145 lines
4.1 KiB
PHP
145 lines
4.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\API;
|
|
|
|
use App\Entity\Token;
|
|
use App\Exceptions\HTTPException;
|
|
use App\Exceptions\NoPermissionException;
|
|
use App\Exceptions\NotLoggedInException;
|
|
use App\Exceptions\ResourceNotFound;
|
|
use App\Http\Resources\API\AppAccessDetails;
|
|
use App\Models\AccessToken;
|
|
use App\Models\App;
|
|
use App\Models\AppAccess;
|
|
use App\Models\AppCode;
|
|
use App\Models\RefreshToken;
|
|
use App\Models\User;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Log;
|
|
use TaGeSo\APIResponse\Response;
|
|
use Laravel\Lumen\Routing\Controller as BaseController;
|
|
|
|
class oAuthController extends BaseController
|
|
{
|
|
/**
|
|
* Create a new controller instance.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function __construct()
|
|
{
|
|
//
|
|
}
|
|
|
|
public function getAccess(Response $response, Request $request, $id) {
|
|
if(!Auth::check()) {
|
|
throw new NotLoggedInException();
|
|
}
|
|
|
|
$app = App::query()->where("id", "=", $id)->firstOrFail();
|
|
|
|
if($request->get("create", false)) {
|
|
$access = AppAccess::getOrCreate(Auth::user()->id, $id);
|
|
} else {
|
|
$access = AppAccess::query()
|
|
->where("user_id", "=", Auth::user()->id)
|
|
->where("app_id", "=", $id)->first();
|
|
}
|
|
|
|
if(empty($access)) {
|
|
throw new ResourceNotFound();
|
|
}
|
|
|
|
//Auto Allow
|
|
if($app->auto_accept) {
|
|
$access->status = "allowed";
|
|
}
|
|
|
|
return $response->withData(new \App\Http\Resources\API\AppAccess($access));
|
|
}
|
|
|
|
public function allowAccess(Response $response, Request $request, $id) {
|
|
if(!Auth::check()) {
|
|
throw new NotLoggedInException();
|
|
}
|
|
|
|
$this->validate($request, [
|
|
'redirect_uri' => 'required|url',
|
|
'state' => ''
|
|
]);
|
|
|
|
$app = App::query()->where("id", "=", $id);
|
|
|
|
$access = AppAccess::getOrCreate(Auth::user()->id, $id);
|
|
$access->status = "allowed";
|
|
$access->saveOrFail();
|
|
|
|
$appCode = AppCode::createCode($access);
|
|
|
|
|
|
//Create Redirect URL
|
|
$returnUrl = urldecode($request->input("redirect_uri"));
|
|
if(strpos($returnUrl, "?") > 0) {
|
|
Log::debug("Found questionmark in redirect_uri");
|
|
if(substr($returnUrl, -1, 1) != "&") {
|
|
Log::debug("Add & to the redirect_uri");
|
|
$returnUrl .= "&";
|
|
}
|
|
} else {
|
|
$returnUrl .= "?";
|
|
}
|
|
|
|
$returnUrl.="code=".$appCode->code;
|
|
if($request->input("state", null) !== null) {
|
|
$returnUrl .= "&state=".$request->input("state");
|
|
}
|
|
|
|
Log::debug("Return URL: ".$returnUrl);
|
|
|
|
|
|
$res = [];
|
|
$res["appCode"] = $appCode->code;
|
|
$res["redirectUrl"] = $returnUrl;
|
|
|
|
return $response->withData($res);
|
|
}
|
|
public function listAccess(Response $response) {
|
|
if(!Auth::check()) {
|
|
throw new NotLoggedInException();
|
|
}
|
|
|
|
$access = AppAccess::query()->where("user_id", "=", Auth::user()->id)->get();
|
|
$visibleAccess = [];
|
|
foreach($access as $a) {
|
|
if(!$a->getApp()->hidden_in_app_list) {
|
|
$visibleAccess[] = $a;
|
|
}
|
|
}
|
|
|
|
return $response->withData(AppAccessDetails::collection(collect($visibleAccess)));
|
|
}
|
|
public function removeAccess($id, Response $response) {
|
|
if(!Auth::check()) {
|
|
throw new NotLoggedInException();
|
|
}
|
|
|
|
$access = AppAccess::query()->where("id", "=", $id)->firstOrFail();
|
|
if($access->user_id != Auth::user()->id) {
|
|
throw new NoPermissionException();
|
|
}
|
|
|
|
if($access->getApp()->user_cant_remove_app) {
|
|
throw new NoPermissionException();
|
|
}
|
|
|
|
RefreshToken::query()->where("access_id", "=", $access->id)->delete();
|
|
\App\Models\AccessToken::query()->where("access_id", "=", $access->id)->delete();
|
|
AppCode::query()->where("access_id", "=", $access->id)->delete();
|
|
$access->delete();
|
|
|
|
|
|
return $response;
|
|
}
|
|
}
|