. */ namespace vierbergenlars\AuthserverOAuthAccountBundle\ExternalAccount; use HWI\Bundle\OAuthBundle\Security\OAuthUtils; use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use vierbergenlars\AuthserverExternalAccountBundle\Entity\ExternalUser; use vierbergenlars\AuthserverExternalAccountBundle\ExternalAccount\ExternalAccountProviderInterface; use vierbergenlars\AuthserverExternalAccountBundle\ValueObject\Button; use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerMap; use vierbergenlars\AuthserverOAuthAccountBundle\Security\Core\User\OAuthUserProvider; class OAuthExternalAccountProvider implements ExternalAccountProviderInterface { /** * * @var ResourceOwnerConfig */ private $resourceOwnerConfig; /** * * @var */ private $name; /** * * @var OAuthUtils */ private $OAuthUtils; /** * * @var OAuthUserProvider */ private $userProvider; /** * * @var TokenStorageInterface */ private $tokenStorage; /** * * @var \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap */ private $hwiResourceOwnerMap; public function __construct($name, ResourceOwnerMap $resourceOwnerMap, OAuthUtils $OAuthUtils, OAuthUserProvider $userProvider, TokenStorageInterface $tokenStorage, \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap $hwiResourceOwnerMap) { $this->resourceOwnerConfig = $resourceOwnerMap[$name]; $this->name = $name; $this->OAuthUtils = $OAuthUtils; $this->userProvider = $userProvider; $this->tokenStorage = $tokenStorage; $this->hwiResourceOwnerMap = $hwiResourceOwnerMap; } public function getName() { return 'oauth_' . $this->name; } public function getServiceName() { return $this->resourceOwnerConfig->getServiceName(); } public function getIcon() { return $this->resourceOwnerConfig->getIcon(); } public function getLoginButton() { return new Button($this->resourceOwnerConfig->getLoginButton() + [ 'url' => $this->OAuthUtils->getLoginUrl(new Request(), $this->name) ]); } public function getConnectButton() { return new Button($this->resourceOwnerConfig->getConnectButton() + [ 'url' => $this->OAuthUtils->getLoginUrl(new Request(), $this->name) ]); } public function hasConnect() { return true; } public function hasDisconnect() { return true; } public function disconnect(ExternalUser $externalUser) { $token = $this->tokenStorage->getToken(); if ($token instanceof OAuthToken) { if ('oauth_' . $token->getResourceOwnerName() === $externalUser->getProvider()) { $resourceOwner = $this->hwiResourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName()); $userInfo = $resourceOwner->getUserInformation($token->getRawToken()); if ($userInfo->getUsername() == $externalUser->getProviderRef()) { throw new AccessDeniedException('You can not disconnect the external user you are currently authenticated with.'); } } } $this->userProvider->disconnect($externalUser); } public function supports($externalProviderData) { return true; } }