diff options
author | zotlabs <mike@macgirvin.com> | 2016-10-07 14:11:24 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2016-10-07 14:11:24 -0700 |
commit | 10863a5949cc59771424cb809af5c9f279f78a58 (patch) | |
tree | 7a86223b830c1ae784bd4557bbefee9f60169542 /library/oauth2/src/OAuth2/GrantType/UserCredentials.php | |
parent | bf02e0428347350126abdd1726aa3e58c9ed63bb (diff) | |
download | volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.gz volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.bz2 volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.zip |
add oauth2/oidc lib
Diffstat (limited to 'library/oauth2/src/OAuth2/GrantType/UserCredentials.php')
-rw-r--r-- | library/oauth2/src/OAuth2/GrantType/UserCredentials.php | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/library/oauth2/src/OAuth2/GrantType/UserCredentials.php b/library/oauth2/src/OAuth2/GrantType/UserCredentials.php new file mode 100644 index 000000000..f165538ba --- /dev/null +++ b/library/oauth2/src/OAuth2/GrantType/UserCredentials.php @@ -0,0 +1,83 @@ +<?php + +namespace OAuth2\GrantType; + +use OAuth2\Storage\UserCredentialsInterface; +use OAuth2\ResponseType\AccessTokenInterface; +use OAuth2\RequestInterface; +use OAuth2\ResponseInterface; + +/** + * + * @author Brent Shaffer <bshafs at gmail dot com> + */ +class UserCredentials implements GrantTypeInterface +{ + private $userInfo; + + protected $storage; + + /** + * @param OAuth2\Storage\UserCredentialsInterface $storage REQUIRED Storage class for retrieving user credentials information + */ + public function __construct(UserCredentialsInterface $storage) + { + $this->storage = $storage; + } + + public function getQuerystringIdentifier() + { + return 'password'; + } + + public function validateRequest(RequestInterface $request, ResponseInterface $response) + { + if (!$request->request("password") || !$request->request("username")) { + $response->setError(400, 'invalid_request', 'Missing parameters: "username" and "password" required'); + + return null; + } + + if (!$this->storage->checkUserCredentials($request->request("username"), $request->request("password"))) { + $response->setError(401, 'invalid_grant', 'Invalid username and password combination'); + + return null; + } + + $userInfo = $this->storage->getUserDetails($request->request("username")); + + if (empty($userInfo)) { + $response->setError(400, 'invalid_grant', 'Unable to retrieve user information'); + + return null; + } + + if (!isset($userInfo['user_id'])) { + throw new \LogicException("you must set the user_id on the array returned by getUserDetails"); + } + + $this->userInfo = $userInfo; + + return true; + } + + public function getClientId() + { + return null; + } + + public function getUserId() + { + return $this->userInfo['user_id']; + } + + public function getScope() + { + return isset($this->userInfo['scope']) ? $this->userInfo['scope'] : null; + } + + public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope) + { + return $accessToken->createAccessToken($client_id, $user_id, $scope); + } +} |