You are here

Home » API reference » OAuth2 Server 8 » Utility.php » Utility

public static function Utility::startServer in OAuth2 Server 8

Same name and namespace in other branches
  1. 2.0.x src/Utility.php \Drupal\oauth2_server\Utility::startServer()

Initializes and returns an OAuth2 server.

Parameters

\Drupal\oauth2_server\ServerInterface|null $server: The server entity to use for supplying settings to the server, and initializing the scope. NULL only when we expect the validation to fail due to an incomplete or invalid request.

\Drupal\oauth2_server\OAuth2StorageInterface $storage: The storage service to use for retrieving data.

Return value

\OAuth2\Server An instance of OAuth2\Server.

5 calls to Utility::startServer()
AuthorizeForm::submitForm in src/Form/AuthorizeForm.php
Form submission handler.
OAuth2Controller::authorize in src/Controller/OAuth2Controller.php
Authorize.
OAuth2Controller::token in src/Controller/OAuth2Controller.php
Token.
OAuth2Controller::userInfo in src/Controller/OAuth2Controller.php
User info.
Utility::checkAccess in src/Utility.php
Check access for the passed server and scope.

File

src/Utility.php, line 162

Class

Utility
Contains utility methods for the OAuth2 Server.

Namespace

Drupal\oauth2_server

Code

public static function startServer(ServerInterface $server = NULL, OAuth2StorageInterface $storage) {
  $grant_types = static::getGrantTypes();
  if ($server) {
    $uri = new Url('<front>', [], [
      'absolute' => TRUE,
      'https' => TRUE,
    ]);
    $settings = $server->settings + [
      'issuer' => $uri
        ->toString(),
    ] + $server->settings['advanced_settings'];
    unset($settings['advanced_settings']);

    // The setting 'use_crypto_tokens' was changed to 'use_jwt_access_tokens'
    // in v1.6 of the library. So this provides both.
    $settings['use_jwt_access_tokens'] = !empty($settings['use_crypto_tokens']) ?: FALSE;

    // Initialize the server and add the scope util.
    $oauth2_server = new Server($storage, $settings);
    $scope_util = new ScopeUtility($server);
    $oauth2_server
      ->setScopeUtil($scope_util);

    // Determine the available grant types based on server settings.
    $enabled_grant_types = array_filter($settings['grant_types']);
  }
  else {
    $oauth2_server = new Server($storage);

    // Enable all grant types. One of them will handle the validation failure.
    $enabled_grant_types = array_keys($grant_types);
    $settings = [];
  }

  // Initialize the enabled grant types.
  foreach ($enabled_grant_types as $grant_type_name) {
    if ($grant_type_name == 'urn:ietf:params:oauth:grant-type:jwt-bearer') {
      $audience = new Url('oauth2_server.token', [], [
        'absolute' => TRUE,
      ]);
      $grant_type = new $grant_types[$grant_type_name]['class']($storage, $audience
        ->toString());
    }
    else {
      $grant_type = new $grant_types[$grant_type_name]['class']($storage, $settings);
    }
    $oauth2_server
      ->addGrantType($grant_type);
  }

  // Implicit flow requires its own instance of
  // OAuth2_GrantType_AuthorizationCode.
  if (!empty($settings['allow_implicit'])) {

    // @todo The $settings parameter doesn't seem to be used.
    $grant_type = new AuthorizationCode($storage, $settings);
    $oauth2_server
      ->addGrantType($grant_type, 'implicit');
  }
  return $oauth2_server;
}