Differential D14050 Diff 33968 src/applications/oauthserver/controller/PhabricatorOAuthServerTokenController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/oauthserver/controller/PhabricatorOAuthServerTokenController.php
<?php | <?php | ||||
final class PhabricatorOAuthServerTokenController | final class PhabricatorOAuthServerTokenController | ||||
extends PhabricatorAuthController { | extends PhabricatorOAuthServerController { | ||||
public function shouldRequireLogin() { | public function shouldRequireLogin() { | ||||
return false; | return false; | ||||
} | } | ||||
public function shouldAllowRestrictedParameter($parameter_name) { | public function shouldAllowRestrictedParameter($parameter_name) { | ||||
if ($parameter_name == 'code') { | if ($parameter_name == 'code') { | ||||
return true; | return true; | ||||
} | } | ||||
return parent::shouldAllowRestrictedParameter($parameter_name); | return parent::shouldAllowRestrictedParameter($parameter_name); | ||||
} | } | ||||
public function processRequest() { | public function handleRequest(AphrontRequest $request) { | ||||
$request = $this->getRequest(); | |||||
$grant_type = $request->getStr('grant_type'); | $grant_type = $request->getStr('grant_type'); | ||||
$code = $request->getStr('code'); | $code = $request->getStr('code'); | ||||
$redirect_uri = $request->getStr('redirect_uri'); | $redirect_uri = $request->getStr('redirect_uri'); | ||||
$client_phid = $request->getStr('client_id'); | $client_phid = $request->getStr('client_id'); | ||||
$client_secret = $request->getStr('client_secret'); | $client_secret = $request->getStr('client_secret'); | ||||
$response = new PhabricatorOAuthResponse(); | $response = new PhabricatorOAuthResponse(); | ||||
$server = new PhabricatorOAuthServer(); | $server = new PhabricatorOAuthServer(); | ||||
if ($grant_type != 'authorization_code') { | if ($grant_type != 'authorization_code') { | ||||
$response->setError('unsupported_grant_type'); | $response->setError('unsupported_grant_type'); | ||||
$response->setErrorDescription( | $response->setErrorDescription( | ||||
pht( | pht( | ||||
'Only %s %s is supported.', | 'Only %s %s is supported.', | ||||
'grant_type', | 'grant_type', | ||||
'authorization_code')); | 'authorization_code')); | ||||
return $response; | return $response; | ||||
} | } | ||||
if (!$code) { | if (!$code) { | ||||
$response->setError('invalid_request'); | $response->setError('invalid_request'); | ||||
$response->setErrorDescription(pht('Required parameter code missing.')); | $response->setErrorDescription(pht('Required parameter code missing.')); | ||||
return $response; | return $response; | ||||
} | } | ||||
if (!$client_phid) { | if (!$client_phid) { | ||||
$response->setError('invalid_request'); | $response->setError('invalid_request'); | ||||
$response->setErrorDescription( | $response->setErrorDescription( | ||||
pht( | pht( | ||||
'Required parameter %s missing.', | 'Required parameter %s missing.', | ||||
'client_id')); | 'client_id')); | ||||
return $response; | return $response; | ||||
} | } | ||||
if (!$client_secret) { | if (!$client_secret) { | ||||
$response->setError('invalid_request'); | $response->setError('invalid_request'); | ||||
$response->setErrorDescription( | $response->setErrorDescription( | ||||
pht( | pht( | ||||
'Required parameter %s missing.', | 'Required parameter %s missing.', | ||||
'client_secret')); | 'client_secret')); | ||||
return $response; | return $response; | ||||
} | } | ||||
// one giant try / catch around all the exciting database stuff so we | // one giant try / catch around all the exciting database stuff so we | ||||
// can return a 'server_error' response if something goes wrong! | // can return a 'server_error' response if something goes wrong! | ||||
try { | try { | ||||
$auth_code = id(new PhabricatorOAuthServerAuthorizationCode()) | $auth_code = id(new PhabricatorOAuthServerAuthorizationCode()) | ||||
->loadOneWhere('code = %s', | ->loadOneWhere('code = %s', | ||||
$code); | $code); | ||||
if (!$auth_code) { | if (!$auth_code) { | ||||
$response->setError('invalid_grant'); | $response->setError('invalid_grant'); | ||||
▲ Show 20 Lines • Show All 93 Lines • Show Last 20 Lines |