From 3254f7c02bc34d962705e94cea528969441d4b11 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 12 Jul 2013 16:22:58 -0400 Subject: [feature/oauth] Include OAuth library in composer.json PHPBB3-11673 --- phpBB/composer.json | 1 + phpBB/composer.lock | 70 ++++++++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 59 insertions(+), 12 deletions(-) (limited to 'phpBB') diff --git a/phpBB/composer.json b/phpBB/composer.json index bf693d1950..20fe42735b 100644 --- a/phpBB/composer.json +++ b/phpBB/composer.json @@ -1,6 +1,7 @@ { "minimum-stability": "beta", "require": { + "lusitanian/oauth": "0.1.*@dev", "symfony/config": "2.1.*", "symfony/dependency-injection": "2.1.*", "symfony/event-dispatcher": "2.1.*", diff --git a/phpBB/composer.lock b/phpBB/composer.lock index 1ba6cb6f83..4bd73be2fe 100644 --- a/phpBB/composer.lock +++ b/phpBB/composer.lock @@ -3,8 +3,62 @@ "This file locks the dependencies of your project to a known state", "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file" ], - "hash": "6e6125b88160e28568edcb9fd007abed", + "hash": "2b416686326d0308f977924abc825639", "packages": [ + { + "name": "lusitanian/oauth", + "version": "dev-master", + "source": { + "type": "git", + "url": "https://github.com/Lusitanian/PHPoAuthLib.git", + "reference": "b7e96d0c36f17aa8a217b6be897363bb2cc93286" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Lusitanian/PHPoAuthLib/zipball/b7e96d0c36f17aa8a217b6be897363bb2cc93286", + "reference": "b7e96d0c36f17aa8a217b6be897363bb2cc93286", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "symfony/http-foundation": "~2.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.1-dev" + } + }, + "autoload": { + "psr-0": { + "OAuth": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "David Desberg", + "email": "david@daviddesberg.com" + }, + { + "name": "Pieter Hordijk", + "email": "info@pieterhordijk.com" + } + ], + "description": "PHP 5.3+ oAuth 1/2 Library", + "keywords": [ + "Authentication", + "authorization", + "oauth", + "security" + ], + "time": "2013-07-12 12:56:37" + }, { "name": "symfony/config", "version": "v2.1.11", @@ -29,7 +83,6 @@ "Symfony\\Component\\Config": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -79,7 +132,6 @@ "Symfony\\Component\\DependencyInjection": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -128,7 +180,6 @@ "Symfony\\Component\\EventDispatcher": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -171,7 +222,6 @@ "SessionHandlerInterface": "Symfony/Component/HttpFoundation/Resources/stubs" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -233,7 +283,6 @@ "Symfony\\Component\\HttpKernel": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -286,7 +335,6 @@ "Symfony\\Component\\Routing": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -328,7 +376,6 @@ "Symfony\\Component\\Yaml": "" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -374,7 +421,6 @@ "Twig_": "lib/" } }, - "notification-url": "https://packagist.org/downloads/", "license": [ "BSD-3" ], @@ -1242,9 +1288,9 @@ ], "minimum-stability": "beta", - "stability-flags": [ - - ], + "stability-flags": { + "lusitanian/oauth": 20 + }, "platform": [ ], -- cgit v1.2.1 From 6a29d9cf81249aeb844cf8eba1faf3a4f2653e82 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 10:28:13 -0400 Subject: [feature/oauth] OAuth provider skeleton PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 48 ++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 phpBB/includes/auth/provider/oauth.php (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php new file mode 100644 index 0000000000..1fecf490c8 --- /dev/null +++ b/phpBB/includes/auth/provider/oauth.php @@ -0,0 +1,48 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + + } +} -- cgit v1.2.1 From 232a8c67403ba536e4404cb2357bbac0a1baa5a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 10:30:54 -0400 Subject: [feature/oauth] OAuth as a symfony service PHPBB3-11673 --- phpBB/config/auth_providers.yml | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index bcc448e4d7..4d402e71f2 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -35,3 +35,12 @@ services: - @user tags: - { name: auth.provider } + auth.provider.oauth: + class: phpbb_auth_provider_oauth + arguments: + - @dbal.conn + - @config + - @request + - @user + tags: + - { name: auth.provider } -- cgit v1.2.1 From 65485253c9252340e5ff6556c7d34f40e87f4644 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:07:42 -0400 Subject: [feature/oauth] Start implementing login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 48 ++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 1fecf490c8..de7903b7a5 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -15,6 +15,9 @@ if (!defined('IN_PHPBB')) exit; } +use OAuth\Common\Consumer\Credentials; +use OAuth\Common\Http\Uri\Uri; + /** * OAuth authentication provider for phpBB3 * @@ -43,6 +46,51 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { + if (!$this->request->is_set_post('oauth_service')) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $serviceFactory = new \OAuth\ServiceFactory(); + $uriFactory = new \OAuth\Common\Http\Uri\UriFactory(); + $currentUri = $uriFactory->createFromSuperGlobalArray((array)$_SERVER); + $currentUri->setQuery(''); + + // In-memory storage + $storage = new Memory(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $servicesCredentials['github']['key'], + $servicesCredentials['github']['secret'], + $currentUri->getAbsoluteUri() + ); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // Second pass: request access token, authenticate with phpBB + } else { + // First pass: get authorization uri, redirect to service + } + } + + /** + * + */ + protected function get_service_credentials($service) + { + return $service_credentials[$service]; + } + /** + * + */ + public function get_credentials() + { + return array(); } } -- cgit v1.2.1 From 1e38be3fa95d18d05c303d9c8be5af174dc6d07d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:19:35 -0400 Subject: [feature/oauth] Additional work on implementing login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 35 +++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index de7903b7a5..2004f87e97 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -46,7 +46,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { - if (!