From 6a29d9cf81249aeb844cf8eba1faf3a4f2653e82 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 10:28:13 -0400 Subject: [feature/oauth] OAuth provider skeleton PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 48 ++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 phpBB/includes/auth/provider/oauth.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php new file mode 100644 index 0000000000..1fecf490c8 --- /dev/null +++ b/phpBB/includes/auth/provider/oauth.php @@ -0,0 +1,48 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + + } +} -- cgit v1.2.1 From 65485253c9252340e5ff6556c7d34f40e87f4644 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:07:42 -0400 Subject: [feature/oauth] Start implementing login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 48 ++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 1fecf490c8..de7903b7a5 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -15,6 +15,9 @@ if (!defined('IN_PHPBB')) exit; } +use OAuth\Common\Consumer\Credentials; +use OAuth\Common\Http\Uri\Uri; + /** * OAuth authentication provider for phpBB3 * @@ -43,6 +46,51 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { + if (!$this->request->is_set_post('oauth_service')) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $serviceFactory = new \OAuth\ServiceFactory(); + $uriFactory = new \OAuth\Common\Http\Uri\UriFactory(); + $currentUri = $uriFactory->createFromSuperGlobalArray((array)$_SERVER); + $currentUri->setQuery(''); + + // In-memory storage + $storage = new Memory(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $servicesCredentials['github']['key'], + $servicesCredentials['github']['secret'], + $currentUri->getAbsoluteUri() + ); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // Second pass: request access token, authenticate with phpBB + } else { + // First pass: get authorization uri, redirect to service + } + } + + /** + * + */ + protected function get_service_credentials($service) + { + return $service_credentials[$service]; + } + /** + * + */ + public function get_credentials() + { + return array(); } } -- cgit v1.2.1 From 1e38be3fa95d18d05c303d9c8be5af174dc6d07d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:19:35 -0400 Subject: [feature/oauth] Additional work on implementing login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 35 +++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index de7903b7a5..2004f87e97 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -46,7 +46,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { - if (!$this->request->is_set_post('oauth_service')) + // Requst the name of the OAuth service + $service = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service === '') { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -55,19 +57,23 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $serviceFactory = new \OAuth\ServiceFactory(); - $uriFactory = new \OAuth\Common\Http\Uri\UriFactory(); - $currentUri = $uriFactory->createFromSuperGlobalArray((array)$_SERVER); - $currentUri->setQuery(''); + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service); + + + $service_factory = new \OAuth\ServiceFactory(); + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray((array)$_SERVER); + $current_uri->setQuery(''); // In-memory storage $storage = new Memory(); // Setup the credentials for the requests $credentials = new Credentials( - $servicesCredentials['github']['key'], - $servicesCredentials['github']['secret'], - $currentUri->getAbsoluteUri() + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() ); if ($this->request->is_set('code', phpbb_request_interface::GET)) @@ -83,14 +89,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service_credentials($service) { - return $service_credentials[$service]; - } - - /** - * - */ - public function get_credentials() - { - return array(); + return array( + 'key' => $this->config['auth_oauth_' . $service . '_key'], + 'secret' => $this->config['auth_oauth_' . $service . '_secret'], + ); } } -- cgit v1.2.1 From d63f920250b801cf9e2bc1929a40ade7526078ff Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:29:00 -0400 Subject: [feature/oauth] Check that the service actually has settings PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 2004f87e97..cbb1d99004 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -60,6 +60,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->get_credentials($service); + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } $service_factory = new \OAuth\ServiceFactory(); $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); -- cgit v1.2.1 From 6479a989c5c06939d791a73952226382918d8183 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:56:18 -0400 Subject: [feature/oauth] Token Storage Skeleton PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 94 +++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 phpBB/includes/auth/oauth/token_storage.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php new file mode 100644 index 0000000000..2d3c58d25a --- /dev/null +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -0,0 +1,94 @@ +driver = $driver; + } + + /** + * {@inheritdoc} + */ + public function retrieveAccessToken() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->token; + } + + // TODO: check to see if the token is cached + + throw new TokenNotFoundException('Token not stored'); + } + + /** + * {@inheritdoc} + */ + public function storeAccessToken(TokenInterface $token) + { + $this->cachedToken = $token; + // TODO: actually store the token + } + + /** + * {@inheritdoc} + */ + public function hasAccessToken() + { + if( $this->cachedToken ) { + return true; + } + + // TODO: check cache for token + return false; + } + + /** + * {@inheritdoc} + */ + public function clearToken() + { + $this->cachedToken = null; + // TODO: clear cache of the token + } +} -- cgit v1.2.1 From 93f7ed4fb55daf3ca06957f4374cb827db06432c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:08:37 -0400 Subject: [feature/oauth] Continue work on OAuth login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 51 +++++++++++++++++++++++++++++----- 1 file changed, 44 insertions(+), 7 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index cbb1d99004..4cf9749b36 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -25,20 +25,57 @@ use OAuth\Common\Http\Uri\Uri; */ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { + /** + * Database driver + * + * @var phpbb_db_driver + */ + protected $db; + + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * phpBB request object + * + * @var phpbb_request + */ + protected $request; + + /** + * phpBB user + * + * @var phpbb_user + */ + protected $user; + + /** + * Cache driver. + * + * @var phpbb_cache_driver_interface + */ + protected $driver; + /** * OAuth Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param phpbb_cache_driver_interface $driver */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, phpbb_cache_driver_interface $driver) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; + $this->driver = $driver; } /** @@ -72,11 +109,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_factory = new \OAuth\ServiceFactory(); $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray((array)$_SERVER); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); $current_uri->setQuery(''); // In-memory storage - $storage = new Memory(); + $storage = new phpbb_auth_oauth_token_storage($this->driver); // Setup the credentials for the requests $credentials = new Credentials( -- cgit v1.2.1 From aa12f6afc52b1b536068512487b0b95690786f22 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:43:12 -0400 Subject: [feature/oauth] More work on login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 95 +++++++++++++++++++++++++--------- 1 file changed, 70 insertions(+), 25 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 4cf9749b36..cdfcace5b2 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -60,6 +60,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $driver; + /** + * Cached service once it has been created + * + * @var \OAuth\Common\Service\ServiceInterface|null + */ + protected $service; + + /** + * Cached current uri object + * + * @var \OAuth\Common\Http\Uri\UriInterface|null + */ + protected $current_uri; + /** * OAuth Authentication Constructor * @@ -84,8 +98,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Requst the name of the OAuth service - $service = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service === '') + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -94,8 +108,56 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // Second pass: request access token, authenticate with phpBB + } else { + // First pass: get authorization uri, redirect to service + } + } + + /** + * + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param array $scope The scope of the request against the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, array $scopes = array()) + { + if ($this->service) + { + return $this->service; + } + // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service); + $service_credentials = $this->get_credentials($service_name); // Check that the service has settings if ($service_credentials['key'] == false || $service_credentials['secret'] == false) @@ -107,14 +169,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $service_factory = new \OAuth\ServiceFactory(); - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - // In-memory storage $storage = new phpbb_auth_oauth_token_storage($this->driver); + $current_uri = $this->get_current_uri(); + // Setup the credentials for the requests $credentials = new Credentials( $service_credentials['key'], @@ -122,22 +180,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $current_uri->getAbsoluteUri() ); - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // Second pass: request access token, authenticate with phpBB - } else { - // First pass: get authorization uri, redirect to service - } - } + $service_factory = new \OAuth\ServiceFactory(); + $this->service = $service_factory->createService($service_name, $credentials, $storage, $scopes); - /** - * - */ - protected function get_service_credentials($service) - { - return array( - 'key' => $this->config['auth_oauth_' . $service . '_key'], - 'secret' => $this->config['auth_oauth_' . $service . '_secret'], - ); + return $this->service; } } -- cgit v1.2.1 From 37f099b014ea34378096c50cf898c060bd3f0d42 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:50:06 -0400 Subject: [feature/oauth] Document and rearrange methods PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 49 +++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 16 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index cdfcace5b2..267105e6b6 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -108,6 +108,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + if ($this->request->is_set('code', phpbb_request_interface::GET)) { // Second pass: request access token, authenticate with phpBB @@ -117,7 +130,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** + * Returns an array containing the service credentials belonging to requested + * service. * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) */ protected function get_service_credentials($service_name) { @@ -127,6 +149,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ protected function get_current_uri() { if ($this->current_uri) @@ -145,30 +173,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Returns the cached service object or creates a new one * - * @param string $service_name The name of the service - * @param array $scope The scope of the request against the api. + * @param string $service_name The name of the service + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, array $scopes = array()) + protected function get_service($service_name, array $service_credentials, array $scopes = array()) { if ($this->service) { return $this->service; } - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - $storage = new phpbb_auth_oauth_token_storage($this->driver); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 24bf333e161332ddd589831228e35ad9eb1e8f18 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 16:51:38 -0400 Subject: [feature/oauth] Use DB for OAuth token storage PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 18 +++++++--- phpBB/includes/auth/provider/oauth.php | 13 ++----- .../db/migration/data/310/auth_provider_oauth.php | 42 ++++++++++++++++++++++ 3 files changed, 57 insertions(+), 16 deletions(-) create mode 100644 phpBB/includes/db/migration/data/310/auth_provider_oauth.