Merge branch 'develop' of github.com:phpbb/phpbb3 into ticket/11373

# By Joseph Warner (188) and others # Via Andreas Fischer (41) and others * 'develop' of github.com:phpbb/phpbb3: (435 commits) [ticket/11745] Correct language, coding guidelines [ticket/11828] Fix greedy operators in lexer [ticket/11835] Fix ucp_auth_link adding in migration [prep-release-3.0.12] Remove changelog entry for ticket that was not resolved. [ticket/develop/11832] Fix path detection [ticket/11833] Prevent Twig errors from invalid template loops using BEGINELSE [ticket/11833] Fix bad template loop [feature/oauth] Fix tabindex [ticket/11816] !$DOESNT_EXIST test [ticket/9550] Add the core.viewtopic_post_rowset_data event to viewtopic.php [ticket/11829] Use report_closed to determine status in MCP report_details [ticket/11825] Move schema_data.php into includes/ instead of phpbb/ [ticket/11215] Remove unnecessary comment [ticket/11755] MySQL upgrader out of date [prep-release-3.0.12] Update Changelog for 3.0.12-RC3 release. [prep-release-3.0.12] Bumping version number for 3.0.12-RC3. [ticket/11823] Set up nginx server to match PHP files with characters after .php [ticket/11812] Fix empty define [ticket/11818] Update Symfony dependencies to 2.3.* [feature/oauth] Fix bug on ucp_auth_link related to error display ...
author: Nathan Guse <nathaniel.guse@gmail.com> 2013-09-12 23:34:34 -0500
committer: Nathan Guse <nathaniel.guse@gmail.com> 2013-09-12 23:34:34 -0500
commit: f723491527f7f50b8f85d6385696992916468511 (patch)
tree: 23e711d8927789dd33f7f4676286bf38c217c2de /phpBB/phpbb/auth/provider/oauth/token_storage.php
parent: 0a7508439f20b358f1e51d3f2d8105903588e430 (diff)
parent: f22b959257deba0f00a4330df9103c47673032b8 (diff)
download: forums-f723491527f7f50b8f85d6385696992916468511.tar
forums-f723491527f7f50b8f85d6385696992916468511.tar.gz
forums-f723491527f7f50b8f85d6385696992916468511.tar.bz2
forums-f723491527f7f50b8f85d6385696992916468511.tar.xz
forums-f723491527f7f50b8f85d6385696992916468511.zip
1 files changed, 366 insertions, 0 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php
new file mode 100644
index 0000000000..d21deb8999
--- /dev/null
+++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php
@@ -0,0 +1,366 @@
+<?php
+/**
+*
+* @package auth
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+
+use OAuth\OAuth1\Token\StdOAuth1Token;
+use OAuth\Common\Token\TokenInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\Common\Storage\Exception\StorageException;
+use OAuth\Common\Storage\Exception\TokenNotFoundException;
+
+/**
+* OAuth storage wrapper for phpbb's cache
+*
+* @package auth
+*/
+class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
+{
+	/**
+	* Cache driver.
+	*
+	* @var phpbb_db_driver
+	*/
+	protected $db;
+
+	/**
+	* phpBB user
+	*
+	* @var phpbb_user
+	*/
+	protected $user;
+
+	/**
+	* OAuth token table
+	*
+	* @var string
+	*/
+	protected $auth_provider_oauth_table;
+
+	/**
+	* @var object|TokenInterface
+	*/
+	protected $cachedToken;
+
+	/**
+	* Creates token storage for phpBB.
