diff options
Diffstat (limited to 'src/Wallabag/ApiBundle/Controller/AppsController.php')
| -rw-r--r-- | src/Wallabag/ApiBundle/Controller/AppsController.php | 189 |
1 files changed, 189 insertions, 0 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/AppsController.php b/src/Wallabag/ApiBundle/Controller/AppsController.php new file mode 100644 index 00000000..6ef77667 --- /dev/null +++ b/src/Wallabag/ApiBundle/Controller/AppsController.php | |||
| @@ -0,0 +1,189 @@ | |||
| 1 | <?php | ||
| 2 | |||
| 3 | namespace Wallabag\ApiBundle\Controller; | ||
| 4 | |||
| 5 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; | ||
| 6 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; | ||
| 7 | use Symfony\Component\Finder\Exception\AccessDeniedException; | ||
| 8 | use Symfony\Component\HttpFoundation\JsonResponse; | ||
| 9 | use Symfony\Component\HttpFoundation\Request; | ||
| 10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | ||
| 11 | use Wallabag\ApiBundle\Entity\AccessToken; | ||
| 12 | use Wallabag\ApiBundle\Entity\Client; | ||
| 13 | use Wallabag\ApiBundle\Form\Type\ClientType; | ||
| 14 | |||
| 15 | class AppsController extends Controller | ||
| 16 | { | ||
| 17 | /** | ||
| 18 | * List all clients and link to create a new one. | ||
| 19 | * | ||
| 20 | * @Route("/apps", name="apps") | ||
| 21 | * | ||
| 22 | * @return \Symfony\Component\HttpFoundation\Response | ||
| 23 | */ | ||
| 24 | public function indexAction() | ||
| 25 | { | ||
| 26 | $clients = $this->getDoctrine()->getRepository('WallabagApiBundle:Client')->findByUser($this->getUser()->getId()); | ||
| 27 | |||
| 28 | $apps = $this->getDoctrine()->getRepository('WallabagApiBundle:AccessToken')->findAppsByUser($this->getUser()->getId()); | ||
| 29 | |||
| 30 | return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ | ||
| 31 | 'clients' => $clients, | ||
| 32 | 'apps' => $apps, | ||
| 33 | ]); | ||
| 34 | } | ||
| 35 | |||
| 36 | /** | ||
| 37 | * Create a an app | ||
| 38 | * | ||
| 39 | * @param Request $request | ||
| 40 | * | ||
| 41 | * @Route("/api/apps", name="apps_create") | ||
| 42 | * @Method("POST") | ||
| 43 | * | ||
| 44 | * @return \Symfony\Component\HttpFoundation\Response | ||
| 45 | */ | ||
| 46 | public function createAppAction(Request $request) | ||
| 47 | { | ||
| 48 | $em = $this->getDoctrine()->getManager(); | ||
| 49 | |||
| 50 | $clientName = $request->request->get('client_name'); | ||
| 51 | $redirectURIs = $request->request->get('redirect_uris'); | ||
| 52 | $logoURI = $request->request->get('logo_uri'); | ||
| 53 | $description = $request->request->get('description'); | ||
| 54 | $appURI = $request->request->get('app_uri'); | ||
| 55 | $nextRedirect = $request->request->get('uri_redirect_after_creation'); | ||
| 56 | |||
| 57 | if (!$clientName) { | ||
| 58 | return new JsonResponse([ | ||
| 59 | 'error' => 'invalid_client_name', | ||
| 60 | 'error_description' => 'The client name cannot be empty', | ||
| 61 | ], 400); | ||
| 62 | } | ||
| 63 | |||
| 64 | if (!$redirectURIs) { | ||
| 65 | return new JsonResponse([ | ||
| 66 | 'error' => 'invalid_redirect_uri', | ||
| 67 | 'error_description' => 'One or more redirect_uri values are invalid', | ||
| 68 | ], 400); | ||
| 69 | } | ||
| 70 | |||
| 71 | $redirectURIs = (array) $redirectURIs; | ||
| 72 | |||
| 73 | $client = new Client(); | ||
| 74 | |||
| 75 | $client->setName($clientName); | ||
| 76 | |||
| 77 | $client->setDescription($description); | ||
| 78 | |||
| 79 | $client->setRedirectUris($redirectURIs); | ||
| 80 | |||
| 81 | $client->setImage($logoURI); | ||
| 82 | $client->setAppUrl($appURI); | ||
| 83 | |||
| 84 | $client->setAllowedGrantTypes(['token', 'refresh_token', 'authorization_code']); | ||
| 85 | $em->persist($client); | ||
| 86 | $em->flush(); | ||
| 87 | |||
| 88 | return new JsonResponse([ | ||
| 89 | 'client_id' => $client->getPublicId(), | ||
| 90 | 'client_secret' => $client->getSecret(), | ||
