diff options
Diffstat (limited to 'phpBB/phpbb/auth/provider/oauth/oauth.php')
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index be0fbf5831..bfeac2dd32 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -63,6 +63,13 @@ class oauth extends \phpbb\auth\provider\base protected $auth_provider_oauth_token_storage_table; /** + * OAuth state table + * + * @var string + */ + protected $auth_provider_oauth_state_table; + + /** * OAuth account association table * * @var string @@ -120,6 +127,7 @@ class oauth extends \phpbb\auth\provider\base * @param \phpbb\request\request_interface $request * @param \phpbb\user $user * @param string $auth_provider_oauth_token_storage_table + * @param string $auth_provider_oauth_state_table * @param string $auth_provider_oauth_token_account_assoc * @param \phpbb\di\service_collection $service_providers Contains \phpbb\auth\provider\oauth\service_interface * @param string $users_table @@ -127,7 +135,7 @@ class oauth extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_state_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -135,6 +143,7 @@ class oauth extends \phpbb\auth\provider\base $this->request = $request; $this->user = $user; $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; + $this->auth_provider_oauth_state_table = $auth_provider_oauth_state_table; $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->users_table = $users_table; @@ -188,7 +197,7 @@ class oauth extends \phpbb\auth\provider\base // Get the service credentials for the given service $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); - $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $query, $this->service_providers[$service_name]->get_auth_scope()); @@ -456,7 +465,7 @@ class oauth extends \phpbb\auth\provider\base */ protected function link_account_login_link(array $link_data, $service_name) { - $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table); // Check for an access token, they should have one if (!$storage->has_access_token_by_session($service_name)) @@ -499,7 +508,7 @@ class oauth extends \phpbb\auth\provider\base */ protected function link_account_auth_link(array $link_data, $service_name) { - $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table); $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); @@ -544,7 +553,7 @@ class oauth extends \phpbb\auth\provider\base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table); $storage->clearAllTokens(); return; @@ -627,7 +636,7 @@ class oauth extends \phpbb\auth\provider\base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); - $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table); $storage->clearToken($service_name); } } |