class OAuth2ControllerBase in Social Auth 3.x
Same name and namespace in other branches
- 8.2 src/Controller/OAuth2ControllerBase.php \Drupal\social_auth\Controller\OAuth2ControllerBase
Handle responses for Social Auth implementer controllers.
Hierarchy
- class \Drupal\Core\Controller\ControllerBase implements ContainerInjectionInterface uses LoggerChannelTrait, MessengerTrait, RedirectDestinationTrait, StringTranslationTrait
- class \Drupal\social_auth\Controller\OAuth2ControllerBase
Expanded class hierarchy of OAuth2ControllerBase
File
- src/
Controller/ OAuth2ControllerBase.php, line 20
Namespace
Drupal\social_auth\ControllerView source
class OAuth2ControllerBase extends ControllerBase {
/**
* The Messenger service.
*
* @var \Drupal\Core\Messenger\MessengerInterface
*/
protected $messenger;
/**
* The network plugin manager.
*
* @var \Drupal\social_api\Plugin\NetworkManager
*/
protected $networkManager;
/**
* The Social Auth user authenticator..
*
* @var \Drupal\social_auth\User\UserAuthenticator
*/
protected $userAuthenticator;
/**
* The provider authentication manager.
*
* @var \Drupal\social_auth\AuthManager\OAuth2ManagerInterface
*/
protected $providerManager;
/**
* Used to access GET parameters.
*
* @var \Symfony\Component\HttpFoundation\RequestStack
*/
protected $request;
/**
* The Social Auth data handler.
*
* @var \Drupal\social_auth\SocialAuthDataHandler
*/
protected $dataHandler;
/**
* The renderer service.
*
* @var \Drupal\Core\Render\Renderer
*/
protected $renderer;
/**
* The implement plugin id.
*
* @var string
*/
protected $pluginId;
/**
* The module name.
*
* @var string
*/
protected $module;
/**
* SocialAuthControllerBase constructor.
*
* @param string $module
* The module name.
* @param string $plugin_id
* The plugin id.
* @param \Drupal\Core\Messenger\MessengerInterface $messenger
* The messenger service.
* @param \Drupal\social_api\Plugin\NetworkManager $network_manager
* Used to get an instance of the network plugin.
* @param \Drupal\social_auth\User\UserAuthenticator $user_authenticator
* Used to manage user authentication/registration.
* @param \Drupal\social_auth\AuthManager\OAuth2ManagerInterface $provider_manager
* Used to manage authentication methods.
* @param \Symfony\Component\HttpFoundation\RequestStack $request
* Used to access GET parameters.
* @param \Drupal\social_auth\SocialAuthDataHandler $data_handler
* The Social Auth data handler.
* @param \Drupal\Core\Render\RendererInterface $renderer
* Used to handle metadata for redirection to authentication URL.
*/
public function __construct($module, $plugin_id, MessengerInterface $messenger, NetworkManager $network_manager, UserAuthenticator $user_authenticator, OAuth2ManagerInterface $provider_manager, RequestStack $request, SocialAuthDataHandler $data_handler, RendererInterface $renderer = NULL) {
$this->module = $module;
$this->pluginId = $plugin_id;
$this->messenger = $messenger;
$this->networkManager = $network_manager;
$this->userAuthenticator = $user_authenticator;
$this->providerManager = $provider_manager;
$this->request = $request;
$this->dataHandler = $data_handler;
$this->renderer = $renderer;
/*
* TODO: Added for backward compatibility.
*
* Remove after implementers have been updated.
* @see https://www.drupal.org/project/social_auth/issues/3033444
*/
if (!$this->renderer) {
$this->renderer = \Drupal::service('renderer');
}
// Sets the plugin id in user authenticator.
$this->userAuthenticator
->setPluginId($plugin_id);
// Sets the session prefix.
$this->dataHandler
->setSessionPrefix($plugin_id);
// Sets the session keys to nullify if user could not logged in.
$this->userAuthenticator
->setSessionKeysToNullify([
'access_token',
'oauth2state',
]);
}
/**
* Response for implementer authentication url.