$this->request->is_set_post('oauth_service')) + // Requst the name of the OAuth service + $service = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service === '') { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -55,19 +57,23 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $serviceFactory = new \OAuth\ServiceFactory(); - $uriFactory = new \OAuth\Common\Http\Uri\UriFactory(); - $currentUri = $uriFactory->createFromSuperGlobalArray((array)$_SERVER); - $currentUri->setQuery(''); + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service); + + + $service_factory = new \OAuth\ServiceFactory(); + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray((array)$_SERVER); + $current_uri->setQuery(''); // In-memory storage $storage = new Memory(); // Setup the credentials for the requests $credentials = new Credentials( - $servicesCredentials['github']['key'], - $servicesCredentials['github']['secret'], - $currentUri->getAbsoluteUri() + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() ); if ($this->request->is_set('code', phpbb_request_interface::GET)) @@ -83,14 +89,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service_credentials($service) { - return $service_credentials[$service]; - } - - /** - * - */ - public function get_credentials() - { - return array(); + return array( + 'key' => $this->config['auth_oauth_' . $service . '_key'], + 'secret' => $this->config['auth_oauth_' . $service . '_secret'], + ); } } -- cgit v1.2.1 From d63f920250b801cf9e2bc1929a40ade7526078ff Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:29:00 -0400 Subject: [feature/oauth] Check that the service actually has settings PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 2004f87e97..cbb1d99004 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -60,6 +60,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->get_credentials($service); + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } $service_factory = new \OAuth\ServiceFactory(); $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); -- cgit v1.2.1 From 6479a989c5c06939d791a73952226382918d8183 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 11:56:18 -0400 Subject: [feature/oauth] Token Storage Skeleton PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 94 +++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 phpBB/includes/auth/oauth/token_storage.php (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php new file mode 100644 index 0000000000..2d3c58d25a --- /dev/null +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -0,0 +1,94 @@ +driver = $driver; + } + + /** + * {@inheritdoc} + */ + public function retrieveAccessToken() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->token; + } + + // TODO: check to see if the token is cached + + throw new TokenNotFoundException('Token not stored'); + } + + /** + * {@inheritdoc} + */ + public function storeAccessToken(TokenInterface $token) + { + $this->cachedToken = $token; + // TODO: actually store the token + } + + /** + * {@inheritdoc} + */ + public function hasAccessToken() + { + if( $this->cachedToken ) { + return true; + } + + // TODO: check cache for token + return false; + } + + /** + * {@inheritdoc} + */ + public function clearToken() + { + $this->cachedToken = null; + // TODO: clear cache of the token + } +} -- cgit v1.2.1 From a6ff2397788134b5410d89a67a3860a32670997e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 12:06:05 -0400 Subject: [feature/oauth] Allow getting original global arrays from request PHPBB3-11673 --- phpBB/phpbb/request/interface.php | 10 ++++++++++ phpBB/phpbb/request/request.php | 8 ++++++++ 2 files changed, 18 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/request/interface.php b/phpBB/phpbb/request/interface.php index 741db35917..8d472af97a 100644 --- a/phpBB/phpbb/request/interface.php +++ b/phpBB/phpbb/request/interface.php @@ -136,4 +136,14 @@ interface phpbb_request_interface * Pay attention when using these, they are unsanitised! */ public function variable_names($super_global = phpbb_request_interface::REQUEST); + + /** + * Returns the original array of the requested super global + * + * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global + * The super global which will be returned + * + * @return array The original array of the requested super global. + */ + public function original_global_values($super_global = phpbb_request_interface::REQUEST); } diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index ae3c526d89..a4e9a2c2b3 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -412,4 +412,12 @@ class phpbb_request implements phpbb_request_interface return $var; } + + /** + * {@inheritdoc} + */ + public function original_global_values($super_global = phpbb_request_interface::REQUEST) + { + return $this->input[$super_global]; + } } -- cgit v1.2.1 From 2e899c24f9248a06eef7b8cfaed7f5b4a792f7fd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 12:11:38 -0400 Subject: [feature/oauth] Change name of new method on request PHPBB3-11673 --- phpBB/phpbb/request/interface.php | 2 +- phpBB/phpbb/request/request.