-
Notifications
You must be signed in to change notification settings - Fork 4
/
Provider.php
115 lines (94 loc) · 3.1 KB
/
Provider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?php
namespace SocialiteProviders\GovBR;
use GuzzleHttp\RequestOptions;
use RuntimeException;
use SocialiteProviders\Manager\Contracts\OAuth2\ProviderInterface;
use SocialiteProviders\Manager\OAuth2\AbstractProvider;
use SocialiteProviders\Manager\OAuth2\User;
class Provider extends AbstractProvider implements ProviderInterface
{
public const IDENTIFIER = 'GOVBR';
public const SCOPE_OPENID = 'openid';
public const SCOPE_EMAIL = 'email';
public const SCOPE_PROFILE = 'profile';
public const SCOPE_GOVBR_EMPRESA = 'govbr_empresa';
public const SCOPE_GOVBR_CONFIABILIDADES = 'govbr_confiabilidades';
/**
* Staging URL.
*
* @var string
*/
protected $stagingUrl = 'https://sso.staging.acesso.gov.br';
/**
* Production URL.
*
* @var string
*/
protected $productionUrl = 'https://sso.acesso.gov.br';
protected $scopeSeparator = ' ';
protected $scopes = [
self::SCOPE_OPENID,
self::SCOPE_EMAIL,
self::SCOPE_PROFILE,
self::SCOPE_GOVBR_CONFIABILIDADES,
];
/**
* {@inheritdoc}
*/
protected $usesPKCE = true;
protected function getAuthUrl($state): string
{
return $this->buildAuthUrlFromBase($this->getBaseUrlForEnvironment().'/authorize', $state);
}
protected function getTokenUrl(): string
{
return $this->getBaseUrlForEnvironment().'/token';
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get($this->getBaseUrlForEnvironment().'/userinfo', [
RequestOptions::HEADERS => [
'Authorization' => 'Bearer '.$token,
],
]);
return json_decode((string) $response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['sub'],
'cpf' => $user['sub'],
'name' => $user['name'],
'email' => $user['email'] ?? null,
'email_verified' => $user['email_verified'] ?? null,
'phone_number' => $user['phone_number'] ?? null,
'phone_number_verified' => $user['phone_number_verified'] ?? null,
'avatar_url' => $user['picture'] ?? null,
'profile' => $user['profile'] ?? null,
]);
}
public static function additionalConfigKeys(): array
{
return ['environment'];
}
/**
* Get the URL for the given environment.
*
* @throws RuntimeException
*/
protected function getBaseUrlForEnvironment(): string
{
$environment = $this->getConfig('environment', 'production');
return match ($environment) {
'staging' => $this->stagingUrl,
'production' => $this->productionUrl,
default => throw new RuntimeException("Invalid environment '{$environment}' selected for GovBR provider."),
};
}
}