Simple but effective oauth discovery and userinfo endpoint
Signed-off-by: Juan Manuel Lallana <juan.manuel.lallana@gmail.com>
This commit is contained in:
Juan Manuel Lallana
parent
17bc35e4f1
commit
2c7afae582
|
|
@ -44,5 +44,15 @@ return [
|
|||
'url' => '/api/v1/token',
|
||||
'verb' => 'POST'
|
||||
],
|
||||
[
|
||||
'name' => 'OauthApi#discovery',
|
||||
'url' => '/.well-known/openid-configuration',
|
||||
'verb' => 'GET',
|
||||
],
|
||||
[
|
||||
'name' => 'OauthApi#getUserInfo',
|
||||
'url' => '/api/v1/userinfo',
|
||||
'verb' => 'GET'
|
||||
],
|
||||
],
|
||||
];
|
||||
|
|
|
|||
|
|
@ -42,6 +42,9 @@ use OCP\AppFramework\Utility\ITimeFactory;
|
|||
use OCP\IRequest;
|
||||
use OCP\Security\ICrypto;
|
||||
use OCP\Security\ISecureRandom;
|
||||
use OCP\Util;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\IUserSession;
|
||||
|
||||
class OauthApiController extends Controller {
|
||||
/** @var AccessTokenMapper */
|
||||
|
|
@ -58,6 +61,10 @@ class OauthApiController extends Controller {
|
|||
private $time;
|
||||
/** @var Throttler */
|
||||
private $throttler;
|
||||
/** @var IUserSession */
|
||||
private $userSession;
|
||||
/** @var IUrlGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
public function __construct(string $appName,
|
||||
IRequest $request,
|
||||
|
|
@ -67,7 +74,9 @@ class OauthApiController extends Controller {
|
|||
TokenProvider $tokenProvider,
|
||||
ISecureRandom $secureRandom,
|
||||
ITimeFactory $time,
|
||||
Throttler $throttler) {
|
||||
Throttler $throttler,
|
||||
IUserSession $userSession,
|
||||
IURLGenerator $urlGenerator) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->crypto = $crypto;
|
||||
$this->accessTokenMapper = $accessTokenMapper;
|
||||
|
|
@ -76,6 +85,8 @@ class OauthApiController extends Controller {
|
|||
$this->secureRandom = $secureRandom;
|
||||
$this->time = $time;
|
||||
$this->throttler = $throttler;
|
||||
$this->userSession = $userSession;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -177,4 +188,34 @@ class OauthApiController extends Controller {
|
|||
]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @PublicPage
|
||||
* @NoCSRFRequired
|
||||
*
|
||||
* @return JSONResponse
|
||||
*/
|
||||
public function discovery() {
|
||||
$util = new Util();
|
||||
return new JSONResponse([
|
||||
'authorization_endpoint' => $this->urlGenerator->linkToRouteAbsolute('oauth2.LoginRedirector.authorize'),
|
||||
'token_endpoint' => $this->urlGenerator->linkToRouteAbsolute('oauth2.OauthApi.getToken'),
|
||||
'userinfo_endpoint' => $this->urlGenerator->linkToRouteAbsolute('oauth2.OauthApi.getUserInfo')
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @PublicPage
|
||||
* @NoCSRFRequired
|
||||
*
|
||||
* @return JSONResponse
|
||||
*/
|
||||
public function getUserInfo() {
|
||||
$user = $this->userSession->getUser();
|
||||
return new JSONResponse([
|
||||
'sub' => $user->getUID(),
|
||||
'name' => $user->getDisplayName(),
|
||||
'email' => $user->getEMailAddress()
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue