2022-12-09 17:31:07 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Hydra;
|
|
|
|
|
|
|
|
|
|
use App\Hydra\Exception\InvalidChallengeException;
|
2024-10-11 13:25:21 +02:00
|
|
|
use Exception;
|
2022-12-09 17:31:07 +01:00
|
|
|
use Symfony\Contracts\HttpClient\HttpClientInterface;
|
|
|
|
|
use Symfony\Contracts\HttpClient\ResponseInterface;
|
|
|
|
|
|
|
|
|
|
class Client
|
|
|
|
|
{
|
2024-10-11 13:25:21 +02:00
|
|
|
private const MAX_RETRY = 3;
|
|
|
|
|
private const SLEEP_TIME = [
|
|
|
|
|
5,
|
|
|
|
|
500,
|
|
|
|
|
5000,
|
|
|
|
|
];
|
2022-12-09 17:31:07 +01:00
|
|
|
|
2025-03-24 17:20:17 +01:00
|
|
|
public function __construct(
|
|
|
|
|
private readonly HttpClientInterface $client,
|
|
|
|
|
private readonly string $hydraAdminBaseUrl
|
|
|
|
|
) {
|
2022-12-09 17:31:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function fetchLoginRequestInfo(string $loginChallenge): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'GET',
|
2024-10-11 13:25:21 +02:00
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/login',
|
2022-12-09 17:31:07 +01:00
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'login_challenge' => $loginChallenge,
|
2024-10-11 13:25:21 +02:00
|
|
|
],
|
2022-12-09 17:31:07 +01:00
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
switch ($response->getStatusCode()) {
|
|
|
|
|
case 404:
|
|
|
|
|
throw new InvalidChallengeException();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function fetchLogoutRequestInfo(string $logoutChallenge): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'GET',
|
2024-10-11 13:25:21 +02:00
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/logout',
|
2022-12-09 17:31:07 +01:00
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'logout_challenge' => $logoutChallenge,
|
2024-10-11 13:25:21 +02:00
|
|
|
],
|
2022-12-09 17:31:07 +01:00
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
switch ($response->getStatusCode()) {
|
|
|
|
|
case 404:
|
|
|
|
|
throw new InvalidChallengeException();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function fetchConsentRequestInfo(string $consentChallenge): ResponseInterface
|
|
|
|
|
{
|
2024-10-11 13:25:21 +02:00
|
|
|
$attempt = 0;
|
|
|
|
|
while ($attempt < self::MAX_RETRY) {
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'GET',
|
|
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/consent',
|
|
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'consent_challenge' => $consentChallenge,
|
|
|
|
|
],
|
2022-12-09 17:31:07 +01:00
|
|
|
]
|
2024-10-11 13:25:21 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$status = $response->getStatusCode();
|
|
|
|
|
if (503 === $status) {
|
|
|
|
|
++$attempt;
|
|
|
|
|
usleep(1000 * self::SLEEP_TIME[$attempt] + rand(1, 5) * 1000);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
switch ($status) {
|
|
|
|
|
case 404:
|
|
|
|
|
throw new InvalidChallengeException();
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (self::MAX_RETRY === $attempt) {
|
|
|
|
|
throw new Exception(sprintf('Fetch consent a rencontré une erreur %s après %s tentatives', $response->getStatusCode(), self::MAX_RETRY));
|
2022-12-09 17:31:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function acceptLoginRequest(string $loginChallenge, array $payload): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'PUT',
|
2024-10-11 13:25:21 +02:00
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/login/accept',
|
2022-12-09 17:31:07 +01:00
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'login_challenge' => $loginChallenge,
|
|
|
|
|
],
|
|
|
|
|
'headers' => [
|
2024-10-11 13:25:21 +02:00
|
|
|
'Content-Type' => 'application/json',
|
2022-12-09 17:31:07 +01:00
|
|
|
],
|
|
|
|
|
'body' => json_encode($payload),
|
|
|
|
|
]
|
|
|
|
|
);
|
2024-10-11 13:25:21 +02:00
|
|
|
|
2022-12-09 17:31:07 +01:00
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function acceptConsentRequest(string $consentChallenge, array $payload): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'PUT',
|
2024-10-11 13:25:21 +02:00
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/consent/accept',
|
2022-12-09 17:31:07 +01:00
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'consent_challenge' => $consentChallenge,
|
|
|
|
|
],
|
|
|
|
|
'headers' => [
|
2024-10-11 13:25:21 +02:00
|
|
|
'Content-Type' => 'application/json',
|
2022-12-09 17:31:07 +01:00
|
|
|
],
|
|
|
|
|
'body' => json_encode($payload),
|
|
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function acceptLogoutRequest(string $logoutChallenge): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
$response = $this->client->request(
|
|
|
|
|
'PUT',
|
2024-10-11 13:25:21 +02:00
|
|
|
$this->hydraAdminBaseUrl.'/oauth2/auth/requests/logout/accept',
|
2022-12-09 17:31:07 +01:00
|
|
|
[
|
|
|
|
|
'query' => [
|
|
|
|
|
'logout_challenge' => $logoutChallenge,
|
|
|
|
|
],
|
|
|
|
|
'headers' => [
|
2024-10-11 13:25:21 +02:00
|
|
|
'Content-Type' => 'application/json',
|
2022-12-09 17:31:07 +01:00
|
|
|
],
|
|
|
|
|
]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
}
|
