You are here

Home » API reference » Simple OAuth (OAuth2) & OpenID Connect 8.4

Oauth2Token.php in Simple OAuth (OAuth2) & OpenID Connect 8.4

Same filename in this branch
  1. 8.4 src/Controller/Oauth2Token.php
  2. 8.4 src/Entity/Oauth2Token.php
Same filename and directory in other branches
  1. 8.2 src/Controller/Oauth2Token.php
  2. 8.3 src/Controller/Oauth2Token.php
  3. 5.x src/Controller/Oauth2Token.php

Namespace

Drupal\simple_oauth\Controller

File

src/Controller/Oauth2Token.php
View source 
<?php

namespace Drupal\simple_oauth\Controller;

use Drupal\Core\Controller\ControllerBase;
use Drupal\simple_oauth\Plugin\Oauth2GrantManagerInterface;
use GuzzleHttp\Psr7\Response;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Exception\OAuthServerException;
use Psr\Http\Message\ServerRequestInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
class Oauth2Token extends ControllerBase {

  /**
   * @var \Drupal\simple_oauth\Plugin\Oauth2GrantManagerInterface
   */
  protected $grantManager;

  /**
   * Oauth2Token constructor.
   *
   * @param \Drupal\simple_oauth\Plugin\Oauth2GrantManagerInterface $grant_manager
   *   The grant manager.
   */
  public function __construct(Oauth2GrantManagerInterface $grant_manager) {
    $this->grantManager = $grant_manager;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('plugin.manager.oauth2_grant.processor'));
  }

  /**
   * Processes POST requests to /oauth/token.
   */
  public function token(ServerRequestInterface $request) {

    // Extract the grant type from the request body.
    $body = $request
      ->getParsedBody();
    $grant_type_id = !empty($body['grant_type']) ? $body['grant_type'] : 'implicit';
    $client_drupal_entity = NULL;
    if (!empty($body['client_id'])) {
      $consumer_storage = $this
        ->entityTypeManager()
        ->getStorage('consumer');
      $client_drupal_entities = $consumer_storage
        ->loadByProperties([
        'uuid' => $body['client_id'],
      ]);
      if (empty($client_drupal_entities)) {
        return OAuthServerException::invalidClient()
          ->generateHttpResponse(new Response());
      }
      $client_drupal_entity = reset($client_drupal_entities);
    }

    // Get the auth server object from that uses the League library.
    try {

      // Respond to the incoming request and fill in the response.
      $auth_server = $this->grantManager
        ->getAuthorizationServer($grant_type_id, $client_drupal_entity);
      $response = $this
        ->handleToken($request, $auth_server);
    } catch (OAuthServerException $exception) {
      watchdog_exception('simple_oauth', $exception);
      $response = $exception
        ->generateHttpResponse(new Response());
    }
    return $response;
  }

  /**
   * Handles the token processing.
   *
   * @param \Psr\Http\Message\ServerRequestInterface $psr7_request
   *   The psr request.
   * @param \League\OAuth2\Server\AuthorizationServer $auth_server
   *   The authorization server.
   *
   * @return \Psr\Http\Message\ResponseInterface
   *   The response.
   *
   * @throws \League\OAuth2\Server\Exception\OAuthServerException
   */
  protected function handleToken(ServerRequestInterface $psr7_request, AuthorizationServer $auth_server) {

    // Instantiate a new PSR-7 response object so the library can fill it.
    return $auth_server
      ->respondToAccessTokenRequest($psr7_request, new Response());
  }

}

Classes

Namesort descending Description
Oauth2Token