You are here

Home » API reference » OAuth2 Client 8.2 » AuthorizationCodeGrantService.php

class AuthorizationCodeGrantService in OAuth2 Client 8.2

Same name and namespace in other branches
  1. 8.3 src/Service/Grant/AuthorizationCodeGrantService.php \Drupal\oauth2_client\Service\Grant\AuthorizationCodeGrantService

Handles Authorization Grants for the OAuth2 Client module.

Hierarchy

Expanded class hierarchy of AuthorizationCodeGrantService

1 string reference to 'AuthorizationCodeGrantService'
oauth2_client.services.yml in ./oauth2_client.services.yml
oauth2_client.services.yml

File

src/Service/Grant/AuthorizationCodeGrantService.php, line 16

Namespace

Drupal\oauth2_client\Service\Grant
View source 
class AuthorizationCodeGrantService extends Oauth2ClientGrantServiceBase {

  /**
   * The Drupal tempstore.
   *
   * @var \Drupal\Core\TempStore\PrivateTempStore
   */
  protected $tempstore;

  /**
   * Construct an OAuth2Client object.
   *
   * @param \Symfony\Component\HttpFoundation\RequestStack $requestStack
   *   The Request Stack.
   * @param \Drupal\Core\State\StateInterface $state
   *   The Drupal state.
   * @param \Drupal\Core\Routing\UrlGeneratorInterface $urlGenerator
   *   The URL generator service.
   * @param \Drupal\oauth2_client\PluginManager\Oauth2ClientPluginManagerInterface $oauth2ClientPluginManager
   *   The OAuth2 Client plugin manager.
   * @param \Drupal\Core\TempStore\PrivateTempStoreFactory $tempstoreFactory
   *   The Drupal private tempstore factory.
   */
  public function __construct(RequestStack $requestStack, StateInterface $state, UrlGeneratorInterface $urlGenerator, Oauth2ClientPluginManagerInterface $oauth2ClientPluginManager, PrivateTempStoreFactory $tempstoreFactory) {
    parent::__construct($requestStack, $state, $urlGenerator, $oauth2ClientPluginManager);
    $this->tempstore = $tempstoreFactory
      ->get('oauth2_client');
  }

  /**
   * {@inheritdoc}
   */
  public function getAccessToken($clientId) {
    $provider = $this
      ->getProvider($clientId);

    // If an authorization code is not set in the URL parameters, get one.
    if (!$this->currentRequest
      ->get('code')) {

      // Get the authorization URL. This also generates the state.
      $authorization_url = $provider
        ->getAuthorizationUrl();

      // Save the state to Drupal's tempstore.
      $this->tempstore
        ->set('oauth2_client_state-' . $clientId, $provider
        ->getState());

      // Redirect to the authorization URL.
      $redirect = new RedirectResponse($authorization_url);
      $redirect
        ->send();
      exit;
    }
    elseif (!$this->currentRequest
      ->get('state') || $this->currentRequest
      ->get('state') !== $this->tempstore
      ->get('oauth2_client_state-' . $clientId)) {

      // Potential CSRF attack. Bail out.
      $this->tempstore
        ->delete('oauth2_client_state-' . $clientId);
    }
    else {
      try {

        // Try to get an access token using the authorization code grant.
        $accessToken = $provider
          ->getAccessToken('authorization_code', [
          'code' => $this->currentRequest
            ->get('code'),
        ]);
        $this
          ->storeAccessToken($clientId, $accessToken);
      } catch (IdentityProviderException $e) {
        watchdog_exception('OAuth2 Client', $e);
      }
    }
  }

  /**
   * {@inheritdoc}
   */
  public function getGrantProvider($clientId) {
    return $this
      ->getProvider($clientId);
  }

}

Members

Namesort descending Modifiers Type Description Overrides
AuthorizationCodeGrantService::$tempstore protected property The Drupal tempstore.
AuthorizationCodeGrantService::getAccessToken public function Get an OAuth2 access token. Overrides Oauth2ClientGrantServiceInterface::getAccessToken
AuthorizationCodeGrantService::getGrantProvider public function Get the league/oauth2 provider. Overrides Oauth2ClientGrantServiceInterface::getGrantProvider
AuthorizationCodeGrantService::__construct public function Construct an OAuth2Client object. Overrides Oauth2ClientGrantServiceBase::__construct
Oauth2ClientGrantServiceBase::$clientProviderCache protected property Client provider cache
Oauth2ClientGrantServiceBase::$currentRequest protected property The Request Stack.
Oauth2ClientGrantServiceBase::$oauth2ClientPluginManager protected property The OAuth2 Client plugin manager.
Oauth2ClientGrantServiceBase::$state protected property The Drupal state.
Oauth2ClientGrantServiceBase::$urlGenerator protected property The URL generator service.
Oauth2ClientGrantServiceBase::getProvider protected function Creates a new provider object.
Oauth2ClientGrantServiceBase::getRedirectUri private function Retrieves the local redirect URI used for OAuth2 authentication.
Oauth2ClientGrantServiceBase::storeAccessToken protected function Store an access token to the Drupal state.
Oauth2ClientServiceBase::clearAccessToken public function Clears the access token for the given client. Overrides Oauth2ClientServiceInterface::clearAccessToken
Oauth2ClientServiceBase::getClient public function Retrieve an OAuth2 Client Plugin. Overrides Oauth2ClientServiceInterface::getClient
Oauth2ClientServiceBase::retrieveAccessToken public function Retrieve an access token from the Drupal state. Overrides Oauth2ClientServiceInterface::retrieveAccessToken