src/App/Service/Security/AuthServer.php line 79

Open in your IDE?
  1. <?php
  3. namespace App\Service\Security;
  5. use App\Exception\Security\ChangePasswordException;
  6. use App\Exception\Security\CreateUserException;
  7. use App\Exception\Security\InvalidAccessTokenException;
  8. use App\Exception\Security\UpdateUserException;
  9. use Aqarmap\Bundle\UserBundle\Constant\Oauth2GrantTypes;
  10. use Aqarmap\Bundle\UserBundle\Entity\User;
  11. use Psr\Cache\CacheItemPoolInterface;
  12. use Psr\Log\LoggerInterface;
  13. use Symfony\Component\HttpFoundation\Request as httpRequest;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\Security\Core\User\UserInterface;
  16. use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
  17. use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface;
  18. use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
  19. use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
  20. use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
  21. use Symfony\Contracts\HttpClient\HttpClientInterface;
  23. class AuthServer
  24. {
  25.     private HttpClientInterface $client;
  26.     private CacheItemPoolInterface $cachePool;
  27.     private LoggerInterface $logger;
  28.     private string $authClientId;
  29.     private string $authClientSecret;
  30.     private string $publicServerUrl;
  32.     public function __construct(HttpClientInterface $authClientCacheItemPoolInterface $cachePoolLoggerInterface $loggerstring $authClientIdstring $authClientSecretstring $publicServerUrl)
  33.     {
  34.         $this->client $authClient;
  35.         $this->authClientId $authClientId;
  36.         $this->authClientSecret $authClientSecret;
  37.         $this->publicServerUrl $publicServerUrl;
  38.         $this->cachePool $cachePool;
  39.         $this->logger $logger;
  40.     }
  42.     /**
  43.      * @throws TransportExceptionInterface
  44.      * @throws ServerExceptionInterface
  45.      * @throws RedirectionExceptionInterface
  46.      * @throws ClientExceptionInterface
  47.      * @throws DecodingExceptionInterface
  48.      */
  49.     public function getUser(string $token): array
  50.     {
  51.         return $this->client->request('GET''api/profile', [
  52.             'auth_bearer' => $token,
  53.             'headers' => [
  54.                 'Accept' => 'application/json',
  55.             ],
  56.         ])->toArray();
  57.     }
  59.     public function getTokenInfo(string $tokenbool $useCache true): array
  60.     {
  61.         $cachedRequest $this->cachePool->getItem(sprintf('token-info-%s'sha1($token)));
  63.         if (!$useCache || !$cachedRequest->isHit() || empty($cachedRequest->get())) {
  64.             $request $this->client->request('GET''api/token-info', [
  65.                 'auth_bearer' => $token,
  66.                 'headers' => [
  67.                     'Accept' => 'application/json',
  68.                 ],
  69.             ]);
  71.             $this->logger->debug('Token Info: Validating against auth server.');
  73.             if (Response::HTTP_OK == $request->getStatusCode()) {
  74.                 $cachedRequest->set($request->toArray(false));
  75.                 $cachedRequest->expiresAfter(60);
  76.                 $this->cachePool->save($cachedRequest);
  77.             } else {
  78.                 $this->logger->debug(sprintf('Token Info: Invalid token. Status code: %s'$request->getStatusCode()));
  79.                 throw new InvalidAccessTokenException(sprintf('Token Info: Invalid token. Status code: %s'$request->getStatusCode()));
  80.             }
  81.         } else {
  82.             $this->logger->debug('Token Info: Retrieved from cache.');
  83.         }
  85.         return $cachedRequest->get();
  86.     }
  88.     /**
  89.      * @throws TransportExceptionInterface
  90.      * @throws ServerExceptionInterface
  91.      * @throws RedirectionExceptionInterface
  92.      * @throws ClientExceptionInterface
  93.      * @throws DecodingExceptionInterface
  94.      * @throws CreateUserException
  95.      */
  96.     public function register(User $user): array
  97.     {
  98.         $countryCode $user->getCountryCode() ?? $user->getTempCountryCode();