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/request/interface.php b/phpBB/phpbb/request/interface.php index 8d472af97a..05f6c54d3f 100644 --- a/phpBB/phpbb/request/interface.php +++ b/phpBB/phpbb/request/interface.php @@ -145,5 +145,5 @@ interface phpbb_request_interface * * @return array The original array of the requested super global. */ - public function original_global_values($super_global = phpbb_request_interface::REQUEST); + public function get_super_global($super_global = phpbb_request_interface::REQUEST); } diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index a4e9a2c2b3..ed2e8e2200 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -416,7 +416,7 @@ class phpbb_request implements phpbb_request_interface /** * {@inheritdoc} */ - public function original_global_values($super_global = phpbb_request_interface::REQUEST) + public function get_super_global($super_global = phpbb_request_interface::REQUEST) { return $this->input[$super_global]; } -- cgit v1.2.1 From 93f7ed4fb55daf3ca06957f4374cb827db06432c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:08:37 -0400 Subject: [feature/oauth] Continue work on OAuth login PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 + phpBB/includes/auth/provider/oauth.php | 51 +++++++++++++++++++++++++++++----- 2 files changed, 45 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 4d402e71f2..78c799ffb1 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -42,5 +42,6 @@ services: - @config - @request - @user + - @cache.driver tags: - { name: auth.provider } diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index cbb1d99004..4cf9749b36 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -25,20 +25,57 @@ use OAuth\Common\Http\Uri\Uri; */ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { + /** + * Database driver + * + * @var phpbb_db_driver + */ + protected $db; + + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * phpBB request object + * + * @var phpbb_request + */ + protected $request; + + /** + * phpBB user + * + * @var phpbb_user + */ + protected $user; + + /** + * Cache driver. + * + * @var phpbb_cache_driver_interface + */ + protected $driver; + /** * OAuth Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param phpbb_cache_driver_interface $driver */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, phpbb_cache_driver_interface $driver) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; + $this->driver = $driver; } /** @@ -72,11 +109,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_factory = new \OAuth\ServiceFactory(); $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray((array)$_SERVER); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); $current_uri->setQuery(''); // In-memory storage - $storage = new Memory(); + $storage = new phpbb_auth_oauth_token_storage($this->driver); // Setup the credentials for the requests $credentials = new Credentials( -- cgit v1.2.1 From aa12f6afc52b1b536068512487b0b95690786f22 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:43:12 -0400 Subject: [feature/oauth] More work on login PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 95 +++++++++++++++++++++++++--------- 1 file changed, 70 insertions(+), 25 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 4cf9749b36..cdfcace5b2 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -60,6 +60,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $driver; + /** + * Cached service once it has been created + * + * @var \OAuth\Common\Service\ServiceInterface|null + */ + protected $service; + + /** + * Cached current uri object + * + * @var \OAuth\Common\Http\Uri\UriInterface|null + */ + protected $current_uri; + /** * OAuth Authentication Constructor * @@ -84,8 +98,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Requst the name of the OAuth service - $service = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service === '') + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -94,8 +108,56 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // Second pass: request access token, authenticate with phpBB + } else { + // First pass: get authorization uri, redirect to service + } + } + + /** + * + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param array $scope The scope of the request against the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, array $scopes = array()) + { + if ($this->service) + { + return $this->service; + } + // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service); + $service_credentials = $this->get_credentials($service_name); // Check that the service has settings if ($service_credentials['key'] == false || $service_credentials['secret'] == false) @@ -107,14 +169,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $service_factory = new \OAuth\ServiceFactory(); - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - // In-memory storage $storage = new phpbb_auth_oauth_token_storage($this->driver); + $current_uri = $this->get_current_uri(); + // Setup the credentials for the requests $credentials = new Credentials( $service_credentials['key'], @@ -122,22 +180,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $current_uri->getAbsoluteUri() ); - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // Second pass: request access token, authenticate with phpBB - } else { - // First pass: get authorization uri, redirect to service - } - } + $service_factory = new \OAuth\ServiceFactory(); + $this->service = $service_factory->createService($service_name, $credentials, $storage, $scopes); - /** - * - */ - protected function get_service_credentials($service) - { - return array( - 'key' => $this->config['auth_oauth_' . $service . '_key'], - 'secret' => $this->config['auth_oauth_' . $service . '_secret'], - ); + return $this->service; } } -- cgit v1.2.1 From 37f099b014ea34378096c50cf898c060bd3f0d42 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 13:50:06 -0400 Subject: [feature/oauth] Document and rearrange methods PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 49 +++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 16 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index cdfcace5b2..267105e6b6 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -108,6 +108,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + if ($this->request->is_set('code', phpbb_request_interface::GET)) { // Second pass: request access token, authenticate with phpBB @@ -117,7 +130,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** + * Returns an array containing the service credentials belonging to