blob: c489b7af387a0ac5946fb8abf39697b7cd76f369 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
<?php
namespace OAuth2\OpenID\Controller;
use OAuth2\Scope;
use OAuth2\TokenType\TokenTypeInterface;
use OAuth2\Storage\AccessTokenInterface;
use OAuth2\OpenID\Storage\UserClaimsInterface;
use OAuth2\Controller\ResourceController;
use OAuth2\ScopeInterface;
use OAuth2\RequestInterface;
use OAuth2\ResponseInterface;
/**
* @see OAuth2\Controller\UserInfoControllerInterface
*/
class UserInfoController extends ResourceController implements UserInfoControllerInterface
{
/**
* @var UserClaimsInterface
*/
protected $userClaimsStorage;
/**
* Constructor
*
* @param TokenTypeInterface $tokenType
* @param AccessTokenInterface $tokenStorage
* @param UserClaimsInterface $userClaimsStorage
* @param array $config
* @param ScopeInterface $scopeUtil
*/
public function __construct(TokenTypeInterface $tokenType, AccessTokenInterface $tokenStorage, UserClaimsInterface $userClaimsStorage, $config = array(), ScopeInterface $scopeUtil = null)
{
parent::__construct($tokenType, $tokenStorage, $config, $scopeUtil);
$this->userClaimsStorage = $userClaimsStorage;
}
/**
* Handle the user info request
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @return void
*/
public function handleUserInfoRequest(RequestInterface $request, ResponseInterface $response)
{
if (!$this->verifyResourceRequest($request, $response, 'openid')) {
return;
}
$token = $this->getToken();
$claims = $this->userClaimsStorage->getUserClaims($token['user_id'], $token['scope']);
// The sub Claim MUST always be returned in the UserInfo Response.
// http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
$claims += array(
'sub' => $token['user_id'],
);
$response->addParameters($claims);
}
}
|