phpBB

Code Changes

File: phpbb/auth/provider/oauth/token_storage.php

  Unmodified   Added   Modified   Removed
Line 20Line 20
use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;

/**

use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;

/**

* OAuth storage wrapper for phpbb's cache

 * OAuth storage wrapper for phpBB's cache

*/
class token_storage implements TokenStorageInterface
{

*/
class token_storage implements TokenStorageInterface
{

	/**
* Cache driver.
*
* @var \phpbb\db\driver\driver_interface
*/

	/** @var \phpbb\db\driver\driver_interface */





	protected $db;


	protected $db;


	/**
* phpBB user
*
* @var \phpbb\user
*/

	/** @var \phpbb\user */





	protected $user;


	protected $user;


	/**
* OAuth token table
*
* @var string
*/

	/** @var string OAuth table: token storage */





	protected $oauth_token_table;


	protected $oauth_token_table;


	/**
* OAuth state table
*
* @var string
*/

	/** @var string OAuth table: state */





	protected $oauth_state_table;


	protected $oauth_state_table;


	/**
* @var object|TokenInterface
*/

	/** @var TokenInterface OAuth token */



	protected $cachedToken;


	protected $cachedToken;


	/**
* @var string
*/

	/** @var string OAuth state */



	protected $cachedState;

/**

	protected $cachedState;

/**

	* Creates token storage for phpBB.

	 * Constructor.

	*

	*

	* @param	\phpbb\db\driver\driver_interface	$db
* @param \phpbb\user $user
* @param string $oauth_token_table
* @param string $oauth_state_table

	 * @param \phpbb\db\driver\driver_interface	$db					Database object
* @param \phpbb\user $user User object
* @param string $oauth_token_table OAuth table: token storage
* @param string $oauth_state_table OAuth table: state

	*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table)
{

	*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table)
{

		$this->db = $db;
$this->user = $user;


		$this->db	= $db;
$this->user = $user;


		$this->oauth_token_table = $oauth_token_table;
$this->oauth_state_table = $oauth_state_table;
}

		$this->oauth_token_table = $oauth_token_table;
$this->oauth_state_table = $oauth_state_table;
}

Line 90Line 71
			return $this->cachedToken;
}


			return $this->cachedToken;
}


		$data = array(

		$data = [

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

		);

		];


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{

Line 112Line 93

$this->cachedToken = $token;



$this->cachedToken = $token;


		$data = array(

		$data = [

			'oauth_token'	=> $this->json_encode_token($token),

			'oauth_token'	=> $this->json_encode_token($token),

		);

		];


$sql = 'UPDATE ' . $this->oauth_token_table . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . '


$sql = 'UPDATE ' . $this->oauth_token_table . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . '

				WHERE user_id = ' . (int) $this->user->data['user_id'] . '
' . ((int) $this->user->data['user_id'] === ANONYMOUS ? "AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'" : '') . "

			WHERE user_id = ' . (int) $this->user->data['user_id'] . "


					AND provider = '" . $this->db->sql_escape($service) . "'";

					AND provider = '" . $this->db->sql_escape($service) . "'";

 

if ((int) $this->user->data['user_id'] === ANONYMOUS)
{
$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
}


		$this->db->sql_query($sql);

if (!$this->db->sql_affectedrows())
{

		$this->db->sql_query($sql);

if (!$this->db->sql_affectedrows())
{

			$data = array(

			$data = [

				'user_id'		=> (int) $this->user->data['user_id'],
'provider' => $service,
'oauth_token' => $this->json_encode_token($token),
'session_id' => $this->user->data['session_id'],

				'user_id'		=> (int) $this->user->data['user_id'],
'provider' => $service,
'oauth_token' => $this->json_encode_token($token),
'session_id' => $this->user->data['session_id'],

			);

			];


$sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);



$sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);


Line 152Line 138
			return true;
}


			return true;
}


		$data = array(

		$data = [

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

		);

		];


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{
$data['session_id'] = $this->user->data['session_id'];
}



if ((int) $this->user->data['user_id'] === ANONYMOUS)
{
$data['session_id'] = $this->user->data['session_id'];
}


		return $this->_has_acess_token($data);

		return $this->has_access_token($data);

	}

/**

	}

/**

Line 198Line 184
		$sql = 'DELETE FROM ' . $this->oauth_token_table . '
WHERE user_id = ' . (int) $this->user->data['user_id'];


		$sql = 'DELETE FROM ' . $this->oauth_token_table . '
WHERE user_id = ' . (int) $this->user->data['user_id'];


		if ((int) $this->user->data['user_id'] === ANONYMOUS)

		if ((int) $this->user->data['user_id'] === ANONYMOUS && isset($this->user->data['session_id']))

		{
$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
}

		{
$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
}

Line 217Line 203

$this->cachedState = $state;



$this->cachedState = $state;


		$data = array(

		$data = [

			'user_id'		=> (int) $this->user->data['user_id'],
'provider' => $service,
'oauth_state' => $state,
'session_id' => $this->user->data['session_id'],

			'user_id'		=> (int) $this->user->data['user_id'],
'provider' => $service,
'oauth_state' => $state,
'session_id' => $this->user->data['session_id'],

		);

		];





		$sql = 'INSERT INTO ' . $this->oauth_state_table . '
' . $this->db->sql_build_array('INSERT', $data);

		$sql = 'INSERT INTO ' . $this->oauth_state_table . ' ' . $this->db->sql_build_array('INSERT', $data);


		$this->db->sql_query($sql);

return $this;

		$this->db->sql_query($sql);

return $this;

Line 243Line 228
			return true;
}


			return true;
}


		$data = array(

		$data = [

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

		);

		];


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{

Line 268Line 253
			return $this->cachedState;
}


			return $this->cachedState;
}


		$data = array(

		$data = [

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

			'user_id'	=> (int) $this->user->data['user_id'],
'provider' => $service,

		);

		];


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{


if ((int) $this->user->data['user_id'] === ANONYMOUS)
{

Line 325Line 310
	}

/**

	}

/**

	* Updates the user_id field in the database assosciated with the token

	 * Updates the user_id field in the database associated with the token.

	*

	*

	* @param	int	$user_id


	 * @param int		$user_id	The user identifier
* @return void

	*/
public function set_user_id($user_id)
{

	*/
public function set_user_id($user_id)
{

Line 335Line 321
		{
return;
}

		{
return;
}

 

$data = [
'user_id' => (int) $user_id,
];


$sql = 'UPDATE ' . $this->oauth_token_table . '


$sql = 'UPDATE ' . $this->oauth_token_table . '

			SET ' . $this->db->sql_build_array('UPDATE', array(
'user_id' => (int) $user_id
)) . '

			SET ' . $this->db->sql_build_array('UPDATE', $data) . '



				WHERE user_id = ' . (int) $this->user->data['user_id'] . "
AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
$this->db->sql_query($sql);
}

/**

				WHERE user_id = ' . (int) $this->user->data['user_id'] . "
AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
$this->db->sql_query($sql);
}

/**

	* Checks to see if an access token exists solely by the session_id of the user

	 * Checks to see if an access token exists solely by the session_id of the user.

	*

	*

	* @param	string	$service	The name of the OAuth service
* @return bool true if they have token, false if they don't


	 * @param string	$service	The OAuth service name
* @return bool true if the user's access token exists,
* false if the user's access token does not exist

	*/
public function has_access_token_by_session($service)
{

	*/
public function has_access_token_by_session($service)
{

Line 360Line 349
			return true;
}


			return true;
}


		$data = array(

		$data = [

			'session_id'	=> $this->user->data['session_id'],
'provider' => $service,

			'session_id'	=> $this->user->data['session_id'],
'provider' => $service,

		);

		];





		return $this->_has_acess_token($data);

		return $this->has_access_token($data);

	}

/**

	}

/**

	* Checks to see if a state exists solely by the session_id of the user

	 * Checks to see if a state exists solely by the session_id of the user.

	*

	*

	* @param	string	$service	The name of the OAuth service
* @return bool true if they have state, false if they don't


	 * @param string	$service	The OAuth service name
* @return bool true if the user's state exists,
* false if the user's state does not exist

	*/
public function has_state_by_session($service)
{

	*/
public function has_state_by_session($service)
{

Line 383Line 373
			return true;
}


			return true;
}


		$data = array(

		$data = [

			'session_id'	=> $this->user->data['session_id'],
'provider' => $service,

			'session_id'	=> $this->user->data['session_id'],
'provider' => $service,

		);

		];


return (bool) $this->get_state_row($data);
}

/**


return (bool) $this->get_state_row($data);
}

/**

	* A helper function that performs the query for has access token functions

	 * A helper function that performs the query for has access token functions.

	*

	*

	* @param	array	$data
* @return bool


	 * @param array		$data		The SQL WHERE data
* @return bool true if the user's access token exists,
* false if the user's access token does not exist

	*/

	*/

	protected function _has_acess_token($data)

	protected function has_access_token($data)

	{
return (bool) $this->get_access_token_row($data);
}


	{
return (bool) $this->get_access_token_row($data);
}


 
	/**
* A helper function that performs the query for retrieving access token functions by session.
* Also checks if the token is a valid token.
*
* @param string $service The OAuth service provider name
* @return TokenInterface
* @throws TokenNotFoundException
*/

	public function retrieve_access_token_by_session($service)
{
$service = $this->get_service_name_for_db($service);

	public function retrieve_access_token_by_session($service)
{
$service = $this->get_service_name_for_db($service);

Line 411Line 410
			return $this->cachedToken;
}


			return $this->cachedToken;
}


		$data = array(

		$data = [

			'session_id'	=> $this->user->data['session_id'],

			'session_id'	=> $this->user->data['session_id'],

			'provider'	=> $service,
);

			'provider'		=> $service,
];


return $this->_retrieve_access_token($data);
}



return $this->_retrieve_access_token($data);
}


 
	/**
* A helper function that performs the query for retrieving state functions by session.
*
* @param string $service The OAuth service provider name
* @return string The OAuth state
* @throws AuthorizationStateNotFoundException
*/

	public function retrieve_state_by_session($service)
{
$service = $this->get_service_name_for_db($service);

	public function retrieve_state_by_session($service)
{
$service = $this->get_service_name_for_db($service);

Line 428Line 434
			return $this->cachedState;
}


			return $this->cachedState;
}


		$data = array(

		$data = [

			'session_id'	=> $this->user->data['session_id'],

			'session_id'	=> $this->user->data['session_id'],

			'provider'	=> $service,
);

			'provider'		=> $service,
];


return $this->_retrieve_state($data);
}

/**


return $this->_retrieve_state($data);
}

/**

	* A helper function that performs the query for retrieve access token functions
* Also checks if the token is a valid token

	 * A helper function that performs the query for retrieve access token functions.
* Also checks if the token is a valid token.

	*

	*

	* @param	array	$data
* @return mixed
* @throws \OAuth\Common\Storage\Exception\TokenNotFoundException

	 * @param array		$data		The SQL WHERE data
* @return TokenInterface
* @throws TokenNotFoundException

	*/
protected function _retrieve_access_token($data)
{

	*/
protected function _retrieve_access_token($data)
{

Line 459Line 465
		if (!($token instanceof TokenInterface))
{
$this->clearToken($data['provider']);

		if (!($token instanceof TokenInterface))
{
$this->clearToken($data['provider']);

 


			throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
}

$this->cachedToken = $token;

			throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
}

$this->cachedToken = $token;

 


		return $token;
}

/**

		return $token;
}

/**

	 * A helper function that performs the query for retrieve state functions

	 * A helper function that performs the query for retrieve state functions.

	 *

	 *

	 * @param	array	$data
* @return mixed
* @throws \OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException

	 * @param array		$data		The SQL WHERE data
* @return string The OAuth state
* @throws AuthorizationStateNotFoundException

	 */
protected function _retrieve_state($data)
{

	 */
protected function _retrieve_state($data)
{

Line 483Line 491
		}

$this->cachedState = $row['oauth_state'];

		}

$this->cachedState = $row['oauth_state'];

 


		return $this->cachedState;
}

/**

		return $this->cachedState;
}

/**

	* A helper function that performs the query for retrieving an access token

	 * A helper function that performs the query for retrieving an access token.

	*

	*

	* @param	array	$data
* @return mixed


	 * @param array		$data		The SQL WHERE data
* @return array|false array with the OAuth token row,
* false if the token does not exist

	*/
protected function get_access_token_row($data)
{

	*/
protected function get_access_token_row($data)
{

		$sql = 'SELECT oauth_token FROM ' . $this->oauth_token_table . '


		$sql = 'SELECT oauth_token
FROM ' . $this->oauth_token_table . '

			WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);

			WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);

Line 504Line 515
	}

/**

	}

/**

	 * A helper function that performs the query for retrieving a state

	 * A helper function that performs the query for retrieving a state.

	 *

	 *

	 * @param	array	$data
* @return mixed


	 * @param array		$data		The SQL WHERE data
* @return array|false array with the OAuth state row,
* false if the state does not exist

	 */
protected function get_state_row($data)
{

	 */
protected function get_state_row($data)
{

		$sql = 'SELECT oauth_state FROM ' . $this->oauth_state_table . '


		$sql = 'SELECT oauth_state
FROM ' . $this->oauth_state_table . '

			WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);

			WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);

Line 520Line 533
		return $row;
}


		return $row;
}


 
	/**
* A helper function that JSON encodes a TokenInterface's data.
*
* @param TokenInterface $token
* @return string The json encoded TokenInterface's data
*/

	public function json_encode_token(TokenInterface $token)
{

	public function json_encode_token(TokenInterface $token)
{

		$members = array(

		$members = [

			'accessToken'	=> $token->getAccessToken(),
'endOfLife' => $token->getEndOfLife(),
'extraParams' => $token->getExtraParams(),
'refreshToken' => $token->getRefreshToken(),

'token_class' => get_class($token),

			'accessToken'	=> $token->getAccessToken(),
'endOfLife' => $token->getEndOfLife(),
'extraParams' => $token->getExtraParams(),
'refreshToken' => $token->getRefreshToken(),

'token_class' => get_class($token),

		);

		];


// Handle additional data needed for OAuth1 tokens
if ($token instanceof StdOAuth1Token)


// Handle additional data needed for OAuth1 tokens
if ($token instanceof StdOAuth1Token)

Line 542Line 561
		return json_encode($members);
}


		return json_encode($members);
}


 
	/**
* A helper function that JSON decodes a data string and creates a TokenInterface.
*
* @param string $json The json encoded TokenInterface's data
* @return TokenInterface
* @throws TokenNotFoundException
*/

	public function json_decode_token($json)
{
$token_data = json_decode($json, true);

	public function json_decode_token($json)
{
$token_data = json_decode($json, true);

Line 557Line 583
		$endOfLife		= $token_data['endOfLife'];
$extra_params = $token_data['extraParams'];


		$endOfLife		= $token_data['endOfLife'];
$extra_params = $token_data['extraParams'];


		// Create the token




		/**
* Create the token
* @var TokenInterface $token
*/

		$token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);
$token->setEndOfLife($endOfLife);


		$token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);
$token->setEndOfLife($endOfLife);


Line 573Line 602
	}

/**

	}

/**

	* Returns the name of the service as it must be stored in the database.

	 * Returns the service name as it must be stored in the database.

	*

	*

	* @param	string	$service	The name of the OAuth service
* @return string The name of the OAuth service as it needs to be stored
* in the database.

	 * @param string	$provider	The OAuth provider name
* @return string The OAuth service name


	*/

	*/

	protected function get_service_name_for_db($service)

	protected function get_service_name_for_db($provider)

	{
// Enforce the naming convention for oauth services

	{
// Enforce the naming convention for oauth services

		if (strpos($service, 'auth.provider.oauth.service.') !== 0)

		if (strpos($provider, 'auth.provider.oauth.service.') !== 0)

		{

		{

			$service = 'auth.provider.oauth.service.' . strtolower($service);

			$provider = 'auth.provider.oauth.service.' . strtolower($provider);

		}


		}


		return $service;

		return $provider;

	}
}


	}
}