1<?php 2/** 3 * @author Alex Bilbie <hello@alexbilbie.com> 4 * @copyright Copyright (c) Alex Bilbie 5 * @license http://mit-license.org/ 6 * 7 * @link https://github.com/thephpleague/oauth2-server 8 */ 9 10use League\OAuth2\Server\AuthorizationServer; 11use League\OAuth2\Server\Exception\OAuthServerException; 12use League\OAuth2\Server\Grant\AuthCodeGrant; 13use OAuth2ServerExamples\Entities\UserEntity; 14use OAuth2ServerExamples\Repositories\AccessTokenRepository; 15use OAuth2ServerExamples\Repositories\AuthCodeRepository; 16use OAuth2ServerExamples\Repositories\ClientRepository; 17use OAuth2ServerExamples\Repositories\RefreshTokenRepository; 18use OAuth2ServerExamples\Repositories\ScopeRepository; 19use Psr\Http\Message\ResponseInterface; 20use Psr\Http\Message\ServerRequestInterface; 21use Slim\App; 22use Zend\Diactoros\Stream; 23 24include __DIR__ . '/../vendor/autoload.php'; 25 26$app = new App([ 27 'settings' => [ 28 'displayErrorDetails' => true, 29 ], 30 AuthorizationServer::class => function () { 31 // Init our repositories 32 $clientRepository = new ClientRepository(); 33 $scopeRepository = new ScopeRepository(); 34 $accessTokenRepository = new AccessTokenRepository(); 35 $authCodeRepository = new AuthCodeRepository(); 36 $refreshTokenRepository = new RefreshTokenRepository(); 37 38 $privateKeyPath = 'file://' . __DIR__ . '/../private.key'; 39 40 // Setup the authorization server 41 $server = new AuthorizationServer( 42 $clientRepository, 43 $accessTokenRepository, 44 $scopeRepository, 45 $privateKeyPath, 46 'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen' 47 ); 48 49 // Enable the authentication code grant on the server with a token TTL of 1 hour 50 $server->enableGrantType( 51 new AuthCodeGrant( 52 $authCodeRepository, 53 $refreshTokenRepository, 54 new \DateInterval('PT10M') 55 ), 56 new \DateInterval('PT1H') 57 ); 58 59 return $server; 60 }, 61]); 62 63$app->get('/authorize', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { 64 /* @var \League\OAuth2\Server\AuthorizationServer $server */ 65 $server = $app->getContainer()->get(AuthorizationServer::class); 66 67 try { 68 // Validate the HTTP request and return an AuthorizationRequest object. 69 // The auth request object can be serialized into a user's session 70 $authRequest = $server->validateAuthorizationRequest($request); 71 72 // Once the user has logged in set the user on the AuthorizationRequest 73 $authRequest->setUser(new UserEntity()); 74 75 // Once the user has approved or denied the client update the status 76 // (true = approved, false = denied) 77 $authRequest->setAuthorizationApproved(true); 78 79 // Return the HTTP redirect response 80 return $server->completeAuthorizationRequest($authRequest, $response); 81 } catch (OAuthServerException $exception) { 82 return $exception->generateHttpResponse($response); 83 } catch (\Exception $exception) { 84 $body = new Stream('php://temp', 'r+'); 85 $body->write($exception->getMessage()); 86 87 return $response->withStatus(500)->withBody($body); 88 } 89}); 90 91$app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { 92 /* @var \League\OAuth2\Server\AuthorizationServer $server */ 93 $server = $app->getContainer()->get(AuthorizationServer::class); 94 95 try { 96 return $server->respondToAccessTokenRequest($request, $response); 97 } catch (OAuthServerException $exception) { 98 return $exception->generateHttpResponse($response); 99 } catch (\Exception $exception) { 100 $body = new Stream('php://temp', 'r+'); 101 $body->write($exception->getMessage()); 102 103 return $response->withStatus(500)->withBody($body); 104 } 105}); 106 107$app->run(); 108