114 lines
3 KiB
PHP
114 lines
3 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace App\Services;
|
||
|
|
|
||
|
|
class IndieAuthService
|
||
|
|
{
|
||
|
|
/**
|
||
|
|
* Given a domain, determing the assocaited authorization endpoint,
|
||
|
|
* if one exists.
|
||
|
|
*
|
||
|
|
* @param string The domain
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return string|null
|
||
|
|
*/
|
||
|
|
public function getAuthorizationEndpoint($domain, $client)
|
||
|
|
{
|
||
|
|
return $client->discoverAuthorizationEndpoint($client->normalizeMeURL($domain));
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Given an authorization endpoint, build the appropriate authorization URL.
|
||
|
|
*
|
||
|
|
* @param string $authEndpoint
|
||
|
|
* @param string $domain
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return string
|
||
|
|
*/
|
||
|
|
public function buildAuthorizationURL($authEndpoint, $domain, $client)
|
||
|
|
{
|
||
|
|
$domain = $client->normalizeMeURL($domain);
|
||
|
|
$state = bin2hex(openssl_random_pseudo_bytes(16));
|
||
|
|
session(['state' => $state]);
|
||
|
|
$redirectURL = config('app.url') . '/indieauth';
|
||
|
|
$clientId = config('app.url') . '/notes/new';
|
||
|
|
$scope = 'post';
|
||
|
|
$authorizationURL = $client->buildAuthorizationURL(
|
||
|
|
$authEndpoint,
|
||
|
|
$domain,
|
||
|
|
$redirectURL,
|
||
|
|
$clientId,
|
||
|
|
$state,
|
||
|
|
$scope
|
||
|
|
);
|
||
|
|
|
||
|
|
return $authorizationURL;
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Discover the token endpoint for a given domain.
|
||
|
|
*
|
||
|
|
* @param string The domain
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return string|null
|
||
|
|
*/
|
||
|
|
public function getTokenEndpoint($domain, $client)
|
||
|
|
{
|
||
|
|
return $client->discoverTokenEndpoint($domain);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Retrieve a token from the token endpoint.
|
||
|
|
*
|
||
|
|
* @param array The relavent data
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return array
|
||
|
|
*/
|
||
|
|
public function getAccessToken(array $data, $client)
|
||
|
|
{
|
||
|
|
return $client->getAccessToken(
|
||
|
|
$data['endpoint'],
|
||
|
|
$data['code'],
|
||
|
|
$data['me'],
|
||
|
|
$data['redirect_url'],
|
||
|
|
$data['client_id'],
|
||
|
|
$data['state']
|
||
|
|
);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Determine the Authorization endpoint, then verify the suplied code is
|
||
|
|
* valid.
|
||
|
|
*
|
||
|
|
* @param array The data.
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return array|null
|
||
|
|
*/
|
||
|
|
public function verifyIndieAuthCode(array $data, $client)
|
||
|
|
{
|
||
|
|
$authEndpoint = $client->discoverAuthorizationEndpoint($data['me']);
|
||
|
|
if ($authEndpoint) {
|
||
|
|
return $client->verifyIndieAuthCode(
|
||
|
|
$authEndpoint,
|
||
|
|
$data['code'],
|
||
|
|
$data['me'],
|
||
|
|
$data['redirect_url'],
|
||
|
|
$data['client_id'],
|
||
|
|
$data['state']
|
||
|
|
);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Determine the micropub endpoint.
|
||
|
|
*
|
||
|
|
* @param string $domain
|
||
|
|
* @param \IndieAuth\Client $client
|
||
|
|
* @return string The endpoint
|
||
|
|
*/
|
||
|
|
public function discoverMicropubEndpoint($domain, $client)
|
||
|
|
{
|
||
|
|
return $client->discoverMicropubEndpoint($client->normalizeMeURL($domain));
|
||
|
|
}
|
||
|
|
}
|