+	*
+	* @param	phpbb_db_driver	$db
+	* @param	phpbb_user		$user
+	* @param	string			$auth_provider_oauth_table
+	*/
+	public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table)
+	{
+		$this->db = $db;
+		$this->user = $user;
+		$this->auth_provider_oauth_table = $auth_provider_oauth_table;
+	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function retrieveAccessToken($service)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		if ($this->cachedToken instanceOf TokenInterface)
+		{
+			return $this->cachedToken;
+		}
+
+		$data = array(
+			'user_id'	=> (int) $this->user->data['user_id'],
+			'provider'	=> $service,
+		);
+
+		if ((int) $this->user->data['user_id'] === ANONYMOUS)
+		{
+			$data['session_id']	= $this->user->data['session_id'];
+		}
+
+		return $this->_retrieve_access_token($data);
+	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function storeAccessToken($service, TokenInterface $token)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		$this->cachedToken = $token;
+
+		$data = array(
+			'user_id'		=> (int) $this->user->data['user_id'],
+			'provider'		=> $service,
+			'oauth_token'	=> $this->json_encode_token($token),
+			'session_id'	=> $this->user->data['session_id'],
+		);
+
+		$sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . '
+			' . $this->db->sql_build_array('INSERT', $data);
+		$this->db->sql_query($sql);
+	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function hasAccessToken($service)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		if ($this->cachedToken) {
+			return true;
+		}
+
+		$data = array(
+			'user_id'	=> (int) $this->user->data['user_id'],
+			'provider'	=> $service,
+		);
+
+		if ((int) $this->user->data['user_id'] === ANONYMOUS)
+		{
+			$data['session_id']	= $this->user->data['session_id'];
+		}
+
+		return $this->_has_acess_token($data);
+	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function clearToken($service)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		$this->cachedToken = null;
+
+		$sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
+			WHERE user_id = ' . (int) $this->user->data['user_id'] . "
+				AND provider = '" . $this->db->sql_escape($service) . "'";
+
+		if ((int) $this->user->data['user_id'] === ANONYMOUS)
+		{
+			$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
+		}
+
+		$this->db->sql_query($sql);
+	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function clearAllTokens()
+	{
+		$this->cachedToken = null;
+
+		$sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
+			WHERE user_id = ' . (int) $this->user->data['user_id'];
+
+		if ((int) $this->user->data['user_id'] === ANONYMOUS)
+		{
+			$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
+		}
+
+		$this->db->sql_query($sql);
+	}
+
+	/**
+	* Updates the user_id field in the database assosciated with the token
+	*
+	* @param	int	$user_id
+	*/
+	public function set_user_id($user_id)
+	{
+		if (!$this->cachedToken)
+		{
+			return;
+		}
+
+		$sql = 'UPDATE ' . $this->auth_provider_oauth_table . '
+			SET ' . $this->db->sql_build_array('UPDATE', array(
+					'user_id' => (int) $user_id
+				)) . '
+				WHERE user_id = ' . (int) $this->user->data['user_id'] . "
+					AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
+		$this->db->sql_query($sql);
+	}
+
+	/**
+	* Checks to see if an access token exists solely by the session_id of the user
+	*
+	* @return	bool	true if they have token, false if they don't
+	*/
+	public function has_access_token_by_session($service)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		if ($this->cachedToken)
+		{
+			return true;
+		}
+
+		$data = array(
+			'session_id'	=> $this->user->data['session_id'],
+			'provider'		=> $service,
+		);
+
+		return $this->_has_acess_token($data);
+	}
+
+	/**
+	* A helper function that performs the query for has access token functions
+	*
+	* @param	array	$data
+	* @return	bool
+	*/
+	protected function _has_acess_token($data)
+	{
+		return (bool) $this->get_access_token_row($data);
+	}
+
+	public function retrieve_access_token_by_session($service)
+	{
+		$service = $this->get_service_name_for_db($service);
+