requested + * service. * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) */ protected function get_service_credentials($service_name) { @@ -127,6 +149,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ protected function get_current_uri() { if ($this->current_uri) @@ -145,30 +173,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Returns the cached service object or creates a new one * - * @param string $service_name The name of the service - * @param array $scope The scope of the request against the api. + * @param string $service_name The name of the service + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, array $scopes = array()) + protected function get_service($service_name, array $service_credentials, array $scopes = array()) { if ($this->service) { return $this->service; } - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - $storage = new phpbb_auth_oauth_token_storage($this->driver); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 24bf333e161332ddd589831228e35ad9eb1e8f18 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 16:51:38 -0400 Subject: [feature/oauth] Use DB for OAuth token storage PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 - phpBB/develop/create_schema_files.php | 9 +++++ phpBB/includes/auth/oauth/token_storage.php | 18 +++++++--- phpBB/includes/auth/provider/oauth.php | 13 ++----- .../db/migration/data/310/auth_provider_oauth.php | 42 ++++++++++++++++++++++ 5 files changed, 66 insertions(+), 17 deletions(-) create mode 100644 phpBB/includes/db/migration/data/310/auth_provider_oauth.php (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 78c799ffb1..4d402e71f2 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -42,6 +42,5 @@ services: - @config - @request - @user - - @cache.driver tags: - { name: auth.provider } diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index 316fbe19e6..f3eeb31c28 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -923,6 +923,15 @@ function get_schema_struct() ), ); + $schemda_data['auth_provider_oauth'] = array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'oauth_token' => array('TEXT_UNI'), // Serialized token + ), + 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + ); + $schema_data['phpbb_banlist'] = array( 'COLUMNS' => array( 'ban_id' => array('UINT', NULL, 'auto_increment'), diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 2d3c58d25a..b658333900 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -28,9 +28,16 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Cache driver. * - * @var phpbb_cache_driver_interface + * @var phpbb_db_driver */ - protected $driver; + protected $db; + + /** + * Name of the OAuth provider + * + * @var string + */ + protected $service_name; /** * @var object|TokenInterface @@ -40,11 +47,12 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param phpbb_cache_driver_interface $driver The cache driver + * @param phpbb_db_driver $db */ - public function __construct(phpbb_cache_driver_interface $driver) + public function __construct(phpbb_db_driver $db, $service_name) { - $this->driver = $driver; + $this->db = $db; + $this->service_name = $service_name; } /** diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 267105e6b6..55a12211d6 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -53,13 +53,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $user; - /** - * Cache driver. - * - * @var phpbb_cache_driver_interface - */ - protected $driver; - /** * Cached service once it has been created * @@ -81,15 +74,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_config $config * @param phpbb_request $request * @param phpbb_user $user - * @param phpbb_cache_driver_interface $driver */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, phpbb_cache_driver_interface $driver) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; - $this->driver = $driver; } /** @@ -186,7 +177,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->driver); + $storage = new phpbb_auth_oauth_token_storage($this->db, $service_name); $current_uri = $this->get_current_uri(); diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php new file mode 100644 index 0000000000..6239cf97bc --- /dev/null +++ b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php @@ -0,0 +1,42 @@ +db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth'); + } + + public function update_schema() + { + return array( + 'add_tables' => array( + $this->table_prefix . 'auth_provider_oauth' => array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'oauth_token' => array('TEXT_UNI'), // Serialized token + ), + 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + ), + ), + + ); + } + + public function revert_schema() + { + return array( + 'drop_tables' => array( + $this->table_prefix . 'auth_provider_oauth', + ), + ); + } +} -- cgit v1.2.1 From 02921f4b23fd2fa3efc9eddedfe7bfd6d3347297 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:31:41 -0400 Subject: [feature/oauth] Have token storage use DB PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 77 +++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 10 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index b658333900..4bf52e2ced 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -15,8 +15,11 @@ if (!defined('IN_PHPBB')) exit; } -use OAuth\Common\Storage\TokenStorageInterface; + use OAuth\Common\Token\TokenInterface; +use OAuth\Common\Storage\TokenStorageInterface; +use OAuth\Common\Storage\Exception\StorageException; +use OAuth\Common\Storage\Exception\TokenNotFoundException; /** * OAuth storage wrapper for phpbb's cache @@ -32,6 +35,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface */ protected $db; + /** + * phpBB user + * + * @var phpbb_user + */ + protected $user; + /** * Name of the OAuth provider * @@ -48,10 +58,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface * Creates token storage for phpBB. * * @param phpbb_db_driver $db + * @param phpbb_user $user + * @param string $service_name */ - public function __construct(phpbb_db_driver $db, $service_name) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name) { $this->db = $db; + $this->user = $user; $this->service_name = $service_name; } @@ -64,9 +77,31 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - // TODO: check to see if the token is cached + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); - throw new TokenNotFoundException('Token not stored'); + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; } /** @@ -75,7 +110,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function storeAccessToken(TokenInterface $token) { $this->cachedToken = $token; - // TODO: actually store the token + + $sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + )); + $this->db->sql_query($sql); } /** @@ -84,11 +125,24 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function hasAccessToken() { if( $this->cachedToken ) { - return true; - } + return true; + } - // TODO: check cache for token - return false; + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; } /** @@ -97,6 +151,9 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function clearToken() { $this->cachedToken = null; - // TODO: clear cache of the token + + $sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] . + ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + $this->db->sql_query($sql); } } -- cgit v1.2.1 From b22b076a9972e0bd41551c314f4fea4e938d1d58 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:32:27 -0400 Subject: [feature/oauth] Update invocation of method in OAuth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 55a12211d6..ee18c0f60d 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -177,7 +177,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $service_name); + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 69e158865560bba4264646faa0799aa6e457c6d0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 17:59:04 -0400 Subject: [feature/oauth] Store anonymous user by session id PHPBB3-9734 --- phpBB/develop/create_schema_files.php | 6 +++++- phpBB/includes/db/migration/data/310/auth_provider_oauth.php | 7 +++++-- 2 files changed, 10 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index f3eeb31c28..c7d3cc4106 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -926,10 +926,14 @@ function get_schema_struct() $schemda_data['auth_provider_oauth'] = array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider 'oauth_token' => array('TEXT_UNI'), // Serialized token ), - 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + 'KEYS' => array( + 'user_id' => array('INDEX', 'user_id'), + 'oauth_provider' => array('INDEX', 'oauth_provider'), + ), ); $schema_data['phpbb_banlist'] = array( diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php index 6239cf97bc..92da42ba31 100644 --- a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php @@ -21,13 +21,16 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration $this->table_prefix . 'auth_provider_oauth' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider 'oauth_token' => array('TEXT_UNI'), // Serialized token ), - 'PRIMARY_KEY' => array('user_id', 'oauth_provider'), + 'KEYS' => array( + 'user_id' => array('INDEX', 'user_id'), + 'oauth_provider' => array('INDEX', 'oauth_provider'), + ), ), ), - ); } -- cgit v1.2.1 From 5942eac5dac51e9f70a1f175a480316975fb3ac9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:17:03 -0400 Subject: [feature/oauth] Pass table in constructor PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 + phpBB/config/tables.yml | 1 + phpBB/includes/auth/oauth/token_storage.php | 34 +++++++++++++++++++---------- phpBB/includes/auth/provider/oauth.php | 21 +++++++++++++----- 4 files changed, 39 insertions(+), 18 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 4d402e71f2..ead540c953 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -42,5 +42,6 @@ services: - @config - @request - @user + - %tables.auth_provider_oauth% tags: - { name: auth.provider } diff --git a/phpBB/config/tables.yml b/phpBB/config/tables.yml index fdb448f4e0..48098ba8c2 100644 --- a/phpBB/config/tables.yml +++ b/phpBB/config/tables.yml @@ -1,4 +1,5 @@ parameters: + tables.auth_provider_oauth: %core.table_prefix%auth_provider_oauth tables.config: %core.table_prefix%config tables.config_text: %core.table_prefix%config_text tables.ext: %core.table_prefix%ext diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 4bf52e2ced..90185e5f5a 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -49,6 +49,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface */ protected $service_name; + /** + * OAuth token table + * + * @var string + */ + protected $auth_provider_oauth_table; + /** * @var object|TokenInterface */ @@ -57,15 +64,17 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface /** * Creates token storage for phpBB. * - * @param phpbb_db_driver $db - * @param phpbb_user $user - * @param string $service_name + * @param phpbb_db_driver $db + * @param phpbb_user $user + * @param string $service_name + * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; $this->service_name = $service_name; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** @@ -77,7 +86,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . $db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, @@ -111,11 +120,12 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = $token; - $sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - )); + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . + $this->db->sql_build_array('INSERT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + )); $this->db->sql_query($sql); } @@ -128,7 +138,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return true; } - $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . $db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, @@ -152,7 +162,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = null; - $sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] . + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . 'WHERE user_id = ' . $this->user->data['user_id'] . ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); $this->db->sql_query($sql); } diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index ee18c0f60d..c7f60c5ae4 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -53,6 +53,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $user; + /** + * OAuth token table + * + * @var string + */ + protected $auth_provider_oauth_table; + /** * Cached service once it has been created * @@ -70,17 +77,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * OAuth Authentication Constructor * - * @param phpbb_db_driver $db - * @param phpbb_config $config - * @param phpbb_request $request - * @param phpbb_user $user + * @param phpbb_db_driver $db + * @param phpbb_config $config + * @param phpbb_request $request + * @param phpbb_user $user + * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** @@ -177,7 +186,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name); + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $current_uri = $this->get_current_uri(); -- cgit v1.2.1 From 68a80f8ea8d61a8ad60f046a2ef68124d2abc801 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:20:49 -0400 Subject: [feature/oauth] Fix typo PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index 90185e5f5a..c3d560cc79 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -87,7 +87,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface } $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $db->sql_build_array('SELECT', array( + $this->db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, )); @@ -139,7 +139,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface } $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $db->sql_build_array('SELECT', array( + $this->db->sql_build_array('SELECT', array( 'user_id' => $this->user->data['user_id'], 'oauth_provider' => $this->service_name, )); -- cgit v1.2.1 From 3c8187c277446ac07e5ff08c05a6e535f401ae2d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 18:30:41 -0400 Subject: [feature/oauth] Have array of services not just one in oauth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index c7f60c5ae4..c59c573c52 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -61,11 +61,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base protected $auth_provider_oauth_table; /** - * Cached service once it has been created + * Cached services once they has been created * - * @var \OAuth\Common\Service\ServiceInterface|null + * @var array Contains \OAuth\Common\Service\ServiceInterface or null */ - protected $service; + protected $services; /** * Cached current uri object @@ -90,6 +90,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->request = $request; $this->user = $user; $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); } /** @@ -181,9 +182,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, array $service_credentials, array $scopes = array()) { - if ($this->service) + if ($this->services[$service_name]) { - return $this->service; + return $this->services[$service_name]; } $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); @@ -198,8 +199,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - $this->service = $service_factory->createService($service_name, $credentials, $storage, $scopes); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - return $this->service; + return $this->service[$service_name]; } } -- cgit v1.2.1 From 9619a9a16f68edddb052d5848f96f4e603ddc299 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:00:43 -0400 Subject: [feature/oauth] Anonymous user does not depend on user_id in token PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 66 +++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 18 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index c3d560cc79..b35a5c6586 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -86,17 +86,25 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $this->db->sql_build_array('SELECT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); if (!$row) { + // TODO: translate throw new TokenNotFoundException('Token not stored'); } @@ -106,6 +114,7 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface if (!($token instanceof TokenInterface)) { $this->clearToken(); + // TODO: translate throw new TokenNotFoundException('Token not stored correctly'); } @@ -120,12 +129,19 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = $token; - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . - $this->db->sql_build_array('INSERT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); } @@ -138,11 +154,18 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return true; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . - $this->db->sql_build_array('SELECT', array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - )); + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -162,8 +185,15 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface { $this->cachedToken = null; - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . 'WHERE user_id = ' . $this->user->data['user_id'] . - ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $sql .= ' AND session_id = ' . $this->user->data['session_id']; + } + $this->db->sql_query($sql); } } -- cgit v1.2.1 From 6e73ccd00f363917de2914de3b8c75d296cdb355 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:26:14 -0400 Subject: [feature/oauth] Function to update user_id of a token PHPBB3-9734 --- phpBB/includes/auth/oauth/token_storage.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index b35a5c6586..fcc277053c 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -196,4 +196,25 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface $this->db->sql_query($sql); } + + /** + * Updates the user_id field in the database assosciated with the token + * + * @param int $user_id + */ + public function set_user_id($user_id) + { + if (!