[PLUGIN][OAuth] Fix login for OAuth

This commit is contained in:
Hugo Sales 2022-03-13 22:27:59 +00:00
parent 20f690c532
commit 27706d63f4
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
4 changed files with 9 additions and 10 deletions

View File

@ -20,15 +20,13 @@ security:
dev: dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/ pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false security: false
oauth:
pattern: ^/oauth
security: false
main: main:
lazy: true lazy: true
provider: local_user provider: local_user
form_login: form_login:
login_path: security_login login_path: security_login
check_path: security_login check_path: security_login
default_target_path: root
logout: logout:
path: security_logout path: security_logout
# where to redirect after logout # where to redirect after logout

View File

@ -34,7 +34,7 @@ declare(strict_types = 1);
namespace Plugin\OAuth2\Controller; namespace Plugin\OAuth2\Controller;
use App\Core\Controller; use App\Core\Controller;
use App\Entity\LocalUser; use App\Util\Common;
use App\Util\Exception\NotFoundException; use App\Util\Exception\NotFoundException;
use League\OAuth2\Server\Entities\UserEntityInterface; use League\OAuth2\Server\Entities\UserEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
@ -56,7 +56,7 @@ class Authorize extends Controller
parent::__construct($stack); parent::__construct($stack);
} }
public function __invoke(Request $request) public function handle(Request $request)
{ {
// @var \League\OAuth2\Server\AuthorizationServer $server // @var \League\OAuth2\Server\AuthorizationServer $server
$server = OAuth2::$authorization_server; $server = OAuth2::$authorization_server;
@ -71,10 +71,11 @@ class Authorize extends Controller
$psrRequest = $psrHttpFactory->createRequest($request); $psrRequest = $psrHttpFactory->createRequest($request);
$authRequest = $server->validateAuthorizationRequest($psrRequest); $authRequest = $server->validateAuthorizationRequest($psrRequest);
// TODO $user = Common::ensureLoggedIn($request);
// Once the user has logged in set the user on the AuthorizationRequest // Once the user has logged in set the user on the AuthorizationRequest
$authRequest->setUser( $authRequest->setUser(
new class(LocalUser::getByNickname('foo')->getId()) implements UserEntityInterface { new class($user->getId()) implements UserEntityInterface {
public function __construct(private int $id) public function __construct(private int $id)
{ {
} }

View File

@ -37,6 +37,6 @@ class NoLoggedInUser extends RedirectException
{ {
public function __construct(Request $request) public function __construct(Request $request)
{ {
parent::__construct('security_login', ['next' => $request->getRequestUri()]); parent::__construct('security_login', ['_target_path' => $request->getRequestUri()]);
} }
} }

View File

@ -41,8 +41,8 @@
<input type="checkbox" name="_remember_me" id="inputRememberMe"> <input type="checkbox" name="_remember_me" id="inputRememberMe">
</span> </span>
{% if app.request.query.has('next') %} {% if app.request.query.has('next') or app.request.query.has('_next') or app.request.query.has('_target_path') %}
<input type="hidden" name="_next" value="{{ app.request.query.get('next') }}"> <input type="hidden" name="_target_path" value="{{ (app.request.query.get('next') ?? app.request.query.get('_next') ?? app.request.query.get('_target_path')) | url_encode }}">
{% endif %} {% endif %}
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}"> <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
<div> <div>