From 7030578bbe9e11c18b5becaf8b06e670e3c2e3cd Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 14 Jul 2013 01:32:34 -0400 Subject: [ticket/11698] Moving all autoloadable files to phpbb/ PHPBB3-11698 --- phpBB/phpbb/auth/provider/apache.php | 259 ++++++++++++++++++++++++ phpBB/phpbb/auth/provider/base.php | 72 +++++++ phpBB/phpbb/auth/provider/db.php | 297 +++++++++++++++++++++++++++ phpBB/phpbb/auth/provider/index.htm | 10 + phpBB/phpbb/auth/provider/interface.php | 105 ++++++++++ phpBB/phpbb/auth/provider/ldap.php | 346 ++++++++++++++++++++++++++++++++ 6 files changed, 1089 insertions(+) create mode 100644 phpBB/phpbb/auth/provider/apache.php create mode 100644 phpBB/phpbb/auth/provider/base.php create mode 100644 phpBB/phpbb/auth/provider/db.php create mode 100644 phpBB/phpbb/auth/provider/index.htm create mode 100644 phpBB/phpbb/auth/provider/interface.php create mode 100644 phpBB/phpbb/auth/provider/ldap.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php new file mode 100644 index 0000000000..2e80436f78 --- /dev/null +++ b/phpBB/phpbb/auth/provider/apache.php @@ -0,0 +1,259 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; + } + + /** + * {@inheritdoc} + */ + public function init() + { + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) + { + return $this->user->lang['APACHE_SETUP_BEFORE_USE']; + } + return false; + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW')); + + if (!empty($php_auth_user) && !empty($php_auth_pw)) + { + if ($php_auth_user !== $username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username = '" . $this->db->sql_escape($php_auth_user) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if ($row) + { + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), + ); + } + + // Not logged into apache + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + /** + * {@inheritdoc} + */ + public function autologin() + { + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + return array(); + } + + $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')); + $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW')); + + if (!empty($php_auth_user) && !empty($php_auth_pw)) + { + set_var($php_auth_user, $php_auth_user, 'string', true); + set_var($php_auth_pw, $php_auth_pw, 'string', true); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username = '" . $this->db->sql_escape($php_auth_user) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if ($row) + { + return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; + } + + if (!function_exists('user_add')) + { + include($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext); + } + + // create the user if he does not exist yet + user_add(user_row_apache($php_auth_user, $php_auth_pw)); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if ($row) + { + return $row; + } + } + + return array(); + } + + /** + * This function generates an array which can be passed to the user_add + * function in order to create a user + * + * @param string $username The username of the new user. + * @param string $password The password of the new user. + * @return array Contains data that can be passed directly to + * the user_add function. + */ + private function user_row($username, $password) + { + // first retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + return array( + 'username' => $username, + 'user_password' => phpbb_hash($password), + 'user_email' => '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $this->user->ip, + 'user_new' => ($this->config['new_member_post_limit']) ? 1 : 0, + ); + } + + /** + * {@inheritdoc} + */ + public function validate_session($user) + { + // Check if PHP_AUTH_USER is set and handle this case + if ($this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + { + $php_auth_user = $this->request->server('PHP_AUTH_USER'); + + return ($php_auth_user === $user['username']) ? true : false; + } + + // PHP_AUTH_USER is not set. A valid session is now determined by the user type (anonymous/bot or not) + if ($user['user_type'] == USER_IGNORE) + { + return true; + } + + return false; + } +} diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php new file mode 100644 index 0000000000..7eaf8bb2d3 --- /dev/null +++ b/phpBB/phpbb/auth/provider/base.php @@ -0,0 +1,72 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // Auth plugins get the password untrimmed. + // For compatibility we trim() here. + $password = trim($password); + + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $username_clean = utf8_clean_string($username); + + $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (($this->user->ip && !$this->config['ip_login_limit_use_forwarded']) || + ($this->user->forwarded_for && $this->config['ip_login_limit_use_forwarded'])) + { + $sql = 'SELECT COUNT(*) AS attempts + FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE attempt_time > ' . (time() - (int) $this->config['ip_login_limit_time']); + if ($this->config['ip_login_limit_use_forwarded']) + { + $sql .= " AND attempt_forwarded_for = '" . $this->db->sql_escape($this->user->forwarded_for) . "'"; + } + else + { + $sql .= " AND attempt_ip = '" . $this->db->sql_escape($this->user->ip) . "' "; + } + + $result = $this->db->sql_query($sql); + $attempts = (int) $this->db->sql_fetchfield('attempts'); + $this->db->sql_freeresult($result); + + $attempt_data = array( + 'attempt_ip' => $this->user->ip, + 'attempt_browser' => trim(substr($this->user->browser, 0, 149)), + 'attempt_forwarded_for' => $this->user->forwarded_for, + 'attempt_time' => time(), + 'user_id' => ($row) ? (int) $row['user_id'] : 0, + 'username' => $username, + 'username_clean' => $username_clean, + ); + $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $this->db->sql_build_array('INSERT', $attempt_data); + $result = $this->db->sql_query($sql); + } + else + { + $attempts = 0; + } + + if (!$row) + { + if ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']) + { + return array( + 'status' => LOGIN_ERROR_ATTEMPTS, + 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || + ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); + + // If there are too many login attempts, we need to check for a confirm image + // Every auth module is able to define what to do by itself... + if ($show_captcha) + { + // Visual Confirmation handling + if (!class_exists('phpbb_captcha_factory', false)) + { + include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->php_ext); + } + + $captcha = phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + $vc_response = $captcha->validate($row); + if ($vc_response) + { + return array( + 'status' => LOGIN_ERROR_ATTEMPTS, + 'error_msg' => 'LOGIN_ERROR_ATTEMPTS', + 'user_row' => $row, + ); + } + else + { + $captcha->reset(); + } + + } + + // If the password convert flag is set we need to convert it + if ($row['user_pass_convert']) + { + // enable super globals to get literal value + // this is needed to prevent unicode normalization + $super_globals_disabled = $this->request->super_globals_disabled(); + if ($super_globals_disabled) + { + $this->request->enable_super_globals(); + } + + // in phpBB2 passwords were used exactly as they were sent, with addslashes applied + $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; + $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; + $password_new_format = $this->request->variable('password', '', true); + + if ($super_globals_disabled) + { + $this->request->disable_super_globals(); + } + + if ($password == $password_new_format) + { + if (!function_exists('utf8_to_cp1252')) + { + include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext); + } + + // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding + // plain md5 support left in for conversions from other systems. + if ((strlen($row['user_password']) == 34 && (phpbb_check_hash(md5($password_old_format), $row['user_password']) || phpbb_check_hash(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) + || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) + { + $hash = phpbb_hash($password_new_format); + + // Update the password in the users table to the new format and remove user_pass_convert flag + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_password = \'' . $this->db->sql_escape($hash) . '\', + user_pass_convert = 0 + WHERE user_id = ' . $row['user_id']; + $this->db->sql_query($sql); + + $row['user_pass_convert'] = 0; + $row['user_password'] = $hash; + } + else + { + // Although we weren't able to convert this password we have to + // increase login attempt count to make sure this cannot be exploited + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . (int) $row['user_id'] . ' + AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; + $this->db->sql_query($sql); + + return array( + 'status' => LOGIN_ERROR_PASSWORD_CONVERT, + 'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT', + 'user_row' => $row, + ); + } + } + } + + // Check password ... + if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password'])) + { + // Check for old password hash... + if (strlen($row['user_password']) == 32) + { + $hash = phpbb_hash($password); + + // Update the password in the users table to the new format + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_password = '" . $this->db->sql_escape($hash) . "', + user_pass_convert = 0 + WHERE user_id = {$row['user_id']}"; + $this->db->sql_query($sql); + + $row['user_password'] = $hash; + } + + $sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' + WHERE user_id = ' . $row['user_id']; + $this->db->sql_query($sql); + + if ($row['user_login_attempts'] != 0) + { + // Successful, reset login attempts (the user passed all stages) + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = 0 + WHERE user_id = ' . $row['user_id']; + $this->db->sql_query($sql); + } + + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... set user_login_attempts to zero... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + + // Password incorrect - increase login attempts + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . (int) $row['user_id'] . ' + AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; + $this->db->sql_query($sql); + + // Give status about wrong password... + return array( + 'status' => ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD, + 'error_msg' => ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD', + 'user_row' => $row, + ); + } +} diff --git a/phpBB/phpbb/auth/provider/index.htm b/phpBB/phpbb/auth/provider/index.htm new file mode 100644 index 0000000000..ee1f723a7d --- /dev/null +++ b/phpBB/phpbb/auth/provider/index.htm @@ -0,0 +1,10 @@ + + + + + + + + + + diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php new file mode 100644 index 0000000000..47043bc107 --- /dev/null +++ b/phpBB/phpbb/auth/provider/interface.php @@ -0,0 +1,105 @@ + status constant + * 'error_msg' => string + * 'user_row' => array + * ) + */ + public function login($username, $password); + + /** + * Autologin function + * + * @return array|null containing the user row, empty if no auto login + * should take place, or null if not impletmented. + */ + public function autologin(); + + /** + * This function is used to output any required fields in the authentication + * admin panel. It also defines any required configuration table fields. + * + * @return array|null Returns null if not implemented or an array of the + * configuration fields of the provider. + */ + public function acp(); + + /** + * This function updates the template with variables related to the acp + * options with whatever configuraton values are passed to it as an array. + * It then returns the name of the acp file related to this authentication + * provider. + * @param array $new_config Contains the new configuration values that + * have been set in acp_board. + * @return array|null Returns null if not implemented or an array with + * the template file name and an array of the vars + * that the template needs that must conform to the + * following example: + * array( + * 'TEMPLATE_FILE' => string, + * 'TEMPLATE_VARS' => array(...), + * ) + */ + public function get_acp_template($new_config); + + /** + * Performs additional actions during logout. + * + * @param array $data An array corresponding to + * phpbb_session::data + * @param boolean $new_session True for a new session, false for no new + * session. + */ + public function logout($data, $new_session); + + /** + * The session validation function checks whether the user is still logged + * into phpBB. + * + * @param array $user + * @return boolean true if the given user is authenticated, false if the + * session should be closed, or null if not implemented. + */ + public function validate_session($user); +} diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php new file mode 100644 index 0000000000..0196529408 --- /dev/null +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -0,0 +1,346 @@ +db = $db; + $this->config = $config; + $this->user = $user; + } + + /** + * {@inheritdoc} + */ + public function init() + { + if (!@extension_loaded('ldap')) + { + return $this->user->lang['LDAP_NO_LDAP_EXTENSION']; + } + + $this->config['ldap_port'] = (int) $this->config['ldap_port']; + if ($this->config['ldap_port']) + { + $ldap = @ldap_connect($this->config['ldap_server'], $this->config['ldap_port']); + } + else + { + $ldap = @ldap_connect($this->config['ldap_server']); + } + + if (!$ldap) + { + return $this->user->lang['LDAP_NO_SERVER_CONNECTION']; + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($this->config['ldap_user'] || $this->config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) + { + return $this->user->lang['LDAP_INCORRECT_USER_PASSWORD']; + } + } + + // ldap_connect only checks whether the specified server is valid, so the connection might still fail + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($this->config['ldap_base_dn']), + $this->ldap_user_filter($this->user->data['username']), + (empty($this->config['ldap_email'])) ? + array(htmlspecialchars_decode($this->config['ldap_uid'])) : + array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])), + 0, + 1 + ); + + if ($search === false) + { + return $this->user->lang['LDAP_SEARCH_FAILED']; + } + + $result = @ldap_get_entries($ldap, $search); + + @ldap_close($ldap); + + + if (!is_array($result) || sizeof($result) < 2) + { + return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']); + } + + if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])])) + { + return $this->user->lang['LDAP_NO_EMAIL']; + } + + return false; + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!@extension_loaded('ldap')) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $this->config['ldap_port'] = (int) $this->config['ldap_port']; + if ($this->config['ldap_port']) + { + $ldap = @ldap_connect($this->config['ldap_server'], $this->config['ldap_port']); + } + else + { + $ldap = @ldap_connect($this->config['ldap_server']); + } + + if (!$ldap) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($this->config['ldap_user'] || $this->config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + } + + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($this->config['ldap_base_dn']), + $this->ldap_user_filter($username), + (empty($this->config['ldap_email'])) ? + array(htmlspecialchars_decode($this->config['ldap_uid'])) : + array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])), + 0, + 1 + ); + + $ldap_result = @ldap_get_entries($ldap, $search); + + if (is_array($ldap_result) && sizeof($ldap_result) > 1) + { + if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) + { + @ldap_close($ldap); + + $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if ($row) + { + unset($ldap_result); + + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... set user_login_attempts to zero... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + else + { + // retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $this->db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + $ldap_user_row = array( + 'username' => $username, + 'user_password' => phpbb_hash($password), + 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $this->user->ip, + 'user_new' => ($this->config['new_member_post_limit']) ? 1 : 0, + ); + + unset($ldap_result); + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => $ldap_user_row, + ); + } + } + else + { + unset($ldap_result); + @ldap_close($ldap); + + // Give status about wrong password... + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'LOGIN_ERROR_PASSWORD', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + } + + @ldap_close($ldap); + + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + /** + * {@inheritdoc} + */ + + public function acp() + { + // These are fields required in the config table + return array( + 'ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password', + ); + } + + /** + * {@inheritdoc} + */ + public function get_acp_template($new_config) + { + return array( + 'TEMPLATE_FILE' => 'auth_provider_ldap.html', + 'TEMPLATE_VARS' => array( + 'AUTH_LDAP_DN' => $new_config['ldap_base_dn'], + 'AUTH_LDAP_EMAIL' => $new_config['ldap_email'], + 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'], + 'AUTH_LDAP_PORT' => $new_config['ldap_port'], + 'AUTH_LDAP_SERVER' => $new_config['ldap_server'], + 'AUTH_LDAP_UID' => $new_config['ldap_uid'], + 'AUTH_LDAP_USER' => $new_config['ldap_user'], + 'AUTH_LDAP_USER_FILTER' => $new_config['ldap_user_filter'], + ), + ); + } + + /** + * Generates a filter string for ldap_search to find a user + * + * @param $username string Username identifying the searched user + * + * @return string A filter string for ldap_search + */ + private function ldap_user_filter($username) + { + $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')'; + if ($this->config['ldap_user_filter']) + { + $_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})"; + $filter = "(&{$filter}{$_filter})"; + } + return $filter; + } + + /** + * Escapes an LDAP AttributeValue + * + * @param string $string The string to be escaped + * @return string The escaped string + */ + private function ldap_escape($string) + { + return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); + } +} -- cgit v1.2.1 From b81613e5e57fd208e832637b6886abf9ec806c4b Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 14 Jul 2013 12:25:28 -0400 Subject: [ticket/11700] With namespaces interface will no longer be a valid classname PHPBB3-11700 --- phpBB/phpbb/auth/provider/interface.php | 105 ----------------------- phpBB/phpbb/auth/provider/provider_interface.php | 105 +++++++++++++++++++++++ 2 files changed, 105 insertions(+), 105 deletions(-) delete mode 100644 phpBB/phpbb/auth/provider/interface.php create mode 100644 phpBB/phpbb/auth/provider/provider_interface.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php deleted file mode 100644 index 47043bc107..0000000000 --- a/phpBB/phpbb/auth/provider/interface.php +++ /dev/null @@ -1,105 +0,0 @@ - status constant - * 'error_msg' => string - * 'user_row' => array - * ) - */ - public function login($username, $password); - - /** - * Autologin function - * - * @return array|null containing the user row, empty if no auto login - * should take place, or null if not impletmented. - */ - public function autologin(); - - /** - * This function is used to output any required fields in the authentication - * admin panel. It also defines any required configuration table fields. - * - * @return array|null Returns null if not implemented or an array of the - * configuration fields of the provider. - */ - public function acp(); - - /** - * This function updates the template with variables related to the acp - * options with whatever configuraton values are passed to it as an array. - * It then returns the name of the acp file related to this authentication - * provider. - * @param array $new_config Contains the new configuration values that - * have been set in acp_board. - * @return array|null Returns null if not implemented or an array with - * the template file name and an array of the vars - * that the template needs that must conform to the - * following example: - * array( - * 'TEMPLATE_FILE' => string, - * 'TEMPLATE_VARS' => array(...), - * ) - */ - public function get_acp_template($new_config); - - /** - * Performs additional actions during logout. - * - * @param array $data An array corresponding to - * phpbb_session::data - * @param boolean $new_session True for a new session, false for no new - * session. - */ - public function logout($data, $new_session); - - /** - * The session validation function checks whether the user is still logged - * into phpBB. - * - * @param array $user - * @return boolean true if the given user is authenticated, false if the - * session should be closed, or null if not implemented. - */ - public function validate_session($user); -} diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php new file mode 100644 index 0000000000..baf55c7a86 --- /dev/null +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -0,0 +1,105 @@ + status constant + * 'error_msg' => string + * 'user_row' => array + * ) + */ + public function login($username, $password); + + /** + * Autologin function + * + * @return array|null containing the user row, empty if no auto login + * should take place, or null if not impletmented. + */ + public function autologin(); + + /** + * This function is used to output any required fields in the authentication + * admin panel. It also defines any required configuration table fields. + * + * @return array|null Returns null if not implemented or an array of the + * configuration fields of the provider. + */ + public function acp(); + + /** + * This function updates the template with variables related to the acp + * options with whatever configuraton values are passed to it as an array. + * It then returns the name of the acp file related to this authentication + * provider. + * @param array $new_config Contains the new configuration values that + * have been set in acp_board. + * @return array|null Returns null if not implemented or an array with + * the template file name and an array of the vars + * that the template needs that must conform to the + * following example: + * array( + * 'TEMPLATE_FILE' => string, + * 'TEMPLATE_VARS' => array(...), + * ) + */ + public function get_acp_template($new_config); + + /** + * Performs additional actions during logout. + * + * @param array $data An array corresponding to + * phpbb_session::data + * @param boolean $new_session True for a new session, false for no new + * session. + */ + public function logout($data, $new_session); + + /** + * The session validation function checks whether the user is still logged + * into phpBB. + * + * @param array $user + * @return boolean true if the given user is authenticated, false if the + * session should be closed, or null if not implemented. + */ + public function validate_session($user); +} -- cgit v1.2.1 From da2752e4004b296ae5acdd08b7c0a758d8f61e9d Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 14 Jul 2013 13:30:52 -0400 Subject: [ticket/11700] Modify all code to use the new interface names PHPBB3-11700 --- phpBB/phpbb/auth/provider/apache.php | 8 ++++---- phpBB/phpbb/auth/provider/base.php | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 2e80436f78..a7148c634a 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -47,7 +47,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base */ public function init() { - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) { return $this->user->lang['APACHE_SETUP_BEFORE_USE']; } @@ -78,7 +78,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base ); } - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -149,7 +149,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base */ public function autologin() { - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) { return array(); } @@ -241,7 +241,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base public function validate_session($user) { // Check if PHP_AUTH_USER is set and handle this case - if ($this->request->is_set('PHP_AUTH_USER', phpbb_request_interface::SERVER)) + if ($this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) { $php_auth_user = $this->request->server('PHP_AUTH_USER'); diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 7eaf8bb2d3..626ad8478f 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -20,7 +20,7 @@ if (!defined('IN_PHPBB')) * * @package auth */ -abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface +abstract class phpbb_auth_provider_base implements phpbb_auth_provider_provider_interface { /** * {@inheritdoc} -- cgit v1.2.1 From 1a3880806a453dc4782b9823c2557dc22e9fb6af Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 13:23:09 -0400 Subject: [feature/oauth] Move OAuth to /phpBB/phpbb PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth.php | 304 ++++++++++++++++++++++++++++++++++++ 1 file changed, 304 insertions(+) create mode 100644 phpBB/phpbb/auth/provider/oauth.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth.php b/phpBB/phpbb/auth/provider/oauth.php new file mode 100644 index 0000000000..aeca2a4869 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth.php @@ -0,0 +1,304 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // Requst the name of the OAuth service + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + + // Perform authentication + } else { + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); + } + } + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + { + if ($this->services[$service_name]) + { + return $this->services[$service_name]; + } + + $current_uri = $this->get_current_uri(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() + ); + + $service_factory = new \OAuth\ServiceFactory(); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + return $this->service[$service_name]; + } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface|null A null return means do not + * request additional information. + */ + protected function get_path($service_name) + { + switch ($service_name) + { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; + default: + $path = null; + break; + } + + return $path; + } +} -- cgit v1.2.1 From 117a758f6610ccc52142ca177504442cbd4869ab Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:07:59 -0400 Subject: [feature/oauth] Move oauth to auth/provider/oauth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth.php | 304 ---------------------- phpBB/phpbb/auth/provider/oauth/oauth.php | 304 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 220 ++++++++++++++++ 3 files changed, 524 insertions(+), 304 deletions(-) delete mode 100644 phpBB/phpbb/auth/provider/oauth.php create mode 100644 phpBB/phpbb/auth/provider/oauth/oauth.php create mode 100644 phpBB/phpbb/auth/provider/oauth/token_storage.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth.php b/phpBB/phpbb/auth/provider/oauth.php deleted file mode 100644 index aeca2a4869..0000000000 --- a/phpBB/phpbb/auth/provider/oauth.php +++ /dev/null @@ -1,304 +0,0 @@ -db = $db; - $this->config = $config; - $this->request = $request; - $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - $this->services = array(); - } - - /** - * {@inheritdoc} - */ - public function login($username, $password) - { - // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); - - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } - - // Perform authentication - } else { - $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points - header('Location: ' . $url); - } - } - - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - - /** - * Returns the cached current_uri object or creates and caches it if it is - * not already created - * - * @return \OAuth\Common\Http\Uri\UriInterface - */ - protected function get_current_uri() - { - if ($this->current_uri) - { - return $this->current_uri; - } - - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - $this->current_uri = $current_uri; - return $current_uri; - } - - /** - * Returns the cached service object or creates a new one - * - * @param string $service_name The name of the service - * @param phpbb_auth_oauth_token_storage $storage - * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} - * @param array $scope The scope of the request against - * the api. - * @return \OAuth\Common\Service\ServiceInterface - */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) - { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - - $current_uri = $this->get_current_uri(); - - // Setup the credentials for the requests - $credentials = new Credentials( - $service_credentials['key'], - $service_credentials['secret'], - $current_uri->getAbsoluteUri() - ); - - $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; - } - - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php new file mode 100644 index 0000000000..aeca2a4869 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -0,0 +1,304 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // Requst the name of the OAuth service + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + + // Perform authentication + } else { + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); + } + } + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + { + if ($this->services[$service_name]) + { + return $this->services[$service_name]; + } + + $current_uri = $this->get_current_uri(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() + ); + + $service_factory = new \OAuth\ServiceFactory(); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + return $this->service[$service_name]; + } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface|null A null return means do not + * request additional information. + */ + protected function get_path($service_name) + { + switch ($service_name) + { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; + default: + $path = null; + break; + } + + return $path; + } +} diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php new file mode 100644 index 0000000000..fcc277053c --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -0,0 +1,220 @@ +db = $db; + $this->user = $user; + $this->service_name = $service_name; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + } + + /** + * {@inheritdoc} + */ + public function retrieveAccessToken() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->token; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } + + /** + * {@inheritdoc} + */ + public function storeAccessToken(TokenInterface $token) + { + $this->cachedToken = $token; + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function hasAccessToken() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * {@inheritdoc} + */ + public function clearToken() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $sql .