Jonny Barnes
3f15291d16
Squashed commit of the following:
commit 070f46bbacd91855730d467cc2806183441791ae
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Mon Sep 4 18:06:04 2017 +0100
Now we now how the laravel IoC conatiner works, no need to be newing class dependencies
commit 57eeacdef178532a681f774f8c6738950d40c964
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Mon Sep 4 17:59:28 2017 +0100
Get json test working again
commit 81c3cfc9b432241d8a4df7f1e0511a50ea4f9b90
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Mon Sep 4 14:38:10 2017 +0100
Can’t use RefreshDatabase yet
commit 4ba5ff724d50ca86b3fa90c7bb4e71ad9e4dad79
Author: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Mon Sep 4 14:10:33 2017 +0100
Initial attempt at updating to Laravel 5.5
94 lines
2.8 KiB
PHP
94 lines
2.8 KiB
PHP
<?php
|
||
|
||
namespace App\Http\Controllers;
|
||
|
||
use App\IndieWebUser;
|
||
use IndieAuth\Client;
|
||
use Illuminate\Http\Request;
|
||
|
||
class IndieAuthController extends Controller
|
||
{
|
||
/**
|
||
* The IndieAuth Client.
|
||
*/
|
||
protected $client;
|
||
|
||
/**
|
||
* Inject the dependency.
|
||
*
|
||
* @param \IndieAuth\Client $client
|
||
* @return void
|
||
*/
|
||
public function __construct(Client $client)
|
||
{
|
||
$this->client = $client;
|
||
}
|
||
|
||
/**
|
||
* Begin the indie auth process. This method ties in to the login page
|
||
* from our micropub client. Here we then query the user’s homepage
|
||
* for their authorisation endpoint, and redirect them there with a
|
||
* unique secure state value.
|
||
*
|
||
* @param \Illuminate\Http\Request $request
|
||
* @return \Illuminate\Routing\RedirectResponse redirect
|
||
*/
|
||
public function start(Request $request)
|
||
{
|
||
$url = normalize_url($request->input('me'));
|
||
$authorizationEndpoint = $this->client->discoverAuthorizationEndpoint($url);
|
||
if ($authorizationEndpoint != null) {
|
||
$state = bin2hex(openssl_random_pseudo_bytes(16));
|
||
session(['state' => $state]);
|
||
$authorizationURL = $this->client->buildAuthorizationURL(
|
||
$authorizationEndpoint,
|
||
$url,
|
||
route('indieauth-callback'), //redirect_uri
|
||
route('micropub-client'), //client_id
|
||
$state
|
||
);
|
||
if ($authorizationURL) {
|
||
return redirect($authorizationURL);
|
||
}
|
||
|
||
return redirect(route('micropub-client'))->with('error', 'Error building authorization URL');
|
||
}
|
||
|
||
return redirect(route('micropub-client'))->with('error', 'Unable to determine authorisation endpoint');
|
||
}
|
||
|
||
/**
|
||
* Once they have verified themselves through the authorisation endpoint
|
||
* the next step is register/login the user.
|
||
*
|
||
* @param \Illuminate\Http\Rrequest $request
|
||
* @return \Illuminate\Routing\RedirectResponse redirect
|
||
*/
|
||
public function callback(Request $request)
|
||
{
|
||
if ($request->session()->get('state') != $request->input('state')) {
|
||
return redirect(route('micropub-client'))->with(
|
||
'error',
|
||
'Invalid <code>state</code> value returned from indieauth server'
|
||
);
|
||
}
|
||
|
||
$url = normalize_url($request->input('me'));
|
||
$indiewebUser = IndieWebUser::firstOrCreate(['me' => $url]);
|
||
$request->session()->put(['me' => $url]);
|
||
|
||
return redirect(route('micropub-client'));
|
||
}
|
||
|
||
/**
|
||
* Log out the user, flush the session data.
|
||
*
|
||
* @return \Illuminate\Routing\RedirectResponse redirect
|
||
*/
|
||
public function logout(Request $request)
|
||
{
|
||
$request->session()->flush();
|
||
|
||
return redirect(route('micropub-client'));
|
||
}
|
||
}
|