Line 20 | Line 20 |
---|
use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;
/**
|
use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;
/**
|
* OAuth storage wrapper for phpbb's cache
| * OAuth storage wrapper for phpBB's cache
|
*/ class token_storage implements TokenStorageInterface {
|
*/ class token_storage implements TokenStorageInterface {
|
/** * Cache driver. * * @var \phpbb\db\driver\driver_interface */
| /** @var \phpbb\db\driver\driver_interface */
|
protected $db;
|
protected $db;
|
/** * phpBB user * * @var \phpbb\user */
| /** @var \phpbb\user */
|
protected $user;
|
protected $user;
|
/** * OAuth token table * * @var string */
| /** @var string OAuth table: token storage */
|
protected $oauth_token_table;
|
protected $oauth_token_table;
|
/** * OAuth state table * * @var string */
| /** @var string OAuth table: state */
|
protected $oauth_state_table;
|
protected $oauth_state_table;
|
/** * @var object|TokenInterface */
| /** @var TokenInterface OAuth token */
|
protected $cachedToken;
|
protected $cachedToken;
|
/** * @var string */
| /** @var string OAuth state */
|
protected $cachedState;
/**
|
protected $cachedState;
/**
|
* Creates token storage for phpBB.
| * Constructor.
|
*
|
*
|
* @param \phpbb\db\driver\driver_interface $db * @param \phpbb\user $user * @param string $oauth_token_table * @param string $oauth_state_table
| * @param \phpbb\db\driver\driver_interface $db Database object * @param \phpbb\user $user User object * @param string $oauth_token_table OAuth table: token storage * @param string $oauth_state_table OAuth table: state
|
*/ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table) {
|
*/ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table) {
|
$this->db = $db; $this->user = $user;
| $this->db = $db; $this->user = $user;
|
$this->oauth_token_table = $oauth_token_table; $this->oauth_state_table = $oauth_state_table; }
| $this->oauth_token_table = $oauth_token_table; $this->oauth_state_table = $oauth_state_table; }
|
Line 90 | Line 71 |
---|
return $this->cachedToken; }
|
return $this->cachedToken; }
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
);
| ];
|
if ((int) $this->user->data['user_id'] === ANONYMOUS) {
| if ((int) $this->user->data['user_id'] === ANONYMOUS) {
|
Line 112 | Line 93 |
---|
$this->cachedToken = $token;
|
$this->cachedToken = $token;
|
$data = array(
| $data = [
|
'oauth_token' => $this->json_encode_token($token),
|
'oauth_token' => $this->json_encode_token($token),
|
);
| ];
|
$sql = 'UPDATE ' . $this->oauth_token_table . ' SET ' . $this->db->sql_build_array('UPDATE', $data) . '
|
$sql = 'UPDATE ' . $this->oauth_token_table . ' SET ' . $this->db->sql_build_array('UPDATE', $data) . '
|
WHERE user_id = ' . (int) $this->user->data['user_id'] . ' ' . ((int) $this->user->data['user_id'] === ANONYMOUS ? "AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'" : '') . "
| WHERE user_id = ' . (int) $this->user->data['user_id'] . "
|
AND provider = '" . $this->db->sql_escape($service) . "'";
|
AND provider = '" . $this->db->sql_escape($service) . "'";
|
| if ((int) $this->user->data['user_id'] === ANONYMOUS) { $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; }
|
$this->db->sql_query($sql);
if (!$this->db->sql_affectedrows()) {
|
$this->db->sql_query($sql);
if (!$this->db->sql_affectedrows()) {
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'],
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'],
|
);
| ];
|
$sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);
| $sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);
|
Line 152 | Line 138 |
---|
return true; }
|
return true; }
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
);
| ];
|
if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; }
|
if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; }
|
return $this->_has_acess_token($data);
| return $this->has_access_token($data);
|
}
/**
| }
/**
|
Line 198 | Line 184 |
---|
$sql = 'DELETE FROM ' . $this->oauth_token_table . ' WHERE user_id = ' . (int) $this->user->data['user_id'];
|
$sql = 'DELETE FROM ' . $this->oauth_token_table . ' WHERE user_id = ' . (int) $this->user->data['user_id'];
|
if ((int) $this->user->data['user_id'] === ANONYMOUS)
| if ((int) $this->user->data['user_id'] === ANONYMOUS && isset($this->user->data['session_id']))
