handle new AuthorizeException, update php-oauth-client dependency

CHANGES.md

@@ -1,5 +1,11 @@
 # Release History
 
+## 0.1.3
+* update php-oauth-client to 0.2.0, see
+  https://github.com/fkooman/php-oauth-client/blob/0.2.0/CHANGES.md
+* add AuthorizeException support for dealing with authorization server
+  non-fatal errors (e.g.: user did not give permission)
+
 ## 0.1.2
 * update php-oauth-client to 0.1.1, see 
   https://github.com/fkooman/php-oauth-client/blob/0.1.1/CHANGES.md

composer.json

@@ -2,7 +2,7 @@
     "name": "fkooman/ssp-voot-groups",
     "require": {
         "fkooman/guzzle-bearer-auth-plugin": "0.2.1",
-        "fkooman/php-oauth-client": "dev-master",
+        "fkooman/php-oauth-client": "0.2.0",
         "pimple/pimple": "v1.0.2"
     }
 }

www/callback.php

@@ -24,15 +24,14 @@
 
     if (false === $vootCall->makeCall($diContainer['vootEndpoint'], $accessToken->getAccessToken(), $attributes, $diContainer['targetAttribute'])) {
         // unable to fetch groups, something is wrong with the token?
-        throw new Exception("unable to fetch groups with seemingly valid bearer token");
+        throw new \Exception("unable to fetch groups with seemingly valid bearer token");
     }
-} catch (\fkooman\OAuth\Client\CallbackException $e) {
-    // something went wrong with the callback, maybe the user did not
-    // agree to the release, or maybe something else was up.
-    // FIXME: we should be more fine grained here!
-    // for now we just continue without notifying the user, without adding the
-    // groups...
+} catch (\fkooman\OAuth\Client\AuthorizeException $e) {
+    // we just continue as if nothing happened, there will be no groups in
+    // the assertion... The user probably did not agree to release groups
 }
+// any other exception is unexpected and not part of the normal flow, we give
+// this to simpleSAMLphp to deal with...
 
 // FIXME: the resumeProcessing does not work yet... how do you deal with this?!
 SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);