public function Oauth2AuthorizeForm::buildForm in Simple OAuth (OAuth2) & OpenID Connect 8.2
Same name and namespace in other branches
- 8.3 simple_oauth_extras/src/Controller/Oauth2AuthorizeForm.php \Drupal\simple_oauth_extras\Controller\Oauth2AuthorizeForm::buildForm()
Form constructor.
Parameters
array $form: An associative array containing the structure of the form.
\Drupal\Core\Form\FormStateInterface $form_state: The current state of the form.
Return value
array The form structure.
Overrides FormInterface::buildForm
File
- simple_oauth_extras/
src/ Controller/ Oauth2AuthorizeForm.php, line 95
Class
Namespace
Drupal\simple_oauth_extras\ControllerCode
public function buildForm(array $form, FormStateInterface $form_state) {
if (!$this
->currentUser()
->isAuthenticated()) {
$form['redirect_params'] = [
'#type' => 'hidden',
'#value' => $this
->getRequest()
->getQueryString(),
];
$form['description'] = [
'#type' => 'html_tag',
'#tag' => 'p',
'#value' => $this
->t('An external client application is requesting access to your data in this site. Please log in first to authorize the operation.'),
];
$form['submit'] = [
'#type' => 'submit',
'#value' => $this
->t('Login'),
];
return $form;
}
$request = $this
->getRequest();
if ($request
->get('response_type') == 'code') {
$grant_type = 'code';
}
elseif ($request
->get('response_type') == 'token') {
$grant_type = 'implicit';
}
else {
$grant_type = NULL;
}
$this->server = $this->grantManager
->getAuthorizationServer($grant_type);
// Transform the HTTP foundation request object into a PSR-7 object. The
// OAuth library expects a PSR-7 request.
$psr7_request = $this->messageFactory
->createRequest($request);
// Validate the HTTP request and return an AuthorizationRequest object.
// The auth request object can be serialized into a user's session.
$auth_request = $this->server
->validateAuthorizationRequest($psr7_request);
// Store the auth request temporarily.
$form_state
->set('auth_request', $auth_request);
$manager = $this->entityTypeManager;
$form = [
'#type' => 'container',
];
$client_uuid = $request
->get('client_id');
$client_drupal_entities = $manager
->getStorage('oauth2_client')
->loadByProperties([
'uuid' => $client_uuid,
]);
if (empty($client_drupal_entities)) {
throw OAuthServerException::invalidClient();
}
$client_drupal_entity = reset($client_drupal_entities);
// Gather all the role ids.
$scope_ids = array_merge(explode(' ', $request
->get('scope')), array_map(function ($item) {
return $item['target_id'];
}, $client_drupal_entity
->get('roles')
->getValue()));
$user_roles = $manager
->getStorage('user_role')
->loadMultiple($scope_ids);
$form['client'] = $manager
->getViewBuilder('oauth2_client')
->view($client_drupal_entity);
$client_drupal_entity
->addCacheableDependency($form['client']);
$form['scopes'] = [
'#title' => $this
->t('Permissions'),
'#theme' => 'item_list',
'#items' => [],
];
foreach ($user_roles as $user_role) {
$user_role
->addCacheableDependency($form['scopes']);
$form['scopes']['#items'][] = $user_role
->label();
}
$form['redirect_uri'] = [
'#type' => 'hidden',
'#value' => $request
->get('redirect_uri') ? $request
->get('redirect_uri') : $client_drupal_entity
->get('redirect')->value,
];
$form['submit'] = [
'#type' => 'submit',
'#value' => $this
->t('Grant'),
];
return $form;
}