|
{ $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; }
| { $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; }
|
Line 217 | Line 203 |
---|
$this->cachedState = $state;
|
$this->cachedState = $state;
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_state' => $state, 'session_id' => $this->user->data['session_id'],
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_state' => $state, 'session_id' => $this->user->data['session_id'],
|
);
| ];
|
|
|
$sql = 'INSERT INTO ' . $this->oauth_state_table . ' ' . $this->db->sql_build_array('INSERT', $data);
| $sql = 'INSERT INTO ' . $this->oauth_state_table . ' ' . $this->db->sql_build_array('INSERT', $data);
|
$this->db->sql_query($sql);
return $this;
| $this->db->sql_query($sql);
return $this;
|
Line 243 | Line 228 |
---|
return true; }
|
return true; }
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
);
| ];
|
if ((int) $this->user->data['user_id'] === ANONYMOUS) {
| if ((int) $this->user->data['user_id'] === ANONYMOUS) {
|
Line 268 | Line 253 |
---|
return $this->cachedState; }
|
return $this->cachedState; }
|
$data = array(
| $data = [
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
'user_id' => (int) $this->user->data['user_id'], 'provider' => $service,
|
);
| ];
|
if ((int) $this->user->data['user_id'] === ANONYMOUS) {
| if ((int) $this->user->data['user_id'] === ANONYMOUS) {
|
Line 325 | Line 310 |
---|
}
/**
|
}
/**
|
* Updates the user_id field in the database assosciated with the token
| * Updates the user_id field in the database associated with the token.
|
*
|
*
|
* @param int $user_id
| * @param int $user_id The user identifier * @return void
|
*/ public function set_user_id($user_id) {
| */ public function set_user_id($user_id) {
|
Line 335 | Line 321 |
---|
{ return; }
|
{ return; }
|
| $data = [ 'user_id' => (int) $user_id, ];
|
$sql = 'UPDATE ' . $this->oauth_token_table . '
|
$sql = 'UPDATE ' . $this->oauth_token_table . '
|
SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . '
| SET ' . $this->db->sql_build_array('UPDATE', $data) . '
|
WHERE user_id = ' . (int) $this->user->data['user_id'] . " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; $this->db->sql_query($sql); }
/**
|
WHERE user_id = ' . (int) $this->user->data['user_id'] . " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; $this->db->sql_query($sql); }
/**
|
* Checks to see if an access token exists solely by the session_id of the user
| * Checks to see if an access token exists solely by the session_id of the user.
|
*
|
*
|
* @param string $service The name of the OAuth service * @return bool true if they have token, false if they don't
| * @param string $service The OAuth service name * @return bool true if the user's access token exists, * false if the user's access token does not exist
|
*/ public function has_access_token_by_session($service) {
| */ public function has_access_token_by_session($service) {
|
Line 360 | Line 349 |
---|
return true; }
|
return true; }
|
$data = array(
| $data = [
|
'session_id' => $this->user->data['session_id'], 'provider' => $service,
|
'session_id' => $this->user->data['session_id'], 'provider' => $service,
|
);
| ];
|
|
|
return $this->_has_acess_token($data);
| return $this->has_access_token($data);
|
}
/**
|
}
/**
|
* Checks to see if a state exists solely by the session_id of the user
| * Checks to see if a state exists solely by the session_id of the user.
|
*
|
*
|
* @param string $service The name of the OAuth service * @return bool true if they have state, false if they don't
| * @param string $service The OAuth service name * @return bool true if the user's state exists, * false if the user's state does not exist
|
*/ public function has_state_by_session($service) {
| */ public function has_state_by_session($service) {
|
Line 383 | Line 373 |
---|
return true; }
|
return true; }
|
$data = array(
| $data = [
|
'session_id' => $this->user->data['session_id'], 'provider' => $service,
|
'session_id' => $this->user->data['session_id'], 'provider' => $service,
|
);
| ];
|
return (bool) $this->get_state_row($data); }
/**
|
return (bool) $this->get_state_row($data); }
/**
|
* A helper function that performs the query for has access token functions
| * A helper function that performs the query for has access token functions.