= ' AND session_id = ' . $this->user->data['session_id']; + } + + $this->db->sql_query($sql); + } + + /** + * Updates the user_id field in the database assosciated with the token + * + * @param int $user_id + */ + public function set_user_id($user_id) + { + if (!$this->cachedToken) + { + return; + } + + $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' + SET ' . $db->sql_build_array('UPDATE', array( + 'user_id' => (int) $user_id + )) . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND session_id = ' . $this->user->data['session_id']; + $this->db->sql_query($sql); + } +} -- cgit v1.2.1 From a43a8f8c72f14b683f7db39a20c6d5fc4f154744 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:09:13 -0400 Subject: [feature/oauth] Update class name based on last commit PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index aeca2a4869..b6af9758e7 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -124,7 +124,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); if ($this->request->is_set('code', phpbb_request_interface::GET)) diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index fcc277053c..227b51efc9 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -26,7 +26,7 @@ use OAuth\Common\Storage\Exception\TokenNotFoundException; * * @package auth */ -class phpbb_auth_oauth_token_storage implements TokenStorageInterface +class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface { /** * Cache driver. -- cgit v1.2.1 From 947aa2b6b442b5e1ce06c755c3e8ebea677f63e3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 15:16:34 -0400 Subject: [feature/oauth] Create OAuth service classes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 31 ------------------- phpBB/phpbb/auth/provider/oauth/service/base.php | 32 ++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/box.php | 26 ++++++++++++++++ .../phpbb/auth/provider/oauth/service/facebook.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 26 ++++++++++++++++ .../auth/provider/oauth/service/foursqare.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/github.php | 34 +++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 35 ++++++++++++++++++++++ .../auth/provider/oauth/service/instagram.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/interface.php | 31 +++++++++++++++++++ .../phpbb/auth/provider/oauth/service/linkedin.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/microsoft.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/soundcloud.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 26 ++++++++++++++++ .../phpbb/auth/provider/oauth/service/twitter.php | 26 ++++++++++++++++ 16 files changed, 442 insertions(+), 31 deletions(-) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/base.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/bitly.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/box.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/facebook.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/fitbit.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/foursqare.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/github.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/google.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/instagram.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/interface.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/linkedin.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/microsoft.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/soundcloud.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/tumblr.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/twitter.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index b6af9758e7..75e8a54ed4 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -220,37 +220,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - /** * Returns the path desired of the service * diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php new file mode 100644 index 0000000000..98a1fa16e4 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -0,0 +1,32 @@ + Date: Sun, 14 Jul 2013 15:35:12 -0400 Subject: [feature/oauth] Last five oauth services PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 26 ++++++++++++++++++++++ .../phpbb/auth/provider/oauth/service/dropbox.php | 26 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 26 ++++++++++++++++++++++ .../auth/provider/oauth/service/vkontakte.php | 26 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 26 ++++++++++++++++++++++ 5 files changed, 130 insertions(+) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/amazon.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/dropbox.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/paypal.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/vkontakte.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/yammer.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php new file mode 100644 index 0000000000..1348bd5ebe --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -0,0 +1,26 @@ + Date: Sun, 14 Jul 2013 15:52:57 -0400 Subject: [feature/oauth] Set required scopes on more providers PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 10 +++++++++- phpBB/phpbb/auth/provider/oauth/service/paypal.php | 12 +++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index 1348bd5ebe..cea4438323 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -22,5 +22,13 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_auth_scope() + { + return array( + 'profile', + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 983b008dc3..26038d4fcb 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -22,5 +22,15 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_auth_scope() + { + return array( + 'openid', + 'profile', + 'email', + ); + } } -- cgit v1.2.1 From 6a2871692cb9b2e9027b026604e8f456f17d1b44 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 16:00:41 -0400 Subject: [feature/oauth] Get service credentials on each OAuth service PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/box.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/dropbox.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 13 +++++++++++-- phpBB/phpbb/auth/provider/oauth/service/foursqare.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/github.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/instagram.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/interface.php | 13 +++++++++++++ phpBB/phpbb/auth/provider/oauth/service/linkedin.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/microsoft.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/soundcloud.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/twitter.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/vkontakte.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/yammer.php | 11 ++++++++++- 19 files changed, 201 insertions(+), 12 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index cea4438323..740add0f3c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth 'profile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_amazon_key'], + 'secret' => $this->config['auth_oauth_amazon_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 23769b36a5..1de3183b84 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_bitly_key'], + 'secret' => $this->config['auth_oauth_bitly_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php index cfa788da4d..19e409a943 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ b/phpBB/phpbb/auth/provider/oauth/service/box.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_box_key'], + 'secret' => $this->config['auth_oauth_box_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php index 655c4305f3..3b4920bb0e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_dropbox extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_dropbox_key'], + 'secret' => $this->config['auth_oauth_dropbox_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 723c8f09f2..0652028bf8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_facebook_key'], + 'secret' => $this->config['auth_oauth_facebook_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php index a0f63a40e7..d75b971fcf 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php @@ -20,7 +20,16 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base +class phpbb_auth_provider_oauth_service_fitbit extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_fitbit_key'], + 'secret' => $this->config['auth_oauth_fitbit_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php index 9eb868b1c4..d03725bcfd 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_foursquare extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_foursquare_key'], + 'secret' => $this->config['auth_oauth_foursquare_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php index 1eddb26906..30d23b0e4f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ b/phpBB/phpbb/auth/provider/oauth/service/github.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_github extends phpbb_auth_provider_oauth 'user', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_github_key'], + 'secret' => $this->config['auth_oauth_github_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index d72c66ac5e..50cfee86e0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -32,4 +32,15 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth 'userinfo_profile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_google_key'], + 'secret' => $this->config['auth_oauth_google_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php index c40acf9507..ae30d2d0b6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ b/phpBB/phpbb/auth/provider/oauth/service/instagram.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_instagram extends phpbb_auth_provider_oa 'basic', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_instagram_key'], + 'secret' => $this->config['auth_oauth_instagram_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index c79413ee3a..80f2ee7259 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -28,4 +28,17 @@ interface phpbb_auth_provider_oauth_service_interface * @return array An array of the required scopes */ public function get_auth_scope(); + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + public function get_service_credentials(); } diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php index 118379b4ab..3231270cff 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_linkedin extends phpbb_auth_provider_oau 'r_basicprofile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_linkedin_key'], + 'secret' => $this->config['auth_oauth_linkedin_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php index 0ad2a5173b..7fb47f45fc 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_microsoft extends phpbb_auth_provider_oa 'basic', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_microsoft_key'], + 'secret' => $this->config['auth_oauth_microsoft_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 26038d4fcb..48b361921a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -33,4 +33,15 @@ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth 'email', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_paypal_key'], + 'secret' => $this->config['auth_oauth_paypal_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php index 0b5de5af20..e000c68a6f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_soundcloud extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_soundcloud_key'], + 'secret' => $this->config['auth_oauth_soundcloud_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php index be4871322c..2098cc92e1 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_tumblr extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_tumblr_key'], + 'secret' => $this->config['auth_oauth_tumblr_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php index e58b02fa41..57d07e1c15 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ b/phpBB/phpbb/auth/provider/oauth/service/twitter.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_twitter extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_twitter_key'], + 'secret' => $this->config['auth_oauth_twitter_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php index f6398a137d..6b43bf39d8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_vkontakte extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_vkontakte_key'], + 'secret' => $this->config['auth_oauth_vkontakte_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php index 4cbc153329..13c638def7 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ b/phpBB/phpbb/auth/provider/oauth/service/yammer.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_yammer extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_yammer_key'], + 'secret' => $this->config['auth_oauth_yammer_secret'], + ); + } } -- cgit v1.2.1 From a8e60c306d605815abfa0f4204e30466ecfbd539 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 16:01:41 -0400 Subject: [feature/oauth] Remove get_service_credentials() from oauth provider PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 75e8a54ed4..c4908dbf6c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -147,26 +147,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - /** * Returns the cached current_uri object or creates and caches it if it is * not already created -- cgit v1.2.1 From 247a002a144ecfc882f365ad54c63663a9b00090 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:23:40 -0400 Subject: [feature/oauth] Add constructors PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/box.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/dropbox.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/facebook.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/foursqare.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/github.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/instagram.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/linkedin.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/microsoft.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/soundcloud.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/twitter.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/vkontakte.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 17 +++++++++++++++++ 18 files changed, 306 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index 740add0f3c..fe27a6110f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 1de3183b84..6b6e08c19a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php index 19e409a943..083212ec2a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ b/phpBB/phpbb/auth/provider/oauth/service/box.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php index 3b4920bb0e..4fadcbca11 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_dropbox extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 0652028bf8..87e8749b55 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php index d75b971fcf..bf1aeac98e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_fitbit extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php index d03725bcfd..00ebd9889e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_foursquare extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php index 30d23b0e4f..91ae0c1287 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ b/phpBB/phpbb/auth/provider/oauth/service/github.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_github extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 50cfee86e0..b9b1851424 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php index ae30d2d0b6..0570f79138 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ b/phpBB/phpbb/auth/provider/oauth/service/instagram.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_instagram extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php index 3231270cff..faf26132b0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_linkedin extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php index 7fb47f45fc..d607f3392d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_microsoft extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 48b361921a..8a81c460ce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php index e000c68a6f..ac43ea5e48 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_soundcloud extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php index 2098cc92e1..9b6d2e2f5e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_tumblr extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php index 57d07e1c15..23dbdbb6c2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ b/phpBB/phpbb/auth/provider/oauth/service/twitter.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_twitter extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php index 6b43bf39d8..8a328b234f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_vkontakte extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php index 13c638def7..fe14f13077 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ b/phpBB/phpbb/auth/provider/oauth/service/yammer.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_yammer extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 0156bac3e2121cf23d0fef048233257fcb2c0d25 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:40:09 -0400 Subject: [feature/oauth] Update auth provider oauth to take in service providers PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c4908dbf6c..4db9946e50 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -67,6 +67,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $services; + /** + * All OAuth service providers + * + * @var array Contains phpbb_auth_provider_oauth_service_interface + */ + protected $service_providers; + /** * Cached current uri object * @@ -82,14 +89,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_request $request * @param phpbb_user $user * @param string $auth_provider_oauth_table + * @param phpbb_auth_provider_oauth_service_interface $service_providers */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table, phpbb_auth_provider_oauth_service_interface $service_providers) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->service_providers = $service_providers; $this->services = array(); } -- cgit v1.2.1 From 6e1c522bdd0e3c67786656a866219c57b7b1e4dc Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 14:57:00 -0400 Subject: [feature/oauth] Update oauth to reflect recent changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4db9946e50..3ef6d8c934 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -109,7 +109,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') + $service_name = strtolower($service_name); + if ($service_name === '' && isset($this->services[$service_name])) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -120,18 +121,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } + $service_credentials = $this->services[$service_name]->get_credentials($service_name); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); -- cgit v1.2.1 From 8641127da5dd71d4f8fc7acc6ca0b2a34a4ede56 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:06:54 -0400 Subject: [feature/oauth] Correct function call PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3ef6d8c934..9ee689172c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -121,10 +121,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->services[$service_name]->get_credentials($service_name); + $service_credentials = $this->services[$service_name]->get_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { -- cgit v1.2.1 From 47b998ae486ebe9c0f9df5be4e3d836b31f2c7a3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:21:20 -0400 Subject: [feature/oauth] Define method to perform login actions for a provider PHPB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++--------- phpBB/phpbb/auth/provider/oauth/service/base.php | 23 ++++++++++++++++++++++ .../auth/provider/oauth/service/interface.php | 14 +++++++++++++ 3 files changed, 39 insertions(+), 9 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9ee689172c..fc6fce3db0 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -128,15 +128,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if ($this->request->is_set('code', phpbb_request_interface::GET)) { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } + $this->services[$service_name]->set_external_service_provider($service); + $result = $this->services[$service_name]->perform_auth_login(); // Perform authentication } else { diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index 98a1fa16e4..d59199f987 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -22,6 +22,21 @@ if (!defined('IN_PHPBB')) */ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_provider_oauth_service_interface { + /** + * External OAuth service provider + * + * @var \OAuth\Common\Service\ServiceInterface + */ + protected $service_provider; + + /** + * {@inheritdoc} + */ + public function get_external_service_provider() + { + return $this->service_provider; + } + /** * {@inheritdoc} */ @@ -29,4 +44,12 @@ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_prov { return array(); } + + /** + * {@inheritdoc} + */ + public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider) + { + $this->service_provider = $service; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 80f2ee7259..5893bc1740 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -29,6 +29,13 @@ interface phpbb_auth_provider_oauth_service_interface */ public function get_auth_scope(); + /** + * Returns the external library service provider once it has been set + * + * @param \OAuth\Common\Service\ServiceInterface|null + */ + public function get_external_service_provider(); + /** * Returns an array containing the service credentials belonging to requested * service. @@ -41,4 +48,11 @@ interface phpbb_auth_provider_oauth_service_interface * ) */ public function get_service_credentials(); + + /** + * Sets the external library service provider + * + * @param \OAuth\Common\Service\ServiceInterface $service + */ + public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); } -- cgit v1.2.1 From e9bf2bf09a2b1fcee0d206b691a739600fee49e0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:28:13 -0400 Subject: [feature/oauth] Update interface appropriately PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/interface.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 5893bc1740..4d06606f49 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -49,6 +49,13 @@ interface phpbb_auth_provider_oauth_service_interface */ public function get_service_credentials(); + /** + * Returns the results of the authentication in json format + * + * @return type The results of the authentication action in json format. + */ + public function perform_auth_login(); + /** * Sets the external library service provider * -- cgit v1.2.1 From 469879716d86757c2e583bc746bebaa39cd630ef Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 11:51:10 -0400 Subject: [feature/oauth] Bitly authentication method, no user_id association PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 31 ++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 6b6e08c19a..cbfad3d852 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** @@ -49,4 +58,24 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ 'secret' => $this->config['auth_oauth_bitly_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('user/info'), true ); + + // Get the user id + } } -- cgit v1.2.1 From fe9428b7250fce4cee0d601591e3fac117911d2e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:12:14 -0400 Subject: [feature/oauth] Create means to associate phpBB account with external PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 3 ++- phpBB/phpbb/auth/provider/oauth/service/interface.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index cbfad3d852..b6b99c0850 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -76,6 +76,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ // Send a request with it $result = json_decode( $this->service_provider->request('user/info'), true ); - // Get the user id + // Return the unique identifier returned from bitly + return $result['data']['login']; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 4d06606f49..a69148695d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -52,7 +52,8 @@ interface phpbb_auth_provider_oauth_service_interface /** * Returns the results of the authentication in json format * - * @return type The results of the authentication action in json format. + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. */ public function perform_auth_login(); -- cgit v1.2.1 From 662b8fdcec2ce6127bd97fbaf3e15db8d4de2170 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:21:28 -0400 Subject: [feature/oauth] Remove OAuth providers to make PR smaller PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 62 --------------------- phpBB/phpbb/auth/provider/oauth/service/box.php | 52 ------------------ .../phpbb/auth/provider/oauth/service/dropbox.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 52 ------------------ .../auth/provider/oauth/service/foursqare.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/github.php | 62 --------------------- .../auth/provider/oauth/service/instagram.php | 62 --------------------- .../phpbb/auth/provider/oauth/service/linkedin.php | 62 --------------------- .../auth/provider/oauth/service/microsoft.php | 62 --------------------- phpBB/phpbb/auth/provider/oauth/service/paypal.php | 64 ---------------------- .../auth/provider/oauth/service/soundcloud.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 52 ------------------ .../phpbb/auth/provider/oauth/service/twitter.php | 52 ------------------ .../auth/provider/oauth/service/vkontakte.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 52 ------------------ 15 files changed, 842 deletions(-) delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/amazon.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/box.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/dropbox.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/fitbit.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/foursqare.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/github.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/instagram.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/linkedin.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/microsoft.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/paypal.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/soundcloud.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/tumblr.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/twitter.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/vkontakte.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/yammer.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php deleted file mode 100644 index fe27a6110f..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'profile', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_amazon_key'], - 'secret' => $this->config['auth_oauth_amazon_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php deleted file mode 100644 index 083212ec2a..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_box_key'], - 'secret' => $this->config['auth_oauth_box_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php deleted file mode 100644 index 4fadcbca11..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_dropbox_key'], - 'secret' => $this->config['auth_oauth_dropbox_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php deleted file mode 100644 index bf1aeac98e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_fitbit_key'], - 'secret' => $this->config['auth_oauth_fitbit_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php deleted file mode 100644 index 00ebd9889e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_foursquare_key'], - 'secret' => $this->config['auth_oauth_foursquare_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php deleted file mode 100644 index 91ae0c1287..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'user', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_github_key'], - 'secret' => $this->config['auth_oauth_github_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php deleted file mode 100644 index 0570f79138..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'basic', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_instagram_key'], - 'secret' => $this->config['auth_oauth_instagram_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php deleted file mode 100644 index faf26132b0..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'r_basicprofile', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_linkedin_key'], - 'secret' => $this->config['auth_oauth_linkedin_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php deleted file mode 100644 index d607f3392d..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'basic', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_microsoft_key'], - 'secret' => $this->config['auth_oauth_microsoft_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php deleted file mode 100644 index 8a81c460ce..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ /dev/null @@ -1,64 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'openid', - 'profile', - 'email', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_paypal_key'], - 'secret' => $this->config['auth_oauth_paypal_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php deleted file mode 100644 index ac43ea5e48..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_soundcloud_key'], - 'secret' => $this->config['auth_oauth_soundcloud_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php deleted file mode 100644 index 9b6d2e2f5e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_tumblr_key'], - 'secret' => $this->config['auth_oauth_tumblr_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php deleted file mode 100644 index 23dbdbb6c2..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_twitter_key'], - 'secret' => $this->config['auth_oauth_twitter_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php deleted file mode 100644 index 8a328b234f..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_vkontakte_key'], - 'secret' => $this->config['auth_oauth_vkontakte_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php deleted file mode 100644 index fe14f13077..