*
* Redirects the user to provider for authentication.
*
* This is done in a render context in order to bubble cacheable metadata
* created during authentication URL generation.
*
* @see https://www.drupal.org/project/social_auth/issues/3033444
*/
public function redirectToProvider() {
$context = new RenderContext();
/** @var \Drupal\Core\Routing\TrustedRedirectResponse|\Symfony\Component\HttpFoundation\RedirectResponse $response */
$response = $this->renderer
->executeInRenderContext($context, function () {
try {
/** @var \League\OAuth2\Client\Provider\AbstractProvider|false $client */
$client = $this->networkManager
->createInstance($this->pluginId)
->getSdk();
// If provider client could not be obtained.
if (!$client) {
$this->messenger
->addError($this
->t('%module not configured properly. Contact site administrator.', [
'%module' => $this->module,
]));
return $this
->redirect('user.login');
}
/*
* If destination parameter is set, save it.
*
* The destination parameter is also _removed_ from the current request
* to prevent it from overriding Social Auth's TrustedRedirectResponse.
*
* @see https://www.drupal.org/project/drupal/issues/2950883
*
* TODO: Remove the remove() call after 2950883 is solved.
*/
$destination = $this->request
->getCurrentRequest()
->get('destination');
if ($destination) {
$this->userAuthenticator
->setDestination($destination);
$this->request
->getCurrentRequest()->query
->remove('destination');
}
// Provider service was returned, inject it to $providerManager.
$this->providerManager
->setClient($client);
// Generates the URL for authentication.
$auth_url = $this->providerManager
->getAuthorizationUrl();
$state = $this->providerManager
->getState();
$this->dataHandler
->set('oauth2state', $state);
$this->userAuthenticator
->dispatchBeforeRedirect($destination);
return new TrustedRedirectResponse($auth_url);
} catch (PluginException $exception) {
$this->messenger
->addError($this
->t('There has been an error when creating plugin.'));
return $this
->redirect('user.login');
}
});
// Add bubbleable metadata to the response.
if ($response instanceof TrustedRedirectResponse && !$context
->isEmpty()) {
$bubbleable_metadata = $context
->pop();
$response
->addCacheableDependency($bubbleable_metadata);
}
return $response;
}
/**
* Process implementer callback path.
*
* @return \League\OAuth2\Client\Provider\GenericResourceOwner|null
* The user info if successful.
* Null otherwise.
*/
public function processCallback() {
try {
/** @var \League\OAuth2\Client\Provider\AbstractProvider|false $client */
$client = $this->networkManager
->createInstance($this->pluginId)
->getSdk();
// If provider client could not be obtained.
if (!$client) {
$this->messenger
->addError($this
->t('%module not configured properly. Contact site administrator.', [
'%module' => $this->module,
]));
return NULL;
}
$state = $this->dataHandler
->get('oauth2state');
// Retrieves $_GET['state'].
$retrievedState = $this->request
->getCurrentRequest()->query
->get('state');
if (empty($retrievedState) || $retrievedState !== $state) {
$this->userAuthenticator
->nullifySessionKeys();
$this->messenger
->addError($this
->t('Login failed. Invalid OAuth2 state.'));
return NULL;
}
$this->providerManager
->setClient($client)
->authenticate();
// Saves access token to session.
$this->dataHandler
->set('access_token', $this->providerManager
->getAccessToken());
// Gets user's info from provider.
if (!($profile = $this->providerManager
->getUserInfo())) {
$this->messenger
->addError($this
->t('Login failed, could not load user profile. Contact site administrator.'));
return NULL;
}
return $profile;
} catch (PluginException $exception) {
$this->messenger
->addError($this
->t('There has been an error when creating plugin.'));
return NULL;
}
}
/**
* Checks if there was an error during authentication with provider.
*
* When there is an authentication problem in a provider (e.g. user did not
* authorize the app), a query to the client containing an error key is often
* returned. This method checks for such key, dispatches an event, and returns
* a redirect object where there is an authentication error.
*
* @param string $key
* The query parameter key to check for authentication error.
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse|null
* Redirect response object that may be returned by the controller or null.
*/
protected function checkAuthError($key = 'error') {
$request_query = $this->request
->getCurrentRequest()->query;
// Checks if authentication failed.
if ($request_query
->has($key)) {
$this->messenger
->addError($this
->t('You could not be authenticated.'));
$response = $this->userAuthenticator
->dispatchAuthenticationError($request_query
->get($key));
if ($response) {
return $response;
}
return $this
->redirect('user.login');
}
return NULL;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
ControllerBase:: |
protected | property | The configuration factory. | |
ControllerBase:: |
protected | property | The current user service. | 1 |
ControllerBase:: |
protected | property | The entity form builder. | |
ControllerBase:: |
protected | property | The entity type manager. | |
ControllerBase:: |
protected | property | The form builder. | 2 |
ControllerBase:: |
protected | property | The key-value storage. | 1 |
ControllerBase:: |
protected | property | The language manager. | 1 |
ControllerBase:: |
protected | property | The module handler. | 2 |
ControllerBase:: |
protected | property | The state service. | |
ControllerBase:: |
protected | function | Returns the requested cache bin. | |
ControllerBase:: |
protected | function | Retrieves a configuration object. | |
ControllerBase:: |
private | function | Returns the service container. | |
ControllerBase:: |
public static | function |
Instantiates a new instance of this class. Overrides ContainerInjectionInterface:: |
46 |
ControllerBase:: |
protected | function | Returns the current user. | 1 |
ControllerBase:: |
protected | function | Retrieves the entity form builder. | |
ControllerBase:: |
protected | function | Retrieves the entity type manager. | |
ControllerBase:: |
protected | function | Returns the form builder service. | 2 |
ControllerBase:: |
protected | function | Returns a key/value storage collection. | 1 |
ControllerBase:: |
protected | function | Returns the language manager service. | 1 |
ControllerBase:: |
protected | function | Returns the module handler. | 2 |
ControllerBase:: |
protected | function | Returns a redirect response object for the specified route. | |
ControllerBase:: |
protected | function | Returns the state storage service. | |
LoggerChannelTrait:: |
protected | property | The logger channel factory service. | |
LoggerChannelTrait:: |
protected | function | Gets the logger for a specific channel. | |
LoggerChannelTrait:: |
public | function | Injects the logger channel factory. | |
MessengerTrait:: |
public | function | Gets the messenger. | 27 |
MessengerTrait:: |
public | function | Sets the messenger. | |
OAuth2ControllerBase:: |
protected | property | The Social Auth data handler. | |
OAuth2ControllerBase:: |
protected | property |
The Messenger service. Overrides MessengerTrait:: |
|
OAuth2ControllerBase:: |
protected | property | The module name. | |
OAuth2ControllerBase:: |
protected | property | The network plugin manager. | |
OAuth2ControllerBase:: |
protected | property | The implement plugin id. | |
OAuth2ControllerBase:: |
protected | property | The provider authentication manager. | |
OAuth2ControllerBase:: |
protected | property | The renderer service. | |
OAuth2ControllerBase:: |
protected | property | Used to access GET parameters. | |
OAuth2ControllerBase:: |
protected | property | The Social Auth user authenticator.. | |
OAuth2ControllerBase:: |
protected | function | Checks if there was an error during authentication with provider. | |
OAuth2ControllerBase:: |
public | function | Process implementer callback path. | |
OAuth2ControllerBase:: |
public | function | Response for implementer authentication url. | |
OAuth2ControllerBase:: |
public | function | SocialAuthControllerBase constructor. | |
RedirectDestinationTrait:: |
protected | property | The redirect destination service. | 1 |
RedirectDestinationTrait:: |
protected | function | Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url. | |
RedirectDestinationTrait:: |
protected | function | Returns the redirect destination service. | |
RedirectDestinationTrait:: |
public | function | Sets the redirect destination service. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 4 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |