diff options
Diffstat (limited to 'phpBB/phpbb/auth/provider/oauth')
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 36 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 123 |
2 files changed, 130 insertions, 29 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index eaa111d194..0bcbcda74e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -355,4 +355,40 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return null; } + + /** + * {@inheritdoc} + */ + public function link_account(array $link_data) + { + // We must have an oauth_service listed, check for it two ways + if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) + { + if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service')) + { + $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); + } + + if (!$link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + } + + $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); + if (!array_key_exists($service_name, $this->service_providers)) + { + return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST'; + } + + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + + // Check for an access token, they should have one + if (!$storage->has_access_token_by_sesion()) + { + return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; + } + + $token = $storage->retrieve_access_token_by_session(); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index e1cf579370..af85f5598f 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -96,30 +96,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; + return $this->_retrieve_access_token($data); } /** @@ -164,11 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->_has_acess_token($data); if (!$row) { @@ -217,4 +190,96 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface AND session_id = \'' . $this->user->data['session_id'] . '\''; $this->db->sql_query($sql); } + + /** + * Checks to see if an access token exists solely by the session_id of the user + * + * @return bool true if they have token, false if they don't + */ + public function has_access_token_by_session() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + $row = $this->_has_acess_token($data); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * A helper function that performs the query for has access token functions + * + * @param array $data + * @return mixed + */ + protected function _has_acess_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } + + public function retrieve_access_token_by_session() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->cachedToken; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + return $this->_retrieve_access_token($data); + } + + /** + * A helper function that performs the query for retrieve access token functions + * Also checks if the token is a valid token + * + * @param array $data + * @return mixed + */ + protected function _retrieve_access_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } } |