src/Controller/SecurityCognitoController.php line 19

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
  6. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\RequestStack;
  10. use Symfony\Component\Routing\Annotation\Route;
  11. use Symfony\Component\Security\Core\Security;
  13. class SecurityCognitoController extends AbstractController
  14. {
  15.     /**
  16.      * Link to this controller to start the "connect" process
  17.      */
  18.     #[Route("/login-aws"name:"connect_cognito_start")]
  19.     public function connectAction(ClientRegistry $clientRegistry)
  20.     {
  21.         // will redirect to AWS Cognito!
  22.         return $clientRegistry
  23.             ->getClient('cognito'// key used in config/packages/knpu_oauth2_client.yaml
  24.             ->redirect();
  25.     }
  27.     /**
  28.      * After going to Cognito, you're redirected back here
  29.      * because this is the "callback URL" you configured
  30.      * in AWS Cognito APP settings
  31.      */
  32.     #[Route("/security/cognito/check"name:"connect_cognito_check")]
  33.     public function connectCheckAction(Request $requestClientRegistry $clientRegistry)
  34.     {
  35.         // ** if you want to *authenticate* the user, then
  36.         // leave this method blank and create a Guard authenticator
  37.         // $client = $clientRegistry->getClient('cognito');
  38.         // dd('dd',$client);
  39.         // try {
  40.         //     // the exact class depends on which provider you're using
  41.         //     $user = $client->fetchUser();
  43.         //     // do something with all this new power!
  44.         //     // e.g. $name = $user->getFirstName();
  45.         //     var_dump($user); die;
  46.         //     // ...
  47.         // } catch (IdentityProviderException $e) {
  48.         //     // something went wrong!
  49.         //     // probably you should return the reason to the user
  50.         //     var_dump($e->getMessage()); die;
  51.         // }
  52.     }
  54.     #[Route("/logout-aws"name"app_logout")]
  55.     public function logout(Request $requestClientRegistry $clientRegistryRequestStack $requestStackSecurity $security)
  56.     {
  57.         $session $requestStack->getSession();
  58.         $access_token $session->get('token');
  59.         $values $this->getParameter('cognito');
  60.         $client $clientRegistry->getClient('cognito');
  61.         $provider $client->getOAuth2Provider();
  62.        $state $session->get('knpu.oauth2_client_state');
  64.         $client_id = ($values['client_id']) ? $values['client_id'] : '';
  65.         $region = ($values['region']) ? $values['region'] : '';
  66.         $cognitoDomain = ($values['cognito_domain']) ? $values['cognito_domain'] : '';
  67.         $domain $requestStack->getCurrentRequest()->getSchemeAndHttpHost();;
  69.         $security->getToken()->setAuthenticated(false);
  71.         $targetUrl 'https://' $cognitoDomain '.auth.' $region '.amazoncognito.com/logout?response_type=code&client_id=' $client_id '&redirect_uri=' urlencode($domain) . '/security/cognito/check&state=' $state .'&scope=openid+profile+email';
  72.         return new RedirectResponse($targetUrl);
  73.     }
  74. }