lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

oauth providers

Browse Source
This commit is contained in:
xiaomlove
2025-04-24 15:30:07 +07:00
parent 13bc885fd7
commit b3aeaf04b4
18 changed files with 310 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
app/Http/Controllers/OauthController.php
View File

@@ -3,6 +3,7 @@ namespace App\Http\Controllers;
use App\Http\Resources\UserResource;
use App\Models\OauthClient;
use App\Models\OauthProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Str;
@@ -11,52 +12,74 @@ use Laravel\Passport\Client;
class OauthController extends Controller
{
private int $clientId = 8;
private string $baseUri;
private ?OauthClient $client = null;
// public function __construct()
// {
// $this->baseUri = getSchemeAndHttpHost();
//
// $this->client = OauthClient::query()->find($this->clientId);
// }
public function redirect(Request $request)
/**
* client redirect to authorization server, use oauth_providers config
*
* @param Request $request
* @param string $uuid
* @return \Illuminate\Foundation\Application|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function redirect(Request $request, string $uuid)
{
// $request->session()->put('state', $state = Str::random(40));
$provider = OauthProvider::query()->where('uuid', $uuid)->firstOrFail();
$request->session()->put('state', $state = Str::random(40));
$query = http_build_query([
'client_id' => $this->client->id,
'redirect_uri' => $this->client->redirect,
'client_id' => $provider->client_id,
'redirect_uri' => $provider->redirect,
'response_type' => 'code',
'scope' => '',
// 'state' => $state,
'state' => $state,
// 'prompt' => 'none', // "none", "consent", or "login"
]);
return redirect($this->baseUri.'/oauth/authorize?'.$query);
$authorizationUrl = sprintf(
'%s%s%s',
$provider->authorization_endpoint_url,
str_contains($provider->authorization_endpoint_url, '?') ? '&' : '?',
$query
);
return redirect($authorizationUrl);
}
public function callback(Request $request)
/**
* authorization server redirect to this url with auth code after user authorized
* and then use auth code to request to authorization server token endpoint url to get access token
*
* @param Request $request
* @param string $uuid
* @return array|mixed
* @throws \Illuminate\Http\Client\ConnectionException
* @throws \Throwable
*/
public function callback(Request $request, string $uuid)
{
// $state = $request->session()->pull('state');
//
// throw_unless(
// strlen($state) > 0 && $state === $request->state,
// \InvalidArgumentException::class
// );
$state = $request->session()->pull('state');
$response = Http::asForm()->post($this->baseUri.'/oauth/token', [
throw_unless(
strlen($state) > 0 && $state === $request->state,
\InvalidArgumentException::class
);
$provider = OauthProvider::query()->where('uuid', $uuid)->firstOrFail();
$response = Http::asForm()->post($provider->token_endpoint_url, [
'grant_type' => 'authorization_code',
'client_id' => $this->client->id,
'client_secret' => $this->client->secret,
'redirect_uri' => $this->client->redirect,
'client_id' => $provider->client_id,
'client_secret' => $provider->client_secret,
// 'redirect_uri' => url("oauth/login"),
'code' => $request->code,
]);
return $response->json();
$tokenInfo = $response->json();
do_log("tokenInfo: " . $response->body());
//use token get user-info
$response = Http::withToken($tokenInfo['access_token'])->get($provider->user_info_endpoint_url);
$userInfo = $response->json();
do_log("userInfo: " . $response->body());
$userId = data_get($userInfo, $provider->id_claim);
$username = data_get($userInfo, $provider->username_claim);
$email = data_get($userInfo, $provider->email_claim);
dd($userInfo, $userId, $username, $email);
}
public function debug(Request $request)