  100.         try {
  101.             $request $this->client->request('POST''api/register', [
  102.                 'body' => [
  103.                     'fullName' => $user->getFullName(),
  104.                     'email' => $user->getEmailCanonical(),
  105.                     'plainPassword' => $user->getPlainPassword(),
  106.                     'phoneNumber' => $countryCode.ltrim($user->getMainPhoneNumber(), '0'),
  107.                 ],
  108.             ]);
  110.             if (Response::HTTP_OK != $request->getStatusCode()) {
  111.                 $response $request->toArray(false);
  112.                 $errors $this->parseFormErrors($response['form'] ?? null);
  114.                 throw new CreateUserException($errors['firstError'], $request->getStatusCode());
  115.             }
  117.             return $request->toArray();
  118.         } catch (\Exception $exception) {
  119.             throw new CreateUserException($exception->getMessage(), $exception->getCode(), $exception);
  120.         }
  121.     }
  123.     public function createUser(string $name, ?string $email, ?string $phoneNumber, ?string $password): array
  124.     {
  125.         try {
  126.             $request $this->client->request('POST''api/register', [
  127.                 'body' => [
  128.                     'fullName' => $name,
  129.                     'email' => $email,
  130.                     'plainPassword' => $password,
  131.                     'phoneNumber' => $phoneNumber,
  132.                 ],
  133.             ]);
  135.             if (Response::HTTP_OK != $request->getStatusCode()) {
  136.                 $response $request->toArray(false);
  137.                 $errors $this->parseFormErrors($response['form'] ?? null);
  139.                 throw new CreateUserException(reset($errors), $request->getStatusCode());
  140.             }
  142.             return $request->toArray();
  143.         } catch (\Exception $exception) {
  144.             throw new CreateUserException($exception->getMessage(), $exception->getCode(), $exception);
  145.         }
  146.     }
  148.     /**
  149.      * @throws TransportExceptionInterface
  150.      * @throws ServerExceptionInterface
  151.      * @throws RedirectionExceptionInterface
  152.      * @throws ClientExceptionInterface
  153.      * @throws DecodingExceptionInterface
  154.      */
  155.     public function getToken(httpRequest $request)
  156.     {
  157.         $grantType $request->get('grant_type'Oauth2GrantTypes::PASSWORD);
  158.         $username $request->get('username'$request->get('email'));
  159.         $password $request->request->get('plainPassword')['first'] ?? $request->request->get('plainPassword');
  161.         return $this->client->request('POST''/token', [
  162.             'body' => [
  163.                 'client_id' => $this->authClientId,
  164.                 'client_secret' => $this->authClientSecret,
  165.                 'grant_type' => $grantType,
  166.                 'username' => $username,
  167.                 'password' => $password,
  168.             ],
  169.         ])->toArray();
  170.     }
  172.     public function getClientCredentialsAccessToken($useCache true)
  173.     {
  174.         $cache $this->cachePool->getItem('client-credentials-access-token');
  176.         if (!$useCache || !$cache->isHit() || empty($cache->get())) {
  177.             $request $this->client->request('POST''/token', [
  178.                 'body' => [
  179.                     'client_id' => $this->authClientId,
  180.                     'client_secret' => $this->authClientSecret,
  181.                     'grant_type' => 'client_credentials',
  182.                 ],
  183.             ])->toArray();
  185.             $cache->set($request['access_token']);
  186.             $cache->expiresAfter((int) floor(($request['expires_in'] ?? 60) / 2));
  187.             $this->cachePool->save($cache);
  188.         }
  190.         return $cache->get();
  191.     }
  193.     public function lookupUserByLoginIdentifier(string $loginIdentifier): ?string
  194.     {
  195.         $request $this->client->request('POST''api/user/lookup', [
