You are here

class Oauth2AuthorizeForm in Simple OAuth (OAuth2) & OpenID Connect 8.2

Same name and namespace in other branches
  1. 8.3 simple_oauth_extras/src/Controller/Oauth2AuthorizeForm.php \Drupal\simple_oauth_extras\Controller\Oauth2AuthorizeForm

Hierarchy

Expanded class hierarchy of Oauth2AuthorizeForm

1 string reference to 'Oauth2AuthorizeForm'
simple_oauth_extras.routing.yml in simple_oauth_extras/simple_oauth_extras.routing.yml
simple_oauth_extras/simple_oauth_extras.routing.yml

File

simple_oauth_extras/src/Controller/Oauth2AuthorizeForm.php, line 20

Namespace

Drupal\simple_oauth_extras\Controller
View source
class Oauth2AuthorizeForm extends FormBase {

  /**
   * @var \Drupal\Core\Entity\EntityTypeManagerInterface
   */
  protected $entityTypeManager;

  /**
   * @var \Symfony\Bridge\PsrHttpMessage\HttpMessageFactoryInterface
   */
  protected $messageFactory;

  /**
   * @var \Symfony\Bridge\PsrHttpMessage\HttpFoundationFactoryInterface
   */
  protected $foundationFactory;

  /**
   * @var \League\OAuth2\Server\AuthorizationServer
   */
  protected $server;

  /**
   * @var \Drupal\simple_oauth\Plugin\Oauth2GrantManagerInterface
   */
  protected $grantManager;

  /**
   * Oauth2AuthorizeForm constructor.
   *
   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
   * @param \Symfony\Bridge\PsrHttpMessage\HttpMessageFactoryInterface $message_factory
   * @param \Symfony\Bridge\PsrHttpMessage\HttpFoundationFactoryInterface $foundation_factory
   * @param \Drupal\simple_oauth\Plugin\Oauth2GrantManagerInterface $grant_manager
   */
  public function __construct(EntityTypeManagerInterface $entity_type_manager, HttpMessageFactoryInterface $message_factory, HttpFoundationFactoryInterface $foundation_factory, Oauth2GrantManagerInterface $grant_manager) {
    $this->entityTypeManager = $entity_type_manager;
    $this->messageFactory = $message_factory;
    $this->foundationFactory = $foundation_factory;
    $this->grantManager = $grant_manager;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('entity_type.manager'), $container
      ->get('psr7.http_message_factory'), $container
      ->get('psr7.http_foundation_factory'), $container
      ->get('plugin.manager.oauth2_grant.processor'));
  }

  /**
   * Returns a unique string identifying the form.
   *
   * @return string
   *   The unique string identifying the form.
   */
  public function getFormId() {
    return 'simple_oauth_authorize_form';
  }

  /**
   * Form constructor.
   *
   * @param array $form
   *   An associative array containing the structure of the form.
   * @param \Drupal\Core\Form\FormStateInterface $form_state
   *   The current state of the form.
   *
   * @return array
   *   The form structure.
   */
  public function buildForm(array $form, FormStateInterface $form_state) {
    if (!$this
      ->currentUser()
      ->isAuthenticated()) {
      $form['redirect_params'] = [
        '#type' => 'hidden',
        '#value' => $this
          ->getRequest()
          ->getQueryString(),
      ];
      $form['description'] = [
        '#type' => 'html_tag',
        '#tag' => 'p',
        '#value' => $this
          ->t('An external client application is requesting access to your data in this site. Please log in first to authorize the operation.'),
      ];
      $form['submit'] = [
        '#type' => 'submit',
        '#value' => $this
          ->t('Login'),
      ];
      return $form;
    }
    $request = $this
      ->getRequest();
    if ($request
      ->get('response_type') == 'code') {
      $grant_type = 'code';
    }
    elseif ($request
      ->get('response_type') == 'token') {
      $grant_type = 'implicit';
    }
    else {
      $grant_type = NULL;
    }
    $this->server = $this->grantManager
      ->getAuthorizationServer($grant_type);

    // Transform the HTTP foundation request object into a PSR-7 object. The
    // OAuth library expects a PSR-7 request.
    $psr7_request = $this->messageFactory
      ->createRequest($request);

    // Validate the HTTP request and return an AuthorizationRequest object.
    // The auth request object can be serialized into a user's session.
    $auth_request = $this->server
      ->validateAuthorizationRequest($psr7_request);

    // Store the auth request temporarily.
    $form_state
      ->set('auth_request', $auth_request);
    $manager = $this->entityTypeManager;
    $form = [
      '#type' => 'container',
    ];
    $client_uuid = $request
      ->get('client_id');
    $client_drupal_entities = $manager
      ->getStorage('oauth2_client')
      ->loadByProperties([
      'uuid' => $client_uuid,
    ]);
    if (empty($client_drupal_entities)) {
      throw OAuthServerException::invalidClient();
    }
    $client_drupal_entity = reset($client_drupal_entities);