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_yammer_key'], - 'secret' => $this->config['auth_oauth_yammer_secret'], - ); - } -} -- cgit v1.2.1 From 2faaa7f63cd45244cd536b507325e65c5f085b39 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:50:42 -0400 Subject: [feature/oauth] Update service files + check for existing links PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 32 ++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index fc6fce3db0..afaae8a8ea 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -58,7 +58,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * * @var string */ - protected $auth_provider_oauth_table; + protected $auth_provider_oauth_token_storage_table; + + /** + * OAuth account association table + * + * @var string + */ + protected $auth_provider_oauth_token_account_assoc; /** * Cached services once they has been created @@ -88,16 +95,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_config $config * @param phpbb_request $request * @param phpbb_user $user - * @param string $auth_provider_oauth_table + * @param string $auth_provider_oauth_token_storage_table + * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_auth_provider_oauth_service_interface $service_providers */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table, phpbb_auth_provider_oauth_service_interface $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_auth_provider_oauth_service_interface $service_providers) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; + $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->services = array(); } @@ -123,15 +132,24 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->services[$service_name]->get_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { $this->services[$service_name]->set_external_service_provider($service); - $result = $this->services[$service_name]->perform_auth_login(); + $unique_id = $this->services[$service_name]->perform_auth_login(); - // Perform authentication + // Check to see if this provider is already assosciated with an account + $data = array( + 'oauth_provider' => $service_name, + 'oauth_provider_id' => $unique_id + ); + $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points -- cgit v1.2.1 From 36f7913cc06aa299fa93ce83e4084993d31f1368 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 15:31:13 -0400 Subject: [feature/oauth] Finish authenticating user code PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index afaae8a8ea..921ce830d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -150,6 +150,33 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); + + if (!$row) + { + // Account not tied to any existing account + // TODO: determine action that should occur + } + + // Retrieve the user's account + $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + FROM ' . USERS_TABLE . " + WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: Update exception type and change it to language constant + throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); + } + + // The user is now authenticated and can be logged in + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points -- cgit v1.2.1 From 2eb47d00e078cf7b0dd3a12e2557a33ca89d297a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 15:33:14 -0400 Subject: [feature/oauth] Remove unused method PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 51 ------------------------------- 1 file changed, 51 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 921ce830d9..2ad204c472 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -236,55 +236,4 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } } -- cgit v1.2.1 From 772a977afcd4919c9d8bfcc8e402f4af4d3aefbf Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 16:03:29 -0400 Subject: [feature/oauth] Facebook support PHPBB3-11673 --- .../phpbb/auth/provider/oauth/service/facebook.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 87e8749b55..fcf41755b7 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -49,4 +49,25 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau 'secret' => $this->config['auth_oauth_facebook_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('/me'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From a673eb8cbc8c464e550a5528f932e07a079f1fac Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 16:04:44 -0400 Subject: [feature/oauth] Google support PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/google.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index b9b1851424..70bad77697 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -60,4 +60,25 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth 'secret' => $this->config['auth_oauth_google_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From 0f292f70c78b5c2e7e19ba02bb484d14b2a94c9d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 20:05:13 -0400 Subject: [feature/oauth] Fix fatal error PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2ad204c472..c10ac3e9da 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -77,7 +77,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * All OAuth service providers * - * @var array Contains phpbb_auth_provider_oauth_service_interface + * @var phpbb_di_service_collection Contains phpbb_auth_provider_oauth_service_interface */ protected $service_providers; @@ -97,9 +97,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_user $user * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc - * @param phpbb_auth_provider_oauth_service_interface $service_providers + * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_auth_provider_oauth_service_interface $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers) { $this->db = $db; $this->config = $config; -- cgit v1.2.1 From b67032fb028b096b33c72fe7aabec55056243755 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 20:49:25 -0400 Subject: [feature/oauth] Temporary workaround for only allowing one auth provider PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c10ac3e9da..6f2fc52cfa 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -116,6 +116,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { + // Temporary workaround for only having one authentication provider available + if ($username && $password) + { + // TODO: Remove before merging + global $phpbb_root_path, $phpEx; + $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); + return $provider->login($username, $password); + } + // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); $service_name = strtolower($service_name); -- cgit v1.2.1 From f852485513ee4e032cf9c25acb2d72980f783c24 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 21:02:00 -0400 Subject: [feature/oauth] Fix a bunch of errors in oauth.php PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6f2fc52cfa..9be404dade 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -128,7 +128,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); $service_name = strtolower($service_name); - if ($service_name === '' && isset($this->services[$service_name])) + if ($service_name === '' || !array_key_exists($service_name, $this->service_providers)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -139,15 +139,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->services[$service_name]->get_credentials(); + $service_credentials = $this->service_providers[$service_name]->get_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { - $this->services[$service_name]->set_external_service_provider($service); - $unique_id = $this->services[$service_name]->perform_auth_login(); + $this->service_providers[$service_name]->set_external_service_provider($service); + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); // Check to see if this provider is already assosciated with an account $data = array( -- cgit v1.2.1 From 4c48da0597c148c58925cdedbd4e79fb63eaf76a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 21:03:57 -0400 Subject: [feature/oauth] Clean up unneeded complexity PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9be404dade..20c82e63d7 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -67,13 +67,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $auth_provider_oauth_token_account_assoc; - /** - * Cached services once they has been created - * - * @var array Contains \OAuth\Common\Service\ServiceInterface or null - */ - protected $services; - /** * All OAuth service providers * @@ -108,7 +101,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; - $this->services = array(); } /** @@ -226,11 +218,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - $current_uri = $this->get_current_uri(); // Setup the credentials for the requests @@ -241,8 +228,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; + return $service_factory->createService($service_name, $credentials, $storage, $scopes); } } -- cgit v1.2.1 From d804842cef945dbc7ec2c6c1d145587c62f06f65 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 15:58:32 -0400 Subject: [feature/oauth] Fall back to DB login if OAuth is enabled but not requested PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 20c82e63d7..7f3de0f4d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -109,7 +109,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Temporary workaround for only having one authentication provider available - if ($username && $password) + if (!$this->request->is_set_post('oauth_service')) { // TODO: Remove before merging global $phpbb_root_path, $phpEx; -- cgit v1.2.1 From cd49cfacfb0faddce8343837b69eb919b8652352 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 16:23:13 -0400 Subject: [feature/oauth] Initial step in creating OAuth login support PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 7f3de0f4d9..eeb4b23be4 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -230,4 +230,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_factory = new \OAuth\ServiceFactory(); return $service_factory->createService($service_name, $credentials, $storage, $scopes); } + + /** + * Returns an array of login data for all enabled OAuth services. + * + * @return array + */ + public function get_login_data() + { + return array(); + } } -- cgit v1.2.1 From 0be81468e7f61b8c2fc1c9729ff5d217c7424026 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 16:35:18 -0400 Subject: [feature/oauth] Possible way of getting the login data to login_box() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index eeb4b23be4..e43579a740 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -238,6 +238,22 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_login_data() { - return array(); + $login_data = array(); + + foreach ($this->service_providers as $service_name => $service_provider) + { + // Only include data if the credentials are set + $credentials = $service_provider->get_service_credentials(); + if ($credentials['key'] && $credentials['secret']) + { + $login_data[$service_provider] = array(); + + // Build the redirect url for the box + $redirect_url = build_url(false) . '&oauth_service=' . $service_name; + $login_data[$service_provider]['url'] = redirect($redirect_url, true); + } + } + + return $login_data; } } -- cgit v1.2.1 From 93cbdc37b51edf14cb2dbebb1ccb71a612f7fd94 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:06:01 -0400 Subject: [feature/oauth] ACP options for OAuth, needs some work PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index e43579a740..31450a573f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -256,4 +256,26 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $login_data; } + + /** + * {@inheritdoc} + */ + public function get_acp_template($new_config) + { + $ret = array( + 'BLOCK_VAR_NAME' => 'oauth_services', + 'TEMPLATE_FILE' => 'auth_provider_oauth.html', + 'TEMPLATE_VARS' => array(), + ); + + foreach ($this->service_providers as $service_name => $service_provider) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $ret['TEMPLATE_VARS'][$actual_name] = array(); + $ret['TEMPLATE_VARS'][$actual_name]['NAME'] = $actual_name; + $ret['TEMPLATE_VARS'][$actual_name]['ACTUAL_NAME'] = 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name); + } + + return $ret; + } } -- cgit v1.2.1 From 32678f63ed04a8770720da4d94d01648dc595e82 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:13:51 -0400 Subject: [feature/oauth] Finish the template so it "works" PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 31450a573f..6ad0293e8e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -271,9 +271,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base foreach ($this->service_providers as $service_name => $service_provider) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $ret['TEMPLATE_VARS'][$actual_name] = array(); - $ret['TEMPLATE_VARS'][$actual_name]['NAME'] = $actual_name; - $ret['TEMPLATE_VARS'][$actual_name]['ACTUAL_NAME'] = 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name); + $ret['TEMPLATE_VARS'][$actual_name] = array( + 'ACTUAL_NAME' => 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name), + 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], + 'NAME' => $actual_name, + 'SECRET' => $new_config['auth_oauth_' . $actual_name . '_secret'], + ); } return $ret; -- cgit v1.2.1 From 2fc4be1a31e44f30ea96914bf657e4e7b2236760 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:24:31 -0400 Subject: [feature/oauth] Fix language bug with new ACP OAuth template PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6ad0293e8e..a94e6041d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -272,7 +272,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); $ret['TEMPLATE_VARS'][$actual_name] = array( - 'ACTUAL_NAME' => 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name), + 'ACTUAL_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], 'NAME' => $actual_name, 'SECRET' => $new_config['auth_oauth_' . $actual_name . '_secret'], -- cgit v1.2.1 From 0857d14030177271bd346f188ced38e9d6da47ff Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:41:21 -0400 Subject: [feature/oauth] Update auth provider interface docs for block vars in ACP PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 3 ++- 2 files changed, 20 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 47043bc107..f4344c1dc7 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -80,6 +80,24 @@ interface phpbb_auth_provider_interface * 'TEMPLATE_FILE' => string, * 'TEMPLATE_VARS' => array(...), * ) + * An optional third element may be added to this + * array: 'BLOCK_VAR_NAME'. If this is present, + * then it's value should be a string that is used + * to designate the name of the loop used in the + * ACP template file. In addition to this, an + * additional key named 'BLOCK_VARS' is required. + * This must be an array containing at least one + * array of variables that will be assigned during + * the loop in the template. An example of this is + * presented below: + * array( + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array( + * 'KEY IS UNIMPORTANT' => array(...), + * ), + * 'TEMPLATE_FILE' => string, + * 'TEMPLATE_VARS' => array(...), + * ) */ public function get_acp_template($new_config); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a94e6041d9..133d9f11ef 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -264,6 +264,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $ret = array( 'BLOCK_VAR_NAME' => 'oauth_services', + 'BLOCK_VARS' => array(), 'TEMPLATE_FILE' => 'auth_provider_oauth.html', 'TEMPLATE_VARS' => array(), ); @@ -271,7 +272,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base foreach ($this->service_providers as $service_name => $service_provider) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $ret['TEMPLATE_VARS'][$actual_name] = array( + $ret['BLOCK_VARS'][$actual_name] = array( 'ACTUAL_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], 'NAME' => $actual_name, -- cgit v1.2.1 From 77c32645437c77e99f36f6595e1a42cd0f7b7235 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:52:32 -0400 Subject: [feature/oauth] OAuth acp() method to return config field names PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 133d9f11ef..978c84cd6d 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -257,6 +257,23 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $login_data; } + /** + * {@inheritdoc} + */ + public function acp() + { + $ret = array(); + + foreach ($this->service_providers as $service_name => $service_provider) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $ret[] = 'auth_oauth_' . $actual_name . '_key'; + $ret[] = 'auth_oauth_' . $actual_name . '_secret'; + } + + return $ret; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 9805927fac30d9c5d99f5f5f8d7207c9a6064724 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 15:26:33 -0400 Subject: [feature/oauth] OAuth init method to minimally validate entered data PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 978c84cd6d..a2d5c3fcd5 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -103,6 +103,24 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->service_providers = $service_providers; } + /** + * {@inheritdoc} + */ + public function init() + { + // This does not test whether or not the key and secret provided are valid. + foreach ($this->service_providers as $service_provider) + { + $credentials = $service_provider->get_service_credentials(); + + if (($credentials['key'] && !$credentials['secret']) || (!$credentials['key'] && $credentials['secret'])) + { + return $this->user->lang['AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING']; + } + } + return false; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From c26b68cc54b19d91affae6f4dbab67a33939ca23 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 19:27:55 -0400 Subject: [feature/oauth] Update error message with actual error PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a2d5c3fcd5..c01b23c70e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -142,8 +142,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'error_msg' => 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST', 'user_row' => array('user_id' => ANONYMOUS), ); } -- cgit v1.2.1 From b1938576f15a43c8bf2967ab38f4484a07cc0344 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:04:29 -0400 Subject: [feature/oauth] Fix outstanding issues with OAuth Includes a temporary change that allows me to test against google. This will be removed shortly. PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c01b23c70e..3ffdcd4b00 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -127,7 +127,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Temporary workaround for only having one authentication provider available - if (!$this->request->is_set_post('oauth_service')) + if (!$this->request->is_set('oauth_service')) { // TODO: Remove before merging global $phpbb_root_path, $phpEx; @@ -136,9 +136,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - $service_name = strtolower($service_name); - if ($service_name === '' || !array_key_exists($service_name, $this->service_providers)) + $service_name_original = $this->request->variable('oauth_service', '', false); + $service_name = 'auth.provider.oauth.service.' . strtolower($service_name_original); + if ($service_name_original === '' || !array_key_exists($service_name, $this->service_providers)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -148,10 +148,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->service_providers[$service_name]->get_credentials(); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); + $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { @@ -217,7 +217,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); + $current_uri->setQuery('?mode=login&login=external&oauth_service=google'); $this->current_uri = $current_uri; return $current_uri; @@ -233,7 +233,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { $current_uri = $this->get_current_uri(); @@ -245,7 +245,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - return $service_factory->createService($service_name, $credentials, $storage, $scopes); + $service = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + if (!$service) + { + // Update to an actual error message + throw new Exception('Service not created: ' . $service_name); + } + + return $service; } /** -- cgit v1.2.1 From c166801fe3f7a76484eee870aac19294d192c84c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:07:04 -0400 Subject: [feature/oauth] Remove temporary google testing code PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3ffdcd4b00..c6f7dc223e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -206,9 +206,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the cached current_uri object or creates and caches it if it is * not already created * + * @param string $service_name The name of the service * @return \OAuth\Common\Http\Uri\UriInterface */ - protected function get_current_uri() + protected function get_current_uri($service_name) { if ($this->current_uri) { @@ -217,7 +218,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery('?mode=login&login=external&oauth_service=google'); + $current_uri->setQuery('mode=login&login=external&oauth_service=' . $service_name); $this->current_uri = $current_uri; return $current_uri; @@ -235,7 +236,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { - $current_uri = $this->get_current_uri(); + $current_uri = $this->get_current_uri($service_name); // Setup the credentials for the requests $credentials = new Credentials( -- cgit v1.2.1 From fe9c97cfb45be2943eebb8ed5cbab51150e828ee Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:16:19 -0400 Subject: [feature/oauth] Fix errors in OAuth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/base.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/google.php | 11 ++++++++++- 3 files changed, 21 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index d59199f987..ccfe57c8e2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -50,6 +50,6 @@ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_prov */ public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider) { - $this->service_provider = $service; + $this->service_provider = $service_provider; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index fcf41755b7..4758ae11f8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 70bad77697..3e5735b97c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** -- cgit v1.2.1 From 8d568dae7116ac05eda593835d99e6e6f22dc9f7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:22:52 -0400 Subject: [feature/oauth] Fix SQL error in token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 227b51efc9..385fa58f25 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -141,7 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('INSERT', $data); + ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); } -- cgit v1.2.1 From b1c62793c61715b6f5cbfb96b9b02c1bafd76cf7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:19:48 -0400 Subject: [feature/oauth] Fix token storage after sql changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 385fa58f25..8b6a3de327 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -88,7 +88,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -131,7 +131,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, 'oauth_token' => serialize($token), ); @@ -156,7 +156,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + AND provider = ' . $this->db->sql_escape($this->oauth_provider); if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From dc050e7ece74979b093d5249e4283e3959172b43 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:20:26 -0400 Subject: [feature/oauth] Fix OAuth after schema changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c6f7dc223e..2a5e70939c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -160,7 +160,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Check to see if this provider is already assosciated with an account $data = array( - 'oauth_provider' => $service_name, + 'provider' => $service_name, 'oauth_provider_id' => $unique_id ); $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' -- cgit v1.2.1 From 5fa08b92a29d7349c089eab33b4c38513ef964fd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:32:59 -0400 Subject: [feature/oauth] Fix typo in token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 8b6a3de327..42142b4fbe 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -83,7 +83,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface public function retrieveAccessToken() { if( $this->cachedToken instanceOf TokenInterface ) { - return $this->token; + return $this->cachedToken; } $data = array( -- cgit v1.2.1 From 38d4eb073e1915f60cb4c9912d7567cf032e0776 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:35:34 -0400 Subject: [feature/oauth] Fix last typo. Authentication works for accounts in db PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2a5e70939c..39657011c2 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -163,7 +163,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'provider' => $service_name, 'oauth_provider_id' => $unique_id ); - $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' + $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); -- cgit v1.2.1 From ffb14a69887e0410c5093f23142bbc3375552620 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:36:08 -0400 Subject: [feature/oauth] Fix OAuth login PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 39657011c2..6e822101e3 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -160,7 +160,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Check to see if this provider is already assosciated with an account $data = array( - 'provider' => $service_name, + 'provider' => $service_name_original, 'oauth_provider_id' => $unique_id ); $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . ' -- cgit v1.2.1 From 58d5820069a5889ae2f09319ae4f972c8b8f87a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:39:48 -0400 Subject: [feature/oauth] Basic login functionality now working These changes are currently unique to OAuth and need to be made generic so that any auth provider can modify the login template. PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6e822101e3..0762e202db 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -272,11 +272,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $credentials = $service_provider->get_service_credentials(); if ($credentials['key'] && $credentials['secret']) { - $login_data[$service_provider] = array(); - - // Build the redirect url for the box - $redirect_url = build_url(false) . '&oauth_service=' . $service_name; - $login_data[$service_provider]['url'] = redirect($redirect_url, true); + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; + $login_data[$service_name] = array( + 'REDIRECT_URL' => redirect($redirect_url, true), + 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], + ); } } -- cgit v1.2.1 From 669586c134641b29a95faa43090df124b59d4e14 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 12:55:43 -0400 Subject: [feature/oauth] Token must be updated with the user_id PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0762e202db..90ce1f8f5a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -171,8 +171,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // Account not tied to any existing account - // TODO: determine action that should occur + // The user does not yet exist, ask if they wish to register the account + throw new Exception($unique_id); } // Retrieve the user's account @@ -189,6 +189,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); } + // Update token storage to store the user_id + $storage->set_user_id($row['user_id']); + // The user is now authenticated and can be logged in return array( 'status' => LOGIN_SUCCESS, -- cgit v1.2.1 From 581cb37b8c7ae4f1902cfd6114a34ce1510139a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 13:46:33 -0400 Subject: [feature/oauth] Start linking/registering OAuth accounts during login PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 5 +++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 10 +++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index f4344c1dc7..9cee63abeb 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -45,6 +45,11 @@ interface phpbb_auth_provider_interface * 'error_msg' => string * 'user_row' => array * ) + * A fourth key of the array may be present 'redirect_data' + * This key is only used when 'status' is equal to + * LOGIN_SUCCESS_LINK_PROFILE and it's value is an + * associative array that is turned into GET variables on + * the redirect url. */ public function login($username, $password); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 90ce1f8f5a..5fc940fade 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -172,7 +172,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { // The user does not yet exist, ask if they wish to register the account - throw new Exception($unique_id); + return array( + 'status' => LOGIN_SUCCESS_LINK_PROFILE, + 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', + 'user_row' => array(), + 'redirect_data' => array( + 'auth_provider' => 'oauth', + 'oauth_service' => $service_name_original, + ), + ); } // Retrieve the user's account -- cgit v1.2.1 From 5843294813fc654a37e13e9da357e7515a41968a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 14:05:39 -0400 Subject: [feature/oauth] Update comment to better reflect the action PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 5fc940fade..a8b55fc532 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -171,7 +171,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // The user does not yet exist, ask if they wish to register the account + // The user does not yet exist, ask to link or create profile return array( 'status' => LOGIN_SUCCESS_LINK_PROFILE, 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', -- cgit v1.2.1 From 15a2ad3149f8ef00630b9480b3854643b4e38e92 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 15:06:38 -0400 Subject: [feature/oauth] Fix error in token_storage::set_user_id() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 42142b4fbe..ec54c07fea 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -191,7 +191,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if ($this->user->data['user_id'] == ANONYMOUS) { - $sql .= ' AND session_id = ' . $this->user->data['session_id']; + $sql .= ' AND session_id = \'' . $this->user->data['session_id'] . '\''; } $this->db->sql_query($sql); @@ -210,11 +210,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' - SET ' . $db->sql_build_array('UPDATE', array( + SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = ' . $this->user->data['session_id']; + AND session_id = \'' . $this->user->data['session_id'] . '\''; $this->db->sql_query($sql); } } -- cgit v1.2.1 From f8dbaa148dccb105133b5a91d58686d79f020afe Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 16:02:33 -0400 Subject: [feature/oauth] Fixes for problems found by tests PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index ec54c07fea..de99f9bd31 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, ); @@ -130,9 +130,9 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; $data = array( - 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, - 'oauth_token' => serialize($token), + 'user_id' => $this->user->data['user_id'], + 'provider' => $this->service_name, + 'oauth_token' => serialize($token), ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -155,7 +155,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, ); @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = ' . $this->db->sql_escape($this->oauth_provider); + AND provider = \'' . $this->db->sql_escape($this->oauth_provider) . '\''; if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From 7c065bc9a2b0af8f6ea1d99260cdb6498e0c1f7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 16:06:19 -0400 Subject: [feature/oauth] Finish fixes from tests and tests for token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index de99f9bd31..e1cf579370 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = \'' . $this->db->sql_escape($this->oauth_provider) . '\''; + AND provider = \'' . $this->db->sql_escape($this->service_name) . '\''; if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From c09bda10fcf3fc7b84908bc15d86eca86b71f232 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:10:56 -0400 Subject: [feature/oauth] Properly check that all data needed is available PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a8b55fc532..eaa111d194 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -337,4 +337,22 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $ret; } + + /** + * {@inheritdoc} + */ + public function login_link_has_necessary_data($login_link_data) + { + if (empty($login_link_data)) + { + return 'LOGIN_LINK_NO_DATA_PROVIDED'; + } + + if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + + return null; + } } -- cgit v1.2.1 From 9eb4d55e8215d93256ae4ea241d40efa1d5b5854 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 14:27:12 -0400 Subject: [feature/oauth] Start work on linking an oauth account Updates token storage to allow retrieval only by session_id PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 36 +++++++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 123 +++++++++++++++++----- 2 files changed, 130 insertions(+), 29 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index eaa111d194..0bcbcda74e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -355,4 +355,40 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return null; } + + /** + * {@inheritdoc} + */ + public function link_account(array $link_data) + { + // We must have an oauth_service listed, check for it two ways + if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) + { + if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service')) + { + $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); + } + + if (!$link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + } + + $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); + if (!array_key_exists($service_name, $this->service_providers)) + { + return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST'; + } + + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + + // Check for an access token, they should have one + if (!$storage->has_access_token_by_sesion()) + { + return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; + } + + $token = $storage->retrieve_access_token_by_session(); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index e1cf579370..af85f5598f 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -96,30 +96,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; + return $this->_retrieve_access_token($data); } /** @@ -164,11 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->_has_acess_token($data); if (!$row) { @@ -217,4 +190,96 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface AND session_id = \'' . $this->user->data['session_id'] . '\''; $this->db->sql_query($sql); } + + /** + * Checks to see if an access token exists solely by the session_id of the user + * + * @return bool true if they have token, false if they don't + */ + public function has_access_token_by_session() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + $row = $this->_has_acess_token($data); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * A helper function that performs the query for has access token functions + * + * @param array $data + * @return mixed + */ + protected function _has_acess_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } + + public function retrieve_access_token_by_session() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->cachedToken; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + return $this->_retrieve_access_token($data); + } + + /** + * A helper function that performs the query for retrieve access token functions + * Also checks if the token is a valid token + * + * @param array $data + * @return mixed + */ + protected function _retrieve_access_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } } -- cgit v1.2.1 From 641433920e43478a021743557f69382292f60f68 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 15:07:24 -0400 Subject: [feature/oauth] Worked in at least one test PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0bcbcda74e..56655fdfd9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -177,8 +177,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', 'user_row' => array(), 'redirect_data' => array( - 'auth_provider' => 'oauth', - 'oauth_service' => $service_name_original, + 'auth_provider' => 'oauth', + 'login_link_oauth_service' => $service_name_original, ), ); } @@ -384,11 +384,30 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one - if (!$storage->has_access_token_by_sesion()) + if (!$storage->has_access_token_by_session()) { return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } - $token = $storage->retrieve_access_token_by_session(); + // Prepare for an authentication request + $this->get_current_uri(strtolower($link_data['oauth_service'])); + $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); + $scopes = $this->service_providers[$service_name]->get_auth_scope(); + $service = $this->get_service($service_name, $storage, $service_credentials, $scopes); + $this->service_providers[$service_name]->set_external_service_provider($service); + + // The user has already authenticated successfully, request to authenticate again + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + + // Insert into table, they will be able to log in after this + $data = array( + 'user_id' => $this->user->data['user_id'], + 'provider' => strtolower($link_data['oauth_service']), + 'oauth_provider_id' => $unique_id, + ); + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' + ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); } } -- cgit v1.2.1 From 3d55e5faa91f0161bc020720a81b50171b30f49d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:03:54 -0400 Subject: [feature/oauth] Works in all tests now PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/service/google.php | 20 +++++++++++++++++++- 2 files changed, 22 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 56655fdfd9..6526667794 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -394,15 +394,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service($service_name, $storage, $service_credentials, $scopes); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes); $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again - $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + $unique_id = $this->service_providers[$service_name]->perform_auth_link(); // Insert into table, they will be able to log in after this $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $link_data['user_id'], 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 3e5735b97c..c5de1e01d2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -81,7 +81,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth throw new Exception('Invalid service provider type'); } - // This was a callback request from bitly, get the token + // This was a callback request, get the token $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); // Send a request with it @@ -90,4 +90,22 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Return the unique identifier returned from bitly return $result['id']; } + + /** + * {@inheritdoc} + */ + public function perform_auth_link() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From d21ab4f629342d9f1bb46f489f166c9016ebe72b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:07:11 -0400 Subject: [feature/oauth] Update the OAuth service interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/facebook.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/interface.php | 9 +++++++++ 5 files changed, 47 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6526667794..4266a8de0d 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -398,7 +398,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again - $unique_id = $this->service_providers[$service_name]->perform_auth_link(); + $unique_id = $this->service_providers[$service_name]->perform_token_auth(); // Insert into table, they will be able to log in after this $data = array( diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index b6b99c0850..9b8e7ebb03 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -79,4 +79,22 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ // Return the unique identifier returned from bitly return $result['data']['login']; } + + /** + * {@inheritdoc} + */ + public function perform_token_auth() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('user/info'), true ); + + // Return the unique identifier returned from bitly + return $result['data']['login']; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 4758ae11f8..16919081cc 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -79,4 +79,22 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau // Return the unique identifier returned from bitly return $result['id']; } + + /** + * {@inheritdoc} + */ + public function perform_token_auth() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('/me'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index c5de1e01d2..b49a833cce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -94,7 +94,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth /** * {@inheritdoc} */ - public function perform_auth_link() + public function perform_token_auth() { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index a69148695d..0d6ae7417f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -57,6 +57,15 @@ interface phpbb_auth_provider_oauth_service_interface */ public function perform_auth_login(); + /** + * Returns the results of the authentication in json format + * Use this function when the user already has an access token + * + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. + */ + public function perform_token_auth(); + /** * Sets the external library service provider * -- cgit v1.2.1 From e91b73e62d32a031625651133a51e9310cfcadbf Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:12:36 -0400 Subject: [feature/oauth] Update the auth interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 16 ++++++++++++++++ phpBB/phpbb/auth/provider/interface.php | 20 ++++++++++++++++++++ 2 files changed, 36 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 7eaf8bb2d3..ca1c635b15 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -69,4 +69,20 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface { return; } + + /** + * {@inheritdoc} + */ + public function login_link_has_necessary_data($login_link_data) + { + return; + } + + /** + * {@inheritdoc} + */ + public function link_account(array $link_data) + { + return; + } } diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 9cee63abeb..a2d57a6917 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -125,4 +125,24 @@ interface phpbb_auth_provider_interface * session should be closed, or null if not implemented. */ public function validate_session($user); + + /** + * Checks to see if $login_link_data contains all information except for the + * user_id of an account needed to successfully link an external account to + * a forum account. + * + * @param array $link_data Any data needed to link a phpBB account to + * an external account. + * @return string|null Returns a string with a language constant if there + * is data missing or null if there is no error. + */ + public function login_link_has_necessary_data($login_link_data); + + /** + * Links an external account to a phpBB account. + * + * @param array $link_data Any data needed to link a phpBB account to + * an external account. + */ + public function link_account(array $link_data); } -- cgit v1.2.1 From e53ebb1b68494690749472378de1044d31645f17 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:28:12 -0400 Subject: [feature/oauth] Update user_id on the access token PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4266a8de0d..cfeee94439 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -409,5 +409,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); + + // Update token storage to store the user_id + $storage->set_user_id($link_data['user_id']); } } -- cgit v1.2.1 From bf9d4e0cdf0fc99555ebd9860665ce898a8d9497 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:08:13 -0400 Subject: [feature/oauth] Consolidate repeated query into one function PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 56 +++++++++++------------ 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index af85f5598f..b38029c650 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -141,14 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $row = $this->_has_acess_token($data); - - if (!$row) - { - return false; - } - - return true; + return $this->_has_acess_token($data); } /** @@ -207,31 +200,25 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - $row = $this->_has_acess_token($data); - - if (!$row) - { - return false; - } - - return true; + return $this->_has_acess_token($data); } /** * A helper function that performs the query for has access token functions * * @param array $data - * @return mixed + * @return bool */ protected function _has_acess_token($data) { - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->get_access_token_row($data); - return $row; + if (!$row) + { + return false; + } + + return true; } public function retrieve_access_token_by_session() @@ -257,11 +244,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected function _retrieve_access_token($data) { - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->get_access_token_row($data); if (!$row) { @@ -282,4 +265,21 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; return $token; } + + /** + * A helper function that performs the query for retrieving an access token + * + * @param array $data + * @return mixed + */ + protected function get_access_token_row($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } } -- cgit v1.2.1 From b74e65801a17ec5d221661ac92f1c437cc7ade1a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:14:48 -0400 Subject: [feature/oauth] Clean up documentation PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/service/google.php | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index a2d57a6917..fd3fa7d879 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -87,7 +87,7 @@ interface phpbb_auth_provider_interface * ) * An optional third element may be added to this * array: 'BLOCK_VAR_NAME'. If this is present, - * then it's value should be a string that is used + * then its value should be a string that is used * to designate the name of the loop used in the * ACP template file. In addition to this, an * additional key named 'BLOCK_VARS' is required. diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 16919081cc..dc742cca0d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -70,13 +70,13 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau throw new Exception('Invalid service provider type'); } - // This was a callback request from bitly, get the token + // This was a callback request, get the token $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); // Send a request with it $result = json_decode( $this->service_provider->request('/me'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } @@ -94,7 +94,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau // Send a request with it $result = json_decode( $this->service_provider->request('/me'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index b49a833cce..e2b0f7d36a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Send a request with it $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } @@ -105,7 +105,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Send a request with it $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } } -- cgit v1.2.1 From abee7760182f010dcd92b95c4c14c99a39798c5f Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 1 Aug 2013 21:30:36 -0400 Subject: [feature/oauth] Clean up oauth.php PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index cfeee94439..8979f413b5 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -129,8 +129,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - // TODO: Remove before merging - global $phpbb_root_path, $phpEx; $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); return $provider->login($username, $password); } @@ -151,7 +149,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); + $query = 'mode=login&login=external&oauth_service=' . $service_name; + $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); if ($this->request->is_set('code', phpbb_request_interface::GET)) { @@ -215,39 +214,45 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Returns the cached current_uri object or creates and caches it if it is - * not already created + * not already created. In each case the query string is updated based on + * the $query parameter. * - * @param string $service_name The name of the service + * @param string $service_name The name of the service + * @param string $query The query string of the current_uri + * used in redirects * @return \OAuth\Common\Http\Uri\UriInterface */ - protected function get_current_uri($service_name) + protected function get_current_uri($service_name, $query) { if ($this->current_uri) { + $this->current_uri->setQuery($query); return $this->current_uri; } $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery('mode=login&login=external&oauth_service=' . $service_name); + $current_uri->setQuery($query); $this->current_uri = $current_uri; return $current_uri; } /** - * Returns the cached service object or creates a new one + * Returns a new service object * * @param string $service_name The name of the service * @param phpbb_auth_oauth_token_storage $storage * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} * @param array $scope The scope of the request against * the api. + * @param string $query The query string of the + * current_uri used in redirection * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array(), $query) { - $current_uri = $this->get_current_uri($service_name); + $current_uri = $this->get_current_uri($service_name, $query); // Setup the credentials for the requests $credentials = new Credentials( @@ -390,11 +395,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Prepare for an authentication request - $this->get_current_uri(strtolower($link_data['oauth_service'])); - $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes); + $query = 'mode=login_link&login_link_oauth_service=' . $service_name; + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again -- cgit v1.2.1 From abe9f27723fdc979069082dbe6af3c8a0aceace6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 1 Aug 2013 21:34:50 -0400 Subject: [feature/oauth] Clean up OAuth services PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index ccfe57c8e2..1eb49b4265 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -16,7 +16,7 @@ if (!defined('IN_PHPBB')) } /** -* Bitly OAuth service +* Base OAuth abstract class that all OAuth services should implement * * @package auth */ -- cgit v1.2.1 From 245e71e4e20b8d4ec80fc5e059dc12db51d10651 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:05:09 -0400 Subject: [feature/oauth] Add get_login_data to the auth_provider_interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 8 ++++++++ phpBB/phpbb/auth/provider/interface.php | 21 +++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 4 +--- 3 files changed, 30 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index ca1c635b15..ae1daba82b 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -54,6 +54,14 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface return; } + /** + * {@inheritdoc} + */ + public function get_login_data() + { + return; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index fd3fa7d879..21526fd858 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -106,6 +106,27 @@ interface phpbb_auth_provider_interface */ public function get_acp_template($new_config); + /** + * Returns an array of data necessary to build custom elements on the login + * form. + * + * @return array|null If this function is not implemented on an auth + * provider then it returns null. If it is implemented + * it will return an array of up to four elements of + * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is + * present then 'BLOCK_VARS' must also be present in + * the array. The fourth element 'VARS' is also + * optional. The array, with all four elements present + * looks like the following: + * array( + * 'TEMPLATE_FILE' => string, + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array(...), + * 'VARS' => array(...), + * ) + */ + public function get_login_data(); + /** * Performs additional actions during logout. * diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 8979f413b5..62024ff094 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -274,9 +274,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** - * Returns an array of login data for all enabled OAuth services. - * - * @return array + * {@inheritdoc} */ public function get_login_data() { -- cgit v1.2.1 From 1ae2283b348d6fef1f9e90a49e2a25914465585e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:21:07 -0400 Subject: [feature/oauth] Finish updating interface and related code PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 62024ff094..1cc19d143e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -278,7 +278,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_login_data() { - $login_data = array(); + $login_data = array( + 'TEMPLATE_FILE' => 'login_body_oauth.html', + 'BLOCK_VAR_NAME' => 'oauth', + 'BLOCK_VARS' => array(), + ); foreach ($this->service_providers as $service_name => $service_provider) { @@ -288,7 +292,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; - $login_data[$service_name] = array( + $login_data['BLOCK_VARS'][$service_name] = array( 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], ); -- cgit v1.2.1 From 2222f3f38048b004b353f0f346cee1d1a0eafd37 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:23:18 -0400 Subject: [feature/oauth] Fix error caused by previous change in OAuth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 1cc19d143e..3528c0b83f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -149,7 +149,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $query = 'mode=login&login=external&oauth_service=' . $service_name; + $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); if ($this->request->is_set('code', phpbb_request_interface::GET)) @@ -399,7 +399,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $query = 'mode=login_link&login_link_oauth_service=' . $service_name; + $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); -- cgit v1.2.1 From e16dd958e351c39371db943fec359677c950c9ec Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:31:12 -0400 Subject: [feature/oauth] OAuth clear tokens on logout PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3528c0b83f..786caf5463 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -419,4 +419,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Update token storage to store the user_id $storage->set_user_id($link_data['user_id']); } + + /** + * {@inheritdoc} + */ + public function logout($data, $new_session) + { + // Clear all tokens belonging to the user + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " + WHERE session_id = '" . $this->db->sql_escape($this->user->session_id) . "' + AND user_id = " . (int) $this->user->data['user_id']; + $this->db->sql_query($sql); + + return; + } } -- cgit v1.2.1 From 3cbb97316066b606548af5d24b4fe2199533cffe Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:37:15 -0400 Subject: [feature/oauth] Pass users_table as parameter to OAuth in construct PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 786caf5463..4973cde349 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -74,6 +74,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $service_providers; + /** + * Users table + * + * @var string + */ + protected $users_table; + /** * Cached current uri object * @@ -91,8 +98,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface + * @param string $users)table */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table) { $this->db = $db; $this->config = $config; @@ -101,6 +109,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; + $this->users_table = $users_table; } /** @@ -184,7 +193,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . USERS_TABLE . " + FROM ' . $this->users_table . " WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); -- cgit v1.2.1 From 0b80aaf2178e5a40f9429ce972c490f6067ef114 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:16:39 -0400 Subject: [feature/oauth] Add method to return necessary data for auth_link PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index ae1daba82b..2f1bf8f601 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -62,6 +62,14 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface return; } + /** + * {@inheritdoc} + */ + public function get_auth_link_data() + { + return; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 69cb2e4c603243f75fcfd288d0018390b763ce05 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:26:44 -0400 Subject: [feature/oauth] More template work PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4973cde349..d27e40ca77 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -442,4 +442,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return; } + + /** + * {@inheritdoc} + */ + public function get_auth_link_data() + { + return array( + 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', + ); + } } -- cgit v1.2.1 From e04844c95f52c6da295d20bccc9530ee7e4b63f7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 13:18:00 -0400 Subject: [feature/oauth] Build OAuth data for ucp_auth_link PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 43 +++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d27e40ca77..d0b5583d77 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -448,7 +448,50 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_auth_link_data() { + $block_vars = array(); + + // Get all external accounts tied to the current user + $data = array( + 'user_id' => $user->data['user_id'], + ); + $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $rows = $this->db->sql_fetchrowset($result); + $this->db->sql_freeresult($result); + + $oauth_user_ids = array(); + + if ($row !== false && !empty($rows)) + { + foreach ($row as $row) + { + $oauth_user_ids[$row['provider']] = $row['oauth_provider_id']; + } + } + unset($rows); + + foreach ($this->service_providers as $service_name => $service_provider) + { + // Only include data if the credentials are set + $credentials = $service_provider->get_service_credentials(); + if ($credentials['key'] && $credentials['secret']) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; + + $block_vars[$service_name] = array( + 'REDIRECT_URL' => redirect($redirect_url, true), + 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], + 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, + ); + } + } + return array( + 'BLOCK_VAR_NAME' => 'oauth', + 'BLOCK_VARS' => $block_vars, + 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', ); } -- cgit v1.2.1 From 4003e077c170e2c9aebbf582cb08249d80d37a3d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 14:43:18 -0400 Subject: [feature/oauth] Get the OAuth template in place for ucp_auth_link PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d0b5583d77..1b0674a13b 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -452,7 +452,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get all external accounts tied to the current user $data = array( - 'user_id' => $user->data['user_id'], + 'user_id' => $this->user->data['user_id'], ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); @@ -462,9 +462,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $oauth_user_ids = array(); - if ($row !== false && !empty($rows)) + if ($rows !== false && !empty($rows)) { - foreach ($row as $row) + foreach ($rows as $row) { $oauth_user_ids[$row['provider']] = $row['oauth_provider_id']; } -- cgit v1.2.1 From 836d3ba22ec997f6c823c9b4594fb42c49524732 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 15:29:08 -0400 Subject: [feature/oauth] Handle hidden fields PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 1b0674a13b..cfffdf2c96 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -481,6 +481,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; $block_vars[$service_name] = array( + 'HIDDEN_FIELDS' => array( + 'oauth_service' => $actual_name, + ), + 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, -- cgit v1.2.1 From 67b1ec5bb85fb40f098a1c568276c8fd9a7b8976 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:19:26 -0400 Subject: [feature/oauth] Start implementing link/unlink actions PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index cfffdf2c96..d2f7eb5527 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -405,10 +405,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } + // Prepare the query string + if ($this->request->variable('mode', 'login_link')) + { + $query = 'mode=login_link'; + } else { + $query = 'i=ucp_auth_link&mode=auth_link'; + } + $query .= '&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); @@ -462,7 +470,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $oauth_user_ids = array(); - if ($rows !== false && !empty($rows)) + if ($rows !== false && sizeof($rows)) { foreach ($rows as $row) { @@ -478,14 +486,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if ($credentials['key'] && $credentials['secret']) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; $block_vars[$service_name] = array( 'HIDDEN_FIELDS' => array( + 'link' => (!isset($oauth_user_ids[$actual_name])), 'oauth_service' => $actual_name, ), - 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, ); -- cgit v1.2.1 From afebbf231adeee6828d75d346b64f3036ff46e7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:35:37 -0400 Subject: [feature/oauth] Update link_account to allow for two methods of linking PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d2f7eb5527..36e605d8fc 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -364,7 +364,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_LINK_NO_DATA_PROVIDED'; } - if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service']) + if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service'] || + !array_key_exists('link_method', $login_link_data) || !$login_link_data['link_method']) { return 'LOGIN_LINK_MISSING_DATA'; } @@ -377,6 +378,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function link_account(array $link_data) { + // Check for a valid link method (auth_link or login_link) + if (!array_key_exists('link_method', $link_data) || + !in_array($link_data['link_method'], array( + 'auth_link', + 'login_link', + ))) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { -- cgit v1.2.1 From bb68338861e4fc618407f83706d194e1114ce103 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:55:38 -0400 Subject: [feature/oauth] Refactor oauth::link_account for two paths PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 60 +++++++++++++++++++++++++------ 1 file changed, 49 insertions(+), 11 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 36e605d8fc..ff715d8944 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -408,8 +408,17 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST'; } - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + switch ($link_data['link_method']) + { + case 'auth_link': + return $this->link_account_auth_link($link_data, $service_name); + case 'login_link': + return $this->link_account_login_link($link_data, $service_name); + } + } + protected function link_account_login_link(array $link_data, $service_name) + { // Check for an access token, they should have one if (!$storage->has_access_token_by_session()) { @@ -417,13 +426,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Prepare the query string - if ($this->request->variable('mode', 'login_link')) - { - $query = 'mode=login_link'; - } else { - $query = 'i=ucp_auth_link&mode=auth_link'; - } - $query .= '&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); @@ -440,14 +443,49 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' - ' . $this->db->sql_build_array('INSERT', $data); - $this->db->sql_query($sql); + $this->link_account_perform_link($data); // Update token storage to store the user_id $storage->set_user_id($link_data['user_id']); } + protected function link_account_auth_link(array $link_data, $service_name) + { + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $query = 'i=ucp_auth_link&mode=auth_link&link=1&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); + $scopes = $this->service_providers[$service_name]->get_auth_scope(); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + $this->service_providers[$service_name]->set_external_service_provider($service); + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + + // Insert into table, they will be able to log in after this + $data = array( + 'user_id' => $link_data['user_id'], + 'provider' => strtolower($link_data['oauth_service']), + 'oauth_provider_id' => $unique_id, + ); + + $this->link_account_perform_link($data); + + // Update token storage to store the user_id + $storage->set_user_id($link_data['user_id']); + } else { + $url = $service->getAuthorizationUri(); + header('Location: ' . $url); + } + } + + protected function link_account_perform_link($data) + { + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' + ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From cd12786e58995d93bb73218fb869bad00ad9674e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:01:59 -0400 Subject: [feature/oauth] Fix errors found in testing linking PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index ff715d8944..6f6e6fd344 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -391,10 +391,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { - if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service')) - { - $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); - } + $link_data['oauth_service'] = $this->request->variable('oauth_service', false); if (!$link_data['oauth_service']) { @@ -452,7 +449,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base protected function link_account_auth_link(array $link_data, $service_name) { $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $query = 'i=ucp_auth_link&mode=auth_link&link=1&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); @@ -464,7 +461,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Insert into table, they will be able to log in after this $data = array( - 'user_id' => $link_data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); -- cgit v1.2.1 From 9c91446ef793102f700fc81b1efc54055b1831ba Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:07:38 -0400 Subject: [feature/oauth] Document internal functions PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6f6e6fd344..be86180574 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -414,6 +414,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } + /** + * Performs the account linking for login_link + * + * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param string $service_name The name of the service being used in + * linking. + * @return string|null Returns a language constant (string) if an error is + * encountered, or null on success. + */ protected function link_account_login_link(array $link_data, $service_name) { // Check for an access token, they should have one @@ -446,6 +455,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $storage->set_user_id($link_data['user_id']); } + /** + * Performs the account linking for login_link + * + * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param string $service_name The name of the service being used in + * linking. + * @return string|null Returns a language constant (string) if an error is + * encountered, or null on success. + */ protected function link_account_auth_link(array $link_data, $service_name) { $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); @@ -476,7 +494,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } - protected function link_account_perform_link($data) + /** + * Performs the query that inserts an account link + * + * @param array $data This array is passed to db->sql_build_array + */ + protected function link_account_perform_link(array $data) { $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); -- cgit v1.2.1 From a2237ea8a78b6569213e095bb89a6b3f878d129b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:20:47 -0400 Subject: [feature/oauth] Add unlink_account to auth interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 8 ++++++++ phpBB/phpbb/auth/provider/interface.php | 8 ++++++++ 2 files changed, 16 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 2f1bf8f601..09e918cee4 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -101,4 +101,12 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface { return; } + + /** + * {@inheritdoc} + */ + public function unlink_account(array $link_data) + { + return; + } } diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 21526fd858..4abbd75055 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -166,4 +166,12 @@ interface phpbb_auth_provider_interface * an external account. */ public function link_account(array $link_data); + + /** + * Unlinks an external account from a phpBB account. + * + * @param array $link_data Any data needed to unlink a phpBB account + * from a phpbb account. + */ + public function unlink_account(array $link_data); } -- cgit v1.2.1 From 9cd80345ad05cccb362ec3eba15304c3f43630ed Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:32:55 -0400 Subject: [feature/oauth] Implement unlinking in OAuth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index be86180574..9af6f04e38 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -575,4 +575,29 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', ); } + + /** + * {@inheritdoc} + */ + public function unlink_account(array $link_data) + { + if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + + // Remove the link + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . " + WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "' + AND user_id = " . (int) $this->user->data['user_id']; + $this->db->sql_query($sql); + + // Clear all tokens belonging to the user on this servce + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " + WHERE user_id = " . (int) $this->user->data['user_id'] . " + AND provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'"; + $this->db->sql_query($sql); + + return; + } } -- cgit v1.2.1 From 7bd4c88ec519fa0bf10558c79994d14243255813 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:45:17 -0400 Subject: [feature/oauth] Fix errors in oauth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9af6f04e38..0972d59fee 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -425,6 +425,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + // Check for an access token, they should have one if (!$storage->has_access_token_by_session()) { @@ -593,10 +595,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->db->sql_query($sql); // Clear all tokens belonging to the user on this servce - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " - WHERE user_id = " . (int) $this->user->data['user_id'] . " - AND provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'"; - $this->db->sql_query($sql); + $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage->clearToken(); return; } -- cgit v1.2.1 From abebe83edb79b9f3879f8d257eefff01246ba172 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:52:37 -0400 Subject: [feature/oauth] No need for this line PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0972d59fee..bb8b72ac06 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -487,9 +487,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $this->link_account_perform_link($data); - - // Update token storage to store the user_id - $storage->set_user_id($link_data['user_id']); } else { $url = $service->getAuthorizationUri(); header('Location: ' . $url); -- cgit v1.2.1 From 823b7e2b84b0c1cfda001c509876f1aef1a17b35 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:58:46 -0400 Subject: [feature/oauth] Fix small error in method call PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index bb8b72ac06..6d42b06f6a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -391,7 +391,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { - $link_data['oauth_service'] = $this->request->variable('oauth_service', false); + $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); if (!$link_data['oauth_service']) { -- cgit v1.2.1 From 59c8db28d61c9b43ac35f734c0b280bef4a4a8b8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 17:01:15 -0400 Subject: [feature/oauth] Always store session_id with token PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b38029c650..313ad7661b 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -110,13 +110,9 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, 'oauth_token' => serialize($token), + 'session_id' => $this->user->data['session_id'], ); - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); -- cgit v1.2.1 From 0ea555bbc78597645cf024a5ba14bfd8149f512a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 17:15:36 -0400 Subject: [feature/oauth] Update auth provider interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 4abbd75055..480ee4301b 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -167,6 +167,26 @@ interface phpbb_auth_provider_interface */ public function link_account(array $link_data); + /** + * Returns an array of data necessary to build the ucp_auth_link page + * + * @return array|null If this function is not implemented on an auth + * provider then it returns null. If it is implemented + * it will return an array of up to four elements of + * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is + * present then 'BLOCK_VARS' must also be present in + * the array. The fourth element 'VARS' is also + * optional. The array, with all four elements present + * looks like the following: + * array( + * 'TEMPLATE_FILE' => string, + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array(...), + * 'VARS' => array(...), + * ) + */ + public function get_auth_link_data(); + /** * Unlinks an external account from a phpBB account. * -- cgit v1.2.1 From 83515cd3d42486b7411ac5e817cb5c2378b75fe8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 15 Aug 2013 01:14:37 -0400 Subject: [feature/oauth] Fix remaining issues with token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 57 ++++++++++++++++++++++- 1 file changed, 55 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 313ad7661b..ff1887fce7 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -16,6 +16,7 @@ if (!defined('IN_PHPBB')) } +use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; use OAuth\Common\Storage\TokenStorageInterface; use OAuth\Common\Storage\Exception\StorageException; @@ -109,7 +110,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, - 'oauth_token' => serialize($token), + 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], ); @@ -248,7 +249,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface throw new TokenNotFoundException('Token not stored'); } - $token = unserialize($row['oauth_token']); + $token = $this->json_decode_token($row['oauth_token']); // Ensure that the token was serialized/unserialized correctly if (!($token instanceof TokenInterface)) @@ -278,4 +279,56 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return $row; } + + public function json_encode_token(TokenInterface $token) + { + $members = array( + 'accessToken' => $token->getAccessToken(), + 'endOfLife' => $token->getEndOfLife(), + 'extraParams' => $token->getExtraParams(), + 'refreshToken' => $token->getRefreshToken(), + + 'token_class' => get_class($token), + ); + + // Handle additional data needed for OAuth1 tokens + if ($token instanceof StdOAuth1Token) + { + $members['requestToken'] = $token->getRequestToken(); + $members['requestTokenSecret'] = $token->getRequestTokenSecret(); + $members['accessTokenSecret'] = $token->getAccessTokenSecret(); + } + + return json_encode($members); + } + + public function json_decode_token($json) + { + $token_data = json_decode($json, true); + + if ($token_data === null) + { + throw new TokenNotFoundException('Token not stored correctly'); + } + + $token_class = $token_data['token_class']; + $access_token = $token_data['accessToken']; + $refresh_token = $token_data['refreshToken']; + $endOfLife = $token_data['endOfLife']; + $extra_params = $token_data['extraParams']; + + // Create the token + $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params); + $token->setEndOfLife($endOfLife); + + // Handle OAuth 1.0 specific elements + if ($token instanceof StdOAuth1Token) + { + $token->setRequestToken($token_data['requestToken']); + $token->setRequestTokenSecret($token_data['requestTokenSecret']); + $token->setAccessTokenSecret($token_data['accessTokenSecret']); + } + + return $token; + } } -- cgit v1.2.1 From 27ba57747ab46c0507acc3a87e5b73babda436b1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:14:30 -0400 Subject: [feature/oauth] Clean up TODOs PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 +--- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 5 ++--- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/google.php | 6 ++---- 4 files changed, 6 insertions(+), 11 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6d42b06f6a..e1172f2e70 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -201,8 +201,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // TODO: Update exception type and change it to language constant - throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY'); } // Update token storage to store the user_id @@ -216,7 +215,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } else { $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points header('Location: ' . $url); } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 9b8e7ebb03..0918f577ec 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request from bitly, get the token @@ -87,8 +87,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index dc742cca0d..836e4ee052 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index e2b0f7d36a..9c782bcaa0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -77,8 +77,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -98,8 +97,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it -- cgit v1.2.1 From d398ae41c031f70946e82f71599f1821766f3eea Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:20:01 -0400 Subject: [feature/oauth] Finish cleaning up TODOs PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index ff1887fce7..b31ffcd1ab 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -245,8 +245,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if (!$row) { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED'); } $token = $this->json_decode_token($row['oauth_token']); @@ -255,8 +254,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if (!($token instanceof TokenInterface)) { $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } $this->cachedToken = $token; -- cgit v1.2.1 From 310caec5d92d58453d1eee40e9b5a7f0157bd5ea Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 21:34:23 -0400 Subject: [feature/oauth] Fix redirects PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index e1172f2e70..b427ca4e72 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -88,6 +88,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $current_uri; + /** + * phpBB root path + * + * @var string + */ + protected $phpbb_root_path; + + /** + * PHP extenstion + * + * @var string + */ + protected $php_ext; + /** * OAuth Authentication Constructor * @@ -98,9 +112,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface - * @param string $users)table + * @param string $users_table + * @param string $phpbb_root_path + * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -110,6 +126,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->users_table = $users_table; + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; } /** @@ -138,7 +156,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); + $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); return $provider->login($username, $password); } -- cgit v1.2.1 From a8ffbce99f9ea99bd1fdca0e009001026e2d6950 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:00:16 -0400 Subject: [feature/oauth] Changes due to code review PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 8 ++--- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 ++++++----- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 6 ++-- .../phpbb/auth/provider/oauth/service/facebook.php | 10 +++---- phpBB/phpbb/auth/provider/oauth/service/google.php | 6 ++-- phpBB/phpbb/auth/provider/oauth/token_storage.php | 35 ++++++++++------------ 6 files changed, 39 insertions(+), 43 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 480ee4301b..eadd5f01d1 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -45,9 +45,9 @@ interface phpbb_auth_provider_interface * 'error_msg' => string * 'user_row' => array * ) - * A fourth key of the array may be present 'redirect_data' - * This key is only used when 'status' is equal to - * LOGIN_SUCCESS_LINK_PROFILE and it's value is an + * A fourth key of the array may be present: + * 'redirect_data' This key is only used when 'status' is + * equal to LOGIN_SUCCESS_LINK_PROFILE and its value is an * associative array that is turned into GET variables on * the redirect url. */ @@ -89,7 +89,7 @@ interface phpbb_auth_provider_interface * array: 'BLOCK_VAR_NAME'. If this is present, * then its value should be a string that is used * to designate the name of the loop used in the - * ACP template file. In addition to this, an + * ACP template file. When this is present, an * additional key named 'BLOCK_VARS' is required. * This must be an array containing at least one * array of variables that will be assigned during diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index b427ca4e72..c1c27c979f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -211,8 +211,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . $this->users_table . " - WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; + FROM ' . $this->users_table . ' + WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -231,7 +231,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'error_msg' => false, 'user_row' => $row, ); - } else { + } + else + { $url = $service->getAuthorizationUri(); header('Location: ' . $url); } @@ -291,8 +293,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$service) { - // Update to an actual error message - throw new Exception('Service not created: ' . $service_name); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED'); } return $service; @@ -474,7 +475,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** - * Performs the account linking for login_link + * Performs the account linking for auth_link * * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} * @param string $service_name The name of the service being used in @@ -503,7 +504,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $this->link_account_perform_link($data); - } else { + } + else + { $url = $service->getAuthorizationUri(); header('Location: ' . $url); } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 0918f577ec..59e66c7c34 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -71,10 +71,10 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ } // This was a callback request from bitly, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('user/info'), true ); + $result = json_decode($this->service_provider->request('user/info'), true); // Return the unique identifier returned from bitly return $result['data']['login']; @@ -91,7 +91,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ } // Send a request with it - $result = json_decode( $this->service_provider->request('user/info'), true ); + $result = json_decode($this->service_provider->request('user/info'), true); // Return the unique identifier returned from bitly return $result['data']['login']; diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 836e4ee052..b853c8c8a5 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -66,15 +66,14 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - // TODO: make exception class and use language constant throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('/me'), true ); + $result = json_decode($this->service_provider->request('/me'), true); // Return the unique identifier return $result['id']; @@ -87,12 +86,11 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it - $result = json_decode( $this->service_provider->request('/me'), true ); + $result = json_decode($this->service_provider->request('/me'), true); // Return the unique identifier return $result['id']; diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 9c782bcaa0..eb4ad6317a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -81,10 +81,10 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth } // This was a callback request, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); // Return the unique identifier return $result['id']; @@ -101,7 +101,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth } // Send a request with it - $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); // Return the unique identifier return $result['id']; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b31ffcd1ab..05e308d192 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -83,7 +83,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function retrieveAccessToken() { - if( $this->cachedToken instanceOf TokenInterface ) { + if ($this->cachedToken instanceOf TokenInterface) + { return $this->cachedToken; } @@ -92,7 +93,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -124,7 +125,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function hasAccessToken() { - if( $this->cachedToken ) { + if ($this->cachedToken) { return true; } @@ -133,7 +134,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -149,12 +150,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = \'' . $this->db->sql_escape($this->service_name) . '\''; + WHERE user_id = ' . $this->user->data['user_id'] . " + AND provider = '" . $this->db->sql_escape($this->service_name) . "'"; - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { - $sql .= ' AND session_id = \'' . $this->user->data['session_id'] . '\''; + $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; } $this->db->sql_query($sql); @@ -176,8 +177,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = \'' . $this->user->data['session_id'] . '\''; + WHERE user_id = ' . $this->user->data['user_id'] . " + AND session_id = '" . $this->user->data['session_id'] . "'"; $this->db->sql_query($sql); } @@ -188,7 +189,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function has_access_token_by_session() { - if( $this->cachedToken ) { + if ($this->cachedToken) + { return true; } @@ -208,19 +210,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected function _has_acess_token($data) { - $row = $this->get_access_token_row($data); - - if (!$row) - { - return false; - } - - return true; + return (bool) $this->get_access_token_row($data); } public function retrieve_access_token_by_session() { - if( $this->cachedToken instanceOf TokenInterface ) { + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; } -- cgit v1.2.1 From d847df717573a55cc6e13211fbe853b4784cf53c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:10:10 -0400 Subject: [feature/oauth] A few more minor changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 05e308d192..c0fce10e17 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -301,7 +301,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if ($token_data === null) { - throw new TokenNotFoundException('Token not stored correctly'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } $token_class = $token_data['token_class']; -- cgit v1.2.1 From 7f6b2a984927915a70b8e03bbdddd00d73910436 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:12:44 -0400 Subject: [feature/oauth] OAuth service exception PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 4 ++-- .../auth/provider/oauth/service/exception.php | 24 ++++++++++++++++++++++ .../phpbb/auth/provider/oauth/service/facebook.php | 4 ++-- phpBB/phpbb/auth/provider/oauth/service/google.php | 4 ++-- .../auth/provider/oauth/service/interface.php | 2 ++ 5 files changed, 32 insertions(+), 6 deletions(-) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/exception.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 59e66c7c34..3dd33427f6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { // TODO: make exception class and use language constant - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request from bitly, get the token @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php new file mode 100644 index 0000000000..c2749f571a --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -0,0 +1,24 @@ +service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -86,7 +86,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index eb4ad6317a..d4ef6e1d42 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -77,7 +77,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -97,7 +97,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 0d6ae7417f..3bba7c0e2c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -52,6 +52,7 @@ interface phpbb_auth_provider_oauth_service_interface /** * Returns the results of the authentication in json format * + * @throws phpbb_auth_provider_oauth_service_exception * @return string The unique identifier returned by the service provider * that is used to authenticate the user with phpBB. */ @@ -61,6 +62,7 @@ interface phpbb_auth_provider_oauth_service_interface * Returns the results of the authentication in json format * Use this function when the user already has an access token * + * @throws phpbb_auth_provider_oauth_service_exception * @return string The unique identifier returned by the service provider * that is used to authenticate the user with phpBB. */ -- cgit v1.2.1 From 265a3a35526830a351130aa4c15fa15b733005d2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:14:56 -0400 Subject: [feature/oauth] Forgot to remove placeholder comment PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 3dd33427f6..3bafdd59ce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -66,7 +66,6 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - // TODO: make exception class and use language constant throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } -- cgit v1.2.1 From 2090a5020cec1d0488fa79c31da232517bff775b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:17:15 -0400 Subject: [feature/oauth] Update comment on oauth service exception PHPBB3-16673 --- phpBB/phpbb/auth/provider/oauth/service/exception.