131 lines
3.5 KiB
PHP
Raw Normal View History

2014-05-09 10:46:59 +01:00
<?php
2014-11-08 18:26:12 +00:00
use League\OAuth2\Server\ResourceServer;
use Orno\Http\Exception\NotFoundException;
use Orno\Http\Request;
use Orno\Http\Response;
use RelationalExample\Model;
use RelationalExample\Storage;
2014-05-09 10:46:59 +01:00
include __DIR__.'/vendor/autoload.php';
// Set up the OAuth 2.0 resource server
$sessionStorage = new Storage\SessionStorage();
$accessTokenStorage = new Storage\AccessTokenStorage();
$clientStorage = new Storage\ClientStorage();
$scopeStorage = new Storage\ScopeStorage();
$server = new ResourceServer(
$sessionStorage,
$accessTokenStorage,
$clientStorage,
$scopeStorage
);
2014-08-04 09:12:43 +01:00
// Routing setup
2014-11-08 18:26:12 +00:00
$request = (new Request())->createFromGlobals();
$router = new \Orno\Route\RouteCollection();
2014-05-09 10:46:59 +01:00
2014-08-04 15:19:17 +01:00
// GET /tokeninfo
2014-05-09 10:46:59 +01:00
$router->get('/tokeninfo', function (Request $request) use ($server) {
2014-12-05 18:24:24 +01:00
$accessToken = $server->getAccessToken();
$session = $server->getSessionStorage()->getByAccessToken($accessToken);
2014-05-09 10:46:59 +01:00
$token = [
2014-12-05 18:24:24 +01:00
'owner_id' => $session->getOwnerId(),
'owner_type' => $session->getOwnerType(),
'access_token' => $accessToken,
'client_id' => $session->getClient()->getId(),
'scopes' => $accessToken->getScopes(),
2014-05-09 10:46:59 +01:00
];
2014-08-04 09:12:43 +01:00
return new Response(json_encode($token));
2014-05-09 10:46:59 +01:00
});
2014-08-04 15:19:17 +01:00
// GET /users
$router->get('/users', function (Request $request) use ($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = [
'username' => $result['username'],
2014-11-08 18:26:12 +00:00
'name' => $result['name'],
2014-08-04 15:19:17 +01:00
];
2014-12-05 18:12:19 +01:00
if ($server->getAccessToken()->hasScope('email')) {
2014-08-04 15:19:17 +01:00
$user['email'] = $result['email'];
}
2014-12-05 18:12:19 +01:00
if ($server->getAccessToken()->hasScope('photo')) {
2014-08-04 15:19:17 +01:00
$user['photo'] = $result['photo'];
}
$users[] = $user;
}
return new Response(json_encode($users));
});
// GET /users/{username}
2014-12-02 11:54:45 +01:00
$router->get('/users/{username}', function (Request $request, Response $response, array $args) use ($server) {
2014-08-04 15:19:17 +01:00
$result = (new Model\Users())->get($args['username']);
if (count($result) === 0) {
throw new NotFoundException();
}
$user = [
'username' => $result[0]['username'],
2014-11-08 18:26:12 +00:00
'name' => $result[0]['name'],
2014-08-04 15:19:17 +01:00
];
2014-12-05 18:12:19 +01:00
if ($server->getAccessToken()->hasScope('email')) {
2014-08-04 15:19:17 +01:00
$user['email'] = $result[0]['email'];
}
2014-12-05 18:12:19 +01:00
if ($server->getAccessToken()->hasScope('photo')) {
2014-08-04 15:19:17 +01:00
$user['photo'] = $result[0]['photo'];
}
return new Response(json_encode($user));
});
2014-08-04 09:12:43 +01:00
$dispatcher = $router->getDispatcher();
2014-05-09 10:46:59 +01:00
2014-08-04 09:12:43 +01:00
try {
// Check that access token is present
2014-08-04 15:19:17 +01:00
$server->isValidRequest(false);
2014-05-09 10:46:59 +01:00
2014-08-04 09:12:43 +01:00
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
2014-11-08 18:26:12 +00:00
'message' => $e->getMessage(),
2014-08-04 09:12:43 +01:00
]), $e->httpStatusCode);
2014-05-09 10:46:59 +01:00
2014-08-04 09:12:43 +01:00
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
2014-05-09 10:46:59 +01:00
}
2014-08-04 09:12:43 +01:00
} catch (\Exception $e) {
2014-11-08 18:26:12 +00:00
$response = new Orno\Http\Response();
2014-08-04 09:12:43 +01:00
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
2014-08-04 15:19:17 +01:00
}