$this->cachedToken) + { + return; + } + + $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' + SET ' . $db->sql_build_array('UPDATE', array( + 'user_id' => (int) $user_id + )) . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND session_id = ' . $this->user->data['session_id']; + $this->db->sql_query($sql); + } } -- cgit v1.2.1 From a7bfe5eeeb1250c96fb2ddb1ee19f1babe72fe3d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 13 Jul 2013 23:47:16 -0400 Subject: [feature/oauth] Changes to oauth PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index c59c573c52..d405bb77b1 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -104,6 +104,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', 'user_row' => array('user_id' => ANONYMOUS), ); @@ -117,11 +118,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', 'user_row' => array('user_id' => ANONYMOUS), ); } + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + if ($this->request->is_set('code', phpbb_request_interface::GET)) { // Second pass: request access token, authenticate with phpBB @@ -175,20 +179,19 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the cached service object or creates a new one * * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} * @param array $scope The scope of the request against * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { if ($this->services[$service_name]) { return $this->services[$service_name]; } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $current_uri = $this->get_current_uri(); // Setup the credentials for the requests -- cgit v1.2.1 From e600596602d1fed7eedda02c848db9012fda43fa Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 11:38:19 -0400 Subject: [feature/oauth] Scopes/path part one PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 61 ++++++++++++++++++++++++++++++++-- 1 file changed, 59 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index d405bb77b1..79a5988526 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -125,12 +125,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); if ($this->request->is_set('code', phpbb_request_interface::GET)) { - // Second pass: request access token, authenticate with phpBB + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $result = json_decode( $service->request('user/info'), true ); + } else { - // First pass: get authorization uri, redirect to service + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); } } @@ -206,4 +214,53 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface + */ + protected function get_path($service_name) + { + switch ($service_name) + { + default: + $path = ''; + break; + } + + return $path; + } } -- cgit v1.2.1 From 4b1390ca31949d9de0df3b9038144e882c75a5e7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 11:48:02 -0400 Subject: [feature/oauth] Pathing information for some services PHPBB3-11673 --- phpBB/includes/auth/provider/oauth.php | 44 +++++++++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php index 79a5988526..aeca2a4869 100644 --- a/phpBB/includes/auth/provider/oauth.php +++ b/phpBB/includes/auth/provider/oauth.php @@ -133,8 +133,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service->requestAccessToken( $_GET['code'] ); // Send a request with it - $result = json_decode( $service->request('user/info'), true ); + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + // Perform authentication } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points @@ -250,14 +255,47 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the path desired of the service * * @param string $service_name - * @return string|UriInterface + * @return string|UriInterface|null A null return means do not + * request additional information. */ protected function get_path($service_name) { switch ($service_name) { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; default: - $path = ''; + $path = null; break; } -- cgit v1.2.1 From 1a3880806a453dc4782b9823c2557dc22e9fb6af Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 13:23:09 -0400 Subject: [feature/oauth] Move OAuth to /phpBB/phpbb PHPBB3-11673 --- phpBB/includes/auth/oauth/token_storage.php | 220 -------------------- phpBB/includes/auth/provider/oauth.php | 304 ---------------------------- phpBB/phpbb/auth/oauth/token_storage.php | 220 ++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth.php | 304 ++++++++++++++++++++++++++++ 4 files changed, 524 insertions(+), 524 deletions(-) delete mode 100644 phpBB/includes/auth/oauth/token_storage.php delete mode 100644 phpBB/includes/auth/provider/oauth.php create mode 100644 phpBB/phpbb/auth/oauth/token_storage.php create mode 100644 phpBB/phpbb/auth/provider/oauth.php (limited to 'phpBB') diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php deleted file mode 100644 index fcc277053c..0000000000 --- a/phpBB/includes/auth/oauth/token_storage.php +++ /dev/null @@ -1,220 +0,0 @@ -db = $db; - $this->user = $user; - $this->service_name = $service_name; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - } - - /** - * {@inheritdoc} - */ - public function retrieveAccessToken() - { - if( $this->cachedToken instanceOf TokenInterface ) { - return $this->token; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; - } - - /** - * {@inheritdoc} - */ - public function storeAccessToken(TokenInterface $token) - { - $this->cachedToken = $token; - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('INSERT', $data); - $this->db->sql_query($sql); - } - - /** - * {@inheritdoc} - */ - public function hasAccessToken() - { - if( $this->cachedToken ) { - return true; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - return false; - } - - return true; - } - - /** - * {@inheritdoc} - */ - public function clearToken() - { - $this->cachedToken = null; - - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $sql .= ' AND session_id = ' . $this->user->data['session_id']; - } - - $this->db->sql_query($sql); - } - - /** - * Updates the user_id field in the database assosciated with the token - * - * @param int $user_id - */ - public function set_user_id($user_id) - { - if (!