Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/AuthController.php
Show All 14 Lines | class AuthController extends Controller | ||||
/** | /** | ||||
* Get the authenticated User | * Get the authenticated User | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function info() | public function info() | ||||
{ | { | ||||
$user = Auth::guard()->user(); | $user = Auth::guard()->user(); | ||||
$response = V4\UsersController::userResponse($user); | |||||
if (!empty(request()->input('refresh'))) { | if (!empty(request()->input('refresh'))) { | ||||
return $this->refreshAndRespond(request(), $response); | return $this->refreshAndRespond(request(), $user); | ||||
} | } | ||||
$response = V4\UsersController::userResponse($user); | |||||
return response()->json($response); | return response()->json($response); | ||||
} | } | ||||
/** | /** | ||||
* Helper method for other controllers with user auto-logon | * Helper method for other controllers with user auto-logon | ||||
* functionality | * functionality | ||||
* | * | ||||
* @param \App\User $user User model object | * @param \App\User $user User model object | ||||
Show All 9 Lines | public static function logonResponse(User $user, string $password, string $secondFactor = null) | ||||
'client_id' => \config('auth.proxy.client_id'), | 'client_id' => \config('auth.proxy.client_id'), | ||||
'client_secret' => \config('auth.proxy.client_secret'), | 'client_secret' => \config('auth.proxy.client_secret'), | ||||
'scopes' => '[*]', | 'scopes' => '[*]', | ||||
'secondfactor' => $secondFactor | 'secondfactor' => $secondFactor | ||||
]); | ]); | ||||
$tokenResponse = app()->handle($proxyRequest); | $tokenResponse = app()->handle($proxyRequest); | ||||
$response = V4\UsersController::userResponse($user); | return self::respondWithToken($tokenResponse, $user); | ||||
$response['status'] = 'success'; | |||||
return self::respondWithToken($tokenResponse, $response); | |||||
} | } | ||||
/** | /** | ||||
* Get an oauth token via given credentials. | * Get an oauth token via given credentials. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
Show All 33 Lines | public function logout() | ||||
$tokenRepository = app(TokenRepository::class); | $tokenRepository = app(TokenRepository::class); | ||||
$refreshTokenRepository = app(RefreshTokenRepository::class); | $refreshTokenRepository = app(RefreshTokenRepository::class); | ||||
// Revoke an access token... | // Revoke an access token... | ||||
$tokenRepository->revokeAccessToken($tokenId); | $tokenRepository->revokeAccessToken($tokenId); | ||||
// Revoke all of the token's refresh tokens... | // Revoke all of the token's refresh tokens... | ||||
$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId); | $refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId); | ||||
return response()->json([ | return response()->json([ | ||||
'status' => 'success', | 'status' => 'success', | ||||
'message' => \trans('auth.logoutsuccess') | 'message' => \trans('auth.logoutsuccess') | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Refresh a token. | * Refresh a token. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function refresh(Request $request) | public function refresh(Request $request) | ||||
{ | { | ||||
return self::refreshAndRespond($request); | return self::refreshAndRespond($request); | ||||
} | } | ||||
/** | /** | ||||
* Refresh the token and respond with it. | * Refresh the token and respond with it. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* @param array $response Additional response data | * @param ?\App\User $user The user being authenticated | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
protected static function refreshAndRespond(Request $request, array $response = []) | protected static function refreshAndRespond(Request $request, $user = null) | ||||
{ | { | ||||
$proxyRequest = Request::create('/oauth/token', 'POST', [ | $proxyRequest = Request::create('/oauth/token', 'POST', [ | ||||
'grant_type' => 'refresh_token', | 'grant_type' => 'refresh_token', | ||||
'refresh_token' => $request->refresh_token, | 'refresh_token' => $request->refresh_token, | ||||
'client_id' => \config('auth.proxy.client_id'), | 'client_id' => \config('auth.proxy.client_id'), | ||||
'client_secret' => \config('auth.proxy.client_secret'), | 'client_secret' => \config('auth.proxy.client_secret'), | ||||
]); | ]); | ||||
$tokenResponse = app()->handle($proxyRequest); | $tokenResponse = app()->handle($proxyRequest); | ||||
return self::respondWithToken($tokenResponse, $response); | return self::respondWithToken($tokenResponse, $user); | ||||
} | } | ||||
/** | /** | ||||
* Get the token array structure. | * Get the token array structure. | ||||
* | * | ||||
* @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token. | * @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token. | ||||
* @param array $response Additional response data | * @param ?\App\User $user The user being authenticated | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
protected static function respondWithToken($tokenResponse, array $response = []) | protected static function respondWithToken($tokenResponse, $user = null) | ||||
{ | { | ||||
$data = json_decode($tokenResponse->getContent()); | $data = json_decode($tokenResponse->getContent()); | ||||
if ($tokenResponse->getStatusCode() != 200) { | if ($tokenResponse->getStatusCode() != 200) { | ||||
if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) { | if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) { | ||||
$errors = ['secondfactor' => $data->error_description]; | $errors = ['secondfactor' => $data->error_description]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401); | return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401); | ||||
} | } | ||||
if ($user) { | |||||
$response = V4\UsersController::userResponse($user); | |||||
} else { | |||||
$response = []; | |||||
} | |||||
$response['status'] = 'success'; | |||||
$response['access_token'] = $data->access_token; | $response['access_token'] = $data->access_token; | ||||
$response['refresh_token'] = $data->refresh_token; | $response['refresh_token'] = $data->refresh_token; | ||||
$response['token_type'] = 'bearer'; | $response['token_type'] = 'bearer'; | ||||
$response['expires_in'] = $data->expires_in; | $response['expires_in'] = $data->expires_in; | ||||
return response()->json($response); | return response()->json($response); | ||||
} | } | ||||
} | } |