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php index c2749f571a..23d3387951 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/exception.php +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -1,8 +1,8 @@ Date: Mon, 2 Sep 2013 15:25:38 -0400 Subject: [feature/oauth] Update storage implementation due to inteface change PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/token_storage.php | 22 ++++++++++++++++++++-- 2 files changed, 21 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c1c27c979f..142c209c0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -613,7 +613,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $storage->clearToken(); + $storage->clearToken($service_name); return; } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index c0fce10e17..96f2e2fb0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -145,13 +145,31 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function clearToken() + public function clearToken($service) { $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . " - AND provider = '" . $this->db->sql_escape($this->service_name) . "'"; + AND provider = '" . $this->db->sql_escape($service) . "'"; + + if ($this->user->data['user_id'] === ANONYMOUS) + { + $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + } + + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function clearAllTokens() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id']; if ($this->user->data['user_id'] === ANONYMOUS) { -- cgit v1.2.1 From a2be0aab5f21ee7efe7d765b08853231a38fcf72 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:27:57 -0400 Subject: [feature/oauth] Update oauth::logout() to use clearAllTokens() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 142c209c0a..a5709d8ff6 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -530,10 +530,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " - WHERE session_id = '" . $this->db->sql_escape($this->user->session_id) . "' - AND user_id = " . (int) $this->user->data['user_id']; - $this->db->sql_query($sql); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, '', $this->auth_provider_oauth_token_storage_table); + $stroage->clearAllTokens(); return; } -- cgit v1.2.1 From 4348fd83501a56338c1584d96da91b1d6945b93b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:32:42 -0400 Subject: [feature/oauth] Make token storage service ignorant PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 12 ++++----- phpBB/phpbb/auth/provider/oauth/token_storage.php | 31 ++++++++--------------- 2 files changed, 17 insertions(+), 26 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a5709d8ff6..5df7db726b 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -175,7 +175,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); @@ -442,10 +442,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one - if (!$storage->has_access_token_by_session()) + if (!$storage->has_access_token_by_session($service_name)) { return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } @@ -485,7 +485,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_auth_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); @@ -530,7 +530,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, '', $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $stroage->clearAllTokens(); return; @@ -610,7 +610,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearToken($service_name); return; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 96f2e2fb0a..15f491c9dc 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -43,13 +43,6 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected $user; - /** - * Name of the OAuth provider - * - * @var string - */ - protected $service_name; - /** * OAuth token table * @@ -67,21 +60,19 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @param phpbb_db_driver $db * @param phpbb_user $user - * @param string $service_name * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name, $auth_provider_oauth_table) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; - $this->service_name = $service_name; $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** * {@inheritdoc} */ - public function retrieveAccessToken() + public function retrieveAccessToken($service) { if ($this->cachedToken instanceOf TokenInterface) { @@ -90,7 +81,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -104,13 +95,13 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function storeAccessToken(TokenInterface $token) + public function storeAccessToken($service, TokenInterface $token) { $this->cachedToken = $token; $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], ); @@ -123,7 +114,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function hasAccessToken() + public function hasAccessToken($service) { if ($this->cachedToken) { return true; @@ -131,7 +122,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -205,7 +196,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @return bool true if they have token, false if they don't */ - public function has_access_token_by_session() + public function has_access_token_by_session($service) { if ($this->cachedToken) { @@ -214,7 +205,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_has_acess_token($data); @@ -231,7 +222,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return (bool) $this->get_access_token_row($data); } - public function retrieve_access_token_by_session() + public function retrieve_access_token_by_session($service) { if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; @@ -239,7 +230,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_retrieve_access_token($data); -- cgit v1.2.1 From 6420fdcc053aa1bfa0e612586a1d4f18a5172e74 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:55:23 -0400 Subject: [feature/oauth] Fix typo in OAuth logout method PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 5df7db726b..a0bc3038cb 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -531,7 +531,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { // Clear all tokens belonging to the user $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); - $stroage->clearAllTokens(); + $storage->clearAllTokens(); return; } -- cgit v1.2.1 From 63ba06406575b5c7882ef26ee3b5469ca16afec5 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:32:24 -0400 Subject: [feature/oauth] Fix small bug introduced by update in OAuth library PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 30 +++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 15f491c9dc..f9ba28ee69 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -74,6 +74,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function retrieveAccessToken($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; @@ -97,6 +99,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function storeAccessToken($service, TokenInterface $token) { + $service = $this->get_service_name_for_db($service); + $this->cachedToken = $token; $data = array( @@ -116,6 +120,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function hasAccessToken($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken) { return true; } @@ -138,6 +144,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function clearToken($service) { + $service = $this->get_service_name_for_db($service); + $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' @@ -198,6 +206,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function has_access_token_by_session($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken) { return true; @@ -224,6 +234,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface public function retrieve_access_token_by_session($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; } @@ -333,4 +345,22 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return $token; } + + /** + * Returns the name of the service as it must be stored in the database. + * + * @param string $service The name of the OAuth service + * @return string The name of the OAuth service as it needs to be stored + * in the database. + */ + protected function get_service_name_for_db($service) + { + // Enforce the naming convention for oauth services + if (strpos($service, 'auth.provider.oauth.service.') !== 0) + { + $service = 'auth.provider.oauth.service.' . strtolower($service); + } + + return $service; + } } -- cgit v1.2.1 From 29e3768ecc7bc8adf96d4e31c4e05a6f1de6735a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:47:40 -0400 Subject: [feature/oauth] More minor changes from review PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/token_storage.php | 26 +++++++++++------------ 2 files changed, 16 insertions(+), 16 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a0bc3038cb..be0b8bb7d6 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -211,8 +211,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . $this->users_table . ' - WHERE user_id = ' . (int) $row['user_id']; + FROM ' . $this->users_table . ' + WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -545,7 +545,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get all external accounts tied to the current user $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index f9ba28ee69..d21deb8999 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -82,11 +82,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, ); - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -104,7 +104,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], @@ -127,11 +127,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, ); - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -149,12 +149,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . " + WHERE user_id = ' . (int) $this->user->data['user_id'] . " AND provider = '" . $this->db->sql_escape($service) . "'"; - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { - $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; } $this->db->sql_query($sql); @@ -168,11 +168,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id']; + WHERE user_id = ' . (int) $this->user->data['user_id']; - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { - $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; } $this->db->sql_query($sql); @@ -194,8 +194,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . " - AND session_id = '" . $this->user->data['session_id'] . "'"; + WHERE user_id = ' . (int) $this->user->data['user_id'] . " + AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; $this->db->sql_query($sql); } -- cgit v1.2.1 From b95fdacdd378877d277e261465da73deb06e50da Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Tue, 10 Sep 2013 14:01:09 +0200 Subject: [ticket/11700] Move all recent code to namespaces PHPBB3-11700 --- phpBB/phpbb/auth/provider/apache.php | 26 +++++++++++++----------- phpBB/phpbb/auth/provider/base.php | 4 +++- phpBB/phpbb/auth/provider/db.php | 20 ++++++++++-------- phpBB/phpbb/auth/provider/ldap.php | 12 ++++++----- phpBB/phpbb/auth/provider/provider_interface.php | 10 +++++---- 5 files changed, 41 insertions(+), 31 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index a7148c634a..cd1330e7b0 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider; + /** * @ignore */ @@ -20,19 +22,19 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_apache extends phpbb_auth_provider_base +class apache extends \phpbb\auth\provider\base { /** * Apache Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param \phpbb\db\driver\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\request\request $request + * @param \phpbb\user $user * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -47,7 +49,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base */ public function init() { - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) + if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) { return $this->user->lang['APACHE_SETUP_BEFORE_USE']; } @@ -78,7 +80,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base ); } - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -149,7 +151,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base */ public function autologin() { - if (!$this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) + if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) { return array(); } @@ -202,8 +204,8 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base * This function generates an array which can be passed to the user_add * function in order to create a user * - * @param string $username The username of the new user. - * @param string $password The password of the new user. + * @param string $username The username of the new \user. + * @param string $password The password of the new \user. * @return array Contains data that can be passed directly to * the user_add function. */ @@ -241,7 +243,7 @@ class phpbb_auth_provider_apache extends phpbb_auth_provider_base public function validate_session($user) { // Check if PHP_AUTH_USER is set and handle this case - if ($this->request->is_set('PHP_AUTH_USER', phpbb_request_request_interface::SERVER)) + if ($this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) { $php_auth_user = $this->request->server('PHP_AUTH_USER'); diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 626ad8478f..f0a2a2f68c 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider; + /** * @ignore */ @@ -20,7 +22,7 @@ if (!defined('IN_PHPBB')) * * @package auth */ -abstract class phpbb_auth_provider_base implements phpbb_auth_provider_provider_interface +abstract class base implements \phpbb\auth\provider\provider_interface { /** * {@inheritdoc} diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 0934c56d9b..f613bafc6a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider; + /** * @ignore */ @@ -22,20 +24,20 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_db extends phpbb_auth_provider_base +class db extends \phpbb\auth\provider\base { /** * Database Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param \phpbb\db\driver\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\request\request $request + * @param \phpbb\user $user * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -149,7 +151,7 @@ class phpbb_auth_provider_db extends phpbb_auth_provider_base include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->php_ext); } - $captcha = phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); + $captcha = \phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); $vc_response = $captcha->validate($row); if ($vc_response) @@ -202,7 +204,7 @@ class phpbb_auth_provider_db extends phpbb_auth_provider_base { $hash = phpbb_hash($password_new_format); - // Update the password in the users table to the new format and remove user_pass_convert flag + // Update the password in the users table to the new \format and remove user_pass_convert flag $sql = 'UPDATE ' . USERS_TABLE . ' SET user_password = \'' . $this->db->sql_escape($hash) . '\', user_pass_convert = 0 @@ -239,7 +241,7 @@ class phpbb_auth_provider_db extends phpbb_auth_provider_base { $hash = phpbb_hash($password); - // Update the password in the users table to the new format + // Update the password in the users table to the new \format $sql = 'UPDATE ' . USERS_TABLE . " SET user_password = '" . $this->db->sql_escape($hash) . "', user_pass_convert = 0 diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 0196529408..9d29789567 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider; + /** * @ignore */ @@ -22,16 +24,16 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_ldap extends phpbb_auth_provider_base +class ldap extends \phpbb\auth\provider\base { /** * LDAP Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_user $user + * @param \phpbb\db\driver\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\user $user */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_user $user) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\user $user) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index baf55c7a86..8df2043375 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider; + /** * @ignore */ @@ -20,7 +22,7 @@ if (!defined('IN_PHPBB')) * * @package auth */ -interface phpbb_auth_provider_provider_interface +interface provider_interface { /** * Checks whether the user is currently identified to the authentication @@ -70,7 +72,7 @@ interface phpbb_auth_provider_provider_interface * options with whatever configuraton values are passed to it as an array. * It then returns the name of the acp file related to this authentication * provider. - * @param array $new_config Contains the new configuration values that + * @param array $new_config Contains the new \configuration values that * have been set in acp_board. * @return array|null Returns null if not implemented or an array with * the template file name and an array of the vars @@ -87,8 +89,8 @@ interface phpbb_auth_provider_provider_interface * Performs additional actions during logout. * * @param array $data An array corresponding to - * phpbb_session::data - * @param boolean $new_session True for a new session, false for no new + * \phpbb\session::data + * @param boolean $new_session True for a new \session, false for no new * session. */ public function logout($data, $new_session); -- cgit v1.2.1 From 2472271bc0cd7c15c77783c86ccaac643ab1756a Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Mon, 16 Sep 2013 02:41:03 +0200 Subject: [ticket/11700] Fix tests after merging new develop code PHPBB3-11700 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 54 ++++++++++++----------- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 18 ++++---- phpBB/phpbb/auth/provider/oauth/token_storage.php | 14 +++--- 3 files changed, 46 insertions(+), 40 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index be0b8bb7d6..e92462b344 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth; + /** * @ignore */ @@ -23,33 +25,33 @@ use OAuth\Common\Http\Uri\Uri; * * @package auth */ -class phpbb_auth_provider_oauth extends phpbb_auth_provider_base +class oauth extends \phpbb\auth\provider\base { /** * Database driver * - * @var phpbb_db_driver + * @var \phpbb\db\driver */ protected $db; /** * phpBB config * - * @var phpbb_config + * @var \phpbb\config\config */ protected $config; /** * phpBB request object * - * @var phpbb_request + * @var \phpbb\request\request_interface */ protected $request; /** * phpBB user * - * @var phpbb_user + * @var \phpbb\user */ protected $user; @@ -70,7 +72,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * All OAuth service providers * - * @var phpbb_di_service_collection Contains phpbb_auth_provider_oauth_service_interface + * @var \phpbb\di\service_collection Contains \phpbb\auth\provider\oauth\service_interface */ protected $service_providers; @@ -105,18 +107,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * OAuth Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param \phpbb\db\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\request\request_interface $request + * @param \phpbb\user $user * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc - * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface + * @param \phpbb\di\service_collection $service_providers Contains \phpbb\auth\provider\oauth\service_interface * @param string $users_table * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver $db, \phpbb\config\config $config, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -156,7 +158,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); + $provider = new \phpbb\auth\provider\db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); return $provider->login($username, $password); } @@ -175,11 +177,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); - if ($this->request->is_set('code', phpbb_request_interface::GET)) + if ($this->request->is_set('code', \phpbb\request\request_interface::GET)) { $this->service_providers[$service_name]->set_external_service_provider($service); $unique_id = $this->service_providers[$service_name]->perform_auth_login(); @@ -258,7 +260,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(\phpbb\request\request_interface::SERVER)); $current_uri->setQuery($query); $this->current_uri = $current_uri; @@ -269,15 +271,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns a new service object * * @param string $service_name The name of the service - * @param phpbb_auth_oauth_token_storage $storage - * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param \phpbb\auth\provider\oauth\token_storage $storage + * @param array $service_credentials {@see \phpbb\auth\provider\oauth\oauth::get_service_credentials} * @param array $scope The scope of the request against * the api. * @param string $query The query string of the * current_uri used in redirection * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array(), $query) + protected function get_service($service_name, \phpbb\auth\provider\oauth\token_storage $storage, array $service_credentials, array $scopes = array(), $query) { $current_uri = $this->get_current_uri($service_name, $query); @@ -434,7 +436,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Performs the account linking for login_link * - * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param array $link_data The same variable given to {@see \phpbb\auth\provider\provider_interface::link_account} * @param string $service_name The name of the service being used in * linking. * @return string|null Returns a language constant (string) if an error is @@ -442,7 +444,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one if (!$storage->has_access_token_by_session($service_name)) @@ -477,7 +479,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Performs the account linking for auth_link * - * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param array $link_data The same variable given to {@see \phpbb\auth\provider\provider_interface::link_account} * @param string $service_name The name of the service being used in * linking. * @return string|null Returns a language constant (string) if an error is @@ -485,13 +487,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_auth_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); - if ($this->request->is_set('code', phpbb_request_interface::GET)) + if ($this->request->is_set('code', \phpbb\request\request_interface::GET)) { $this->service_providers[$service_name]->set_external_service_provider($service); $unique_id = $this->service_providers[$service_name]->perform_auth_login(); @@ -530,7 +532,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearAllTokens(); return; @@ -610,7 +612,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); + $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearToken($service_name); return; diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 3bafdd59ce..47cf7ee380 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth\service; + /** * @ignore */ @@ -20,29 +22,29 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base +class bitly extends \phpbb\auth\provider\oauth\service\base { /** * phpBB config * - * @var phpbb_config + * @var \phpbb\config\config */ protected $config; /** * phpBB request * - * @var phpbb_request + * @var \phpbb\request\request_interface */ protected $request; /** * Constructor * - * @param phpbb_config $config - * @param phpbb_request $request + * @param \phpbb\config\config $config + * @param \phpbb\request\request_interface $request */ - public function __construct(phpbb_config $config, phpbb_request $request) + public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) { $this->config = $config; $this->request = $request; @@ -66,7 +68,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request from bitly, get the token @@ -86,7 +88,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index d21deb8999..2ce0e32da3 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth; + /** * @ignore */ @@ -27,19 +29,19 @@ use OAuth\Common\Storage\Exception\TokenNotFoundException; * * @package auth */ -class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface +class token_storage implements TokenStorageInterface { /** * Cache driver. * - * @var phpbb_db_driver + * @var \phpbb\db\driver\driver */ protected $db; /** * phpBB user * - * @var phpbb_user + * @var \phpbb\user */ protected $user; @@ -58,11 +60,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param phpbb_db_driver $db - * @param phpbb_user $user + * @param \phpbb\db\driver\driver $db + * @param \phpbb\user $user * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\user $user, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; -- cgit v1.2.1 From 1fa673bdedcc46fda69f62b6cb967bd33812f50a Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Mon, 16 Sep 2013 03:22:13 +0200 Subject: [ticket/11700] Fix authentication acp after develop merge PHPBB3-11700 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +- phpBB/phpbb/auth/provider/oauth/service/base.php | 4 +- .../phpbb/auth/provider/oauth/service/facebook.php | 18 ++--- phpBB/phpbb/auth/provider/oauth/service/google.php | 18 ++--- .../auth/provider/oauth/service/interface.php | 77 --------------------- .../provider/oauth/service/service_interface.php | 79 ++++++++++++++++++++++ 6 files changed, 105 insertions(+), 97 deletions(-) delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/interface.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/service_interface.php (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index e92462b344..de81ac0d04 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -30,7 +30,7 @@ class oauth extends \phpbb\auth\provider\base /** * Database driver * - * @var \phpbb\db\driver + * @var \phpbb\db\driver\driver */ protected $db; @@ -107,7 +107,7 @@ class oauth extends \phpbb\auth\provider\base /** * OAuth Authentication Constructor * - * @param \phpbb\db\driver $db + * @param \phpbb\db\driver\driver $db * @param \phpbb\config\config $config * @param \phpbb\request\request_interface $request * @param \phpbb\user $user @@ -118,7 +118,7 @@ class oauth extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver $db, \phpbb\config\config $config, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index 1eb49b4265..61deb48695 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth\service; + /** * @ignore */ @@ -20,7 +22,7 @@ if (!defined('IN_PHPBB')) * * @package auth */ -abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_provider_oauth_service_interface +abstract class base implements \phpbb\auth\provider\oauth\service\service_interface { /** * External OAuth service provider diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 49206b7654..4a4eeba6d5 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth\service; + /** * @ignore */ @@ -20,29 +22,29 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base +class facebook extends base { /** * phpBB config * - * @var phpbb_config + * @var phpbb\config\config */ protected $config; /** * phpBB request * - * @var phpbb_request + * @var phpbb\request\request_interface */ protected $request; /** * Constructor * - * @param phpbb_config $config - * @param phpbb_request $request + * @param phpbb\config\config $config + * @param phpbb\request\request_interface $request */ - public function __construct(phpbb_config $config, phpbb_request $request) + public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) { $this->config = $config; $this->request = $request; @@ -66,7 +68,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -86,7 +88,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index d4ef6e1d42..2449bbf523 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth\service; + /** * @ignore */ @@ -20,29 +22,29 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth_service_base +class google extends base { /** * phpBB config * - * @var phpbb_config + * @var phpbb\config\config */ protected $config; /** * phpBB request * - * @var phpbb_request + * @var phpbb\request\request_interface */ protected $request; /** * Constructor * - * @param phpbb_config $config - * @param phpbb_request $request + * @param phpbb\config\config $config + * @param phpbb\request\request_interface $request */ - public function __construct(phpbb_config $config, phpbb_request $request) + public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) { $this->config = $config; $this->request = $request; @@ -77,7 +79,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -97,7 +99,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php deleted file mode 100644 index 3bba7c0e2c..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ /dev/null @@ -1,77 +0,0 @@ - string - * 'secret' => string - * ) - */ - public function get_service_credentials(); - - /** - * Returns the results of the authentication in json format - * - * @throws phpbb_auth_provider_oauth_service_exception - * @return string The unique identifier returned by the service provider - * that is used to authenticate the user with phpBB. - */ - public function perform_auth_login(); - - /** - * Returns the results of the authentication in json format - * Use this function when the user already has an access token - * - * @throws phpbb_auth_provider_oauth_service_exception - * @return string The unique identifier returned by the service provider - * that is used to authenticate the user with phpBB. - */ - public function perform_token_auth(); - - /** - * Sets the external library service provider - * - * @param \OAuth\Common\Service\ServiceInterface $service - */ - public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php new file mode 100644 index 0000000000..ab69fe6ef3 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php @@ -0,0 +1,79 @@ + string + * 'secret' => string + * ) + */ + public function get_service_credentials(); + + /** + * Returns the results of the authentication in json format + * + * @throws \phpbb\auth\provider\oauth\service\exception + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. + */ + public function perform_auth_login(); + + /** + * Returns the results of the authentication in json format + * Use this function when the user already has an access token + * + * @throws \phpbb\auth\provider\oauth\service\exception + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. + */ + public function perform_token_auth(); + + /** + * Sets the external library service provider + * + * @param \OAuth\Common\Service\ServiceInterface $service + */ + public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); +} -- cgit v1.2.1 From d626ebaf1e3d993ba3474c8dd403b18d5faf8863 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Mon, 16 Sep 2013 04:45:58 +0200 Subject: [ticket/11700] Fix a few more comments PHPBB3-11700 --- phpBB/phpbb/auth/provider/db.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index f613bafc6a..a18fc258a4 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -204,7 +204,7 @@ class db extends \phpbb\auth\provider\base { $hash = phpbb_hash($password_new_format); - // Update the password in the users table to the new \format and remove user_pass_convert flag + // Update the password in the users table to the new format and remove user_pass_convert flag $sql = 'UPDATE ' . USERS_TABLE . ' SET user_password = \'' . $this->db->sql_escape($hash) . '\', user_pass_convert = 0 -- cgit v1.2.1 From d905358e2be11cc3fe040036b1138e54be7f30dc Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Mon, 16 Sep 2013 05:20:27 +0200 Subject: [ticket/11700] Fix leftover backslashes in comments PHPBB3-11700 --- phpBB/phpbb/auth/provider/provider_interface.