From 33d1d19f9775242a260adbb33b0bfa4b5324dedf Mon Sep 17 00:00:00 2001
From: Jakub Senko <jakubsenko@gmail.com>
Date: Sun, 22 May 2016 15:05:49 +0200
Subject: [ticket/14586] Add OAuth1 support

PHPBB3-14586
---
 phpBB/phpbb/auth/provider/oauth/token_storage.php | 24 ++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'phpBB/phpbb/auth/provider/oauth/token_storage.php')

diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php
index e922342ef6..b0c2fd0d62 100644
--- a/phpBB/phpbb/auth/provider/oauth/token_storage.php
+++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php
@@ -113,16 +113,30 @@ class token_storage implements TokenStorageInterface
 		$this->cachedToken = $token;
 
 		$data = array(
-			'user_id'		=> (int) $this->user->data['user_id'],
-			'provider'		=> $service,
 			'oauth_token'	=> $this->json_encode_token($token),
-			'session_id'	=> $this->user->data['session_id'],
 		);
 
-		$sql = 'INSERT INTO ' . $this->oauth_token_table . '
-			' . $this->db->sql_build_array('INSERT', $data);
+		$sql = 'UPDATE ' . $this->oauth_token_table . '
+				SET ' . $this->db->sql_build_array('UPDATE', $data) . '
+				WHERE user_id = ' . (int) $this->user->data['user_id'] . '
+					' . ((int) $this->user->data['user_id'] === ANONYMOUS ? "AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'" : '') . "
+					AND provider = '" . $this->db->sql_escape($service) . "'";
 		$this->db->sql_query($sql);
 
+		if (!$this->db->sql_affectedrows())
+		{
+			$data = array(
+				'user_id'		=> (int) $this->user->data['user_id'],
+				'provider'		=> $service,
+				'oauth_token'	=> $this->json_encode_token($token),
+				'session_id'	=> $this->user->data['session_id'],
+			);
+
+			$sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);
+
+			$this->db->sql_query($sql);
+		}
+
 		return $this;
 	}
 
-- 
cgit v1.2.1