    // Gather all the role ids.
    $scope_ids = array_merge(explode(' ', $request
      ->get('scope')), array_map(function ($item) {
      return $item['target_id'];
    }, $client_drupal_entity
      ->get('roles')
      ->getValue()));
    $user_roles = $manager
      ->getStorage('user_role')
      ->loadMultiple($scope_ids);
    $form['client'] = $manager
      ->getViewBuilder('oauth2_client')
      ->view($client_drupal_entity);
    $client_drupal_entity
      ->addCacheableDependency($form['client']);
    $form['scopes'] = [
      '#title' => $this
        ->t('Permissions'),
      '#theme' => 'item_list',
      '#items' => [],
    ];
    foreach ($user_roles as $user_role) {
      $user_role
        ->addCacheableDependency($form['scopes']);
      $form['scopes']['#items'][] = $user_role
        ->label();
    }
    $form['redirect_uri'] = [
      '#type' => 'hidden',
      '#value' => $request
        ->get('redirect_uri') ? $request
        ->get('redirect_uri') : $client_drupal_entity
        ->get('redirect')->value,
    ];
    $form['submit'] = [
      '#type' => 'submit',
      '#value' => $this
        ->t('Grant'),
    ];
    return $form;
  }

  /**
   * Form submission handler.
   *
   * @param array $form
   *   An associative array containing the structure of the form.
   * @param \Drupal\Core\Form\FormStateInterface $form_state
   *   The current state of the form.
   */
  public function submitForm(array &$form, FormStateInterface $form_state) {
    if ($auth_request = $form_state
      ->get('auth_request')) {

      // Once the user has logged in set the user on the AuthorizationRequest.
      $user_entity = new UserEntity();
      $user_entity
        ->setIdentifier($this
        ->currentUser()
        ->id());
      $auth_request
        ->setUser($user_entity);

      // Once the user has approved or denied the client update the status
      // (true = approved, false = denied).
      $can_grant_codes = $this
        ->currentUser()
        ->hasPermission('grant simple_oauth codes');
      $auth_request
        ->setAuthorizationApproved((bool) $form_state
        ->getValue('submit') && $can_grant_codes);

      // Return the HTTP redirect response.
      $response = $this->server
        ->completeAuthorizationRequest($auth_request, new Response());

      // Get the location and return a secure redirect response.
      $redirect_response = TrustedRedirectResponse::create($response
        ->getHeaderLine('location'), $response
        ->getStatusCode(), $response
        ->getHeaders());
      $form_state
        ->setResponse($redirect_response);
    }
    elseif ($params = $form_state
      ->getValue('redirect_params')) {
      $url = Url::fromRoute('user.login');
      $destination = Url::fromRoute('oauth2_token_extras.authorize', [], [
        'query' => UrlHelper::parse('/?' . $params)['query'],
      ]);
      $url
        ->setOption('query', [
        'destination' => $destination
          ->toString(),
      ]);
      $form_state
        ->setRedirectUrl($url);
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
FormBase::$configFactory protected property The config factory. 1
FormBase::$requestStack protected property The request stack. 1
FormBase::$routeMatch protected property The route match.
FormBase::config protected function Retrieves a configuration object.
FormBase::configFactory protected function Gets the config factory for this form. 1
FormBase::container private function Returns the service container.
FormBase::currentUser protected function Gets the current user.
FormBase::getRequest protected function Gets the request object.
FormBase::getRouteMatch protected function Gets the route match.
FormBase::logger protected function Gets the logger for a specific channel.
FormBase::redirect protected function Returns a redirect response object for the specified route. Overrides UrlGeneratorTrait::redirect
FormBase::resetConfigFactory public function Resets the configuration factory.
FormBase::setConfigFactory public function Sets the config factory for this form.
FormBase::setRequestStack public function Sets the request stack object to use.
FormBase::validateForm public function Form validation handler. Overrides FormInterface::validateForm 62
LinkGeneratorTrait::$linkGenerator protected property The link generator. 1
LinkGeneratorTrait::getLinkGenerator Deprecated protected function Returns the link generator.
LinkGeneratorTrait::l Deprecated protected function Renders a link to a route given a route name and its parameters.
LinkGeneratorTrait::setLinkGenerator Deprecated public function Sets the link generator service.
LoggerChannelTrait::$loggerFactory protected property The logger channel factory service.
LoggerChannelTrait::getLogger protected function Gets the logger for a specific channel.
LoggerChannelTrait::setLoggerFactory public function Injects the logger channel factory.
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
Oauth2AuthorizeForm::$entityTypeManager protected property
Oauth2AuthorizeForm::$foundationFactory protected property
Oauth2AuthorizeForm::$grantManager protected property
Oauth2AuthorizeForm::$messageFactory protected property
Oauth2AuthorizeForm::$server protected property
Oauth2AuthorizeForm::buildForm public function Form constructor. Overrides FormInterface::buildForm
Oauth2AuthorizeForm::create public static function Instantiates a new instance of this class. Overrides FormBase::create
Oauth2AuthorizeForm::getFormId public function Returns a unique string identifying the form. Overrides FormInterface::getFormId
Oauth2AuthorizeForm::submitForm public function Form submission handler. Overrides FormInterface::submitForm
Oauth2AuthorizeForm::__construct public function Oauth2AuthorizeForm constructor.
RedirectDestinationTrait::$redirectDestination protected property The redirect destination service. 1
RedirectDestinationTrait::getDestinationArray protected function Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url.
RedirectDestinationTrait::getRedirectDestination protected function Returns the redirect destination service.
RedirectDestinationTrait::setRedirectDestination public function Sets the redirect destination service.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UrlGeneratorTrait::$urlGenerator protected property The url generator.
UrlGeneratorTrait::getUrlGenerator Deprecated protected function Returns the URL generator service.
UrlGeneratorTrait::setUrlGenerator Deprecated public function Sets the URL generator service.
UrlGeneratorTrait::url Deprecated protected function Generates a URL or path for a specific route based on the given parameters.