baseApiUri = new Uri('https://oa.dnc.global/'); } } /** * Override abstract function in order to provide required parameters in authorization request. * State is required by OAuthSD * Scopes : * openid is required by OpenID Connect, sli is particular to OAuthSD, basic is enough for phpBB. * @link https://oa.dnc.global/-Sujets-communs-.html#definitionetgestiondesscopesdansOAuthsd */ public function getAuthorizationUri(array $additionalParameters = array()) { $parameters = array_merge( $additionalParameters, array( //'type' => 'web_server', 'client_id' => $this->credentials->getConsumerId(), 'redirect_uri' => $this->credentials->getCallbackUrl(), 'response_type' => 'code', 'scope' => 'openid sli', // do not mention basic. ) ); if (!isset($parameters['state'])) { $parameters['state'] = $this->generateAuthorizationState(); } $this->storeAuthorizationState($parameters['state']); // Build the url $url = clone $this->getAuthorizationEndpoint(); foreach ($parameters as $key => $val) { $url->addToQuery($key, $val); } return $url; } /** * {@inheritdoc} */ public function getAuthorizationEndpoint() { return new Uri('https://oa.dnc.global/authorize'); } /** * {@inheritdoc} */ public function getAccessTokenEndpoint() { return new Uri('https://oa.dnc.global/token'); } /** * {@inheritdoc} */ protected function getAuthorizationMethod() { return static::AUTHORIZATION_METHOD_HEADER_BEARER; // ou AUTHORIZATION_METHOD_QUERY_STRING ??? } /** * {@inheritdoc} */ protected function parseAccessTokenResponse($responseBody) { $data = json_decode($responseBody, true); if (null === $data || !is_array($data)) { throw new TokenResponseException('Unable to parse response.'); } elseif (isset($data['message'])) { throw new TokenResponseException('Error in retrieving token: "' . $data['message'] . '"'); } elseif (isset($data['name'])) { throw new TokenResponseException('Error in retrieving token: "' . $data['name'] . '"'); } $token = new StdOAuth2Token(); $token->setAccessToken($data['access_token']); $token->setLifeTime($data['expires_in']); if (isset($data['refresh_token'])) { $token->setRefreshToken($data['refresh_token']); unset($data['refresh_token']); } unset($data['access_token']); unset($data['expires_in']); $token->setExtraParams($data); return $token; } /** * {@inheritdoc} */ public function requestAccessToken($code, $state = null) { if (null !== $state) { $this->validateAuthorizationState($state); } $bodyParams = array( 'code' => $code, 'client_id' => $this->credentials->getConsumerId(), 'client_secret' => $this->credentials->getConsumerSecret(), 'redirect_uri' => $this->credentials->getCallbackUrl(), 'grant_type' => 'authorization_code', ); $responseBody = $this->httpClient->retrieveResponse( $this->getAccessTokenEndpoint(), $bodyParams, $this->getExtraOAuthHeaders() ); $token = $this->parseAccessTokenResponse($responseBody); $this->storage->storeAccessToken($this->service(), $token); return $token; } }