class Oauth in Media: Acquia DAM 8
OAuth Class.
Hierarchy
- class \Drupal\media_acquiadam\Oauth implements ContainerInjectionInterface, OauthInterface
Expanded class hierarchy of Oauth
1 file declares its use of Oauth
- OauthTest.php in tests/
src/ Unit/ OauthTest.php
2 string references to 'Oauth'
- media_acquiadam.schema.yml in config/
schema/ media_acquiadam.schema.yml - config/schema/media_acquiadam.schema.yml
- media_acquiadam.services.yml in ./
media_acquiadam.services.yml - media_acquiadam.services.yml
1 service uses Oauth
File
- src/
Oauth.php, line 19
Namespace
Drupal\media_acquiadamView source
class Oauth implements OauthInterface, ContainerInjectionInterface {
/**
* The base URL to use for the DAM API.
*
* @var string
*/
protected $damApiBase = "https://apiv2.webdamdb.com";
/**
* The media_acquiadam configuration.
*
* @var \Drupal\Core\Config\Config|\Drupal\Core\Config\ImmutableConfig
*/
protected $config;
/**
* A CSRF token generator.
*
* @var \Drupal\Core\Access\CsrfTokenGenerator
*/
protected $csrfTokenGenerator;
/**
* A URL generator.
*
* @var \Drupal\Core\Routing\UrlGeneratorInterface
*/
protected $urlGenerator;
/**
* An HTTP client.
*
* @var \GuzzleHttp\Client
*/
protected $httpClient;
/**
* Destination URI after authentication is completed.
*
* @var string
*/
protected $authFinishRedirect;
/**
* Drupal logger instance.
*
* @var \Drupal\Core\Logger\LoggerChannelInterface
*/
protected $loggerChannel;
/**
* The current user.
*
* @var \Drupal\Core\Session\AccountProxyInterface
*/
protected $currentUser;
/**
* Oauth constructor.
*
* {@inheritdoc}
*/
public function __construct(ConfigFactoryInterface $config_factory, CsrfTokenGenerator $csrfTokenGenerator, UrlGeneratorInterface $urlGenerator, ClientInterface $httpClient, LoggerChannelFactoryInterface $loggerChannelFactory, AccountProxyInterface $account) {
$this->config = $config_factory
->get('media_acquiadam.settings');
$this->csrfTokenGenerator = $csrfTokenGenerator;
$this->urlGenerator = $urlGenerator;
$this->httpClient = $httpClient;
$this->loggerChannel = $loggerChannelFactory
->get('media_acquiadam');
$this->currentUser = $account;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container
->get('config.factory'), $container
->get('csrf_token'), $container
->get('url_generator.non_bubbling'), $container
->get('http_client'), $container
->get('logger.factory'), $container
->get('current_user'));
}
/**
* {@inheritdoc}
*/
public function authRequestStateIsValid($token) {
return $this->csrfTokenGenerator
->validate($token, 'media_acquiadam.oauth');
}
/**
* {@inheritdoc}
*/
public function getAccessToken($auth_code) {
$this->loggerChannel
->debug('Getting new access token for @username.', [
'@username' => $this->currentUser
->getAccountName(),
]);
/** @var \Psr\Http\Message\ResponseInterface $response */
$response = $this->httpClient
->post("{$this->damApiBase}/oauth2/token", [
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $auth_code,
'redirect_uri' => $this->urlGenerator
->generateFromRoute('media_acquiadam.auth_finish', [
'auth_finish_redirect' => $this->authFinishRedirect,
], [
'absolute' => TRUE,
]),
'client_id' => $this->config
->get('client_id'),
'client_secret' => $this->config
->get('secret'),
],
]);
$body = (string) $response
->getBody();
$body = json_decode($body);
return [
'access_token' => $body->access_token,
'expire_time' => time() + $body->expires_in,
'refresh_token' => $body->refresh_token,
];
}
/**
* {@inheritdoc}
*/
public function getAuthLink() {
$client_id = $this->config
->get('client_id');
