vendor/hwi/oauth-bundle/OAuth/RequestDataStorage/SessionStorage.php line 73

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the HWIOAuthBundle package.
  5. *
  6. * (c) Hardware Info <[email protected]>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace HWI\Bundle\OAuthBundle\OAuth\RequestDataStorage;
  14. use HWI\Bundle\OAuthBundle\OAuth\RequestDataStorageInterface;
  15. use HWI\Bundle\OAuthBundle\OAuth\ResourceOwnerInterface;
  16. use Symfony\Component\HttpFoundation\RequestStack;
  17. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  19. /**
  20. * Request token storage implementation using the Symfony session.
  21. *
  22. * @author Alexander <[email protected]>
  23. * @author Francisco Facioni <[email protected]>
  24. * @author Joseph Bielawski <[email protected]>
  25. *
  26. * @final since 1.4
  27. */
  28. class SessionStorage implements RequestDataStorageInterface
  29. {
  30. /**
  31. * @var RequestStack
  32. */
  33. private $requestStack;
  35. public function __construct(RequestStack $requestStack)
  36. {
  37. $this->requestStack = $requestStack;
  38. }
  40. /**
  41. * {@inheritdoc}
  42. */
  43. public function fetch(ResourceOwnerInterface $resourceOwner, $key, $type = 'token')
  44. {
  45. $key = $this->generateKey($resourceOwner, $key, $type);
  46. if (null === $data = $this->getSession()->get($key)) {
  47. throw new \InvalidArgumentException('No data available in storage.');
  48. }
  50. // Request tokens are one time use only
  51. if (\in_array($type, ['token', 'csrf_state'], true)) {
  52. $this->getSession()->remove($key);
  53. }
  55. return $data;
  56. }
  58. /**
  59. * {@inheritdoc}
  60. */
  61. public function save(ResourceOwnerInterface $resourceOwner, $value, $type = 'token')
  62. {
  63. if ('token' === $type) {
  64. if (!\is_array($value) || !isset($value['oauth_token'])) {
  65. throw new \InvalidArgumentException('Invalid request token.');
  66. }
  68. $key = $this->generateKey($resourceOwner, $value['oauth_token'], 'token');
  69. } else {
  70. $key = $this->generateKey($resourceOwner, $this->getStorageKey($value), $type);
  71. }
  73. $this->getSession()->set($key, $this->getStorageValue($value));
  74. }
  76. /**
  77. * Key to for fetching or saving a token.
  78. *
  79. * @param string $key
  80. * @param string $type
  81. *
  82. * @return string
  83. */
  84. protected function generateKey(ResourceOwnerInterface $resourceOwner, $key, $type)
  85. {
  86. return sprintf('_hwi_oauth.%s.%s.%s.%s', $resourceOwner->getName(), $resourceOwner->getOption('client_id'), $type, $key);
  87. }
  89. /**
  90. * @param array|string|object $value
  91. *
  92. * @return array|string
  93. */
  94. private function getStorageValue($value)
  95. {
  96. if (\is_object($value)) {
  97. $value = serialize($value);
  98. }
  100. return $value;
  101. }
  103. /**
  104. * @param array|string|object $value
  105. */
  106. private function getStorageKey($value): string
  107. {
  108. if (\is_array($value)) {
  109. $storageKey = reset($value);
  110. } elseif (\is_object($value)) {
  111. $storageKey = \get_class($value);
  112. } else {
  113. $storageKey = $value;
  114. }
  116. return (string) $storageKey;
  117. }
  119. private function getSession(): SessionInterface
  120. {
  121. if (method_exists($this->requestStack, 'getSession')) {
  122. return $this->requestStack->getSession();
  123. }
  125. if ((null !== $request = $this->requestStack->getCurrentRequest()) && $request->hasSession()) {
  126. return $request->getSession();
  127. }
  129. throw new \LogicException('There is currently no session available.');
  130. }
  131. }