  196.             'body' => [
  197.                 'loginIdentifier' => $loginIdentifier,
  198.             ],
  199.             'auth_bearer' => $this->getClientCredentialsAccessToken(),
  200.             'headers' => [
  201.                 'Host' => $this->getPublicHost(),
  202.             ],
  203.         ]);
  205.         return $request->toArray()['user']['id'] ?? null;
  206.     }
  208.     /**
  209.      * @throws TransportExceptionInterface
  210.      * @throws ChangePasswordException
  211.      */
  212.     public function changePassword(UserInterface $userstring $currentPasswordstring $newPassword): void
  213.     {
  214.         try {
  215.             $request $this->client->request('POST''api/user/change-password', [
  216.                 'body' => [
  217.                     'plainPassword[first]' => $newPassword,
  218.                     'plainPassword[second]' => $newPassword,
  219.                     'currentPassword' => $currentPassword,
  220.                 ],
  221.                 'auth_bearer' => $user->getUserAccessToken(),
  222.             ]);
  224.             if (Response::HTTP_OK != $request->getStatusCode()) {
  225.                 $response $request->toArray(false);
  227.                 throw new ChangePasswordException($response['message'], $request->getStatusCode());
  228.             }
  229.         } catch (\Exception $exception) {
  230.             throw new ChangePasswordException($exception->getMessage(), $exception->getCode(), $exception);
  231.         }
  232.     }
  234.     public function resetPassword(string $email): void
  235.     {
  236.         try {
  237.             $this->client->request('POST''api/request-reset-password', [
  238.                 'body' => [
  239.                     'email' => $email,
  240.                 ],
  241.                 'auth_bearer' => $this->getClientCredentialsAccessToken(),
  242.                 'headers' => [
  243.                     'Host' => $this->getPublicHost(),
  244.                 ],
  245.             ]);
  246.         } catch (\Exception $exception) {
  247.             throw new ChangePasswordException($exception->getMessage(), $exception->getCode(), $exception);
  248.         }
  249.     }
  251.     /**
  252.      * @throws UpdateUserException
  253.      */
  254.     public function updateUser(UserInterface $user): void
  255.     {
  256.         $body = [
  257.             'fullName' => $user->getFullName(),
  258.             'phoneNumber' => ltrim($user->getPhoneNumber(), '+'),
  259.             'email' => $user->getEmail(),
  260.         ];
  261.         $response $this->client->request('POST'sprintf('api/user/update?_locale=%s'$user->getLanguage()), [
  262.             'body' => $body,
  263.             'auth_bearer' => $user->getUserAccessToken(),
  264.             'headers' => [
  265.                 'Accept-Language' => $user->getLanguage(),
  266.             ],
  267.         ]);
  268.         if (Response::HTTP_OK != $response->getStatusCode()) {
  269.             $responseBody $response->toArray(false);
  270.             $errors $this->parseFormErrors($responseBody['form'] ?? null);
  272.             throw new UpdateUserException(reset($errors) ?? json_encode(['body' => $body'response' => $responseBody]), $response->getStatusCode());
  273.         }
  274.     }
  276.     public function parseFormErrors(?array $response): array
  277.     {
  278.         $errorList = [];
  280.         if (!empty($response['errors'])) {
  281.             foreach ($response['errors'] as $error) {
  282.                 if ($message $error['message'] ?? null) {
  283.                     $errorList[] = $message;
  284.                 }
  285.             }
  286.         }
  288.         if (isset($response['children'])) {
  289.             foreach ($response['children'] as $children) {
  290.                 $errorList array_merge($errorList$this->parseFormErrors($children));
  291.             }
  292.         }
  294.         return $errorList;
  295.     }
  297.     private function getPublicHost(): string
  298.     {
  299.         return parse_url($this->publicServerUrlPHP_URL_HOST);
  300.     }
  301. }