$token = $this->csrfTokenGenerator
->get('media_acquiadam.oauth');
$redirect_uri = $this->urlGenerator
->generateFromRoute('media_acquiadam.auth_finish', [
'auth_finish_redirect' => $this->authFinishRedirect,
], [
'absolute' => TRUE,
]);
return "{$this->damApiBase}/oauth2/authorize?response_type=code&state={$token}&redirect_uri={$redirect_uri}&client_id={$client_id}";
}
/**
* {@inheritdoc}
*/
public function refreshAccess($refresh_token) {
$this->loggerChannel
->debug('Refreshing access token for @username.', [
'@username' => $this->currentUser
->getAccountName(),
]);
/** @var \Psr\Http\Message\ResponseInterface $response */
$response = $this->httpClient
->post("{$this->damApiBase}/oauth2/token", [
'form_params' => [
'grant_type' => 'refresh_token',
'refresh_token' => $refresh_token,
'client_id' => $this->config
->get('client_id'),
'client_secret' => $this->config
->get('secret'),
'redirect_uri' => $this->urlGenerator
->generateFromRoute('media_acquiadam.auth_finish', [
'auth_finish_redirect' => $this->authFinishRedirect,
], [
'absolute' => TRUE,
]),
],
]);
$body = (string) $response
->getBody();
$body = json_decode($body);
return [
'access_token' => $body->access_token,
'expire_time' => time() + $body->expires_in,
'refresh_token' => $body->refresh_token,
];
}
/**
* Gets the auth_finish_redirect url.
*
* @return mixed
* Url string if is set, null if not set.
*/
public function getAuthFinishRedirect() {
if (isset($this->authFinishRedirect)) {
return $this->authFinishRedirect;
}
else {
return NULL;
}
}
/**
* {@inheritdoc}
*/
public function setAuthFinishRedirect($authFinishRedirect) {
$parsed_url = UrlHelper::parse($authFinishRedirect);
$filterable_keys = $this->config
->get('oauth.excluded_redirect_keys');
if (empty($filterable_keys) || !is_array($filterable_keys)) {
$filterable_keys = [
// The Entity Browser Block module will break the authentication flow
// when used within Panels IPE. Filtering out this query parameter
// works around the issue.
'original_path',
];
}
$this->authFinishRedirect = Url::fromUri('base:' . $parsed_url['path'], [
'query' => UrlHelper::filterQueryParameters($parsed_url['query'], $filterable_keys),
'fragment' => $parsed_url['fragment'],
])
->toString();
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
Oauth:: |
protected | property | Destination URI after authentication is completed. | |
|
Oauth:: |
protected | property | The media_acquiadam configuration. | |
|
Oauth:: |
protected | property | A CSRF token generator. | |
|
Oauth:: |
protected | property | The current user. | |
|
Oauth:: |
protected | property | The base URL to use for the DAM API. | |
|
Oauth:: |
protected | property | An HTTP client. | |
|
Oauth:: |
protected | property | Drupal logger instance. | |
|
Oauth:: |
protected | property | A URL generator. | |
|
Oauth:: |
public | function |
Validate that the state token in an auth request is valid. Overrides OauthInterface:: |
|
|
Oauth:: |
public static | function |
Instantiates a new instance of this class. Overrides ContainerInjectionInterface:: |
|
|
Oauth:: |
public | function |
Get a token for API access + the number of seconds till expiration. Overrides OauthInterface:: |
|
|
Oauth:: |
public | function | Gets the auth_finish_redirect url. | |
|
Oauth:: |
public | function |
Get the URL to redirect a user to to start the oauth process. Overrides OauthInterface:: |
|
|
Oauth:: |
public | function |
Refresh an existing access token. Overrides OauthInterface:: |
|
|
Oauth:: |
public | function | ||
|
Oauth:: |
public | function | Oauth constructor. |