diogo/indieauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
Files
6d5e93b07c4ee9a0961421d8efaddc8cd0c846c6
indieauth/src/Callback/DefaultAuthorizationForm.php
Barnaby Walters 6d5e93b07c Refactored Exception Handling, mostly tested authorization request handler 
* Internal error conditions now raise IndieAuthException
* Bubbled unknown exceptions converted to generic IndieAuthException
* Exceptions passed to overridable handler, turned into response
* Wrote many more tests, fixed a variety of problems
2021-06-09 00:06:35 +02:00

79 lines
2.9 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php declare(strict_types=1);
namespace Taproot\IndieAuth\Callback;
use BarnabyWalters\Mf2 as M;
use Psr\Http\Message\ServerRequestInterface;
use Nyholm\Psr7\Response;
use Psr\Http\Message\ResponseInterface;
use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerInterface;
use Psr\Log\NullLogger;
use function Taproot\IndieAuth\renderTemplate;
class DefaultAuthorizationForm implements AuthorizationFormInterface, LoggerAwareInterface {
public string $csrfKey;
public string $formTemplatePath;
public LoggerInterface $logger;
public function __construct(?string $formTemplatePath=null, ?string $csrfKey=null, ?LoggerInterface $logger=null) {
$this->formTemplatePath = $formTemplatePath ?? __DIR__ . '/../templates/default_authorization_page.html.php';
$this->csrfKey = $csrfKey ?? \Taproot\IndieAuth\Server::DEFAULT_CSRF_KEY;
$this->logger = $logger ?? new NullLogger;
}
public function showForm(ServerRequestInterface $request, array $authenticationResult, string $formAction, ?array $clientHApp): ResponseInterface {
// Show an authorization page. List all requested scopes, as this default
// function has now way of knowing which scopes are supported by the consumer.
$scopes = [];
foreach(explode(' ', $request->getQueryParams()['scope'] ?? '') as $s) {
$scopes[$s] = null; // Ideally there would be a description of the scope here, we dont have one though.
}
if (is_null($clientHApp)) {
$clientHApp = [
'type' => ['h-app'],
'properties' => []
];
}
$hApp = [
'name' => M\getProp($clientHApp, 'name'),
'url' => M\getProp($clientHApp, 'url'),
'photo' => M\getProp($clientHApp, 'photo')
];
return new Response(200, ['content-type' => 'text/html'], renderTemplate($this->formTemplatePath, [
'scopes' => $scopes,
'user' => $authenticationResult,
'formAction' => $formAction,
'request' => $request,
'clientHApp' => $hApp,
'clientId' => $request->getQueryParams()['client_id'],
'clientRedirectUri' => $request->getQueryParams()['redirect_uri'],
'csrfFormElement' => '<input type="hidden" name="' . htmlentities($this->csrfKey) . '" value="' . htmlentities($request->getAttribute($this->csrfKey)) . '" />'
]));
}
public function transformAuthorizationCode(ServerRequestInterface $request, array $code): array {
// Add any granted scopes from the form to the code.
$grantedScopes = $request->getParsedBody()['taproot_indieauth_server_scope[]'] ?? [];
// This default implementation naievely accepts any scopes it receives from the form.
// You may wish to perform some sort of validation.
$code['scope'] = join(' ', $grantedScopes);
// You may wish to additionally make any other necessary changes to the the code based on
// the form submission, e.g. if the user set a custom token lifetime, or wanted extra data
// stored on the token to affect how it behaves.
return $code;
}
public function setLogger(LoggerInterface $logger) {
$this->logger = $logger;
}
}
Reference in New Issue View Git Blame Copy Permalink