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 2d3c58d25a..b658333900 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -28,9 +28,16 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Cache driver. * - * @var phpbb_cache_driver_interface + * @var phpbb_db_driver */ - protected $driver; + protected $db; + + /** + * Name of the OAuth provider + * + * @var string + */ + protected $service_name; /** * @var object|TokenInterface @@ -40,11 +47,12 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param phpbb_cache_driver_interface $driver The cache driver + * @param phpbb_db_driver $db */ - public function __construct(phpbb_cache_driver_interface $driver) + public function __construct(phpbb_db_driver $db, $service_name) { - $this->driver = $driver; + $this->db = $db; + $this->service_name = $service_name; } /** diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 267105e6b6..55a12211d6 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -53,13 +53,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $user; - /** - * Cache driver. - * - * @var phpbb_cache_driver_interface - */ - protected $driver; - /** * Cached service once it has been created * @@ -81,15 +74,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_config $config * @param phpbb_request $request * @param phpbb_user $user - * @param phpbb_cache_driver_interface $driver */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, phpbb_cache_driver_interface $driver) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; - $this->driver = $driver; } /** @@ -186,7 +177,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->driver); + $storage = new phpbb_auth_oauth_token_storage($this->db, $service_name); $current_uri = $this->get_current_uri(); diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php new file mode 100644 index 0000000000..6239cf97bc --- /dev/null +++ b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php @@ -0,0 +1,42 @@ +db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth'); + } + + public function update_schema() + { + return array( + 'add_tables' => array( + $this->table_prefix . 'auth_provider_oauth' => array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'oauth_token' => array('TEXT_UNI'), // Serialized token + ), + 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + ), + ), + + ); + } + + public function revert_schema() + { + return array( + 'drop_tables' => array( + $this->table_prefix . 'auth_provider_oauth', + ), + ); + } +} -- cgit v1.2.1 From 02921f4b23fd2fa3efc9eddedfe7bfd6d3347297 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:31:41 -0400 Subject: [feature/oauth] Have token storage use DB PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 77 +++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 10 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index b658333900..4bf52e2ced 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -15,8 +15,11 @@ if (!defined('IN_PHPBB')) exit; } -use OAuth\Common\Storage\TokenStorageInterface; + use OAuth\Common\Token\TokenInterface; +use OAuth\Common\Storage\TokenStorageInterface; +use OAuth\Common\Storage\Exception\StorageException; +use OAuth\Common\Storage\Exception\TokenNotFoundException; /** * OAuth storage wrapper for phpbb's cache @@ -32,6 +35,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface */ protected $db; + /** + * phpBB user + * + * @var phpbb_user + */ + protected $user; + /** * Name of the OAuth provider * @@ -48,10 +58,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface * Creates token storage for phpBB. * * @param phpbb_db_driver $db + * @param phpbb_user $user + * @param string $service_name */ - public function __construct(phpbb_db_driver $db, $service_name) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name) { $this->db = $db; + $this->user = $user; $this->service_name = $service_name; } @@ -64,9 +77,31 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - // TODO: check to see if the token is cached + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); - throw new TokenNotFoundException('Token not stored'); + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; } /** @@ -75,7 +110,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function storeAccessToken(TokenInterface $token) { $this->cachedToken = $token; - // TODO: actually store the token + + $sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + )); + $this->db->sql_query($sql); } /** @@ -84,11 +125,24 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function hasAccessToken() { if( $this->cachedToken ) { - return true; - } + return true; + } - // TODO: check cache for token - return false; + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; } /** @@ -97,6 +151,9 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function clearToken() { $this->cachedToken = null; - // TODO: clear cache of the token + + $sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] . + ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + $this->db->sql_query($sql); } } -- cgit v1.2.1 From b22b076a9972e0bd41551c314f4fea4e938d1d58 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:32:27 -0400 Subject: [feature/oauth] Update invocation of method in OAuth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 55a12211d6..ee18c0f60d 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -177,7 +177,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $service_name); + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 69e158865560bba4264646faa0799aa6e457c6d0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:59:04 -0400 Subject: [feature/oauth] Store anonymous user by session id PHPBB3-9734 --- phpBB/includes/db/migration/data/310/auth_provider_oauth.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php index 6239cf97bc..92da42ba31 100644 --- a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php @@ -21,13 +21,16 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration $this->table_prefix . 'auth_provider_oauth' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider 'oauth_token' => array('TEXT_UNI'), // Serialized token ), - 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + 'KEYS' => array( + 'user_id' => array('INDEX', 'user_id'), + 'oauth_provider' => array('INDEX', 'oauth_provider'), + ), ), ), - ); } -- cgit v1.2.1 From 5942eac5dac51e9f70a1f175a480316975fb3ac9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:17:03 -0400 Subject: [feature/oauth] Pass table in constructor PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 34 +++++++++++++++++++---------- phpBB/includes/auth/provider/oauth.php | 21 +++++++++++++----- 2 files changed, 37 insertions(+), 18 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 4bf52e2ced..90185e5f5a 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -49,6 +49,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface */ protected $service_name; + /** + * OAuth token table + * + * @var string + */ + protected $auth_provider_oauth_table; + /** * @var object|TokenInterface */ @@ -57,15 +64,17 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param phpbb_db_driver $db - * @param phpbb_user $user - * @param string $service_name + * @param phpbb_db_driver $db + * @param phpbb_user $user + * @param string $service_name + * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; $this->service_name = $service_name; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** @@ -77,7 +86,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . $db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, @@ -111,11 +120,12 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = $token; - $sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - )); + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . + $this->db->sql_build_array('INSERT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + )); $this->db->sql_query($sql); } @@ -128,7 +138,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return true; } - $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . $db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, @@ -152,7 +162,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = null; - $sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] . + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . 'WHERE user_id = ' . $this->user->data['user_id'] . ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); $this->db->sql_query($sql); } diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index ee18c0f60d..c7f60c5ae4 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -53,6 +53,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $user; + /** + * OAuth token table + * + * @var string + */ + protected $auth_provider_oauth_table; + /** * Cached service once it has been created * @@ -70,17 +77,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * OAuth Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** @@ -177,7 +186,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name); + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 68a80f8ea8d61a8ad60f046a2ef68124d2abc801 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:20:49 -0400 Subject: [feature/oauth] Fix typo PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 90185e5f5a..c3d560cc79 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -87,7 +87,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface } $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $db->sql_build_array('SELECT', array( + $this->db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, )); @@ -139,7 +139,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface } $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $db->sql_build_array('SELECT', array( + $this->db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, )); -- cgit v1.2.1 From 3c8187c277446ac07e5ff08c05a6e535f401ae2d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:30:41 -0400 Subject: [feature/oauth] Have array of services not just one in oauth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index c7f60c5ae4..c59c573c52 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -61,11 +61,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base protected $auth_provider_oauth_table; /** - * Cached service once it has been created + * Cached services once they has been created * - * @var \OAuth\Common\Service\ServiceInterface|null + * @var array Contains \OAuth\Common\Service\ServiceInterface or null */ - protected $service; + protected $services; /** * Cached current uri object @@ -90,6 +90,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->request = $request; $this->user = $user; $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); } /** @@ -181,9 +182,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, array $service_credentials, array $scopes = array()) { - if ($this->service) + if ($this->services[$service_name]) { - return $this->service; + return $this->services[$service_name]; } $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); @@ -198,8 +199,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - $this->service = $service_factory->createService($service_name, $credentials, $storage, $scopes); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - return $this->service; + return $this->service[$service_name]; } } -- cgit v1.2.1 From 9619a9a16f68edddb052d5848f96f4e603ddc299 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:00:43 -0400 Subject: [feature/oauth] Anonymous user does not depend on user_id in token PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 66 +++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 18 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index c3d560cc79..b35a5c6586 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -86,17 +86,25 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $this->db->sql_build_array('SELECT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if (!