diff options
-rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 12 | ||||
-rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 31 | ||||
-rw-r--r-- | tests/auth/provider_oauth_token_storage_test.php | 44 |
3 files changed, 39 insertions, 48 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a5709d8ff6..5df7db726b 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -175,7 +175,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); @@ -442,10 +442,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one - if (!$storage->has_access_token_by_session()) + if (!$storage->has_access_token_by_session($service_name)) { return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } @@ -485,7 +485,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_auth_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); @@ -530,7 +530,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, '', $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $stroage->clearAllTokens(); return; @@ -610,7 +610,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearToken($service_name); return; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 96f2e2fb0a..15f491c9dc 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -44,13 +44,6 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface protected $user; /** - * Name of the OAuth provider - * - * @var string - */ - protected $service_name; - - /** * OAuth token table * * @var string @@ -67,21 +60,19 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @param phpbb_db_driver $db * @param phpbb_user $user - * @param string $service_name * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name, $auth_provider_oauth_table) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; - $this->service_name = $service_name; $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** * {@inheritdoc} */ - public function retrieveAccessToken() + public function retrieveAccessToken($service) { if ($this->cachedToken instanceOf TokenInterface) { @@ -90,7 +81,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -104,13 +95,13 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function storeAccessToken(TokenInterface $token) + public function storeAccessToken($service, TokenInterface $token) { $this->cachedToken = $token; $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], ); @@ -123,7 +114,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function hasAccessToken() + public function hasAccessToken($service) { if ($this->cachedToken) { return true; @@ -131,7 +122,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -205,7 +196,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @return bool true if they have token, false if they don't */ - public function has_access_token_by_session() + public function has_access_token_by_session($service) { if ($this->cachedToken) { @@ -214,7 +205,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_has_acess_token($data); @@ -231,7 +222,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return (bool) $this->get_access_token_row($data); } - public function retrieve_access_token_by_session() + public function retrieve_access_token_by_session($service) { if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; @@ -239,7 +230,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_retrieve_access_token($data); diff --git a/tests/auth/provider_oauth_token_storage_test.php b/tests/auth/provider_oauth_token_storage_test.php index 026a539285..223d4dfb93 100644 --- a/tests/auth/provider_oauth_token_storage_test.php +++ b/tests/auth/provider_oauth_token_storage_test.php @@ -36,7 +36,7 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c // Set the user id to anonymous $this->user->data['user_id'] = ANONYMOUS; - $this->token_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->service_name, $this->token_storage_table); + $this->token_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table); } public function getDataSet() @@ -59,13 +59,13 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c { if ($cache_token) { - $this->token_storage->storeAccessToken($cache_token); + $this->token_storage->storeAccessToken($this->service_name, $cache_token); $token = $cache_token; } $this->setExpectedException($exception); - $stored_token = $this->token_storage->retrieveAccessToken(); + $stored_token = $this->token_storage->retrieveAccessToken($this->service_name); $this->assertEquals($token, $stored_token); } @@ -74,12 +74,12 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); // Store a token in the database - $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->service_name, $this->token_storage_table); - $temp_storage->storeAccessToken($expected_token); + $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table); + $temp_storage->storeAccessToken($this->service_name, $expected_token); unset($temp_storage); // Test to see if the token can be retrieved - $stored_token = $this->token_storage->retrieveAccessToken(); + $stored_token = $this->token_storage->retrieveAccessToken($this->service_name); $this->assertEquals($expected_token, $stored_token); } @@ -90,13 +90,13 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c { if ($cache_token) { - $this->token_storage->storeAccessToken($cache_token); + $this->token_storage->storeAccessToken($this->service_name, $cache_token); $token = $cache_token; } $this->setExpectedException($exception); - $stored_token = $this->token_storage->retrieve_access_token_by_session(); + $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name); $this->assertEquals($token, $stored_token); } @@ -105,24 +105,24 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); // Store a token in the database - $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->service_name, $this->token_storage_table); - $temp_storage->storeAccessToken($expected_token); + $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table); + $temp_storage->storeAccessToken($this->service_name, $expected_token); unset($temp_storage); // Test to see if the token can be retrieved - $stored_token = $this->token_storage->retrieve_access_token_by_session(); + $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name); $this->assertEquals($expected_token, $stored_token); } public function test_storeAccessToken() { $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); - $this->token_storage->storeAccessToken($token); + $this->token_storage->storeAccessToken($this->service_name, $token); // Confirm that the token is cached - $extraParams = $this->token_storage->retrieveAccessToken()->getExtraParams(); + $extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams(); $this->assertEquals( 'param', $extraParams['extra'] ); - $this->assertEquals( 'access', $this->token_storage->retrieveAccessToken()->getAccessToken() ); + $this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() ); $row = $this->get_token_row_by_session_id($this->session_id); @@ -145,10 +145,10 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c { if ($token) { - $this->token_storage->storeAccessToken($token); + $this->token_storage->storeAccessToken($this->service_name, $token); } - $has_access_token = $this->token_storage->hasAccessToken(); + $has_access_token = $this->token_storage->hasAccessToken($this->service_name); $this->assertEquals($expected, $has_access_token); } @@ -159,32 +159,32 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c { if ($token) { - $this->token_storage->storeAccessToken($token); + $this->token_storage->storeAccessToken($this->service_name, $token); } - $has_access_token = $this->token_storage->has_access_token_by_session(); + $has_access_token = $this->token_storage->has_access_token_by_session($this->service_name); $this->assertEquals($expected, $has_access_token); } public function test_clearToken() { $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); - $this->token_storage->storeAccessToken($token); + $this->token_storage->storeAccessToken($this->service_name, $token); - $this->token_storage->clearToken(); + $this->token_storage->clearToken($this->service_name); // Check that the database has been cleared $row = $this->get_token_row_by_session_id($this->session_id); $this->assertFalse($row); // Check that the token is no longer in memory - $this->assertFalse($this->token_storage->hasAccessToken()); + $this->assertFalse($this->token_storage->hasAccessToken($this->service_name)); } public function test_set_user_id() { $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); - $this->token_storage->storeAccessToken($token); + $this->token_storage->storeAccessToken($this->service_name, $token); $new_user_id = ANONYMOUS + 1; $this->token_storage->set_user_id($new_user_id); |