+		if ($this->cachedToken instanceOf TokenInterface) {
+			return $this->cachedToken;
+		}
+
+		$data = array(
+			'session_id'	=> $this->user->data['session_id'],
+			'provider'	=> $service,
+		);
+
+		return $this->_retrieve_access_token($data);
+	}
+
+	/**
+	* A helper function that performs the query for retrieve access token functions
+	* Also checks if the token is a valid token
+	*
+	* @param	array	$data
+	* @return	mixed
+	*/
+	protected function _retrieve_access_token($data)
+	{
+		$row = $this->get_access_token_row($data);
+
+		if (!$row)
+		{
+			throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED');
+		}
+
+		$token = $this->json_decode_token($row['oauth_token']);
+
+		// Ensure that the token was serialized/unserialized correctly
+		if (!($token instanceof TokenInterface))
+		{
+			$this->clearToken();
+			throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
+		}
+
+		$this->cachedToken = $token;
+		return $token;
+	}
+
+	/**
+	* A helper function that performs the query for retrieving an access token
+	*
+	* @param	array	$data
+	* @return	mixed
+	*/
+	protected function get_access_token_row($data)
+	{
+		$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
+			WHERE ' . $this->db->sql_build_array('SELECT', $data);
+		$result = $this->db->sql_query($sql);
+		$row = $this->db->sql_fetchrow($result);
+		$this->db->sql_freeresult($result);
+
+		return $row;
+	}
+
+	public function json_encode_token(TokenInterface $token)
+	{
+		$members = array(
+			'accessToken'	=> $token->getAccessToken(),
+			'endOfLife'		=> $token->getEndOfLife(),
+			'extraParams'	=> $token->getExtraParams(),
+			'refreshToken'	=> $token->getRefreshToken(),
+
+			'token_class'	=> get_class($token),
+		);
+
+		// Handle additional data needed for OAuth1 tokens
+		if ($token instanceof StdOAuth1Token)
+		{
+			$members['requestToken']		= $token->getRequestToken();
+			$members['requestTokenSecret']	= $token->getRequestTokenSecret();
+			$members['accessTokenSecret']	= $token->getAccessTokenSecret();
+		}
+
+		return json_encode($members);
+	}
+
+	public function json_decode_token($json)
+	{
+		$token_data = json_decode($json, true);
+
+		if ($token_data === null)
+		{
+			throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
+		}
+
+		$token_class	= $token_data['token_class'];
+		$access_token	= $token_data['accessToken'];
+		$refresh_token	= $token_data['refreshToken'];
+		$endOfLife		= $token_data['endOfLife'];
+		$extra_params	= $token_data['extraParams'];
+
+		// Create the token
+		$token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);
+		$token->setEndOfLife($endOfLife);
+
+		// Handle OAuth 1.0 specific elements
+		if ($token instanceof StdOAuth1Token)
+		{
+			$token->setRequestToken($token_data['requestToken']);
+			$token->setRequestTokenSecret($token_data['requestTokenSecret']);
+			$token->setAccessTokenSecret($token_data['accessTokenSecret']);
+		}
+
+		return $token;
+	}
+
+	/**
+	* Returns the name of the service as it must be stored in the database.
+	*
+	* @param	string	$service	The name of the OAuth service
+	* @return	string	The name of the OAuth service as it needs to be stored
+	*					in the database.
+	*/
+	protected function get_service_name_for_db($service)
+	{
+		// Enforce the naming convention for oauth services
+		if (strpos($service, 'auth.provider.oauth.service.') !== 0)
+		{
+			$service = 'auth.provider.oauth.service.' . strtolower($service);
+		}
+
+		return $service;
+	}
+}
author	Nathan Guse <nathaniel.guse@gmail.com>	2013-09-12 23:34:34 -0500
committer	Nathan Guse <nathaniel.guse@gmail.com>	2013-09-12 23:34:34 -0500
commit	f723491527f7f50b8f85d6385696992916468511 (patch)
tree	23e711d8927789dd33f7f4676286bf38c217c2de /phpBB/phpbb/auth/provider/oauth/token_storage.php
parent	0a7508439f20b358f1e51d3f2d8105903588e430 (diff)
parent	f22b959257deba0f00a4330df9103c47673032b8 (diff)
download	forums-f723491527f7f50b8f85d6385696992916468511.tar forums-f723491527f7f50b8f85d6385696992916468511.tar.gz forums-f723491527f7f50b8f85d6385696992916468511.tar.bz2 forums-f723491527f7f50b8f85d6385696992916468511.tar.xz forums-f723491527f7f50b8f85d6385696992916468511.zip