$row) { + // TODO: translate throw new TokenNotFoundException('Token not stored'); } @@ -106,6 +114,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface if (!($token instanceof TokenInterface)) { $this->clearToken(); + // TODO: translate throw new TokenNotFoundException('Token not stored correctly'); } @@ -120,12 +129,19 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = $token; - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . - $this->db->sql_build_array('INSERT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); } @@ -138,11 +154,18 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return true; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $this->db->sql_build_array('SELECT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -162,8 +185,15 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = null; - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . 'WHERE user_id = ' . $this->user->data['user_id'] . - ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $sql .= ' AND session_id = ' . $this->user->data['session_id']; + } + $this->db->sql_query($sql); } } -- cgit v1.2.1 From 6e73ccd00f363917de2914de3b8c75d296cdb355 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:26:14 -0400 Subject: [feature/oauth] Function to update user_id of a token PHPBB3-9734 --- phpBB/includes/auth/oauth/token_storage.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index b35a5c6586..fcc277053c 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -196,4 +196,25 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface $this->db->sql_query($sql); } + + /** + * Updates the user_id field in the database assosciated with the token + * + * @param int $user_id + */ + public function set_user_id($user_id) + { + if (!$this->cachedToken) + { + return; + } + + $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' + SET ' . $db->sql_build_array('UPDATE', array( + 'user_id' => (int) $user_id + )) . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND session_id = ' . $this->user->data['session_id']; + $this->db->sql_query($sql); + } } -- cgit v1.2.1 From a7bfe5eeeb1250c96fb2ddb1ee19f1babe72fe3d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:47:16 -0400 Subject: [feature/oauth] Changes to oauth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index c59c573c52..d405bb77b1 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -104,6 +104,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', 'user_row' => array('user_id' => ANONYMOUS), ); @@ -117,11 +118,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', 'user_row' => array('user_id' => ANONYMOUS), ); } + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + if ($this->request->is_set('code', phpbb_request_interface::GET)) { // Second pass: request access token, authenticate with phpBB @@ -175,20 +179,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the cached service object or creates a new one * * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} * @param array $scope The scope of the request against * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { if ($this->services[$service_name]) { return $this->services[$service_name]; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $current_uri = $this->get_current_uri(); // Setup the credentials for the requests -- cgit v1.2.1 From e600596602d1fed7eedda02c848db9012fda43fa Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 11:38:19 -0400 Subject: [feature/oauth] Scopes/path part one PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 61 ++++++++++++++++++++++++++++++++-- 1 file changed, 59 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index d405bb77b1..79a5988526 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -125,12 +125,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); if ($this->request->is_set('code', phpbb_request_interface::GET)) { - // Second pass: request access token, authenticate with phpBB + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $result = json_decode( $service->request('user/info'), true ); + } else { - // First pass: get authorization uri, redirect to service + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); } } @@ -206,4 +214,53 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface + */ + protected function get_path($service_name) + { + switch ($service_name) + { + default: + $path = ''; + break; + } + + return $path; + } } -- cgit v1.2.1 From 4b1390ca31949d9de0df3b9038144e882c75a5e7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 11:48:02 -0400 Subject: [feature/oauth] Pathing information for some services PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 44 +++++++++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 79a5988526..aeca2a4869 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -133,8 +133,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service->requestAccessToken( $_GET['code'] ); // Send a request with it - $result = json_decode( $service->request('user/info'), true ); + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + // Perform authentication } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points @@ -250,14 +255,47 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the path desired of the service * * @param string $service_name - * @return string|UriInterface + * @return string|UriInterface|null A null return means do not + * request additional information. */ protected function get_path($service_name) { switch ($service_name) { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; default: - $path = ''; + $path = null; break; } -- cgit v1.2.1 From 1a3880806a453dc4782b9823c2557dc22e9fb6af Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 13:23:09 -0400 Subject: [feature/oauth] Move OAuth to /phpBB/phpbb PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 220 -------------------- phpBB/includes/auth/provider/oauth.php | 304 ---------------------------- 2 files changed, 524 deletions(-) delete mode 100644 phpBB/includes/auth/oauth/token_storage.php delete mode 100644 phpBB/includes/auth/provider/oauth.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php deleted file mode 100644 index fcc277053c..0000000000 --- a/phpBB/includes/auth/oauth/token_storage.php +++ /dev/null @@ -1,220 +0,0 @@ -db = $db; - $this->user = $user; - $this->service_name = $service_name; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - } - - /** - * {@inheritdoc} - */ - public function retrieveAccessToken() - { - if( $this->cachedToken instanceOf TokenInterface ) { - return $this->token; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; - } - - /** - * {@inheritdoc} - */ - public function storeAccessToken(TokenInterface $token) - { - $this->cachedToken = $token; - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('INSERT', $data); - $this->db->sql_query($sql); - } - - /** - * {@inheritdoc} - */ - public function hasAccessToken() - { - if( $this->cachedToken ) { - return true; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - return false; - } - - return true; - } - - /** - * {@inheritdoc} - */ - public function clearToken() - { - $this->cachedToken = null; - - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $sql .= ' AND session_id = ' . $this->user->data['session_id']; - } - - $this->db->sql_query($sql); - } - - /** - * Updates the user_id field in the database assosciated with the token - * - * @param int $user_id - */ - public function set_user_id($user_id) - { - if (!$this->cachedToken) - { - return; - } - - $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' - SET ' . $db->sql_build_array('UPDATE', array( - 'user_id' => (int) $user_id - )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = ' . $this->user->data['session_id']; - $this->db->sql_query($sql); - } -} diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php deleted file mode 100644 index aeca2a4869..0000000000 --- a/phpBB/includes/auth/provider/oauth.php +++ /dev/null @@ -1,304 +0,0 @@ -db = $db; - $this->config = $config; - $this->request = $request; - $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - $this->services = array(); - } - - /** - * {@inheritdoc} - */ - public function login($username, $password) - { - // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); - - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } - - // Perform authentication - } else { - $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points - header('Location: ' . $url); - } - } - - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - - /** - * Returns the cached current_uri object or creates and caches it if it is - * not already created - * - * @return \OAuth\Common\Http\Uri\UriInterface - */ - protected function get_current_uri() - { - if ($this->current_uri) - { - return $this->current_uri; - } - - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - $this->current_uri = $current_uri; - return $current_uri; - } - - /** - * Returns the cached service object or creates a new one - * - * @param string $service_name The name of the service - * @param phpbb_auth_oauth_token_storage $storage - * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} - * @param array $scope The scope of the request against - * the api. - * @return \OAuth\Common\Service\ServiceInterface - */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) - { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - - $current_uri = $this->get_current_uri(); - - // Setup the credentials for the requests - $credentials = new Credentials( - $service_credentials['key'], - $service_credentials['secret'], - $current_uri->getAbsoluteUri() - ); - - $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; - } - - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } -} -- cgit v1.2.1 From 00d0e102008767f712145f55348a662f3e6750d6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:17:54 -0400 Subject: [feature/oauth] Move last file to appropriate location PHPBB3-11673 --- .../db/migration/data/310/auth_provider_oauth.php | 45 ---------------------- 1 file changed, 45 deletions(-) delete mode 100644 phpBB/includes/db/migration/data/310/auth_provider_oauth.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php deleted file mode 100644 index 92da42ba31..0000000000 --- a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php +++ /dev/null @@ -1,45 +0,0 @@ -db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth'); - } - - public function update_schema() - { - return array( - 'add_tables' => array( - $this->table_prefix . 'auth_provider_oauth' => array( - 'COLUMNS' => array( - 'user_id' => array('UINT', 0), // phpbb_users.user_id - 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set - 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider - 'oauth_token' => array('TEXT_UNI'), // Serialized token - ), - 'KEYS' => array( - 'user_id' => array('INDEX', 'user_id'), - 'oauth_provider' => array('INDEX', 'oauth_provider'), - ), - ), - ), - ); - } - - public function revert_schema() - { - return array( - 'drop_tables' => array( - $this->table_prefix . 'auth_provider_oauth', - ), - ); - } -} -- cgit v1.2.1 From cd49cfacfb0faddce8343837b69eb919b8652352 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 16:23:13 -0400 Subject: [feature/oauth] Initial step in creating OAuth login support PHPBB3-11673 --- phpBB/includes/functions.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 49f2e469bc..1bb9cc8299 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3199,7 +3199,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config; - global $request; + global $request, $phpbb_container; if (!class_exists('phpbb_captcha_factory', false)) { @@ -3367,12 +3367,22 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields['credential'] = $credential; } + $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; + + if ($oauth_login) + { + $auth_provider = $phpbb_container->get('auth.provider.oauth'); + $oauth_box_data = $auth_provider->get_login_data(); + } + $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, + 'OAUTH_LOGIN' => $oauth_login, + 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), -- cgit v1.2.1 From 5578b7a578cd9b2e8045d65c883a355f7a9f5394 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 17:27:16 -0400 Subject: [feature/oauth] Initial UI element added, this is non-final At this point, all UI changes are purely for testing and should not be considered final. PHPBB3-11673 --- phpBB/includes/functions.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 1bb9cc8299..bbe3033fb5 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3373,6 +3373,13 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $auth_provider = $phpbb_container->get('auth.provider.oauth'); $oauth_box_data = $auth_provider->get_login_data(); + foreach ($oauth_box_data as $service_name => $data) + { + $template->assign_block_vars('oauth', array( + 'SERVICE_NAME' => $service_name, + 'REDIRECT_URL' => $data['url'], + )); + } } $s_hidden_fields = build_hidden_fields($s_hidden_fields); -- cgit v1.2.1 From 93cbdc37b51edf14cb2dbebb1ccb71a612f7fd94 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:06:01 -0400 Subject: [feature/oauth] ACP options for OAuth, needs some work PHPBB3-11673 --- phpBB/includes/acp/acp_board.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 12e2a1bf72..0af0fbec86 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -658,7 +658,15 @@ class acp_board $auth_tpl = $provider->get_acp_template($this->new_config); if ($auth_tpl) { - $template->assign_vars($auth_tpl['TEMPLATE_VARS']); + if (array_key_exists('BLOCK_VAR_NAME', $auth_tpl)) + { + foreach ($auth_tpl['TEMPLATE_VARS'] as $block_vars) + { + $template->assign_block_vars($auth_tpl['BLOCK_VAR_NAME'], $block_vars); + } + } else { + $template->assign_vars($auth_tpl['TEMPLATE_VARS']); + } $template->assign_block_vars('auth_tpl', array( 'TEMPLATE_FILE' => $auth_tpl['TEMPLATE_FILE'], )); -- cgit v1.2.1 From 0857d14030177271bd346f188ced38e9d6da47ff Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:41:21 -0400 Subject: [feature/oauth] Update auth provider interface docs for block vars in ACP PHPBB3-11673 --- phpBB/includes/acp/acp_board.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 0af0fbec86..51a7628b68 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -660,13 +660,12 @@ class acp_board { if (array_key_exists('BLOCK_VAR_NAME', $auth_tpl)) { - foreach ($auth_tpl['TEMPLATE_VARS'] as $block_vars) + foreach ($auth_tpl['BLOCK_VARS'] as $block_vars) { $template->assign_block_vars($auth_tpl['BLOCK_VAR_NAME'], $block_vars); } - } else { - $template->assign_vars($auth_tpl['TEMPLATE_VARS']); } + $template->assign_vars($auth_tpl['TEMPLATE_VARS']); $template->assign_block_vars('auth_tpl', array( 'TEMPLATE_FILE' => $auth_tpl['TEMPLATE_FILE'], )); -- cgit v1.2.1 From b1938576f15a43c8bf2967ab38f4484a07cc0344 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:04:29 -0400 Subject: [feature/oauth] Fix outstanding issues with OAuth Includes a temporary change that allows me to test against google. This will be removed shortly. PHPBB3-11673 --- phpBB/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index bbe3033fb5..b14f03f5a0 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3226,7 +3226,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa trigger_error('NO_AUTH_ADMIN'); } - if (isset($_POST['login'])) + if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external')) { // Get credential if ($admin) -- cgit v1.2.1 From 58d5820069a5889ae2f09319ae4f972c8b8f87a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:39:48 -0400 Subject: [feature/oauth] Basic login functionality now working These changes are currently unique to OAuth and need to be made generic so that any auth provider can modify the login template. PHPBB3-11673 --- phpBB/includes/functions.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b14f03f5a0..02cdfd7ed1 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3373,12 +3373,9 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $auth_provider = $phpbb_container->get('auth.provider.oauth'); $oauth_box_data = $auth_provider->get_login_data(); - foreach ($oauth_box_data as $service_name => $data) + foreach ($oauth_box_data as $data) { - $template->assign_block_vars('oauth', array( - 'SERVICE_NAME' => $service_name, - 'REDIRECT_URL' => $data['url'], - )); + $template->assign_block_vars('oauth', $data); } } -- cgit v1.2.1 From 581cb37b8c7ae4f1902cfd6114a34ce1510139a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 13:46:33 -0400 Subject: [feature/oauth] Start linking/registering OAuth accounts during login PHPBB3-11673 --- phpBB/includes/constants.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index c1f4c6ac0e..ae55a71e50 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -61,6 +61,7 @@ define('LOGIN_CONTINUE', 1); define('LOGIN_BREAK', 2); define('LOGIN_SUCCESS', 3); define('LOGIN_SUCCESS_CREATE_PROFILE', 20); +define('LOGIN_SUCCESS_LINK_PROFILE', 21); define('LOGIN_ERROR_USERNAME', 10); define('LOGIN_ERROR_PASSWORD', 11); define('LOGIN_ERROR_ACTIVE', 12); -- cgit v1.2.1 From 27ea03d3e098ca53f9f49da5024f7d7c64989153 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 14:55:08 -0400 Subject: [feature/oauth] Initial login_link ucp class PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 phpBB/includes/ucp/ucp_login_link.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php new file mode 100644 index 0000000000..719dec5ea0 --- /dev/null +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -0,0 +1,32 @@ + Date: Wed, 24 Jul 2013 15:31:12 -0400 Subject: [feature/oauth] Some work on login_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 719dec5ea0..522a8b305c 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,6 +27,9 @@ class ucp_login_link function main($id, $mode) { + global $config, $phpbb_container, $request, $template; + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); } } \ No newline at end of file -- cgit v1.2.1 From 317a71a8384f137cedca3c9afbb02605876920c3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 25 Jul 2013 12:49:30 -0400 Subject: [feature/oauth] Template for ucp_login_link started PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 522a8b305c..7e6374ee83 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -31,5 +31,8 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + + $this->tpl_name = 'ucp_login_link'; + $this->page_title = 'UCP_LOGIN_LINK'; } -} \ No newline at end of file +} -- cgit v1.2.1 From 59852b5997905ed6f815c3cc4b9220872e1090d2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 25 Jul 2013 14:53:05 -0400 Subject: [feature/oauth] More work on login linking accounts PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 7e6374ee83..62641f0367 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -32,6 +32,29 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Process POST and GET data + $login_error = false; + $login_username = ''; + + // Common template elements + $template->assign_vars(array( + 'PASSWORD_CREDENTIAL' => 'password', + 'USERNAME_CREDENTIAL' => 'username', + )); + + // Registration template + $register_link = 'ucp.php?mode=register'; + + $template->assign_vars(array( + 'REGISTER_LINK' => redirect($register_link, true), + )); + + // Link to existing account template + $template->assign_vars(array( + 'LOGIN_ERROR' => $login_error, + 'LOGIN_USERNAME' => $login_username, + )); + $this->tpl_name = 'ucp_login_link'; $this->page_title = 'UCP_LOGIN_LINK'; } -- cgit v1.2.1 From 75206c74be23e17b2661faa0693cd308cab4d382 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 11:58:24 -0400 Subject: [feature/oauth] Basic checking for data needed in login linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 62641f0367..1fb75deb61 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,17 +27,31 @@ class ucp_login_link function main($id, $mode) { - global $config, $phpbb_container, $request, $template; + global $config, $phpbb_container, $request, $template, $user; $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Initialize necessary variables + $login_link_error = null; + + // Ensure the person was sent here with login_link data + $data = $request->variable('login_link', array()); + + if (empty($data)) + { + $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; + } else { + + } + // Process POST and GET data $login_error = false; $login_username = ''; // Common template elements $template->assign_vars(array( + 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'password', 'USERNAME_CREDENTIAL' => 'username', )); -- cgit v1.2.1 From bcdeafedd7178d27dcd0fafd4b22cddeaefc80b0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 12:55:57 -0400 Subject: [feature/oauth] Login works on login_link now, still does not actually link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 97 +++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 10 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 1fb75deb61..1b9b0e45cb 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,7 +27,7 @@ class ucp_login_link function main($id, $mode) { - global $config, $phpbb_container, $request, $template, $user; + global $auth, $config, $phpbb_container, $request, $template, $user; $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); @@ -35,25 +35,84 @@ class ucp_login_link // Initialize necessary variables $login_link_error = null; - // Ensure the person was sent here with login_link data - $data = $request->variable('login_link', array()); + // Build the data array + $data = $this->get_login_link_data_array(); + // Ensure the person was sent here with login_link data if (empty($data)) { $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; - } else { - } - // Process POST and GET data - $login_error = false; - $login_username = ''; + // Have the authentication provider check that all necessary data is available + + + // Perform link action if there is no error + if (!login_link_error) + { + if ($request->is_set_post('login')) + { + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + + $result = $auth->login($login_username, $login_password); + + if ($result['status'] != LOGIN_SUCCESS) + { + // Handle all errors first + if ($result['status'] == LOGIN_BREAK) + { + trigger_error($result['error_msg']); + } + + switch ($result['status']) + { + case LOGIN_ERROR_ATTEMPTS: + + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + + $login_error = $user->lang[$result['error_msg']]; + break; + + case LOGIN_ERROR_PASSWORD_CONVERT: + $login_error = sprintf( + $user->lang[$result['error_msg']], + ($config['email_enable']) ? '' : '', + ($config['email_enable']) ? '' : '', + ($config['board_contact']) ? '' : '', + ($config['board_contact']) ? '' : '' + ); + break; + + // Username, password, etc... + default: + $login_error = $user->lang[$result['error_msg']]; + + // Assign admin contact to some error messages + if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') + { + $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); + } + + break; + } + } else { + // The user is now logged in, attempt to link the user to the external account + $auth_provider->link_account($data); + } + } + } // Common template elements $template->assign_vars(array( 'LOGIN_LINK_ERROR' => $login_link_error, - 'PASSWORD_CREDENTIAL' => 'password', - 'USERNAME_CREDENTIAL' => 'username', + 'PASSWORD_CREDENTIAL' => 'login_password', + 'USERNAME_CREDENTIAL' => 'login_username', )); // Registration template @@ -72,4 +131,22 @@ class ucp_login_link $this->tpl_name = 'ucp_login_link'; $this->page_title = 'UCP_LOGIN_LINK'; } + + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(phpbb_request_interface::GET); + $login_link_data = array(); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); + } + } + + return $login_link_data; + } } -- cgit v1.2.1 From c09bda10fcf3fc7b84908bc15d86eca86b71f232 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:10:56 -0400 Subject: [feature/oauth] Properly check that all data needed is available PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 1b9b0e45cb..c99f162f1a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -33,7 +33,9 @@ class ucp_login_link $auth_provider = $phpbb_container->get($auth_provider); // Initialize necessary variables + $login_error = null; $login_link_error = null; + $login_username = null; // Build the data array $data = $this->get_login_link_data_array(); @@ -45,10 +47,14 @@ class ucp_login_link } // Have the authentication provider check that all necessary data is available - + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $login_link_error = $user->lang[$result]; + } // Perform link action if there is no error - if (!login_link_error) + if (!$login_link_error) { if ($request->is_set_post('login')) { @@ -143,7 +149,8 @@ class ucp_login_link { if (strpos($var_name, 'login_link_') === 0) { - $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); + $key_name = str_replace('login_link_', '', $var_name); + $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); } } -- cgit v1.2.1 From ec160814b8bc21ab61314712660153b3f95eb7c9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:48:23 -0400 Subject: [feature/oauth] More work on getting login link working PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 140 +++++++++++++++++++--------------- 1 file changed, 79 insertions(+), 61 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index c99f162f1a..18d07fb520 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,10 +27,7 @@ class ucp_login_link function main($id, $mode) { - global $auth, $config, $phpbb_container, $request, $template, $user; - - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + global $config, $phpbb_container, $request, $template, $user; // Initialize necessary variables $login_error = null; @@ -53,83 +50,45 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } + // Use the auth_provider requested even if different from configured + $auth_provider = 'auth_provider.' . (array_key_exists('auth_provider', $data)) ? $data['auth_provider'] : $config['auth_method']; + $auth_provider = $phpbb_container->get($auth_provider); + // Perform link action if there is no error if (!$login_link_error) { if ($request->is_set_post('login')) { - $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); - - $result = $auth->login($login_username, $login_password); + // We only care if there is or is not an error + $login_error = $this->perform_login_action(); - if ($result['status'] != LOGIN_SUCCESS) + if (!$login_error) { - // Handle all errors first - if ($result['status'] == LOGIN_BREAK) - { - trigger_error($result['error_msg']); - } + // The user is now logged in, attempt to link the user to the external account + $result = $auth_provider->link_account($data); - switch ($result['status']) + if ($result) { - case LOGIN_ERROR_ATTEMPTS: - - $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_LOGIN); - - $template->assign_vars(array( - 'CAPTCHA_TEMPLATE' => $captcha->get_template(), - )); - - $login_error = $user->lang[$result['error_msg']]; - break; - - case LOGIN_ERROR_PASSWORD_CONVERT: - $login_error = sprintf( - $user->lang[$result['error_msg']], - ($config['email_enable']) ? '' : '', - ($config['email_enable']) ? '' : '', - ($config['board_contact']) ? '' : '', - ($config['board_contact']) ? '' : '' - ); - break; - - // Username, password, etc... - default: - $login_error = $user->lang[$result['error_msg']]; - - // Assign admin contact to some error messages - if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') - { - $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); - } - - break; + $login_link_error = $user->lang[$result]; + } else { + // Perform a redirect as the account has been linked } - } else { - // The user is now logged in, attempt to link the user to the external account - $auth_provider->link_account($data); } } } - // Common template elements + $register_link = redirect('ucp.php?mode=register', true); + $template->assign_vars(array( + // Common template elements 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', - )); - // Registration template - $register_link = 'ucp.php?mode=register'; - - $template->assign_vars(array( - 'REGISTER_LINK' => redirect($register_link, true), - )); + // Registration elements + 'REGISTER_LINK' => $register_link, - // Link to existing account template - $template->assign_vars(array( + // Login elements 'LOGIN_ERROR' => $login_error, 'LOGIN_USERNAME' => $login_username, )); @@ -156,4 +115,63 @@ class ucp_login_link return $login_link_data; } + + protected function perform_login_action() + { + global $auth, $config, $request, $template, $user; + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + + $result = $auth->login($login_username, $login_password); + + $login_error = null; + + if ($result['status'] != LOGIN_SUCCESS) + { + // Handle all errors first + if ($result['status'] == LOGIN_BREAK) + { + trigger_error($result['error_msg']); + } + + switch ($result['status']) + { + case LOGIN_ERROR_ATTEMPTS: + + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + + $login_error = $user->lang[$result['error_msg']]; + break; + + case LOGIN_ERROR_PASSWORD_CONVERT: + $login_error = sprintf( + $user->lang[$result['error_msg']], + ($config['email_enable']) ? '' : '', + ($config['email_enable']) ? '' : '', + ($config['board_contact']) ? '' : '', + ($config['board_contact']) ? '' : '' + ); + break; + + // Username, password, etc... + default: + $login_error = $user->lang[$result['error_msg']]; + + // Assign admin contact to some error messages + if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') + { + $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); + } + + break; + } + } + + return $login_error; + } } -- cgit v1.2.1 From 600c29e6ecc189aed1ba6b993c3fe79033285df1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 14:01:44 -0400 Subject: [feature/oauth] Most of ucp page related to login option should be done now PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 18d07fb520..c2fc0fdfab 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -43,6 +43,10 @@ class ucp_login_link $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; } + // Use the auth_provider requested even if different from configured + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); + // Have the authentication provider check that all necessary data is available $result = $auth_provider->login_link_has_necessary_data($data); if ($result !== null) @@ -50,10 +54,6 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } - // Use the auth_provider requested even if different from configured - $auth_provider = 'auth_provider.' . (array_key_exists('auth_provider', $data)) ? $data['auth_provider'] : $config['auth_method']; - $auth_provider = $phpbb_container->get($auth_provider); - // Perform link action if there is no error if (!$login_link_error) { @@ -72,6 +72,7 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } else { // Perform a redirect as the account has been linked + $this->perform_redirect(); } } } @@ -120,7 +121,7 @@ class ucp_login_link { global $auth, $config, $request, $template, $user; $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); $result = $auth->login($login_username, $login_password); @@ -174,4 +175,10 @@ class ucp_login_link return $login_error; } + + protected function perform_redirect() + { + // TODO: Make redirect to same page as login would have + redirect('index.php'); + } } -- cgit v1.2.1 From 3d55e5faa91f0161bc020720a81b50171b30f49d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:03:54 -0400 Subject: [feature/oauth] Works in all tests now PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index c2fc0fdfab..5b58e91b9a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -59,11 +59,19 @@ class ucp_login_link { if ($request->is_set_post('login')) { + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); + + $login_result = $auth_provider->login($login_username, $login_password); + // We only care if there is or is not an error - $login_error = $this->perform_login_action(); + $login_error = $this->process_login_result($login_result); if (!