2017-05-18 15:15:53 +01:00
|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
|
|
|
|
|
|
|
|
use IndieAuth\Client;
|
|
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
|
|
use App\Services\TokenService;
|
|
|
|
|
|
|
|
|
|
|
|
class TokenEndpointController extends Controller
|
|
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* The IndieAuth Client.
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected $client;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* The Token handling service.
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected $tokenService;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Inject the dependencies.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param \IndieAuth\Client $client
|
|
|
|
|
|
* @param \App\Services\TokenService $tokenService
|
|
|
|
|
|
* @return void
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function __construct(
|
2017-09-04 19:34:39 +01:00
|
|
|
|
Client $client,
|
|
|
|
|
|
TokenService $tokenService
|
2017-05-18 15:15:53 +01:00
|
|
|
|
) {
|
2017-09-04 19:34:39 +01:00
|
|
|
|
$this->client = $client;
|
|
|
|
|
|
$this->tokenService = $tokenService;
|
2017-05-18 15:15:53 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* If the user has auth’d via the IndieAuth protocol, issue a valid token.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function create(Request $request)
|
|
|
|
|
|
{
|
|
|
|
|
|
$authorizationEndpoint = $this->client->discoverAuthorizationEndpoint(normalize_url($request->input('me')));
|
|
|
|
|
|
if ($authorizationEndpoint) {
|
|
|
|
|
|
$auth = $this->client->verifyIndieAuthCode(
|
|
|
|
|
|
$authorizationEndpoint,
|
|
|
|
|
|
$request->input('code'),
|
|
|
|
|
|
$request->input('me'),
|
|
|
|
|
|
$request->input('redirect_uri'),
|
2017-05-18 18:42:38 +01:00
|
|
|
|
$request->input('client_id')
|
2017-05-18 15:15:53 +01:00
|
|
|
|
);
|
|
|
|
|
|
if (array_key_exists('me', $auth)) {
|
|
|
|
|
|
$scope = $auth['scope'] ?? '';
|
|
|
|
|
|
$tokenData = [
|
|
|
|
|
|
'me' => $request->input('me'),
|
|
|
|
|
|
'client_id' => $request->input('client_id'),
|
|
|
|
|
|
'scope' => $scope,
|
|
|
|
|
|
];
|
|
|
|
|
|
$token = $this->tokenService->getNewToken($tokenData);
|
|
|
|
|
|
$content = http_build_query([
|
|
|
|
|
|
'me' => $request->input('me'),
|
|
|
|
|
|
'scope' => $scope,
|
|
|
|
|
|
'access_token' => $token,
|
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
|
|
return response($content)->header(
|
|
|
|
|
|
'Content-Type',
|
|
|
|
|
|
'application/x-www-form-urlencoded'
|
|
|
|
|
|
);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return response('There was an error verifying the authorisation code.', 400);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return response('Can’t determine the authorisation endpoint.', 400);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
