2017-05-18 15:15:53 +01:00
|
|
|
|
'scope' => $scope,
|
|
|
|
|
|
'access_token' => $token,
|
2018-01-31 22:21:57 +00:00
|
|
|
|
];
|
2017-05-18 15:15:53 +01:00
|
|
|
|
|
2018-01-31 22:21:57 +00:00
|
|
|
|
return response()->json($content);
|
2017-05-18 15:15:53 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 22:21:57 +00:00
|
|
|
|
return response()->json([
|
|
|
|
|
|
'error' => 'There was an error verifying the authorisation code.'
|
|
|
|
|
|
], 401);
|
2017-05-18 15:15:53 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 22:21:57 +00:00
|
|
|
|
return response()->json([
|
|
|
|
|
|
'error' => 'Can’t determine the authorisation endpoint.'
|
|
|
|
|
|
], 400);
|
2017-05-18 15:15:53 +01:00
|
|
|
|
}
|
|
|
|
|
|
}
|