| 91 | 'client_name' => $client->getName(), | ||
| 92 | 'redirect_uri' => $client->getRedirectUris(), | ||
| 93 | 'description' => $client->getDescription(), | ||
| 94 | 'logo_uri' => $client->getImage(), | ||
| 95 | 'app_uri' => $client->getAppUrl(), | ||
| 96 | ], 201); | ||
| 97 | } | ||
| 98 | |||
| 99 | /** | ||
| 100 | * Create a client (an app). | ||
| 101 | * | ||
| 102 | * @param Request $request | ||
| 103 | * | ||
| 104 | * @Route("/apps/client/create", name="apps_create_client") | ||
| 105 | * | ||
| 106 | * @return \Symfony\Component\HttpFoundation\Response | ||
| 107 | */ | ||
| 108 | public function createClientAction(Request $request) | ||
| 109 | { | ||
| 110 | $em = $this->getDoctrine()->getManager(); | ||
| 111 | $client = new Client($this->getUser()); | ||
| 112 | $clientForm = $this->createForm(ClientType::class, $client); | ||
| 113 | $clientForm->handleRequest($request); | ||
| 114 | |||
| 115 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { | ||
| 116 | $client->setAllowedGrantTypes(['password', 'token', 'refresh_token', 'client_credentials']); // Password is depreciated | ||
| 117 | $em->persist($client); | ||
| 118 | $em->flush(); | ||
| 119 | |||
| 120 | $this->get('session')->getFlashBag()->add( | ||
| 121 | 'notice', | ||
| 122 | $this->get('translator')->trans('flashes.developer.notice.client_created', ['%name%' => $client->getName()]) | ||
| 123 | ); | ||
| 124 | |||
| 125 | return $this->render('@WallabagCore/themes/common/Developer/client_parameters.html.twig', [ | ||
| 126 | 'client_id' => $client->getPublicId(), | ||
| 127 | 'client_secret' => $client->getSecret(), | ||
| 128 | 'client_name' => $client->getName(), | ||
| 129 | ]); | ||
| 130 | } | ||
| 131 | |||
| 132 | return $this->render('@WallabagCore/themes/common/Developer/client.html.twig', [ | ||
| 133 | 'form' => $clientForm->createView(), | ||
| 134 | ]); | ||
| 135 | } | ||
| 136 | |||
| 137 | /** | ||
| 138 | * Revoke an access token | ||
| 139 | * @param $token | ||
| 140 | * @Route("/api/revoke/{token}", name="apps_revoke_access_token") | ||
| 141 | * @return JsonResponse | ||
| 142 | */ | ||
| 143 | public function removeAccessTokenAction($token) | ||
| 144 | { | ||
| 145 | if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) { | ||
| 146 | throw new AccessDeniedException(); | ||
| 147 | } | ||
| 148 | |||
| 149 | $em = $this->getDoctrine()->getManager(); | ||
| 150 | $accessToken = $em->getRepository('WallabagApiBundle:AccessToken')->findOneBy([ | ||
| 151 | 'user' => $this->getUser()->getId(), | ||
| 152 | 'token' => $token | ||
| 153 | ]); | ||
| 154 | if ($accessToken) { | ||
| 155 | $em->remove($accessToken); | ||
| 156 | $em->flush(); | ||
| 157 | |||
| 158 | return new JsonResponse([], 204); | ||
| 159 | } | ||
| 160 | return new JsonResponse([], 404); | ||
| 161 | } | ||
| 162 | |||
| 163 | /** | ||
| 164 | * Remove a client. | ||
| 165 | * | ||
| 166 | * @param Client $client | ||
| 167 | * | ||
| 168 | * @Route("/apps/client/delete/{id}", requirements={"id" = "\d+"}, name="apps_delete_client") | ||
| 169 | * | ||
| 170 | * @return \Symfony\Component\HttpFoundation\RedirectResponse | ||
| 171 | */ | ||
| 172 | public function deleteClientAction(Client $client) | ||
| 173 | { | ||
| 174 | if (null === $this->getUser() || $client->getUser()->getId() != $this->getUser()->getId()) { | ||
| 175 | throw $this->createAccessDeniedException('You can not access this client.'); | ||
| 176 | } | ||
| 177 | |||
| 178 | $em = $this->getDoctrine()->getManager(); | ||
| 179 | $em->remove($client); | ||
| 180 | $em->flush(); | ||
| 181 | |||
| 182 | $this->get('session')->getFlashBag()->add( | ||
| 183 | 'notice', | ||
| 184 | $this->get('translator')->trans('flashes.developer.notice.client_deleted', ['%name%' => $client->getName()]) | ||
| 185 | ); | ||
| 186 | |||
| 187 | return $this->redirect($this->generateUrl('apps')); | ||
| 188 | } | ||
| 189 | } | ||