$login_error) { + // Give the user_id to the data + $data['user_id'] = $login_result['user_row']['user_id']; + // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); @@ -71,6 +79,9 @@ class ucp_login_link { $login_link_error = $user->lang[$result]; } else { + // Finish login + $result = $user->session_create($login_result['user_row']['user_id'], false, false, true); + // Perform a redirect as the account has been linked $this->perform_redirect(); } @@ -117,13 +128,9 @@ class ucp_login_link return $login_link_data; } - protected function perform_login_action() + protected function process_login_result($result) { - global $auth, $config, $request, $template, $user; - $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); - - $result = $auth->login($login_username, $login_password); + global $config, $request, $template, $user; $login_error = null; -- cgit v1.2.1 From 0cbfa8ffd465bdff113bdbc92326c2d272afe15d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:45:05 -0400 Subject: [feature/oauth] Start working on login_link registration support PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 5b58e91b9a..73991dc1a4 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -89,8 +89,6 @@ class ucp_login_link } } - $register_link = redirect('ucp.php?mode=register', true); - $template->assign_vars(array( // Common template elements 'LOGIN_LINK_ERROR' => $login_link_error, @@ -98,7 +96,7 @@ class ucp_login_link 'USERNAME_CREDENTIAL' => 'login_username', // Registration elements - 'REGISTER_LINK' => $register_link, + 'REGISTER_ACTION' => $this->get_register_redirect($data), // Login elements 'LOGIN_ERROR' => $login_error, @@ -109,6 +107,20 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } + protected function get_register_redirect($data) + { + global $config, $phpbb_root_path, $phpEx, $request; + + $params = 'mode=register&login_link=1&auth_provider=' . $request->variable('auth_provider', $config['auth_method']); + + foreach ($data as $key => $value) + { + $params .= '&login_link_' . $key . '=' . $value; + } + + return append_sid("{$phpbb_root_path}ucp.$phpEx", $params); + } + protected function get_login_link_data_array() { global $request; -- cgit v1.2.1 From b6d93d21bade3cab9f9434e6a87802913587feae Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 13:46:40 -0400 Subject: [feature/oauth] Login_link in registration PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 11 ++++---- phpBB/includes/ucp/ucp_register.php | 52 +++++++++++++++++++++++++++++++++-- 2 files changed, 56 insertions(+), 7 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 73991dc1a4..e60628e3c1 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -94,9 +94,10 @@ class ucp_login_link 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', + 'S_HIDDEN_FIELDS' => $this->get_hidden_fields(), // Registration elements - 'REGISTER_ACTION' => $this->get_register_redirect($data), + 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), // Login elements 'LOGIN_ERROR' => $login_error, @@ -107,18 +108,18 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } - protected function get_register_redirect($data) + protected function get_register_hidden_fields($data) { global $config, $phpbb_root_path, $phpEx, $request; - $params = 'mode=register&login_link=1&auth_provider=' . $request->variable('auth_provider', $config['auth_method']); + $fields = array(); foreach ($data as $key => $value) { - $params .= '&login_link_' . $key . '=' . $value; + $fields['login_link_' . $key] = $value; } - return append_sid("{$phpbb_root_path}ucp.$phpEx", $params); + return build_hidden_fields($s_hidden_fields); } protected function get_login_link_data_array() diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 70fbfe46fb..d52e172ec2 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -27,7 +27,7 @@ class ucp_register function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; - global $request; + global $request, $phpbb_container; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) @@ -78,11 +78,28 @@ class ucp_register } } - $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); + // Handle login_link data added to $_hidden_fields + $login_link_data = $this->get_login_link_data_array(); + + if ($login_link_data !== array()) + { + // Confirm that we have all necessary data + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); + + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $error[] = $user->lang[$result]; + } + + $s_hidden_fields = array_merge($s_hidden_fields, $login_link_data); + } + if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; @@ -398,6 +415,19 @@ class ucp_register } } + // Perform account linking if necessary + if ($login_link_data !== array()) + { + $login_link_data['user_id'] = $user_id; + + $result = $auth_provider->link_account($login_link_data); + + if ($result) + { + $message = $message . '

' . $user->lang[$result]; + } + } + $message = $message . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); trigger_error($message); } @@ -474,4 +504,22 @@ class ucp_register $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; } + + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(phpbb_request_interface::POST); + $login_link_data = array(); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); + } + } + + return $login_link_data; + } } -- cgit v1.2.1 From 3b19d5c1984c26a137013f0c60a45001321bfa88 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 14:46:31 -0400 Subject: [feature/oauth] Fix errors on ucp_login_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index e60628e3c1..9f2fa6330a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -28,6 +28,7 @@ class ucp_login_link function main($id, $mode) { global $config, $phpbb_container, $request, $template, $user; + global $phpbb_root_path, $phpEx; // Initialize necessary variables $login_error = null; @@ -94,7 +95,7 @@ class ucp_login_link 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', - 'S_HIDDEN_FIELDS' => $this->get_hidden_fields(), + 'S_HIDDEN_FIELDS' => $this->get_hidden_fields($data), // Registration elements 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), @@ -108,10 +109,8 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } - protected function get_register_hidden_fields($data) + protected function get_hidden_fields($data) { - global $config, $phpbb_root_path, $phpEx, $request; - $fields = array(); foreach ($data as $key => $value) @@ -119,7 +118,7 @@ class ucp_login_link $fields['login_link_' . $key] = $value; } - return build_hidden_fields($s_hidden_fields); + return build_hidden_fields($fields); } protected function get_login_link_data_array() -- cgit v1.2.1 From aa80ac44a4f4f84d0fc41fa0218cc7d7140c3df0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 14:54:16 -0400 Subject: [feature/oauth] Login_link works with ucp_register now PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index d52e172ec2..8400e98630 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -81,6 +81,7 @@ class ucp_register $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); + $s_hidden_fields = array(); // Handle login_link data added to $_hidden_fields $login_link_data = $this->get_login_link_data_array(); @@ -91,13 +92,13 @@ class ucp_register $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); - $result = $auth_provider->login_link_has_necessary_data($data); + $result = $auth_provider->login_link_has_necessary_data($login_link_data); if ($result !== null) { $error[] = $user->lang[$result]; } - $s_hidden_fields = array_merge($s_hidden_fields, $login_link_data); + $s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data)); } if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) @@ -105,9 +106,9 @@ class ucp_register $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; - $s_hidden_fields = array( + $s_hidden_fields = array_merge($s_hidden_fields, array( 'change_lang' => $change_lang, - ); + )); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) @@ -433,10 +434,10 @@ class ucp_register } } - $s_hidden_fields = array( + $s_hidden_fields = array_merge($s_hidden_fields, array( 'agreed' => 'true', 'change_lang' => 0, - ); + )); if ($config['coppa_enable']) { @@ -516,10 +517,23 @@ class ucp_register { if (strpos($var_name, 'login_link_') === 0) { - $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); + $key_name = str_replace('login_link_', '', $var_name); + $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); } } return $login_link_data; } + + protected function get_login_link_data_for_hidden_fields($data) + { + $new_data = array(); + + foreach ($data as $key => $value) + { + $new_data['login_link_' . $key] = $value; + } + + return $new_data; + } } -- cgit v1.2.1 From 245e71e4e20b8d4ec80fc5e059dc12db51d10651 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:05:09 -0400 Subject: [feature/oauth] Add get_login_data to the auth_provider_interface PHPBB3-11673 --- phpBB/includes/functions.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 02cdfd7ed1..79391aba56 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3367,6 +3367,26 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields['credential'] = $credential; } + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + + $auth_provider_data = $auth_provider->get_login_data(); + if ($auth_provider_data) + { + if (isset($auth_provider_data['VARS'])) + { + $template->assign_vars($auth_provider_data['VARS']); + } + + if (isset($auth_provider_data['BLOCK_VAR_NAME'])) + { + $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $auth_provider_data['BLOCK_VARS']); + } + + $template->assign_vars(array( + 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'], + )); + } + $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; if ($oauth_login) -- cgit v1.2.1 From 1ae2283b348d6fef1f9e90a49e2a25914465585e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:21:07 -0400 Subject: [feature/oauth] Finish updating interface and related code PHPBB3-11673 --- phpBB/includes/functions.php | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 79391aba56..5849a21013 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3379,7 +3379,10 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa if (isset($auth_provider_data['BLOCK_VAR_NAME'])) { - $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $auth_provider_data['BLOCK_VARS']); + foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars) + { + $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars); + } } $template->assign_vars(array( @@ -3387,26 +3390,12 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa )); } - $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; - - if ($oauth_login) - { - $auth_provider = $phpbb_container->get('auth.provider.oauth'); - $oauth_box_data = $auth_provider->get_login_data(); - foreach ($oauth_box_data as $data) - { - $template->assign_block_vars('oauth', $data); - } - } - $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, - 'OAUTH_LOGIN' => $oauth_login, - 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), -- cgit v1.2.1 From baa3a750c4cd2112202c40b39d1f3fdf5b05bdb1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 5 Aug 2013 15:34:26 -0400 Subject: [feature/oauth] Start general auth linking page PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 phpBB/includes/ucp/ucp_auth_link.