mirror of
https://github.com/webmasterskaya/joomla-oauth-server.git
synced 2024-11-23 22:34:50 +03:00
Authorize with user login
This commit is contained in:
parent
0caade0e28
commit
c8a9d92a7b
@ -11,13 +11,12 @@ namespace Webmasterskaya\Component\OauthServer\Site\Controller;
|
|||||||
|
|
||||||
use Joomla\CMS\Application\CMSApplication;
|
use Joomla\CMS\Application\CMSApplication;
|
||||||
use Joomla\CMS\Component\ComponentHelper;
|
use Joomla\CMS\Component\ComponentHelper;
|
||||||
use Joomla\CMS\Document\FactoryInterface;
|
|
||||||
use Joomla\CMS\Factory;
|
|
||||||
use Joomla\CMS\MVC\Controller\BaseController;
|
use Joomla\CMS\MVC\Controller\BaseController;
|
||||||
use Joomla\CMS\MVC\Factory\MVCFactoryInterface;
|
use Joomla\CMS\MVC\Factory\MVCFactoryInterface;
|
||||||
use Joomla\CMS\Router\Route;
|
use Joomla\CMS\Router\Route;
|
||||||
use Joomla\CMS\Uri\Uri;
|
use Joomla\CMS\Uri\Uri;
|
||||||
use Joomla\Input\Input;
|
use Joomla\Input\Input;
|
||||||
|
use Laminas\Diactoros\ServerRequest;
|
||||||
use Laminas\Diactoros\ServerRequestFactory;
|
use Laminas\Diactoros\ServerRequestFactory;
|
||||||
use League\OAuth2\Server\AuthorizationServer;
|
use League\OAuth2\Server\AuthorizationServer;
|
||||||
use League\OAuth2\Server\CryptKey;
|
use League\OAuth2\Server\CryptKey;
|
||||||
@ -186,30 +185,46 @@ class LoginController extends BaseController
|
|||||||
public function authorize(): static
|
public function authorize(): static
|
||||||
{
|
{
|
||||||
$app = $this->app;
|
$app = $this->app;
|
||||||
|
$input = $app->getInput();
|
||||||
$user = $app->getIdentity();
|
$user = $app->getIdentity();
|
||||||
$uri = Uri::getInstance();
|
$uri = Uri::getInstance();
|
||||||
|
$state_prefix = 'oauthserver.login.authorize.request';
|
||||||
|
|
||||||
|
// Create PSR-7 Request object and store all query params in user state, to use it after user login is it required.
|
||||||
|
$serverRequest = (new ServerRequest([], [], $app->getUserState("$state_prefix.uri", (string) $uri)))
|
||||||
|
->withQueryParams([
|
||||||
|
'response_type' => $app->getUserStateFromRequest("$state_prefix.response_type", 'response_type'),
|
||||||
|
'client_id' => $app->getUserStateFromRequest("$state_prefix.client_id", 'client_id', $input->server->get('PHP_AUTH_USER')),
|
||||||
|
'redirect_uri' => $app->getUserStateFromRequest("$state_prefix.redirect_uri", 'redirect_uri'),
|
||||||
|
'scope' => $app->getUserStateFromRequest("$state_prefix.scope", 'scope'),
|
||||||
|
'code_challenge' => $app->getUserStateFromRequest("$state_prefix.code_challenge", 'code_challenge'),
|
||||||
|
'code_challenge_method' => $app->getUserStateFromRequest("$state_prefix.code_challenge_method", 'code_challenge_method', 'plain'),
|
||||||
|
]);
|
||||||
|
|
||||||
if (!$user->id)
|
if (!$user->id)
|
||||||
{
|
{
|
||||||
$return = http_build_query(['return' => base64_encode($uri->toString(['scheme', 'user', 'pass', 'host', 'port', 'path']))]);
|
if ($app->getUserState("$state_prefix.uri") === null)
|
||||||
$this->app->setUserState('oauthserver.login.authorize.request', $uri->getQuery(true));
|
{
|
||||||
$this->app->enqueueMessage('Необходимо авторизоваться!');
|
$app->setUserState("$state_prefix.uri", (string) $uri);
|
||||||
$this->app->redirect(Route::_('index.php?option=com_users&view=login&' . $return));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$state_request = $this->app->getUserState('oauthserver.login.authorize.request');
|
// Build the cleared current uri and encode to pass it to the login form as a callback uri.
|
||||||
if (!empty($state_request) && empty($uri->getQuery(true)))
|
$return = http_build_query(['return' => base64_encode($uri->toString(['scheme', 'user', 'pass', 'host', 'port', 'path']))]);
|
||||||
{
|
$redirect = Route::_('index.php?option=com_users&view=login&' . $return);
|
||||||
foreach ($state_request as $k => $v)
|
|
||||||
{
|
// The current page is not tied to any menu item, so the main page item id will be added to the route. It needs to be removed.
|
||||||
$uri->setVar($k, $v);
|
$redirect = preg_replace('/((&|&)itemid=\d+)/i', '', $redirect);
|
||||||
|
|
||||||
|
$app->enqueueMessage('Необходимо авторизоваться!');
|
||||||
|
$app->redirect($redirect);
|
||||||
|
|
||||||
|
return $this;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
$this->app->setUserState('oauthserver.login.authorize.request', []);
|
// Clean user state after login checks
|
||||||
|
$app->setUserState($state_prefix, null);
|
||||||
|
|
||||||
$server = $this->authorizationServer;
|
$server = $this->authorizationServer;
|
||||||
$serverRequest = ServerRequestFactory::fromGlobals();
|
|
||||||
$serverResponse = $app->getResponse();
|
|
||||||
|
|
||||||
// Validate the HTTP request and return an AuthorizationRequest object.
|
// Validate the HTTP request and return an AuthorizationRequest object.
|
||||||
$authRequest = $server->validateAuthorizationRequest($serverRequest);
|
$authRequest = $server->validateAuthorizationRequest($serverRequest);
|
||||||
@ -227,9 +242,7 @@ class LoginController extends BaseController
|
|||||||
// (true = approved, false = denied)
|
// (true = approved, false = denied)
|
||||||
$authRequest->setAuthorizationApproved(true);
|
$authRequest->setAuthorizationApproved(true);
|
||||||
|
|
||||||
$app->setResponse($server->completeAuthorizationRequest($authRequest, $serverResponse));
|
$app->setResponse($server->completeAuthorizationRequest($authRequest, $app->getResponse()));
|
||||||
|
|
||||||
echo $this->app->getResponse()->getBody();
|
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user