|
*
|
*
|
* @param array $data * @return bool
| * @param array $data The SQL WHERE data * @return bool true if the user's access token exists, * false if the user's access token does not exist
|
*/
|
*/
|
protected function _has_acess_token($data)
| protected function has_access_token($data)
|
{ return (bool) $this->get_access_token_row($data); }
|
{ return (bool) $this->get_access_token_row($data); }
|
| /** * A helper function that performs the query for retrieving access token functions by session. * Also checks if the token is a valid token. * * @param string $service The OAuth service provider name * @return TokenInterface * @throws TokenNotFoundException */
|
public function retrieve_access_token_by_session($service) { $service = $this->get_service_name_for_db($service);
| public function retrieve_access_token_by_session($service) { $service = $this->get_service_name_for_db($service);
|
Line 411 | Line 410 |
---|
return $this->cachedToken; }
|
return $this->cachedToken; }
|
$data = array(
| $data = [
|
'session_id' => $this->user->data['session_id'],
|
'session_id' => $this->user->data['session_id'],
|
'provider' => $service, );
| 'provider' => $service, ];
|
return $this->_retrieve_access_token($data); }
|
return $this->_retrieve_access_token($data); }
|
| /** * A helper function that performs the query for retrieving state functions by session. * * @param string $service The OAuth service provider name * @return string The OAuth state * @throws AuthorizationStateNotFoundException */
|
public function retrieve_state_by_session($service) { $service = $this->get_service_name_for_db($service);
| public function retrieve_state_by_session($service) { $service = $this->get_service_name_for_db($service);
|
Line 428 | Line 434 |
---|
return $this->cachedState; }
|
return $this->cachedState; }
|
$data = array(
| $data = [
|
'session_id' => $this->user->data['session_id'],
|
'session_id' => $this->user->data['session_id'],
|
'provider' => $service, );
| 'provider' => $service, ];
|
return $this->_retrieve_state($data); }
/**
|
return $this->_retrieve_state($data); }
/**
|
* A helper function that performs the query for retrieve access token functions * Also checks if the token is a valid token
| * A helper function that performs the query for retrieve access token functions. * Also checks if the token is a valid token.
|
*
|
*
|
* @param array $data * @return mixed * @throws \OAuth\Common\Storage\Exception\TokenNotFoundException
| * @param array $data The SQL WHERE data * @return TokenInterface * @throws TokenNotFoundException
|
*/ protected function _retrieve_access_token($data) {
| */ protected function _retrieve_access_token($data) {
|
Line 459 | Line 465 |
---|
if (!($token instanceof TokenInterface)) { $this->clearToken($data['provider']);
|
if (!($token instanceof TokenInterface)) { $this->clearToken($data['provider']);
|
|
|
throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); }
$this->cachedToken = $token;
|
throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); }
$this->cachedToken = $token;
|
|
|
return $token; }
/**
|
return $token; }
/**
|
* A helper function that performs the query for retrieve state functions
| * A helper function that performs the query for retrieve state functions.
|
*
|
*
|
* @param array $data * @return mixed * @throws \OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException
| * @param array $data The SQL WHERE data * @return string The OAuth state * @throws AuthorizationStateNotFoundException
|
*/ protected function _retrieve_state($data) {
| */ protected function _retrieve_state($data) {
|
Line 483 | Line 491 |
---|
}
$this->cachedState = $row['oauth_state'];
|
}
$this->cachedState = $row['oauth_state'];
|
|
|
return $this->cachedState; }
/**
|
return $this->cachedState; }
/**
|
* A helper function that performs the query for retrieving an access token
| * A helper function that performs the query for retrieving an access token.
|
*
|
*
|
* @param array $data * @return mixed
| * @param array $data The SQL WHERE data * @return array|false array with the OAuth token row, * false if the token does not exist
|
*/ protected function get_access_token_row($data) {
|
*/ protected function get_access_token_row($data) {
|
$sql = 'SELECT oauth_token FROM ' . $this->oauth_token_table . '
| $sql = 'SELECT oauth_token FROM ' . $this->oauth_token_table . '
|
WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result);
| WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result);
|
Line 504 | Line 515 |
---|
}
/**
|
}
/**
|
* A helper function that performs the query for retrieving a state
| * A helper function that performs the query for retrieving a state.
|
*
|
*
|
* @param array $data * @return mixed
| * @param array $data The SQL WHERE data * @return array|false array with the OAuth state row, * false if the state does not exist
|
*/ protected function get_state_row($data) {
|
*/ protected function get_state_row($data) {
|
$sql = 'SELECT oauth_state FROM ' . $this->oauth_state_table . '
| $sql = 'SELECT oauth_state FROM ' . $this->oauth_state_table . '
|
WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result);
| WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result);
|
Line 520 | Line 533 |
---|
return $row; }
|
return $row; }
|
| /** * A helper function that JSON encodes a TokenInterface's data. * * @param TokenInterface $token * @return string The json encoded TokenInterface's data */
|
public function json_encode_token(TokenInterface $token) {
|
public function json_encode_token(TokenInterface $token) {
|
$members = array(
| $members = [
|
'accessToken' => $token->getAccessToken(), 'endOfLife' => $token->getEndOfLife(), 'extraParams' => $token->getExtraParams(), 'refreshToken' => $token->getRefreshToken(),
'token_class' => get_class($token),
|
'accessToken' => $token->getAccessToken(), 'endOfLife' => $token->getEndOfLife(), 'extraParams' => $token->getExtraParams(), 'refreshToken' => $token->getRefreshToken(),
'token_class' => get_class($token),
|
);
| ];
|
// Handle additional data needed for OAuth1 tokens if ($token instanceof StdOAuth1Token)
| // Handle additional data needed for OAuth1 tokens if ($token instanceof StdOAuth1Token)
|
Line 542 | Line 561 |
---|
return json_encode($members); }
|
return json_encode($members); }
|
| /** * A helper function that JSON decodes a data string and creates a TokenInterface. * * @param string $json The json encoded TokenInterface's data * @return TokenInterface * @throws TokenNotFoundException */
|
public function json_decode_token($json) { $token_data = json_decode($json, true);
| public function json_decode_token($json) { $token_data = json_decode($json, true);
|
Line 557 | Line 583 |
---|
$endOfLife = $token_data['endOfLife']; $extra_params = $token_data['extraParams'];
|
$endOfLife = $token_data['endOfLife']; $extra_params = $token_data['extraParams'];
|
// Create the token
| /** * Create the token * @var TokenInterface $token */
|
$token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params); $token->setEndOfLife($endOfLife);
| $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params); $token->setEndOfLife($endOfLife);
|
Line 573 | Line 602 |
---|
}
/**
|
}
/**
|
* Returns the name of the service as it must be stored in the database.
| * Returns the service name as it must be stored in the database.
|
*
|
*
|
* @param string $service The name of the OAuth service * @return string The name of the OAuth service as it needs to be stored * in the database.
| * @param string $provider The OAuth provider name * @return string The OAuth service name
|
*/
|
*/
|
protected function get_service_name_for_db($service)
| protected function get_service_name_for_db($provider)
|
{ // Enforce the naming convention for oauth services
|
{ // Enforce the naming convention for oauth services
|
if (strpos($service, 'auth.provider.oauth.service.') !== 0)
| if (strpos($provider, 'auth.provider.oauth.service.') !== 0)
|
{
|
{
|
$service = 'auth.provider.oauth.service.' . strtolower($service);
| $provider = 'auth.provider.oauth.service.' . strtolower($provider);
|
}
|
}
|
return $service;
| return $provider;
|
} }
| } }
|