hydra passwordless
This commit is contained in:
@ -214,8 +214,10 @@ class SecurityController extends AbstractController
|
||||
|
||||
public function loginOPENID(Request $request, AuthenticationUtils $authenticationUtils)
|
||||
{
|
||||
$state=Uuid::uuid4();
|
||||
$request->getSession()->set("oauthState",$state);
|
||||
$callback=$this->generateUrl('app_loginopenidcallback', array(), UrlGeneratorInterface::ABSOLUTE_URL);
|
||||
$url=$this->getParameter("oauthLoginurl")."?client_id=".$this->getParameter("oauthClientid")."&redirect_uri=".$callback."&response_type=code&state=12345678&scope=openid";
|
||||
$url=$this->getParameter("oauthLoginurl")."?client_id=".$this->getParameter("oauthClientid")."&redirect_uri=".$callback."&response_type=code&state=".$state."&scope=openid";
|
||||
return $this->redirect($url);
|
||||
}
|
||||
|
||||
@ -236,15 +238,20 @@ class SecurityController extends AbstractController
|
||||
"client_id" => $this->getParameter("oauthClientid"),
|
||||
"client_secret" => $this->getParameter("oauthClientsecret"),
|
||||
];
|
||||
$response=$this->apiservice->run("POST",$apiurl,$query);
|
||||
|
||||
if(!$response||$response->code!="200") return $this->logout($request);
|
||||
$token=$response->body->access_token;
|
||||
$request->getSession()->set("oauthToken",$token);
|
||||
$response=$this->apiservice->run("POST",$apiurl,$query,null,"form");
|
||||
|
||||
if(!$response||$response->code!="200") die("pb openid 01");
|
||||
$accesstoken=$response->body->access_token;
|
||||
$accesstokentype=$response->body->token_type;
|
||||
$îdtoken=$response->body->id_token;
|
||||
|
||||
$request->getSession()->set("oauthAccesstoken",$accesstoken);
|
||||
$request->getSession()->set("oauthIdtoken",$îdtoken);
|
||||
|
||||
$apiurl = $this->getParameter("oauthUserinfo");
|
||||
$response=$this->apiservice->run("GET",$apiurl,null,["Authorization"=>"token ".$token]);
|
||||
if(!$response||$response->code!="200") return $this->logout($request);
|
||||
|
||||
$response=$this->apiservice->run("GET",$apiurl,null,["Authorization"=>$accesstokentype." ".$accesstoken]);
|
||||
if(!$response||$response->code!="200") die("pb openid 02");
|
||||
|
||||
$attributes=json_decode(json_encode($response->body), true);
|
||||
|
||||
@ -346,14 +353,21 @@ class SecurityController extends AbstractController
|
||||
|
||||
|
||||
public function logoutOPENID(Request $request) {
|
||||
$token=$request->getSession()->get("oauthToken");
|
||||
$accesstoken=$request->getSession()->get("oauthAccesstoken");
|
||||
$idtoken=$request->getSession()->get("oauthIdtoken");
|
||||
$state=$request->getSession()->get("oauthState");
|
||||
|
||||
$this->tokenstorage->setToken(null);
|
||||
$request->getSession()->invalidate();
|
||||
|
||||
$url=$this->getParameter("oauthLogouturl");
|
||||
if($url) {
|
||||
$url.="?id_token_hint=$token&scope=openid&post_logout_redirect_uri=http://127.0.0.1:8000";
|
||||
$callback=($request->isSecure()?"https://":"http://").str_replace("//","/",$this->getParameter("appWeburl").$this->getParameter("appAlias").$this->generateUrl('app_home'));
|
||||
$callback=substr($callback, 0, -1);
|
||||
|
||||
$url.="?id_token_hint=$idtoken&scope=openid&state=$state&post_logout_redirect_uri=$callback";
|
||||
return $this->redirect($url);
|
||||
|
||||
} else return $this->redirect($this->generateUrl("app_home"));
|
||||
}
|
||||
|
||||
|
||||
@ -19,12 +19,25 @@ class ApiService
|
||||
return \Unirest\Request\Body::json($array);
|
||||
}
|
||||
|
||||
public function run($method,$url,$query,$header=null) {
|
||||
public function run($method,$url,$query,$header=null,$content="json") {
|
||||
// Entete
|
||||
$headerini = [
|
||||
'Accept' => 'application/json',
|
||||
'Content-Type' => 'application/json',
|
||||
];
|
||||
switch($content) {
|
||||
case "json":
|
||||
$headerini = [
|
||||
'Accept' => 'application/json',
|
||||
'Content-Type' => 'application/json',
|
||||
];
|
||||
if($query) $query = \Unirest\Request\Body::json($query);
|
||||
break;
|
||||
|
||||
case "form":
|
||||
$headerini = [
|
||||
'Accept' => 'application/json',
|
||||
'Content-Type' => 'application/x-www-form-urlencoded',
|
||||
];
|
||||
if($query) $query = \Unirest\Request\Body::form($query);
|
||||
break;
|
||||
}
|
||||
|
||||
if($header) $header=array_merge($headerini,$header);
|
||||
else $header=$headerini;
|
||||
@ -42,9 +55,6 @@ class ApiService
|
||||
\Unirest\Request::proxy($proxyHost, $proxyPort, CURLPROXY_HTTP, true);
|
||||
}
|
||||
|
||||
//if($query) $query = \Unirest\Request\Body::json($query);
|
||||
if($query) $query = http_build_query($query);
|
||||
|
||||
$response = false;
|
||||
switch($method) {
|
||||
case "POST":
|
||||
|
||||
Reference in New Issue
Block a user