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php new file mode 100644 index 0000000000..266273cff8 --- /dev/null +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -0,0 +1,27 @@ +tpl_name = 'ucp_auth_link'; + $this->page_title = 'UCP_AUTH_LINK'; + } +} -- cgit v1.2.1 From 4683c37682541f73deca1f1476daf8c24f6962d6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 5 Aug 2013 15:38:58 -0400 Subject: [feature/oauth] Forgot to have login_link be "in login" in ucp PHPBB3-11673 --- phpBB/includes/ucp/info/ucp_auth_link.php | 34 +++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 phpBB/includes/ucp/info/ucp_auth_link.php (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/info/ucp_auth_link.php b/phpBB/includes/ucp/info/ucp_auth_link.php new file mode 100644 index 0000000000..c5cd997af4 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_auth_link.php @@ -0,0 +1,34 @@ + 'ucp_auth_link', + 'title' => 'UCP_AUTH_LINK', + 'version' => '1.0.0', + 'modes' => array( + 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_MAIN')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} -- cgit v1.2.1 From b5255d42b56b1d0d14bcd9a70218689932065ce6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 04:38:38 -0400 Subject: [feature/oauth] Default auth_link into UCP_PROFILE not UCP_MAIN PHPBB3-11673 --- phpBB/includes/ucp/info/ucp_auth_link.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/info/ucp_auth_link.php b/phpBB/includes/ucp/info/ucp_auth_link.php index c5cd997af4..ee88b15ea8 100644 --- a/phpBB/includes/ucp/info/ucp_auth_link.php +++ b/phpBB/includes/ucp/info/ucp_auth_link.php @@ -19,7 +19,7 @@ class ucp_auth_link_info 'title' => 'UCP_AUTH_LINK', 'version' => '1.0.0', 'modes' => array( - 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_MAIN')), + 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_PROFILE')), ), ); } -- cgit v1.2.1 From deb62d51fe4e06e52fbc4042b692071bcd8f9d39 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:12:41 -0400 Subject: [feature/oauth] Start building the template PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 266273cff8..6bf74d4fbf 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,6 +21,34 @@ class ucp_auth_link public function main($id, $mode) { + global $template, $phpbb_container; + + $error = array(); + $s_hidden_fields = array(); + add_form_key('ucp_auth_link'); + + $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); + + if ($submit) + { + if (!check_form_key('ucp_reg_details')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + + } + } + + $s_hidden_fields = build_hidden_fields($s_hidden_fields); + + $template->assign_vars(array( + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action, + )); + $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } -- cgit v1.2.1 From 0b80aaf2178e5a40f9429ce972c490f6067ef114 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:16:39 -0400 Subject: [feature/oauth] Add method to return necessary data for auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 6bf74d4fbf..c1d97c8cf8 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,7 +21,16 @@ class ucp_auth_link public function main($id, $mode) { - global $template, $phpbb_container; + global $config, $request, $template, $phpbb_container; + + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + + // confirm that the auth provider supports this page + $provider_data = $auth_provider->get_auth_link_data(); + if ($provider_data === null) + { + // does not support this page, throw error? + } $error = array(); $s_hidden_fields = array(); -- cgit v1.2.1 From 69cb2e4c603243f75fcfd288d0018390b763ce05 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:26:44 -0400 Subject: [feature/oauth] More template work PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index c1d97c8cf8..cb6d85d6b7 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -30,6 +30,7 @@ class ucp_auth_link if ($provider_data === null) { // does not support this page, throw error? + throw new Exception('TEMPORARY EXCEPTION'); } $error = array(); @@ -54,6 +55,8 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( + 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], + 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action, )); -- cgit v1.2.1 From a479f919ff17bc96e55baf8c4b811ac4ec22d8f1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 12:53:10 -0400 Subject: [feature/oauth] Error handling on page PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index cb6d85d6b7..cf92b5d58d 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -23,23 +23,23 @@ class ucp_auth_link { global $config, $request, $template, $phpbb_container; + $error = array(); + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); // confirm that the auth provider supports this page $provider_data = $auth_provider->get_auth_link_data(); if ($provider_data === null) { - // does not support this page, throw error? - throw new Exception('TEMPORARY EXCEPTION'); + $error[] = 'UCP_AUTH_LINK_NOT_SUPPORTED'; } - $error = array(); $s_hidden_fields = array(); add_form_key('ucp_auth_link'); $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); - if ($submit) + if (!sizeof($error) && $submit) { if (!check_form_key('ucp_reg_details')) { @@ -55,6 +55,8 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( + 'ERROR' => $this->build_error_text($error), + 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], 'S_HIDDEN_FIELDS' => $s_hidden_fields, @@ -64,4 +66,20 @@ class ucp_auth_link $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } + + private function build_error_text(array $errors) + { + global $user; + + // Replace all errors that are language constants + foreach ($errors as $key => $error) + { + if (isset($user->lang[$error])) + { + $errors[$key] = $user->lang($error); + } + } + + return implode('
', $errors); + } } -- cgit v1.2.1 From 4003e077c170e2c9aebbf582cb08249d80d37a3d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 14:43:18 -0400 Subject: [feature/oauth] Get the OAuth template in place for ucp_auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index cf92b5d58d..05896f93b0 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -52,6 +52,19 @@ class ucp_auth_link } } + if (isset($provider_data['VARS'])) + { + $template->assign_vars($provider_data['VARS']); + } + + if (isset($provider_data['BLOCK_VAR_NAME'])) + { + foreach ($provider_data['BLOCK_VARS'] as $block_vars) + { + $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars); + } + } + $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( -- cgit v1.2.1 From 836d3ba22ec997f6c823c9b4594fb42c49524732 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 15:29:08 -0400 Subject: [feature/oauth] Handle hidden fields PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 05896f93b0..5b8169e3de 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -54,6 +54,13 @@ class ucp_auth_link if (isset($provider_data['VARS'])) { + // Handle hidden fields separately + if (isset($provider_data['VARS']['HIDDEN_FIELDS'])) + { + $s_hidden_fields = array_merge($s_hidden_fields, $provider_data['VARS']['HIDDEN_FIELDS']); + unset($provider_data['VARS']['HIDDEN_FIELDS']); + } + $template->assign_vars($provider_data['VARS']); } @@ -61,6 +68,12 @@ class ucp_auth_link { foreach ($provider_data['BLOCK_VARS'] as $block_vars) { + // See if there are additional hidden fields. This should be an associative array + if (isset($block_vars['HIDDEN_FIELDS'])) + { + $block_vars['HIDDEN_FIELDS'] = build_hidden_fields($block_vars['HIDDEN_FIELDS']); + } + $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars); } } -- cgit v1.2.1 From 67b1ec5bb85fb40f098a1c568276c8fd9a7b8976 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:19:26 -0400 Subject: [feature/oauth] Start implementing link/unlink actions PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 5b8169e3de..6c56f8ac3c 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -48,7 +48,20 @@ class ucp_auth_link if (!sizeof($error)) { + // Any post data could be necessary for auth (un)linking + $link_data = $request->get_super_global(phpbb_request_interface::POST); + // The current user_id is also necessary + $link_data['user_id'] = $user->data['user_id']; + + if ($request->variable('link', false, false, phpbb_request_interface::POST)) + { + $error[] = $auth_provider->link_account($link_data); + } + else + { + $error[] = $auth_provider->unlink_account($link_data); + } } } -- cgit v1.2.1 From ce387d9bfc2b4a5ac18f79585132862ced0a7687 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:21:11 -0400 Subject: [feature/oauth] Fix errors in ucp_auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 6c56f8ac3c..213fbfdbb5 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,7 +21,7 @@ class ucp_auth_link public function main($id, $mode) { - global $config, $request, $template, $phpbb_container; + global $config, $request, $template, $phpbb_container, $user; $error = array(); @@ -41,7 +41,7 @@ class ucp_auth_link if (!sizeof($error) && $submit) { - if (!check_form_key('ucp_reg_details')) + if (!check_form_key('ucp_auth_link')) { $error[] = 'FORM_INVALID'; } -- cgit v1.2.1 From afebbf231adeee6828d75d346b64f3036ff46e7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:35:37 -0400 Subject: [feature/oauth] Update link_account to allow for two methods of linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 5 ++++- phpBB/includes/ucp/ucp_login_link.php | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 213fbfdbb5..43d69be901 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -54,7 +54,10 @@ class ucp_auth_link // The current user_id is also necessary $link_data['user_id'] = $user->data['user_id']; - if ($request->variable('link', false, false, phpbb_request_interface::POST)) + // Tell the provider that the method is auth_link not login_link + $link_data['link_method'] = 'auth_link'; + + if ($request->variable('link', null)) { $error[] = $auth_provider->link_account($link_data); } diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 9f2fa6330a..b09415623b 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -73,6 +73,9 @@ class ucp_login_link // Give the user_id to the data $data['user_id'] = $login_result['user_row']['user_id']; + // Set the link_method to login_link + $data['link_method'] = 'login_link'; + // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); -- cgit v1.2.1 From bb68338861e4fc618407f83706d194e1114ce103 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:55:38 -0400 Subject: [feature/oauth] Refactor oauth::link_account for two paths PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 43d69be901..59eedb7c92 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -39,6 +39,7 @@ class ucp_auth_link $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); + // This path is only for primary actions if (!sizeof($error) && $submit) { if (!check_form_key('ucp_auth_link')) @@ -57,7 +58,7 @@ class ucp_auth_link // Tell the provider that the method is auth_link not login_link $link_data['link_method'] = 'auth_link'; - if ($request->variable('link', null)) + if ($request->variable('link', null, false, phpbb_request_interface::POST)) { $error[] = $auth_provider->link_account($link_data); } @@ -68,6 +69,17 @@ class ucp_auth_link } } + // In some cases, an request to an external server may be required in + // these cases, the GET parameter 'link' should exist and should be true + if ($request->variable('link', false)) + { + // In this case the link data should only be populated with the + // link_method as the provider dictates how data is returned to it. + $link_data = array('link_method' => 'auth_link'); + + $error[] = $auth_provider->link_account($link_data); + } + if (isset($provider_data['VARS'])) { // Handle hidden fields separately -- cgit v1.2.1 From cd12786e58995d93bb73218fb869bad00ad9674e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:01:59 -0400 Subject: [feature/oauth] Fix errors found in testing linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 59eedb7c92..b7fd014493 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -58,7 +58,7 @@ class ucp_auth_link // Tell the provider that the method is auth_link not login_link $link_data['link_method'] = 'auth_link'; - if ($request->variable('link', null, false, phpbb_request_interface::POST)) + if ($request->variable('link', 0, false, phpbb_request_interface::POST)) { $error[] = $auth_provider->link_account($link_data); } -- cgit v1.2.1 From 9cd80345ad05cccb362ec3eba15304c3f43630ed Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:32:55 -0400 Subject: [feature/oauth] Implement unlinking in OAuth PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index b7fd014493..df4b433f42 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -66,6 +66,9 @@ class ucp_auth_link { $error[] = $auth_provider->unlink_account($link_data); } + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); } } -- cgit v1.2.1 From 43e08e221f9e70940249b93a229dcec0eb10059b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 22:50:34 -0400 Subject: [feature/oauth] Fix bug found in testing PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index b09415623b..e8e489fe5f 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -48,6 +48,9 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Set the link_method to login_link + $data['link_method'] = 'login_link'; + // Have the authentication provider check that all necessary data is available $result = $auth_provider->login_link_has_necessary_data($data); if ($result !