renatomefidf/sammui

View on GitHub
src/Renatomefi/ApiBundle/OAuth/LogoutSuccess.php

Summary

Maintainability
A
25 mins
Test Coverage
<?php

namespace Renatomefi\ApiBundle\OAuth;

use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Request;
use FOS\OAuthServerBundle\Model\AccessTokenManagerInterface;
use FOS\OAuthServerBundle\Model\RefreshTokenManagerInterface;
use Symfony\Component\Security\Http\Logout\DefaultLogoutSuccessHandler;
use Symfony\Component\Security\Http\HttpUtils;

/**
 * Class LogoutSuccess
 * @package Renatomefi\ApiBundle\OAuth
 */
class LogoutSuccess extends DefaultLogoutSuccessHandler
{

    /**
     * @var AccessTokenManagerInterface
     */
    protected $accessTokenManager;
    /**
     * @var RefreshTokenManagerInterface
     */
    protected $refreshTokenManager;

    /**
     * {@inheritdoc}
     * @param AccessTokenManagerInterface $accessTokenManager
     * @param RefreshTokenManagerInterface $refreshTokenManager
     * @param HttpUtils $httpUtils
     * @param string $targetUrl
     */
    public function __construct(AccessTokenManagerInterface $accessTokenManager, RefreshTokenManagerInterface $refreshTokenManager, HttpUtils $httpUtils, $targetUrl = '/')
    {
        parent::__construct($httpUtils, $targetUrl);

        $this->accessTokenManager = $accessTokenManager;
        $this->refreshTokenManager = $refreshTokenManager;
    }

    /**
     * {@inheritdoc}
     * @param Request $request
     * @return Response
     */
    public function onLogoutSuccess(Request $request)
    {
        if ($accessToken = $this->accessTokenManager->findTokenByToken($request->get('access_token'))) {
            $this->accessTokenManager->deleteToken($accessToken);
        }

        if ($accessToken = $this->accessTokenManager->findTokenByToken($request->cookies->get('access_token'))) {
            $this->accessTokenManager->deleteToken($accessToken);
        }

        if ($accessToken = $request->server->get('HTTP_AUTHORIZATION')) {
            if ($accessTokenObj = $this->accessTokenManager->findTokenByToken(substr($accessToken, 7))) {
                $this->accessTokenManager->deleteToken($accessTokenObj);
            }
        }

        if ($refreshToken = $this->refreshTokenManager->findTokenByToken($request->cookies->get('refresh_token'))) {
            $this->refreshTokenManager->deleteToken($refreshToken);
        }

        $request->headers->remove('Authorization');
        $request->server->remove('HTTP_AUTHORIZATION');

        $request->cookies->remove('access_token');
        $request->cookies->remove('refresh_token');

        $response = Response::create();
        $response->headers->clearCookie('access_token');
        $response->headers->clearCookie('refresh_token');

        return $response;
    }
}