src/Controller/OAuth/TokenController.php line 62

Open in your IDE?
  1. <?php
  3. namespace App\Controller\OAuth;
  5. use GuzzleHttp\Utils;
  6. use App\Service\CartService;
  7. use App\OAuth\OAuth2 as OAuth2;
  8. use App\Entity\OAuth\AccessToken;
  9. use App\Repository\CartRepository;
  10. use League\OAuth2\Server\CryptKey;
  11. use App\OAuth\GoogleGrantExtension;
  12. use App\Repository\PersonRepository;
  13. use App\OAuth\FacebookGrantExtension;
  14. use Doctrine\Persistence\ManagerRegistry;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use App\Repository\OAuth\AccessTokenRepository;
  18. use Menke\UserBundle\Repository\UserRepository;
  19. use Symfony\Component\Routing\Annotation\Route;
  20. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  21. use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator;
  22. use League\Bundle\OAuth2ServerBundle\Controller\TokenController as BaseTokenController;
  23. use League\Bundle\OAuth2ServerBundle\Manager\AccessTokenManagerInterface;
  25. class TokenController extends AbstractController
  26. {
  27.     private $baseTokenController;
  28.     private $manager;
  29.     private $accessTokenManagerInterface;
  30.     private $accessTokenRepository;
  31.     private $cartRepo;
  32.     private $personRepo;
  33.     private $cartService;
  34.     private $userRepo;
  35.     private $bearerTokenValidator;
  37.     public function __construct(
  38.         BaseTokenController $baseTokenController,
  39.         ManagerRegistry $manager,
  40.         AccessTokenManagerInterface $accessTokenManagerInterface,
  41.         AccessTokenRepository $accessTokenRepository,
  42.         CartRepository $cartRepo,
  43.         PersonRepository $personRepo,
  44.         CartService $cartService,
  45.         UserRepository $userRepo,
  46.         BearerTokenValidator $bearerTokenValidator
  47.     ) {
  48.         $this->baseTokenController $baseTokenController;
  49.         $this->manager $manager->getManager();
  50.         $this->accessTokenManagerInterface $accessTokenManagerInterface;
  51.         $this->accessTokenRepository $accessTokenRepository;
  52.         $this->cartRepo $cartRepo;
  53.         $this->personRepo $personRepo;
  54.         $this->cartService $cartService;
  55.         $this->userRepo $userRepo;
  56.         $this->bearerTokenValidator $bearerTokenValidator;
  57.     }
  59.     /**
  60.      * @Route("/oauth/v2/token", name="oauth_v2_token", methods="POST")
  61.      */
  62.     public function indexAction(Request $request): Response
  63.     {
  64.         $result $this->baseTokenController->indexAction($request);
  65.         if ($request->getMethod() === 'POST') {
  66.             $inputData $request->request->all();
  68.             if (
  69.                 ($inputData['grant_type'] == OAuth2::GRANT_TYPE_USER_CREDENTIALS ||
  70.                     $inputData['grant_type'] == FacebookGrantExtension::GRANT_TYPE ||
  71.                     $inputData['grant_type'] == GoogleGrantExtension::GRANT_TYPE) &&
  72.                     $result->getStatusCode() == 200 &&
  73.                     array_key_exists('access_token'$inputData) &&
  74.                     !empty($inputData['access_token'])
  75.             ) {
  76.                 $this->bearerTokenValidator->setPublicKey(new CryptKey($this->getParameter('kernel.project_dir')."/config/jwt/public.key"));
  78.                 $old_token $this->bearerTokenValidator->getJwtConfiguration()->parser()->parse($inputData['access_token']);
  79.                 $oldAccessToken $this->accessTokenRepository->findOneBy(['identifier' => $old_token->claims()->get('jti')]);
  80.                 if (!$oldAccessToken) {
  81.                     return $result;
  82.                 }
  83.                 
  84.                 $resultObj json_decode($result->getContent());
  85.                 $new_token $this->bearerTokenValidator->getJwtConfiguration()->parser()->parse($resultObj->access_token);
  86.                 $accessTokenManager $this->accessTokenManagerInterface->find($new_token->claims()->get('jti'));
  87.                 $user $this->userRepo->findOneBy(['username' => $inputData['username']]);
  88.                 
  89.                 if (!$accessTokenManager && !$user) {
  90.                     return $result;
  91.                 }
  92.                 $newAccessToken = new AccessToken();
  93.                 $newAccessToken->setIdentifier($accessTokenManager->getIdentifier());
  94.                 $newAccessToken->setClient($accessTokenManager->getClient());
  95.                 $newAccessToken->setExpiry(new \DateTime());
  96.                 $newAccessToken->setUser($user);
  97.                 $newAccessToken->setUserIdentifier($user->getUsername());
  98.                 $this->manager->persist($newAccessToken);
  99.                 $this->manager->flush();
  100.                 $cart $this->cartRepo->findOneBy(['accessToken' => $oldAccessToken]);
  101.                 if (!$cart) {
  102.                     return $result;
  103.                 }
  105.                 $customer $this->personRepo->findOneBy(['user' => $newAccessToken->getUser()]);
  106.                 $customerCart $this->cartRepo->findOneBy(['customer' => $customer]);
  108.                 if (!$customerCart) {
  109.                     $cart->setCustomer($customer);
  110.                     $cart->setAccessToken(null);
  111.                 } else {
  112.                     foreach ($cart->getItems() as $item) {
  113.                         $customerItem $this->cartService->getCartItemIfExists($item->getCourseOccurrence(), $customerCart$item->getCourseItem() ? true false);
  114.                         if ($customerItem) {
  115.                             $customerItem->increaseQuantity($item->getQuantity());
  116.                             if ($item->getCourseItem()) {
  117.                                 $item->setCourseItem(null);
  118.                             }
  119.                             foreach ($item->getParticipants() as $participant) {
  120.                                 $item->removeParticipant($participant);
  121.                                 $customerItem->addParticipant($participant);
  122.                             }
  123.                             $cart->removeItem($item);
  124.                         } else {
  125.                             $cart->removeItem($item);
  126.                             $customerCart->addItem($item);
  127.                         }
  128.                     }
  129.                     $this->manager->remove($cart);
  130.                 }
  132.                 $this->manager->flush();
  133.             }
  134.         }
  136.         if ($result->getStatusCode() == 400) {
  137.             $content json_decode($result->getContent());
  138.             if ($content->error == OAuth2::ERROR_INVALID_GRANT) {
  139.                 $inputData $request->request->all();
  140.                 if (array_key_exists('username'$inputData)) {
  141.                     try {
  142.                         $user $this->userRepo->findOneBy(['username' => $inputData['username']]);
  143.                         if ($user && !$user->isEnabled()) {
  144.                             $content->error_description 'Der angegebene Benutzer ist nicht aktiviert.';
  145.                             $result->setContent(Utils::jsonEncode($content));
  146.                         }
  147.                     } catch (\Exception $e) {
  148.                     }
  149.                 }
  150.             }
  151.         }
  153.         return $result;
  154.     }
  155. }