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 46245d34ca..31368a0286 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -77,7 +77,7 @@ interface provider_interface * options with whatever configuraton values are passed to it as an array. * It then returns the name of the acp file related to this authentication * provider. - * @param array $new_config Contains the new \configuration values that + * @param array $new_config Contains the new configuration values that * have been set in acp_board. * @return array|null Returns null if not implemented or an array with * the template file name and an array of the vars -- cgit v1.2.1 From 1d7f8f81935157867539d4c3991c5922afec8b55 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Tue, 17 Sep 2013 18:10:58 +0200 Subject: [ticket/11700] Get functional tests running after develop merge PHPBB3-11700 --- phpBB/phpbb/auth/provider/provider_interface.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 31368a0286..1bb209c821 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -134,7 +134,7 @@ interface provider_interface * * @param array $data An array corresponding to * \phpbb\session::data - * @param boolean $new_session True for a new \session, false for no new + * @param boolean $new_session True for a new session, false for no new * session. */ public function logout($data, $new_session); -- cgit v1.2.1 From 06e7c842357fd26104efba6b7a0465d7c05c4493 Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Thu, 19 Sep 2013 15:27:03 +0200 Subject: [ticket/11700] Fix some more incorrectly changed comments PHPBB3-11700 --- phpBB/phpbb/auth/provider/apache.php | 4 ++-- phpBB/phpbb/auth/provider/db.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index cd1330e7b0..5cbb63c4fc 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -204,8 +204,8 @@ class apache extends \phpbb\auth\provider\base * This function generates an array which can be passed to the user_add * function in order to create a user * - * @param string $username The username of the new \user. - * @param string $password The password of the new \user. + * @param string $username The username of the new user. + * @param string $password The password of the new user. * @return array Contains data that can be passed directly to * the user_add function. */ diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index a18fc258a4..4654e49fb5 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -241,7 +241,7 @@ class db extends \phpbb\auth\provider\base { $hash = phpbb_hash($password); - // Update the password in the users table to the new \format + // Update the password in the users table to the new format $sql = 'UPDATE ' . USERS_TABLE . " SET user_password = '" . $this->db->sql_escape($hash) . "', user_pass_convert = 0 -- cgit v1.2.1 From 356f3eef0760f85b947cbffbf87918544e0f6c9d Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Wed, 2 Oct 2013 13:28:38 +0200 Subject: [feature/passwords] Inject passwords manager into auth providers The passwords manager will replace the old method of using the functions phpbb_hash() and phpbb_check_hash(). PHPBB3-11610 --- phpBB/phpbb/auth/provider/apache.php | 13 +++++++++++-- phpBB/phpbb/auth/provider/db.php | 30 +++++++++++++++++++----------- phpBB/phpbb/auth/provider/ldap.php | 19 ++++++++++++++----- 3 files changed, 44 insertions(+), 18 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 5cbb63c4fc..f111672a23 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -24,20 +24,29 @@ if (!defined('IN_PHPBB')) */ class apache extends \phpbb\auth\provider\base { + /** + * phpBB passwords manager + * + * @var \phpbb\passwords\manager + */ + protected $passwords_manager; + /** * Apache Authentication Constructor * * @param \phpbb\db\driver\driver $db * @param \phpbb\config\config $config + * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request $request * @param \phpbb\user $user * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; + $this->passwords_manager = $passwords_manager; $this->request = $request; $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; @@ -228,7 +237,7 @@ class apache extends \phpbb\auth\provider\base // generate user account data return array( 'username' => $username, - 'user_password' => phpbb_hash($password), + 'user_password' => $this->passwords_manager->hash($password), 'user_email' => '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 4654e49fb5..de07a84cf5 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -26,21 +26,29 @@ if (!defined('IN_PHPBB')) */ class db extends \phpbb\auth\provider\base { + /** + * phpBB passwords manager + * + * @var \phpbb\passwords\manager + */ + protected $passwords_manager; /** * Database Authentication Constructor * - * @param \phpbb\db\driver\driver $db - * @param \phpbb\config\config $config - * @param \phpbb\request\request $request - * @param \phpbb\user $user - * @param string $phpbb_root_path - * @param string $php_ext + * @param \phpbb\db\driver\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\passwords\manager $passwords_manager + * @param \phpbb\request\request $request + * @param \phpbb\user $user + * @param string $phpbb_root_path + * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; + $this->passwords_manager = $passwords_manager; $this->request = $request; $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; @@ -199,10 +207,10 @@ class db extends \phpbb\auth\provider\base // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding // plain md5 support left in for conversions from other systems. - if ((strlen($row['user_password']) == 34 && (phpbb_check_hash(md5($password_old_format), $row['user_password']) || phpbb_check_hash(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) + if ((strlen($row['user_password']) == 34 && ($this->passwords_manager->check(md5($password_old_format), $row['user_password']) || $this->passwords_manager->check(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) { - $hash = phpbb_hash($password_new_format); + $hash = $this->passwords_manager->hash($password_new_format); // Update the password in the users table to the new format and remove user_pass_convert flag $sql = 'UPDATE ' . USERS_TABLE . ' @@ -234,12 +242,12 @@ class db extends \phpbb\auth\provider\base } // Check password ... - if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password'])) + if (!$row['user_pass_convert'] && $this->passwords_manager->check($password, $row['user_password'])) { // Check for old password hash... if (strlen($row['user_password']) == 32) { - $hash = phpbb_hash($password); + $hash = $this->passwords_manager->hash($password); // Update the password in the users table to the new format $sql = 'UPDATE ' . USERS_TABLE . " diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 9d29789567..1e4dffde5b 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -26,17 +26,26 @@ if (!defined('IN_PHPBB')) */ class ldap extends \phpbb\auth\provider\base { + /** + * phpBB passwords manager + * + * @var \phpbb\passwords\manager + */ + protected $passwords_manager; + /** * LDAP Authentication Constructor * - * @param \phpbb\db\driver\driver $db - * @param \phpbb\config\config $config - * @param \phpbb\user $user + * @param \phpbb\db\driver\driver $db + * @param \phpbb\config\config $config + * @param \phpbb\passwords\manager $passwords_manager + * @param \phpbb\user $user */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\user $user) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) { $this->db = $db; $this->config = $config; + $this->passwords_manager = $passwords_manager; $this->user = $user; } @@ -244,7 +253,7 @@ class ldap extends \phpbb\auth\provider\base // generate user account data $ldap_user_row = array( 'username' => $username, - 'user_password' => phpbb_hash($password), + 'user_password' => $this->passwords_manager->hash($password), 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, -- cgit v1.2.1 From d310c17c7ffc6c03ed483b9ee870bd4a0fcaa1ff Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 11 Oct 2013 14:51:42 +0200 Subject: [ticket/11908] Namespacify phpbb_auth_provider_oauth_service_exception. PHPBB3-11908 --- phpBB/phpbb/auth/provider/oauth/service/exception.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php index 23d3387951..0c6cba9fb8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/exception.php +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -7,6 +7,8 @@ * */ +namespace phpbb\auth\provider\oauth\service; + /** * @ignore */ @@ -20,6 +22,6 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_exception extends RuntimeException +class exception extends \RuntimeException { } -- cgit v1.2.1 From bb836b65e3c16fadf5c13510cce73daf432f7ad8 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 25 Oct 2013 15:21:09 +0200 Subject: [feature/passwords] Integrate convert_flag with db auth provider PHPBB3-11610 --- phpBB/phpbb/auth/provider/db.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index de07a84cf5..aa597c8e9f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -245,7 +245,7 @@ class db extends \phpbb\auth\provider\base if (!$row['user_pass_convert'] && $this->passwords_manager->check($password, $row['user_password'])) { // Check for old password hash... - if (strlen($row['user_password']) == 32) + if ($this->passwords_manager->convert_flag || strlen($row['user_password']) == 32) { $hash = $this->passwords_manager->hash($password); -- cgit v1.2.1 From 7f58a4572eaca75aecff2da889e67ea151616011 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 28 Oct 2013 22:27:25 +0100 Subject: [ticket/11981] Fix code sniffer complaints PHPBB3-11981 --- phpBB/phpbb/auth/provider/ldap.php | 1 - phpBB/phpbb/auth/provider/oauth/oauth.php | 12 ++++++------ phpBB/phpbb/auth/provider/oauth/token_storage.php | 4 ++-- 3 files changed, 8 insertions(+), 9 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 9d29789567..2123a587cb 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -97,7 +97,6 @@ class ldap extends \phpbb\auth\provider\base @ldap_close($ldap); - if (!is_array($result) || sizeof($result) < 2) { return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index de81ac0d04..5df56db00a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -179,7 +179,7 @@ class oauth extends \phpbb\auth\provider\base $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; - $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); + $service = $this->get_service($service_name_original, $storage, $service_credentials, $query, $this->service_providers[$service_name]->get_auth_scope()); if ($this->request->is_set('code', \phpbb\request\request_interface::GET)) { @@ -273,13 +273,13 @@ class oauth extends \phpbb\auth\provider\base * @param string $service_name The name of the service * @param \phpbb\auth\provider\oauth\token_storage $storage * @param array $service_credentials {@see \phpbb\auth\provider\oauth\oauth::get_service_credentials} - * @param array $scope The scope of the request against - * the api. * @param string $query The query string of the * current_uri used in redirection + * @param array $scope The scope of the request against + * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, \phpbb\auth\provider\oauth\token_storage $storage, array $service_credentials, array $scopes = array(), $query) + protected function get_service($service_name, \phpbb\auth\provider\oauth\token_storage $storage, array $service_credentials, $query, array $scopes = array()) { $current_uri = $this->get_current_uri($service_name, $query); @@ -458,7 +458,7 @@ class oauth extends \phpbb\auth\provider\base // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $query, $scopes); $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again @@ -491,7 +491,7 @@ class oauth extends \phpbb\auth\provider\base $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $query, $scopes); if ($this->request->is_set('code', \phpbb\request\request_interface::GET)) { diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 2ce0e32da3..cc912abf6d 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -78,7 +78,7 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken instanceOf TokenInterface) + if ($this->cachedToken instanceof TokenInterface) { return $this->cachedToken; } @@ -238,7 +238,7 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken instanceOf TokenInterface) { + if ($this->cachedToken instanceof TokenInterface) { return $this->cachedToken; } -- cgit v1.2.1 From 7aa8f6461f1e85cf91931f56b95384e54fec07c2 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Wed, 30 Oct 2013 13:05:28 +0100 Subject: [task/code-sniffer] Remove the IN_PHPBB check side-effect from class files. PHPBB3-11980 --- phpBB/phpbb/auth/provider/apache.php | 8 -------- phpBB/phpbb/auth/provider/base.php | 8 -------- phpBB/phpbb/auth/provider/db.php | 8 -------- phpBB/phpbb/auth/provider/ldap.php | 8 -------- phpBB/phpbb/auth/provider/oauth/oauth.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/base.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/exception.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/google.php | 8 -------- phpBB/phpbb/auth/provider/oauth/service/service_interface.php | 8 -------- phpBB/phpbb/auth/provider/oauth/token_storage.php | 8 -------- phpBB/phpbb/auth/provider/provider_interface.php | 8 -------- 13 files changed, 104 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 5cbb63c4fc..77bc976938 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Apache authentication provider for phpBB3 * diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 2222d8c1b6..78a3289356 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Base authentication provider class that all other providers should implement * diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 4654e49fb5..6ea04eab36 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Database authentication provider for phpBB3 * diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 2123a587cb..4ce43853bd 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Database authentication provider for phpBB3 * diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 5df56db00a..2749661269 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - use OAuth\Common\Consumer\Credentials; use OAuth\Common\Http\Uri\Uri; diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index 61deb48695..7a144d2f51 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Base OAuth abstract class that all OAuth services should implement * diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 47cf7ee380..b4050033a6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Bitly OAuth service * diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php index 0c6cba9fb8..3bc93be01e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/exception.php +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * OAuth service exception class * diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 4a4eeba6d5..2698be8b18 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Facebook OAuth service * diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 2449bbf523..08cb025c2d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * Google OAuth service * diff --git a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php index ab69fe6ef3..eee3a51cac 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth\service; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * OAuth service interface * diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index cc912abf6d..43574288dc 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider\oauth; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 1bb209c821..946731f52d 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -9,14 +9,6 @@ namespace phpbb\auth\provider; -/** -* @ignore -*/ -if (!defined('IN_PHPBB')) -{ - exit; -} - /** * The interface authentication provider classes have to implement. * -- cgit v1.2.1 From ac131a51592f5e45e5a555ae0ac04543d02f9c31 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sat, 28 Dec 2013 16:54:41 +0100 Subject: [feature/passwords] Fix indentation in auth providers PHPBB3-11610 --- phpBB/phpbb/auth/provider/apache.php | 2 +- phpBB/phpbb/auth/provider/ldap.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index f111672a23..9bd738c3e9 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -36,7 +36,7 @@ class apache extends \phpbb\auth\provider\base * * @param \phpbb\db\driver\driver $db * @param \phpbb\config\config $config - * @param \phpbb\passwords\manager $passwords_manager + * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request $request * @param \phpbb\user $user * @param string $phpbb_root_path diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 1e4dffde5b..00beeea21b 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -38,7 +38,7 @@ class ldap extends \phpbb\auth\provider\base * * @param \phpbb\db\driver\driver $db * @param \phpbb\config\config $config - * @param \phpbb\passwords\manager $passwords_manager + * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\user $user */ public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) -- cgit v1.2.1 From 2c9e6f196b12681e63afbe3f81c44fd6e2bde97a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 3 Feb 2014 15:29:43 +0100 Subject: [ticket/12156] Add missing passwords manager to oauth PHPBB3-12156 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2749661269..0128c89248 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -33,6 +33,13 @@ class oauth extends \phpbb\auth\provider\base */ protected $config; + /** + * phpBB passwords manager + * + * @var \phpbb\passwords\manager + */ + protected $passwords_manager; + /** * phpBB request object * @@ -101,6 +108,7 @@ class oauth extends \phpbb\auth\provider\base * * @param \phpbb\db\driver\driver $db * @param \phpbb\config\config $config + * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request_interface $request * @param \phpbb\user $user * @param string $auth_provider_oauth_token_storage_table @@ -110,10 +118,11 @@ class oauth extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; + $this->passwords_manager = $passwords_manager; $this->request = $request; $this->user = $user; $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; @@ -150,7 +159,7 @@ class oauth extends \phpbb\auth\provider\base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - $provider = new \phpbb\auth\provider\db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); + $provider = new \phpbb\auth\provider\db($this->db, $this->config, $this->passwords_manager, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); return $provider->login($username, $password); } -- cgit v1.2.1 From 11a9104b8a50cbc62cba0c242dee554b5209a327 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 17 Mar 2014 13:29:35 +0100 Subject: [ticket/12282] Use interface for type hinting PHPBB3-12282 --- phpBB/phpbb/auth/provider/apache.php | 4 ++-- phpBB/phpbb/auth/provider/db.php | 4 ++-- phpBB/phpbb/auth/provider/ldap.php | 4 ++-- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 +++--- 5 files changed, 12 insertions(+), 12 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 23cdc89829..6374f29d67 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -26,7 +26,7 @@ class apache extends \phpbb\auth\provider\base /** * Apache Authentication Constructor * - * @param \phpbb\db\driver\driver $db + * @param \phpbb\db\driver\driver_interface $db * @param \phpbb\config\config $config * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request $request @@ -34,7 +34,7 @@ class apache extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 6bbbc0be16..5adbf84d9f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -28,7 +28,7 @@ class db extends \phpbb\auth\provider\base /** * Database Authentication Constructor * - * @param \phpbb\db\driver\driver $db + * @param \phpbb\db\driver\driver_interface $db * @param \phpbb\config\config $config * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request $request @@ -36,7 +36,7 @@ class db extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index e92a227e16..3d3f1990eb 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -28,12 +28,12 @@ class ldap extends \phpbb\auth\provider\base /** * LDAP Authentication Constructor * - * @param \phpbb\db\driver\driver $db + * @param \phpbb\db\driver\driver_interface $db * @param \phpbb\config\config $config * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\user $user */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0128c89248..10d5cda5e3 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -22,7 +22,7 @@ class oauth extends \phpbb\auth\provider\base /** * Database driver * - * @var \phpbb\db\driver\driver + * @var \phpbb\db\driver\driver_interface */ protected $db; @@ -106,7 +106,7 @@ class oauth extends \phpbb\auth\provider\base /** * OAuth Authentication Constructor * - * @param \phpbb\db\driver\driver $db + * @param \phpbb\db\driver\driver_interface $db * @param \phpbb\config\config $config * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request_interface $request @@ -118,7 +118,7 @@ class oauth extends \phpbb\auth\provider\base * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 43574288dc..d32a03be0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -26,7 +26,7 @@ class token_storage implements TokenStorageInterface /** * Cache driver. * - * @var \phpbb\db\driver\driver + * @var \phpbb\db\driver\driver_interface */ protected $db; @@ -52,11 +52,11 @@ class token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param \phpbb\db\driver\driver $db + * @param \phpbb\db\driver\driver_interface $db * @param \phpbb\user $user * @param string $auth_provider_oauth_table */ - public function __construct(\phpbb\db\driver\driver $db, \phpbb\user $user, $auth_provider_oauth_table) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; -- cgit v1.2.1 From a759704b39fc1c1353f865a633759b1369589b67 Mon Sep 17 00:00:00 2001 From: Yuriy Rusko Date: Tue, 27 May 2014 20:18:06 +0200 Subject: [ticket/12594] Remove @package tags and update file headers PHPBB3-12594 --- phpBB/phpbb/auth/provider/apache.php | 16 +++++++++------- phpBB/phpbb/auth/provider/base.php | 12 +++++++----- phpBB/phpbb/auth/provider/db.php | 13 +++++++------ phpBB/phpbb/auth/provider/ldap.php | 13 +++++++------ phpBB/phpbb/auth/provider/oauth/oauth.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/service/base.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/service/exception.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/service/google.php | 12 +++++++----- .../auth/provider/oauth/service/service_interface.php | 12 +++++++----- phpBB/phpbb/auth/provider/oauth/token_storage.php | 12 +++++++----- phpBB/phpbb/auth/provider/provider_interface.php | 16 +++++++++------- 13 files changed, 95 insertions(+), 71 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 6374f29d67..4f44efe9af 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -1,19 +1,21 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ namespace phpbb\auth\provider; /** - * Apache authentication provider for phpBB3 - * - * @package auth - */ +* Apache authentication provider for phpBB3 +*/ class apache extends \phpbb\auth\provider\base { /** diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 78a3289356..4c49070eaf 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider; /** * Base authentication provider class that all other providers should implement -* -* @package auth */ abstract class base implements \phpbb\auth\provider\provider_interface { diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 5adbf84d9f..3be1d3873f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,10 +15,7 @@ namespace phpbb\auth\provider; /** * Database authentication provider for phpBB3 - * * This is for authentication via the integrated user table - * - * @package auth */ class db extends \phpbb\auth\provider\base { diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 3d3f1990eb..e7764b754b 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,10 +15,7 @@ namespace phpbb\auth\provider; /** * Database authentication provider for phpBB3 - * * This is for authentication via the integrated user table - * - * @package auth */ class ldap extends \phpbb\auth\provider\base { diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 10d5cda5e3..2230ce15d1 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -14,8 +18,6 @@ use OAuth\Common\Http\Uri\Uri; /** * OAuth authentication provider for phpBB3 -* -* @package auth */ class oauth extends \phpbb\auth\provider\base { diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index 7a144d2f51..6adf64aa30 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * Base OAuth abstract class that all OAuth services should implement -* -* @package auth */ abstract class base implements \phpbb\auth\provider\oauth\service\service_interface { diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index b4050033a6..25e731a02c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * Bitly OAuth service -* -* @package auth */ class bitly extends \phpbb\auth\provider\oauth\service\base { diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php index 3bc93be01e..d3e95bef0d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/exception.php +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * OAuth service exception class -* -* @package auth */ class exception extends \RuntimeException { diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 2698be8b18..31060c4ac4 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * Facebook OAuth service -* -* @package auth */ class facebook extends base { diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 08cb025c2d..c2d9e1f798 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * Google OAuth service -* -* @package auth */ class google extends base { diff --git a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php index eee3a51cac..3744582b95 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\auth\provider\oauth\service; /** * OAuth service interface -* -* @package auth */ interface service_interface { diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index d32a03be0a..b7d32bf246 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -1,9 +1,13 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -18,8 +22,6 @@ use OAuth\Common\Storage\Exception\TokenNotFoundException; /** * OAuth storage wrapper for phpbb's cache -* -* @package auth */ class token_storage implements TokenStorageInterface { diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 946731f52d..140353c88b 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -1,19 +1,21 @@ +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ namespace phpbb\auth\provider; /** - * The interface authentication provider classes have to implement. - * - * @package auth - */ +* The interface authentication provider classes have to implement. +*/ interface provider_interface { /** -- cgit v1.2.1 From ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 1 May 2014 14:23:39 +0200 Subject: [ticket/12352] Revert to db auth provider if default does not exist This will make sure that we will not encounter a non-existing auth provider. We will revert to the default db auth provider if the one set in the config does not exist in our auth provider collection. PHPBB3-12352 --- phpBB/phpbb/auth/provider/db.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 3be1d3873f..d5a6b0452a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -201,7 +201,8 @@ class db extends \phpbb\auth\provider\base // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding // plain md5 support left in for conversions from other systems. if ((strlen($row['user_password']) == 34 && ($this->passwords_manager->check(md5($password_old_format), $row['user_password']) || $this->passwords_manager->check(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) - || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) + || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])) + || ($this->passwords_manager->check($password_old_format, $row['user_password']) || $this->passwords_manager->check($password_new_format, $row['user_password']))) { $hash = $this->passwords_manager->hash($password_new_format); -- cgit v1.2.1 From 60cb648ab0bd3cba627f9f1c020ace613e18f3d5 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 26 May 2014 13:26:46 +0200 Subject: [ticket/12352] Remove code for converting passwords in db auth provider PHPBB3-12352 --- phpBB/phpbb/auth/provider/db.php | 67 +--------------------------------------- 1 file changed, 1 insertion(+), 66 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index d5a6b0452a..7307a697ae 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -170,73 +170,8 @@ class db extends \phpbb\auth\provider\base } - // If the password convert flag is set we need to convert it - if ($row['user_pass_convert']) - { - // enable super globals to get literal value - // this is needed to prevent unicode normalization - $super_globals_disabled = $this->request->super_globals_disabled(); - if ($super_globals_disabled) - { - $this->request->enable_super_globals(); - } - - // in phpBB2 passwords were used exactly as they were sent, with addslashes applied - $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; - $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; - $password_new_format = $this->request->variable('password', '', true); - - if ($super_globals_disabled) - { - $this->request->disable_super_globals(); - } - - if ($password == $password_new_format) - { - if (!function_exists('utf8_to_cp1252')) - { - include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext); - } - - // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding - // plain md5 support left in for conversions from other systems. - if ((strlen($row['user_password']) == 34 && ($this->passwords_manager->check(md5($password_old_format), $row['user_password']) || $this->passwords_manager->check(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) - || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])) - || ($this->passwords_manager->check($password_old_format, $row['user_password']) || $this->passwords_manager->check($password_new_format, $row['user_password']))) - { - $hash = $this->passwords_manager->hash($password_new_format); - - // Update the password in the users table to the new format and remove user_pass_convert flag - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_password = \'' . $this->db->sql_escape($hash) . '\', - user_pass_convert = 0 - WHERE user_id = ' . $row['user_id']; - $this->db->sql_query($sql); - - $row['user_pass_convert'] = 0; - $row['user_password'] = $hash; - } - else - { - // Although we weren't able to convert this password we have to - // increase login attempt count to make sure this cannot be exploited - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_login_attempts = user_login_attempts + 1 - WHERE user_id = ' . (int) $row['user_id'] . ' - AND user_login_attempts < ' . LOGIN_ATTEMPTS_MAX; - $this->db->sql_query($sql); - - return array( - 'status' => LOGIN_ERROR_PASSWORD_CONVERT, - 'error_msg' => 'LOGIN_ERROR_PASSWORD_CONVERT', - 'user_row' => $row, - ); - } - } - } - // Check password ... - if (!