== null) @@ -73,9 +76,6 @@ class ucp_login_link // Give the user_id to the data $data['user_id'] = $login_result['user_row']['user_id']; - // Set the link_method to login_link - $data['link_method'] = 'login_link'; - // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); -- cgit v1.2.1 From e2d0a0b7c83f40c0602ed9064e12dded96fdc897 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 23:17:57 -0400 Subject: [feature/oauth] Fix template not refreshing issue PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index df4b433f42..e2bf369984 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -81,6 +81,9 @@ class ucp_auth_link $link_data = array('link_method' => 'auth_link'); $error[] = $auth_provider->link_account($link_data); + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); } if (isset($provider_data['VARS'])) -- cgit v1.2.1 From 27ba57747ab46c0507acc3a87e5b73babda436b1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:14:30 -0400 Subject: [feature/oauth] Clean up TODOs PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index e8e489fe5f..d782e26c2c 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -200,7 +200,6 @@ class ucp_login_link protected function perform_redirect() { - // TODO: Make redirect to same page as login would have redirect('index.php'); } } -- cgit v1.2.1 From 76d1e7e111d4a12f50e3c4776b00a6681a83b295 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 21:14:37 -0400 Subject: [feature/oauth] Fix issues on ucp_login_link from review PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 41 ++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index d782e26c2c..2ed6a985d5 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -23,8 +23,17 @@ if (!defined('IN_PHPBB')) */ class ucp_login_link { - var $u_action; - + /** + * @var string + */ + public $u_action; + + /** + * Generates the ucp_login_link page and handles login link process + * + * @param int $id + * @param string $mode + */ function main($id, $mode) { global $config, $phpbb_container, $request, $template, $user; @@ -112,6 +121,14 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } + /** + * Builds the hidden fields string from the data array. + * + * @param array $data This function only includes data in the array + * that has a key that begins with 'login_link_' + * @return string A string of hidden fields that can be included in the + * template + */ protected function get_hidden_fields($data) { $fields = array(); @@ -124,6 +141,12 @@ class ucp_login_link return build_hidden_fields($fields); } + /** + * Builds the login_link data array + * + * @return array All login_link data. This is all GET data whose names + * begin with 'login_link_' + */ protected function get_login_link_data_array() { global $request; @@ -143,6 +166,13 @@ class ucp_login_link return $login_link_data; } + /** + * Processes the result array from the login process + * @param array $result The login result array + * @return string|null If there was an error in the process, a string is + * returned. If the login was successful, then null is + * returned. + */ protected function process_login_result($result) { global $config, $request, $template, $user; @@ -198,8 +228,13 @@ class ucp_login_link return $login_error; } + /** + * Performs a post login redirect + */ protected function perform_redirect() { - redirect('index.php'); + global $phpEx; + $url = append_sid('index.' . $phpEx); + redirect($url); } } -- cgit v1.2.1 From a8ffbce99f9ea99bd1fdca0e009001026e2d6950 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:00:16 -0400 Subject: [feature/oauth] Changes due to code review PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 32 ++++++++++++++------------------ phpBB/includes/ucp/ucp_login_link.php | 4 +++- 2 files changed, 17 insertions(+), 19 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index e2bf369984..4fa984c9e7 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -17,8 +17,17 @@ if (!defined('IN_PHPBB')) class ucp_auth_link { + /** + * @var string + */ public $u_action; + /** + * Generates the ucp_auth_link page and handles the auth link process + * + * @param int $id + * @param string $mode + */ public function main($id, $mode) { global $config, $request, $template, $phpbb_container, $user; @@ -72,7 +81,7 @@ class ucp_auth_link } } - // In some cases, an request to an external server may be required in + // In some cases, a request to an external server may be required. In // these cases, the GET parameter 'link' should exist and should be true if ($request->variable('link', false)) { @@ -114,8 +123,11 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); + $template->assign_vars(array( - 'ERROR' => $this->build_error_text($error), + 'ERROR' => $error, 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], @@ -126,20 +138,4 @@ class ucp_auth_link $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } - - private function build_error_text(array $errors) - { - global $user; - - // Replace all errors that are language constants - foreach ($errors as $key => $error) - { - if (isset($user->lang[$error])) - { - $errors[$key] = $user->lang($error); - } - } - - return implode('
', $errors); - } } diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 2ed6a985d5..4173c54c42 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -91,7 +91,9 @@ class ucp_login_link if ($result) { $login_link_error = $user->lang[$result]; - } else { + } + else + { // Finish login $result = $user->session_create($login_result['user_row']['user_id'], false, false, true); -- cgit v1.2.1 From d847df717573a55cc6e13211fbe853b4784cf53c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:10:10 -0400 Subject: [feature/oauth] A few more minor changes PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 8400e98630..e3a1ac1fb0 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -506,6 +506,12 @@ class ucp_register $this->page_title = 'UCP_REGISTRATION'; } + /** + * Creates the login_link data array + * + * @return array Returns an array of all POST paramaters whose names + * begin with 'login_link_' + */ protected function get_login_link_data_array() { global $request; @@ -525,6 +531,13 @@ class ucp_register return $login_link_data; } + /** + * Prepends they key names of an associative array with 'login_link_' for + * inclusion on the page as hidden fields. + * + * @param array $data The array to be modified + * @return array The modified array + */ protected function get_login_link_data_for_hidden_fields($data) { $new_data = array(); -- cgit v1.2.1 From 51f06f36f1f90429b48cab473f0eaf2b57b1b811 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:31:09 -0400 Subject: [feature/oauth] Fix small issues on ucp pages PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 2 +- phpBB/includes/ucp/ucp_login_link.php | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 4fa984c9e7..ed348609cf 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -1,7 +1,7 @@ variable_names(phpbb_request_interface::GET); $login_link_data = array(); + $string_start_length = strlen('login_link_'); foreach ($var_names as $var_name) { if (strpos($var_name, 'login_link_') === 0) { - $key_name = str_replace('login_link_', '', $var_name); + $key_name = substr($var_name, $string_start_length); $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); } } -- cgit v1.2.1 From 29e3768ecc7bc8adf96d4e31c4e05a6f1de6735a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:47:40 -0400 Subject: [feature/oauth] More minor changes from review PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 4 ++-- phpBB/includes/ucp/ucp_register.php | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index bf7df1d4eb..4620eb9b9e 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -236,8 +236,8 @@ class ucp_login_link */ protected function perform_redirect() { - global $phpEx; - $url = append_sid('index.' . $phpEx); + global $phpbb_root_path, $phpEx; + $url = append_sid($phpbb_root_path . 'index.' . $phpEx); redirect($url); } } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index e3a1ac1fb0..372eecbb57 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -86,7 +86,7 @@ class ucp_register // Handle login_link data added to $_hidden_fields $login_link_data = $this->get_login_link_data_array(); - if ($login_link_data !== array()) + if (!empty($login_link_data)) { // Confirm that we have all necessary data $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); @@ -518,12 +518,13 @@ class ucp_register $var_names = $request->variable_names(phpbb_request_interface::POST); $login_link_data = array(); + $string_start_length = strlen('login_link_'); foreach ($var_names as $var_name) { if (strpos($var_name, 'login_link_') === 0) { - $key_name = str_replace('login_link_', '', $var_name); + $key_name = substr($var_name, $string_start_length); $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); } } -- cgit v1.2.1 From ae18f921ea61b20b026c4679b5b27cf40825f5dd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:52:24 -0400 Subject: [feature/oauth] More small fixes PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 372eecbb57..0c49cd1a5c 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -417,7 +417,7 @@ class ucp_register } // Perform account linking if necessary - if ($login_link_data !== array()) + if (!empty($login_link_data)) { $login_link_data['user_id'] = $user_id; -- cgit v1.2.1 From d5808f13e5fa70ecc802c2a5a11c3143746c93f0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:54:14 -0400 Subject: [feature/oauth] Fix bug on ucp_auth_link related to error display PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB/includes') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index ed348609cf..5a5653e0b2 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -125,6 +125,7 @@ class ucp_auth_link // Replace "error" strings with their real, localised form $error = array_map(array($user, 'lang'), $error); + $error = implode('
', $error); $template->assign_vars(array( 'ERROR' => $error, -- cgit v1.2.1