authserver
/
oauth-account
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
5 Commits
1 Branch
2 Tags
150 KiB
Tag: Branch: Tree: 6888539f59
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6888539f59'
${ noResults }
oauth-account/Controller/ConnectController.php

80 lines
3.5 KiB
Raw Blame History

<?php
/**
* Authserver, an OAuth2-based single-signon authentication provider written in PHP.
*
* Copyright (C) $today.date Lars Vierbergen
*
* his program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace vierbergenlars\AuthserverOAuthAccountBundle\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Form\Extension\Core\Type\FormType;
use vierbergenlars\AuthserverExternalAccountBundle\Entity\ExternalUser;
use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
use HWI\Bundle\OAuthBundle\Controller\ConnectController as BaseConnectController;
use vierbergenlars\AuthserverExternalAccountBundle\ExternalAccount\ExternalAccountProviderManager;
use vierbergenlars\AuthserverOAuthAccountBundle\DependencyInjection\AuthserverOAuthAccountExtension;
class ConnectController extends BaseConnectController
{
protected function render($view, array $parameters = [], Response $response = null)
{
if($view === 'HWIOAuthBundle:Connect:connect_success.html.twig')
return $this->redirectToRoute('user_profile');
$externalAccountProviderManager = $this->container->get('vierbergenlars.authserver_external_account.account_provider_manager');
return parent::render($view, $parameters + ['externalAccountProviderManager' => $externalAccountProviderManager], $response);
}
public function disconnectServiceAction(Request $request, ExternalUser $externalUser)
{
if($externalUser->getUser() !== $this->getUser())
throw $this->createAccessDeniedException();
$token = $this->getToken();
if($token instanceof OAuthToken) {
if('oauth_'.$token->getResourceOwnerName() === $externalUser->getProvider()) {
$resourceOwnerMap = $this->get('hwi_oauth.resource_ownermap.public');
/* @var $resourceOwnerMap \HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMap */
$resourceOwner = $resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
$userInfo = $resourceOwner->getUserInformation($token->getRawToken());
if($userInfo->getUsername() == $externalUser->getProviderRef()) {
throw $this->createAccessDeniedException('You can not disconnect the external user you are currently authenticated with.');
}
}
}
$form = $this->createForm(FormType::class);
$form->handleRequest($request);
if($form->isSubmitted() && $form->isValid()) {
$this->container->get('hwi_oauth.account.connector')->disconnect($externalUser);
return $this->redirectToRoute('user_profile');
}
return $this->render('AuthserverOAuthAccountBundle:Connect:disconnect_service.html.twig', [
'externalUser' => $externalUser,
'form' => $form->createView(),
]);
}
}