src/Controller/AuthController.php line 52
<?phpnamespace App\Controller;use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\Routing\Annotation\Route;use Symfony\Component\HttpFoundation\Session\SessionInterface;use Microsoft\Graph\Graph;use Microsoft\Graph\Model;class AuthController extends AbstractController{private $clientId;private $clientSecret;private $tenantId;private $redirectUri;// public function __construct()public function __construct(){$this->clientId = 'e7f8d124-a76c-4296-8695-f827391b2b77';//$this->clientSecret = 'TGc8Q~Buu3CbivX4faPn0O53PFvqgrpOy9JykbvP';$this->clientSecret = 'G2H8Q~qrFG2B39H1sNfV4Z035Z3y-I7.fHdl7aU9';$this->tenantId = 'ef5de0ba-bf98-4bbd-b84f-8dea1c09508e';$this->redirectUri = 'https://firma.vilaviniteca.es/oauth/callback';}/*** @Route("/login", name="login")*/public function login(SessionInterface $session): Response{$state = bin2hex(random_bytes(16));$session->set('oauth_state', $state);$url = "https://login.microsoftonline.com/{$this->tenantId}/oauth2/v2.0/authorize?";$url .= "client_id={$this->clientId}";$url .= "&response_type=code";$url .= "&redirect_uri=" . urlencode($this->redirectUri);$url .= "&response_mode=query";$url .= "&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2F.default";$url .= "&state={$state}";return $this->redirect($url);}/*** @Route("/oauth/callback", name="oauth_callback")*/public function oauthCallback(Request $request, SessionInterface $session): Response{$state = $request->query->get('state');$storedState = $session->get('oauth_state');if ($state !== $storedState) {// Error: el estado no coincidereturn $this->redirectToRoute('app_error', ['message' => 'El estado no coincide. Posible ataque CSRF.']);}$code = $request->query->get('code');$accessToken = $this->getAccessToken($code);##DEBUG// echo "Este es el code: <br>";// var_dump($code);// echo "<br>";// echo "Este es el accessToken: <br>";// var_dump($accessToken);// exit();if ($accessToken) {$userInfo = $this->getUserInfo($accessToken);// Aquí puedes almacenar el token de acceso en la sesión y realizar acciones adicionales si es necesario$session->set('user_info', $userInfo);$session->set('access_token', $accessToken);// Redirigir al usuario a la ruta /generador// echo " Redirigir al usuario a la ruta /generador";// exit();// return $this->redirectToRoute('generador');return $this->redirectToRoute('app_generador_de_firmas');} else {// Error: no se pudo obtener el token de acceso// echo "Error: no se pudo obtener el token de acceso";// exit();return $this->redirectToRoute('error', ['message' => 'No se pudo obtener el token de acceso.']);}}private function getAccessToken($code){$url = "https://login.microsoftonline.com/{$this->tenantId}/oauth2/v2.0/token";$params = ['client_id' => $this->clientId,'client_secret' => $this->clientSecret,'grant_type' => 'authorization_code','code' => $code,'redirect_uri' => $this->redirectUri,];$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);$response = curl_exec($ch);curl_close($ch);$responseData = json_decode($response, true);if (isset($responseData['access_token'])) {return $responseData['access_token'];} else {return null;}}private function getUserInfo($accessToken){$graph = new Graph();$graph->setAccessToken($accessToken);$user = $graph->createRequest('GET', '/me')->setReturnType(Model\User::class)->execute();return $user;}/*** @Route("/logout", name="logout")*/public function logout(SessionInterface $session): Response{$session->remove('access_token');$session->remove('user_info');// var_dump($session->get('access_token'));// exit();return $this->redirectToRoute('app_home');}}