|
@@ -18,6 +18,8 @@ use Buzz\Message;
|
|
|
|
|
|
|
|
use Symfony\Component\HttpFoundation\Session\Session;
|
|
use Symfony\Component\HttpFoundation\Session\Session;
|
|
|
|
|
|
|
|
|
|
+use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
|
|
|
|
|
+
|
|
|
class OAuthProxyAuthenticator implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
|
|
class OAuthProxyAuthenticator implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
|
|
|
{
|
|
{
|
|
|
public function __construct($client_id, $client_secret, $access_token_url, $user_info_url)
|
|
public function __construct($client_id, $client_secret, $access_token_url, $user_info_url)
|
|
@@ -66,17 +68,46 @@ class OAuthProxyAuthenticator implements SimplePreAuthenticatorInterface, Authen
|
|
|
file_put_contents("/tmp/.".base64_encode($username. ":" . $password), json_encode($token));
|
|
file_put_contents("/tmp/.".base64_encode($username. ":" . $password), json_encode($token));
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- $oauth_headers = [
|
|
|
|
|
- "Authorization" => ucfirst($token["token_type"])." ".$token["access_token"],
|
|
|
|
|
- ];
|
|
|
|
|
|
|
+ if(isset($token["expires_at"]) and $token["expires_at"] >= time()){
|
|
|
|
|
+ $browser = new \Buzz\Browser();
|
|
|
|
|
+
|
|
|
|
|
+ $listener = new BasicAuthListener($this->client_id, $this->client_secret);
|
|
|
|
|
+ $browser->addListener($listener);
|
|
|
|
|
+
|
|
|
|
|
+ $body = ['grant_type' => 'refresh_token',
|
|
|
|
|
+ 'refresh_token' => $token['refresh_token']
|
|
|
|
|
+ ];
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+ $response = $browser->post($this->access_token_url, ['Content-Type' => 'application/x-www-form-urlencoded'], http_build_query($body));
|
|
|
|
|
+ $token = json_decode($response->getContent(), true);
|
|
|
|
|
+ if($token['expires_in'])
|
|
|
|
|
+ $token["expires_at"] = time() + $token['expires_in'];
|
|
|
|
|
+ else
|
|
|
|
|
+ $token["expires_at"] = time() + 3600;
|
|
|
|
|
+
|
|
|
|
|
+ file_put_contents("/tmp/.".base64_encode($username. ":" . $password), json_encode($token));
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ if(!isset($token["user_info"])){
|
|
|
|
|
+
|
|
|
|
|
+ $oauth_headers = [
|
|
|
|
|
+ "Authorization" => ucfirst($token["token_type"])." ".$token["access_token"],
|
|
|
|
|
+ ];
|
|
|
|
|
+
|
|
|
|
|
+ $browser = new \Buzz\Browser();
|
|
|
|
|
|
|
|
- $browser = new \Buzz\Browser();
|
|
|
|
|
|
|
+ $response = $browser->get($this->user_info_url, $oauth_headers);
|
|
|
|
|
+ $auth_info = json_decode($response->getContent(), true);
|
|
|
|
|
+ $token["user_info"] = $auth_info;
|
|
|
|
|
|
|
|
- $listener = new BasicAuthListener($this->client_id, $this->client_secret);
|
|
|
|
|
- $response = $browser->get($this->user_info_url, $oauth_headers);
|
|
|
|
|
- $auth_info = json_decode($response->getContent(), true);
|
|
|
|
|
|
|
+ file_put_contents("/tmp/.".base64_encode($username. ":" . $password), json_encode($token));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
- return new PreAuthenticatedToken( $auth_info["username"], "", $providerKey, $auth_info["roles"]);
|
|
|
|
|
|
|
+ $user = $userProvider->loadUserByUsername($auth_info["username"]);
|
|
|
|
|
+ $user->setRoles($auth_info["roles"]);
|
|
|
|
|
+ $user->setTenancyCurrent($auth_info["tenancyCurrent"]);
|
|
|
|
|
+ return new PreAuthenticatedToken($user, array(), $providerKey, $user->getRoles());
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
|
|
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
|
root