$row['user_pass_convert'] && $this->passwords_manager->check($password, $row['user_password'])) + if ($this->passwords_manager->check($password, $row['user_password'])) { // Check for old password hash... if ($this->passwords_manager->convert_flag || strlen($row['user_password']) == 32) -- cgit v1.2.1 From 4698f6928e44a24a7a10ff8b4fed2c1a24cab338 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 30 May 2014 23:00:57 +0200 Subject: [ticket/12352] Remove usages of user_pass_convert column PHPBB3-12352 --- phpBB/phpbb/auth/provider/db.php | 5 ++--- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 7307a697ae..142a47247f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -78,7 +78,7 @@ class db extends \phpbb\auth\provider\base $username_clean = utf8_clean_string($username); - $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . " WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'"; $result = $this->db->sql_query($sql); @@ -180,8 +180,7 @@ class db extends \phpbb\auth\provider\base // Update the password in the users table to the new format $sql = 'UPDATE ' . USERS_TABLE . " - SET user_password = '" . $this->db->sql_escape($hash) . "', - user_pass_convert = 0 + SET user_password = '" . $this->db->sql_escape($hash) . "' WHERE user_id = {$row['user_id']}"; $this->db->sql_query($sql); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2230ce15d1..07430bb42a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -215,7 +215,7 @@ class oauth extends \phpbb\auth\provider\base } // Retrieve the user's account - $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . $this->users_table . ' WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); -- cgit v1.2.1 From 7c5141842081e7f9031cb3063089d2d03a30a0fe Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Sun, 15 Jun 2014 16:10:55 +0200 Subject: [ticket/12716] Add the missing parameters in the call of clearToken PHPBB3-12716 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b7d32bf246..613d9565e5 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -265,7 +265,7 @@ class token_storage implements TokenStorageInterface // Ensure that the token was serialized/unserialized correctly if (!($token instanceof TokenInterface)) { - $this->clearToken(); + $this->clearToken($data['provider']); throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } -- cgit v1.2.1 From d7b9e33b94ecaa7f1a00630de9149b75a5985268 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Sat, 14 Jun 2014 16:42:49 +0200 Subject: [ticket/12715] Cleanup comments in \phpbb\auth\provider\* PHPBB3-12715 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 ++++------ phpBB/phpbb/auth/provider/oauth/service/facebook.php | 8 ++++---- phpBB/phpbb/auth/provider/oauth/service/google.php | 8 ++++---- phpBB/phpbb/auth/provider/oauth/service/service_interface.php | 2 +- phpBB/phpbb/auth/provider/oauth/token_storage.php | 3 ++- phpBB/phpbb/auth/provider/provider_interface.php | 2 +- 6 files changed, 16 insertions(+), 17 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 07430bb42a..7b71e3c844 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -14,7 +14,6 @@ namespace phpbb\auth\provider\oauth; use OAuth\Common\Consumer\Credentials; -use OAuth\Common\Http\Uri\Uri; /** * OAuth authentication provider for phpBB3 @@ -224,7 +223,7 @@ class oauth extends \phpbb\auth\provider\base if (!$row) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY'); + throw new \Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY'); } // Update token storage to store the user_id @@ -278,9 +277,10 @@ class oauth extends \phpbb\auth\provider\base * @param array $service_credentials {@see \phpbb\auth\provider\oauth\oauth::get_service_credentials} * @param string $query The query string of the * current_uri used in redirection - * @param array $scope The scope of the request against + * @param array $scopes The scope of the request against * the api. * @return \OAuth\Common\Service\ServiceInterface + * @throws \Exception */ protected function get_service($service_name, \phpbb\auth\provider\oauth\token_storage $storage, array $service_credentials, $query, array $scopes = array()) { @@ -298,7 +298,7 @@ class oauth extends \phpbb\auth\provider\base if (!$service) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED'); + throw new \Exception('AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED'); } return $service; @@ -617,7 +617,5 @@ class oauth extends \phpbb\auth\provider\base $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); $storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearToken($service_name); - - return; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 31060c4ac4..bb98835e07 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -21,22 +21,22 @@ class facebook extends base /** * phpBB config * - * @var phpbb\config\config + * @var \phpbb\config\config */ protected $config; /** * phpBB request * - * @var phpbb\request\request_interface + * @var \phpbb\request\request_interface */ protected $request; /** * Constructor * - * @param phpbb\config\config $config - * @param phpbb\request\request_interface $request + * @param \phpbb\config\config $config + * @param \phpbb\request\request_interface $request */ public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) { diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index c2d9e1f798..cb9f83a94f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -21,22 +21,22 @@ class google extends base /** * phpBB config * - * @var phpbb\config\config + * @var \phpbb\config\config */ protected $config; /** * phpBB request * - * @var phpbb\request\request_interface + * @var \phpbb\request\request_interface */ protected $request; /** * Constructor * - * @param phpbb\config\config $config - * @param phpbb\request\request_interface $request + * @param \phpbb\config\config $config + * @param \phpbb\request\request_interface $request */ public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) { diff --git a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php index 3744582b95..e84eb247b6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/service_interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/service_interface.php @@ -67,7 +67,7 @@ interface service_interface /** * Sets the external library service provider * - * @param \OAuth\Common\Service\ServiceInterface $service + * @param \OAuth\Common\Service\ServiceInterface $service_provider */ public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b7d32bf246..fe1a376cfe 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -17,7 +17,6 @@ namespace phpbb\auth\provider\oauth; use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; use OAuth\Common\Storage\TokenStorageInterface; -use OAuth\Common\Storage\Exception\StorageException; use OAuth\Common\Storage\Exception\TokenNotFoundException; /** @@ -198,6 +197,7 @@ class token_storage implements TokenStorageInterface /** * Checks to see if an access token exists solely by the session_id of the user * + * @param string $service The name of the OAuth service * @return bool true if they have token, false if they don't */ public function has_access_token_by_session($service) @@ -250,6 +250,7 @@ class token_storage implements TokenStorageInterface * * @param array $data * @return mixed + * @throws \OAuth\Common\Storage\Exception\TokenNotFoundException */ protected function _retrieve_access_token($data) { diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 140353c88b..613297cefc 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -148,7 +148,7 @@ interface provider_interface * user_id of an account needed to successfully link an external account to * a forum account. * - * @param array $link_data Any data needed to link a phpBB account to + * @param array $login_link_data Any data needed to link a phpBB account to * an external account. * @return string|null Returns a string with a language constant if there * is data missing or null if there is no error. -- cgit v1.2.1 From ffcf45abf32fc1343fe1d4edfd15828782ab4832 Mon Sep 17 00:00:00 2001 From: n-aleha Date: Mon, 19 May 2014 03:07:32 +0300 Subject: [ticket/12557] Fix doc block errors found by Sami pt1 PHPBB3-12557 --- phpBB/phpbb/auth/provider/apache.php | 14 +++++++------- phpBB/phpbb/auth/provider/ldap.php | 8 ++++---- 2 files changed, 11 insertions(+), 11 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 4f44efe9af..6bba38065d 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -28,13 +28,13 @@ class apache extends \phpbb\auth\provider\base /** * Apache Authentication Constructor * - * @param \phpbb\db\driver\driver_interface $db - * @param \phpbb\config\config $config - * @param \phpbb\passwords\manager $passwords_manager - * @param \phpbb\request\request $request - * @param \phpbb\user $user - * @param string $phpbb_root_path - * @param string $php_ext + * @param \phpbb\db\driver\driver_interface $db Database object + * @param \phpbb\config\config $config Config object + * @param \phpbb\passwords\manager $passwords_manager Passwords Manager object + * @param \phpbb\request\request $request Request object + * @param \phpbb\user $user User object + * @param string $phpbb_root_path Relative path to phpBB root + * @param string $php_ext PHP extension (php) */ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index e7764b754b..56dc917593 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -29,10 +29,10 @@ class ldap extends \phpbb\auth\provider\base /** * LDAP Authentication Constructor * - * @param \phpbb\db\driver\driver_interface $db - * @param \phpbb\config\config $config - * @param \phpbb\passwords\manager $passwords_manager - * @param \phpbb\user $user + * @param \phpbb\db\driver\driver_interface $db Database object + * @param \phpbb\config\config $config Config object + * @param \phpbb\passwords\manager $passwords_manager Passwords manager object + * @param \phpbb\user $user User object */ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) { -- cgit v1.2.1 From 6ac8d17af66900c87b4524c92e0cc26535ded7b0 Mon Sep 17 00:00:00 2001 From: n-aleha Date: Tue, 20 May 2014 18:58:42 +0300 Subject: [ticket/12557] Fix doc block errors found by Sami More corrections. PHPBB3-12557 --- phpBB/phpbb/auth/provider/apache.php | 12 ++++++------ phpBB/phpbb/auth/provider/ldap.php | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 6bba38065d..4ce9515763 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -28,13 +28,13 @@ class apache extends \phpbb\auth\provider\base /** * Apache Authentication Constructor * - * @param \phpbb\db\driver\driver_interface $db Database object - * @param \phpbb\config\config $config Config object + * @param \phpbb\db\driver\driver_interface $db Database object + * @param \phpbb\config\config $config Config object * @param \phpbb\passwords\manager $passwords_manager Passwords Manager object - * @param \phpbb\request\request $request Request object - * @param \phpbb\user $user User object - * @param string $phpbb_root_path Relative path to phpBB root - * @param string $php_ext PHP extension (php) + * @param \phpbb\request\request $request Request object + * @param \phpbb\user $user User object + * @param string $phpbb_root_path Relative path to phpBB root + * @param string $php_ext PHP extension (php) */ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 56dc917593..d32e7504eb 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -29,10 +29,10 @@ class ldap extends \phpbb\auth\provider\base /** * LDAP Authentication Constructor * - * @param \phpbb\db\driver\driver_interface $db Database object - * @param \phpbb\config\config $config Config object + * @param \phpbb\db\driver\driver_interface $db Database object + * @param \phpbb\config\config $config Config object * @param \phpbb\passwords\manager $passwords_manager Passwords manager object - * @param \phpbb\user $user User object + * @param \phpbb\user $user User object */ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) { -- cgit v1.2.1 From 80067467805d4b1664777cf3553c39fc32cfdb65 Mon Sep 17 00:00:00 2001 From: n-aleha Date: Thu, 7 Aug 2014 13:19:49 +0300 Subject: [ticket/12557] Fix php file description PHPBB3-12557 --- phpBB/phpbb/auth/provider/apache.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 4ce9515763..9137a77210 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -34,7 +34,7 @@ class apache extends \phpbb\auth\provider\base * @param \phpbb\request\request $request Request object * @param \phpbb\user $user User object * @param string $phpbb_root_path Relative path to phpBB root - * @param string $php_ext PHP extension (php) + * @param string $php_ext PHP file extension */ public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) { -- cgit v1.2.1 From 160ff7b912243dc14d871b820213ddcd20dd06f4 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Fri, 8 Aug 2014 18:02:03 +0200 Subject: [ticket/11854] Move captcha stuff to phpbb/ and use DI for plugins PHPBB3-11854 --- phpBB/phpbb/auth/provider/db.php | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 142a47247f..cb7a2f8b1a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -146,13 +146,7 @@ class db extends \phpbb\auth\provider\base // Every auth module is able to define what to do by itself... if ($show_captcha) { - // Visual Confirmation handling - if (!class_exists('phpbb_captcha_factory', false)) - { - include ($this->phpbb_root_path . 'includes/captcha/captcha_factory.' . $this->php_ext); - } - - $captcha = \phpbb_captcha_factory::get_instance($this->config['captcha_plugin']); + $captcha = $this->captchas_manager->get_instance($this->config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); $vc_response = $captcha->validate($row); if ($vc_response) -- cgit v1.2.1 From 2cbcf4bcbf5ece84fcfef8848233421f386972f3 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Sun, 10 Aug 2014 14:57:50 +0200 Subject: [ticket/11854] Fix the factory in \phpbb\auth\provider\db PHPBB3-11854 --- phpBB/phpbb/auth/provider/db.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index cb7a2f8b1a..722eeffa9a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -26,6 +26,13 @@ class db extends \phpbb\auth\provider\base */ protected $passwords_manager; + /** + * DI container + * + * @var \Symfony\Component\DependencyInjection\ContainerInterface + */ + protected $phpbb_container; + /** * Database Authentication Constructor * @@ -34,10 +41,11 @@ class db extends \phpbb\auth\provider\base * @param \phpbb\passwords\manager $passwords_manager * @param \phpbb\request\request $request * @param \phpbb\user $user + * @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -46,6 +54,7 @@ class db extends \phpbb\auth\provider\base $this->user = $user; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; + $this->phpbb_container = $phpbb_container; } /** @@ -146,7 +155,8 @@ class db extends \phpbb\auth\provider\base // Every auth module is able to define what to do by itself... if ($show_captcha) { - $captcha = $this->captchas_manager->get_instance($this->config['captcha_plugin']); + $captcha_factory = $this->phpbb_container->get('captcha.factory'); + $captcha = $captcha_factory->get_instance($this->config['captcha_plugin']); $captcha->init(CONFIRM_LOGIN); $vc_response = $captcha->validate($row); if ($vc_response) -- cgit v1.2.1 From e31aafb393fe74d69a72987608b71a9232295a05 Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 12 Aug 2014 14:39:09 +0200 Subject: [ticket/12975] Fix the construction of phpbb\auth\provider\db for Oauth PHPBB3-12975 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 7b71e3c844..902c6ae84c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -90,6 +90,13 @@ class oauth extends \phpbb\auth\provider\base */ protected $current_uri; + /** + * DI container + * + * @var \Symfony\Component\DependencyInjection\ContainerInterface + */ + protected $phpbb_container; + /** * phpBB root path * @@ -116,10 +123,11 @@ class oauth extends \phpbb\auth\provider\base * @param string $auth_provider_oauth_token_account_assoc * @param \phpbb\di\service_collection $service_providers Contains \phpbb\auth\provider\oauth\service_interface * @param string $users_table + * @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -130,6 +138,7 @@ class oauth extends \phpbb\auth\provider\base $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->users_table = $users_table; + $this->phpbb_container = $phpbb_container; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; } @@ -160,7 +169,7 @@ class oauth extends \phpbb\auth\provider\base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - $provider = new \phpbb\auth\provider\db($this->db, $this->config, $this->passwords_manager, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); + $provider = new \phpbb\auth\provider\db($this->db, $this->config, $this->passwords_manager, $this->request, $this->user, $this->phpbb_container, $this->phpbb_root_path, $this->php_ext); return $provider->login($username, $password); } -- cgit v1.2.1 From 7313cc777e92883d1c5c6cf26d5dbd6748d8e106 Mon Sep 17 00:00:00 2001 From: n-aleha Date: Sun, 21 Sep 2014 00:16:36 +0300 Subject: [ticket/13085] Fix typo in oauth.php PHPBB3-13085 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 902c6ae84c..c0ce3f1fba 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -105,7 +105,7 @@ class oauth extends \phpbb\auth\provider\base protected $phpbb_root_path; /** - * PHP extenstion + * PHP file extension * * @var string */ -- cgit v1.2.1 From 086883167507ced565fa2803f10a3b3ae6664595 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sat, 25 Oct 2014 21:47:18 -0700 Subject: [ticket/13204] Tell user that password was incorrect when exceeding attempts At the end of the login method, the captcha was entered correctly and only the password was incorrect. Therefore, just tell the user that the password was incorrect. He will see that he still needs to enter a captcha. PHPBB3-13204 --- phpBB/phpbb/auth/provider/db.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 722eeffa9a..6b6e84bb2f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -232,7 +232,7 @@ class db extends \phpbb\auth\provider\base // Give status about wrong password... return array( 'status' => ($show_captcha) ? LOGIN_ERROR_ATTEMPTS : LOGIN_ERROR_PASSWORD, - 'error_msg' => ($show_captcha) ? 'LOGIN_ERROR_ATTEMPTS' : 'LOGIN_ERROR_PASSWORD', + 'error_msg' => 'LOGIN_ERROR_PASSWORD', 'user_row' => $row, ); } -- cgit v1.2.1 From c4628bd92a509615621ad0b939bfd5fbf2e2aa18 Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Sun, 9 Nov 2014 01:37:28 +0100 Subject: [ticket/13301] Fix called function in apche auth module PHPBB3-13301 --- phpBB/phpbb/auth/provider/apache.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index 9137a77210..aa5bf64335 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -137,7 +137,7 @@ class apache extends \phpbb\auth\provider\base return array( 'status' => LOGIN_SUCCESS_CREATE_PROFILE, 'error_msg' => false, - 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), + 'user_row' => $this->user_row($php_auth_user, $php_auth_pw), ); } @@ -185,7 +185,7 @@ class apache extends \phpbb\auth\provider\base } // create the user if he does not exist yet - user_add(user_row_apache($php_auth_user, $php_auth_pw)); + user_add($this->user_row($php_auth_user, $php_auth_pw)); $sql = 'SELECT * FROM ' . USERS_TABLE . " -- cgit v1.2.1 From 040fc6dd0feea73d71ca73cc69ecfb55b996b769 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 11 Nov 2014 19:02:01 +0100 Subject: [ticket/13332] Pass user row to passwords manager check method PHPBB3-13332 --- phpBB/phpbb/auth/provider/db.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 722eeffa9a..1281cb0715 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -87,7 +87,7 @@ class db extends \phpbb\auth\provider\base $username_clean = utf8_clean_string($username); - $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts + $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'"; $result = $this->db->sql_query($sql); @@ -175,7 +175,7 @@ class db extends \phpbb\auth\provider\base } // Check password ... - if ($this->passwords_manager->check($password, $row['user_password'])) + if ($this->passwords_manager->check($password, $row['user_password'], $row)) { // Check for old password hash... if ($this->passwords_manager->convert_flag || strlen($row['user_password']) == 32) -- cgit v1.2.1 From 91f7d53d8e1a03b72e436958bbe8decbb4972428 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 11 Nov 2014 19:02:20 +0100 Subject: [ticket/13332] Remove useless $result assignment PHPBB3-13332 --- phpBB/phpbb/auth/provider/db.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 1281cb0715..ba67c11e75 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -123,7 +123,7 @@ class db extends \phpbb\auth\provider\base 'username_clean' => $username_clean, ); $sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $this->db->sql_build_array('INSERT', $attempt_data); - $result = $this->db->sql_query($sql); + $this->db->sql_query($sql); } else { -- cgit v1.2.1 From 71d3ddc623876ea368c30498b9908b8b58573011 Mon Sep 17 00:00:00 2001 From: Cesar G Date: Thu, 19 Feb 2015 18:38:35 -0800 Subject: [ticket/13551] Fix incorrectly named template variable: AUTH_LDAP_DN PHPBB3-13551 --- phpBB/phpbb/auth/provider/ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index d32e7504eb..c71950c698 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -306,7 +306,7 @@ class ldap extends \phpbb\auth\provider\base return array( 'TEMPLATE_FILE' => 'auth_provider_ldap.html', 'TEMPLATE_VARS' => array( - 'AUTH_LDAP_DN' => $new_config['ldap_base_dn'], + 'AUTH_LDAP_BASE_DN' => $new_config['ldap_base_dn'], 'AUTH_LDAP_EMAIL' => $new_config['ldap_email'], 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'], 'AUTH_LDAP_PORT' => $new_config['ldap_port'], -- cgit v1.2.1 From ca883f119614bf636802320e60822e1ed4992f2e Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 3 Feb 2015 14:42:42 +0100 Subject: [ticket/13564] Allow to specify user id for retrieving auth link data PHPBB3-13564 --- phpBB/phpbb/auth/provider/base.php | 2 +- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++-- phpBB/phpbb/auth/provider/provider_interface.php | 6 +++++- 3 files changed, 8 insertions(+), 4 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 4c49070eaf..dea27ccc25 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -61,7 +61,7 @@ abstract class base implements \phpbb\auth\provider\provider_interface /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { return; } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c0ce3f1fba..9fc3a107e6 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -553,13 +553,13 @@ class oauth extends \phpbb\auth\provider\base /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { $block_vars = array(); // Get all external accounts tied to the current user $data = array( - 'user_id' => (int) $this->user->data['user_id'], + 'user_id' => ($user_id <= 0) ? (int) $this->user->data['user_id'] : (int) $user_id, ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 613297cefc..35e0f559a1 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -166,6 +166,10 @@ interface provider_interface /** * Returns an array of data necessary to build the ucp_auth_link page * + * @param int $user_id User ID for whom the data should be retrieved. + * defaults to 0, which is not a valid ID. The method + * should fall back to the current user's ID in this + * case. * @return array|null If this function is not implemented on an auth * provider then it returns null. If it is implemented * it will return an array of up to four elements of @@ -181,7 +185,7 @@ interface provider_interface * 'VARS' => array(...), * ) */ - public function get_auth_link_data(); + public function get_auth_link_data($user_id = 0); /** * Unlinks an external account from a phpBB account. -- cgit v1.2.1 From 4d7cb7ca737195f42141c3939b9515cb3edd8b9b Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Tue, 3 Feb 2015 14:44:01 +0100 Subject: [ticket/13564] Use user_id from link_data for unlinking account in oauth PHPBB3-13564 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9fc3a107e6..be0fbf5831 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -616,10 +616,13 @@ class oauth extends \phpbb\auth\provider\base return 'LOGIN_LINK_MISSING_DATA'; } + // Remove user specified in $link_data if possible + $user_id = isset($link_data['user_id']) ? $link_data['user_id'] : $this->user->data['user_id']; + // Remove the link $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . " WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "' - AND user_id = " . (int) $this->user->data['user_id']; + AND user_id = " . (int) $user_id; $this->db->sql_query($sql); // Clear all tokens belonging to the user on this servce -- cgit v1.2.1 From 62e13e945c475c416c4fb9deff8f234d3508a598 Mon Sep 17 00:00:00 2001 From: Nicofuma Date: Thu, 14 May 2015 13:32:25 +0200 Subject: [ticket/13838] Fix coding style PHPBB3-13838 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 023cf402ca..f488c2022d 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -117,7 +117,8 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken) { + if ($this->cachedToken) + { return true; } @@ -232,7 +233,8 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken instanceof TokenInterface) { + if ($this->cachedToken instanceof TokenInterface) + { return $this->cachedToken; } -- cgit v1.2.1 From a462f14aa367e9b8f94c4d2da35458353bad8c0f Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Tue, 28 Apr 2015 01:01:09 +0200 Subject: [ticket/13790] Update phpcs PHPBB3-13790 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 023cf402ca..60b549f3a2 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -13,7 +13,6 @@ namespace phpbb\auth\provider\oauth; - use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; use OAuth\Common\Storage\TokenStorageInterface; -- cgit v1.2.1 From 78b0c938a25316be1228c3e8117ef7dd859821d7 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 4 Jun 2015 14:29:03 +0200 Subject: [ticket/sec-184] Do not output LDAP password to HTML SECURITY-184 --- phpBB/phpbb/auth/provider/ldap.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index c71950c698..c48b771ab0 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -289,7 +289,6 @@ class ldap extends \phpbb\auth\provider\base /** * {@inheritdoc} */ - public function acp() { // These are fields required in the config table @@ -308,7 +307,7 @@ class ldap extends \phpbb\auth\provider\base 'TEMPLATE_VARS' => array( 'AUTH_LDAP_BASE_DN' => $new_config['ldap_base_dn'], 'AUTH_LDAP_EMAIL' => $new_config['ldap_email'], - 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'], + 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'] !== '' ? '********' : '', 'AUTH_LDAP_PORT' => $new_config['ldap_port'], 'AUTH_LDAP_SERVER' => $new_config['ldap_server'], 'AUTH_LDAP_UID' => $new_config['ldap_uid'], -- cgit v1.2.1 From accf8f8625ca1c730ee0bb09e1ecc44526c124d3 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 15 Feb 2016 21:40:52 +0100 Subject: [ticket/14481] Respect HTTP_X_FORWARDED headers for implying https PHPBB3-14481 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index be0fbf5831..9f6345fbba 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -271,7 +271,13 @@ class oauth extends \phpbb\auth\provider\base } $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(\phpbb\request\request_interface::SERVER)); + $super_globals = $this->request->get_super_global(\phpbb\request\request_interface::SERVER); + if (!empty($super_globals['HTTP_X_FORWARDED_PROTO']) && $super_globals['HTTP_X_FORWARDED_PROTO'] === 'https') + { + $super_globals['HTTPS'] = 'on'; + $super_globals['SERVER_PORT'] = 443; + } + $current_uri = $uri_factory->createFromSuperGlobalArray($super_globals); $current_uri->setQuery($query); $this->current_uri = $current_uri; -- cgit v1.2.1 From df0388ccc5b24cfb67078dd2fa8cb2fc4f607dac Mon Sep 17 00:00:00 2001 From: Jakub Senko Date: Mon, 17 Oct 2016 13:15:57 +0200 Subject: [ticket/14825] Add core.auth_oauth_(login/link)_after PHPBB3-14825 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 35 ++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'phpBB/phpbb/auth/provider') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9f6345fbba..bd2a414033 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -97,6 +97,13 @@ class oauth extends \phpbb\auth\provider\base */ protected $phpbb_container; + /** + * phpBB event dispatcher + * + * @var \phpbb\event\dispatcher_interface + */ + protected $dispatcher; + /** * phpBB root path * @@ -124,10 +131,11 @@ class oauth extends \phpbb\auth\provider\base * @param \phpbb\di\service_collection $service_providers Contains \phpbb\auth\provider\oauth\service_interface * @param string $users_table * @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container + * @param \phpbb\event\dispatcher_interface $dispatcher phpBB event dispatcher * @param string $phpbb_root_path * @param string $php_ext */ - public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) + public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request_interface $request, \phpbb\user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, \phpbb\di\service_collection $service_providers, $users_table, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, \phpbb\event\dispatcher_interface $dispatcher, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -139,6 +147,7 @@ class oauth extends \phpbb\auth\provider\base $this->service_providers = $service_providers; $this->users_table = $users_table; $this->phpbb_container = $phpbb_container; + $this->dispatcher = $dispatcher; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; } @@ -238,6 +247,18 @@ class oauth extends \phpbb\auth\provider\base // Update token storage to store the user_id $storage->set_user_id($row['user_id']); + /** + * Event is triggered after user is successfuly logged in via OAuth. + * + * @event core.auth_oauth_login_after + * @var array row User row + * @since 3.1.11-RC1 + */ + $vars = array( + 'row', + ); + extract($this->dispatcher->trigger_event('core.auth_oauth_login_after', compact($vars))); + // The user is now authenticated and can be logged in return array( 'status' => LOGIN_SUCCESS, @@ -542,6 +563,18 @@ class oauth extends \phpbb\auth\provider\base $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); + + /** + * Event is triggered after user links account. + * + * @event core.auth_oauth_link_after + * @var array data User row + * @since 3.1.11-RC1 + */ + $vars = array( + 'data', + ); + extract($this->dispatcher->trigger_event('core.auth_oauth_link_after', compact($vars))); } /** -- cgit v1.2.1