Fixed the error for undefined method RequestStack::getSession() for S…

…ymfony <5.3
knpuniversity · Jan 30, 2023 · 73c28c6 · 73c28c6
1 parent 54394f1
commit 73c28c6
Showing 1 changed file with 52 additions and 5 deletions.
diff --git a/src/Client/OAuth2PKCEClient.php b/src/Client/OAuth2PKCEClient.php
@@ -11,6 +11,10 @@
 namespace KnpU\OAuth2ClientBundle\Client;
 
 use League\OAuth2\Client\Provider\AbstractProvider;
+use League\OAuth2\Client\Token\AccessToken;
+use League\OAuth2\Client\Token\AccessTokenInterface;
+use LogicException;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
@@ -23,19 +27,28 @@ class OAuth2PKCEClient extends OAuth2Client
 {
     public const VERIFIER_KEY = 'pkce_code_verifier';
 
-    /** @var SessionInterface */
-    protected $session;
+    /** @var RequestStack */
+    private $requestStack;
 
     public function __construct(AbstractProvider $provider,
                                 RequestStack $requestStack)
     {
         parent::__construct($provider, $requestStack);
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
     }
 
+    /**
+     * Enhance the RedirectResponse prepared by OAuth2Client::redirect() with
+     * PKCE code challenge and code challenge method parameters.
+     *
+     * @see OAuth2Client::redirect()
+     * @param array $scopes
+     * @param array $options
+     * @return RedirectResponse
+     */
     public function redirect(array $scopes = [], array $options = [])
     {
-        $this->session->set(static::VERIFIER_KEY, $code_verifier = bin2hex(random_bytes(64)));
+        $this->getSession()->set(static::VERIFIER_KEY, $code_verifier = bin2hex(random_bytes(64)));
         $pkce = [
             'code_challenge' => rtrim(strtr(base64_encode(hash('sha256', $code_verifier, true)), '+/', '-_'), '='),
             'code_challenge_method' => 'S256',
@@ -44,8 +57,42 @@ public function redirect(array $scopes = [], array $options = [])
         return parent::redirect($scopes, $options + $pkce);
     }
 
+    /**
+     * Enhance the token exchange calls by OAuth2Client::getAccessToken() with
+     * PKCE code verifier parameter
+     *
+     * @see OAuth2Client::getAccessToken()
+     * @param array $options
+     * @return AccessToken|AccessTokenInterface
+     * @throws LogicException When there is no code verifier found in the session
+     */
     public function getAccessToken(array $options = [])
     {
-        return parent::getAccessToken($options + ['code_verifier' => $this->session->get(static::VERIFIER_KEY)]);
+        if (!$this->getSession()->has(static::VERIFIER_KEY)) {
+            throw new LogicException('Unable to fetch token from OAuth2 server because there is no PKCE code verifier stored in the session');
+        }
+        $pkce = ['code_verifier' => $this->getSession()->get(static::VERIFIER_KEY)];
+        $this->getSession()->remove(static::VERIFIER_KEY);
+        return parent::getAccessToken($options + $pkce);
+    }
+
+    /**
+     * @return SessionInterface
+     * @throws LogicException When there is no current request
+     * @throws SessionNotFoundException When session is not set properly
+     */
+    protected function getSession()
+    {
+        $request = $this->requestStack->getCurrentRequest();
+
+        if (!$request) {
+            throw new LogicException('There is no "current request", and it is needed to perform this action');
+        }
+
+        if (!($session = $request->getSession())) {
+            throw new LogicException('Session support must be enabled in order to use a OAuth2 server with PKCE extension');
+        }
+
+        return $session;
     }
 }