Page MenuHomePhabricator
Differential D14050 Diff 33968 src/applications/oauthserver/controller/PhabricatorOAuthServerTokenController.php

Changeset View

Standalone View

View Options

src/applications/oauthserver/controller/PhabricatorOAuthServerTokenController.php

<?php <?php
final class PhabricatorOAuthServerTokenController final class PhabricatorOAuthServerTokenController
extends PhabricatorAuthController { extends PhabricatorOAuthServerController {
public function shouldRequireLogin() { public function shouldRequireLogin() {
return false; return false;
} }
public function shouldAllowRestrictedParameter($parameter_name) { public function shouldAllowRestrictedParameter($parameter_name) {
if ($parameter_name == 'code') { if ($parameter_name == 'code') {
return true; return true;
} }
return parent::shouldAllowRestrictedParameter($parameter_name); return parent::shouldAllowRestrictedParameter($parameter_name);
} }
public function processRequest() { public function handleRequest(AphrontRequest $request) {
$request = $this->getRequest();
$grant_type = $request->getStr('grant_type'); $grant_type = $request->getStr('grant_type');
$code = $request->getStr('code'); $code = $request->getStr('code');
$redirect_uri = $request->getStr('redirect_uri'); $redirect_uri = $request->getStr('redirect_uri');
$client_phid = $request->getStr('client_id'); $client_phid = $request->getStr('client_id');
$client_secret = $request->getStr('client_secret'); $client_secret = $request->getStr('client_secret');
$response = new PhabricatorOAuthResponse(); $response = new PhabricatorOAuthResponse();
$server = new PhabricatorOAuthServer(); $server = new PhabricatorOAuthServer();
if ($grant_type != 'authorization_code') { if ($grant_type != 'authorization_code') {
$response->setError('unsupported_grant_type'); $response->setError('unsupported_grant_type');
$response->setErrorDescription( $response->setErrorDescription(
pht( pht(
'Only %s %s is supported.', 'Only %s %s is supported.',
'grant_type', 'grant_type',
'authorization_code')); 'authorization_code'));
return $response; return $response;
} }
if (!$code) { if (!$code) {
$response->setError('invalid_request'); $response->setError('invalid_request');
$response->setErrorDescription(pht('Required parameter code missing.')); $response->setErrorDescription(pht('Required parameter code missing.'));
return $response; return $response;
} }
if (!$client_phid) { if (!$client_phid) {
$response->setError('invalid_request'); $response->setError('invalid_request');
$response->setErrorDescription( $response->setErrorDescription(
pht( pht(
'Required parameter %s missing.', 'Required parameter %s missing.',
'client_id')); 'client_id'));
return $response; return $response;
} }
if (!$client_secret) { if (!$client_secret) {
$response->setError('invalid_request'); $response->setError('invalid_request');
$response->setErrorDescription( $response->setErrorDescription(
pht( pht(
'Required parameter %s missing.', 'Required parameter %s missing.',
'client_secret')); 'client_secret'));
return $response; return $response;
} }
// one giant try / catch around all the exciting database stuff so we // one giant try / catch around all the exciting database stuff so we
// can return a 'server_error' response if something goes wrong! // can return a 'server_error' response if something goes wrong!
try { try {
$auth_code = id(new PhabricatorOAuthServerAuthorizationCode()) $auth_code = id(new PhabricatorOAuthServerAuthorizationCode())
->loadOneWhere('code = %s', ->loadOneWhere('code = %s',
$code); $code);
if (!$auth_code) { if (!$auth_code) {
$response->setError('invalid_grant'); $response->setError('invalid_grant');
▲ Show 20 LinesShow All 93 LinesShow Last 20 Lines
Phabricator · Built by Phacility