$this->cachedToken) - { - return; - } - - $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' - SET ' . $db->sql_build_array('UPDATE', array( - 'user_id' => (int) $user_id - )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = ' . $this->user->data['session_id']; - $this->db->sql_query($sql); - } -} diff --git a/phpBB/includes/auth/provider/oauth.php b/phpBB/includes/auth/provider/oauth.php deleted file mode 100644 index aeca2a4869..0000000000 --- a/phpBB/includes/auth/provider/oauth.php +++ /dev/null @@ -1,304 +0,0 @@ -db = $db; - $this->config = $config; - $this->request = $request; - $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - $this->services = array(); - } - - /** - * {@inheritdoc} - */ - public function login($username, $password) - { - // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); - - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } - - // Perform authentication - } else { - $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points - header('Location: ' . $url); - } - } - - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - - /** - * Returns the cached current_uri object or creates and caches it if it is - * not already created - * - * @return \OAuth\Common\Http\Uri\UriInterface - */ - protected function get_current_uri() - { - if ($this->current_uri) - { - return $this->current_uri; - } - - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - $this->current_uri = $current_uri; - return $current_uri; - } - - /** - * Returns the cached service object or creates a new one - * - * @param string $service_name The name of the service - * @param phpbb_auth_oauth_token_storage $storage - * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} - * @param array $scope The scope of the request against - * the api. - * @return \OAuth\Common\Service\ServiceInterface - */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) - { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - - $current_uri = $this->get_current_uri(); - - // Setup the credentials for the requests - $credentials = new Credentials( - $service_credentials['key'], - $service_credentials['secret'], - $current_uri->getAbsoluteUri() - ); - - $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; - } - - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } -} diff --git a/phpBB/phpbb/auth/oauth/token_storage.php b/phpBB/phpbb/auth/oauth/token_storage.php new file mode 100644 index 0000000000..fcc277053c --- /dev/null +++ b/phpBB/phpbb/auth/oauth/token_storage.php @@ -0,0 +1,220 @@ +db = $db; + $this->user = $user; + $this->service_name = $service_name; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + } + + /** + * {@inheritdoc} + */ + public function retrieveAccessToken() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->token; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } + + /** + * {@inheritdoc} + */ + public function storeAccessToken(TokenInterface $token) + { + $this->cachedToken = $token; + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function hasAccessToken() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * {@inheritdoc} + */ + public function clearToken() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $sql .= ' AND session_id = ' . $this->user->data['session_id']; + } + + $this->db->sql_query($sql); + } + + /** + * Updates the user_id field in the database assosciated with the token + * + * @param int $user_id + */ + public function set_user_id($user_id) + { + if (!$this->cachedToken) + { + return; + } + + $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' + SET ' . $db->sql_build_array('UPDATE', array( + 'user_id' => (int) $user_id + )) . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND session_id = ' . $this->user->data['session_id']; + $this->db->sql_query($sql); + } +} diff --git a/phpBB/phpbb/auth/provider/oauth.php b/phpBB/phpbb/auth/provider/oauth.php new file mode 100644 index 0000000000..aeca2a4869 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth.php @@ -0,0 +1,304 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // Requst the name of the OAuth service + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + + // Perform authentication + } else { + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); + } + } + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + { + if ($this->services[$service_name]) + { + return $this->services[$service_name]; + } + + $current_uri = $this->get_current_uri(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() + ); + + $service_factory = new \OAuth\ServiceFactory(); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + return $this->service[$service_name]; + } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface|null A null return means do not + * request additional information. + */ + protected function get_path($service_name) + { + switch ($service_name) + { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; + default: + $path = null; + break; + } + + return $path; + } +} -- cgit v1.2.1 From 117a758f6610ccc52142ca177504442cbd4869ab Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:07:59 -0400 Subject: [feature/oauth] Move oauth to auth/provider/oauth PHPBB3-11673 --- phpBB/phpbb/auth/oauth/token_storage.php | 220 ---------------- phpBB/phpbb/auth/provider/oauth.php | 304 ---------------------- phpBB/phpbb/auth/provider/oauth/oauth.php | 304 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 220 ++++++++++++++++ 4 files changed, 524 insertions(+), 524 deletions(-) delete mode 100644 phpBB/phpbb/auth/oauth/token_storage.php delete mode 100644 phpBB/phpbb/auth/provider/oauth.php create mode 100644 phpBB/phpbb/auth/provider/oauth/oauth.php create mode 100644 phpBB/phpbb/auth/provider/oauth/token_storage.php (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/oauth/token_storage.php b/phpBB/phpbb/auth/oauth/token_storage.php deleted file mode 100644 index fcc277053c..0000000000 --- a/phpBB/phpbb/auth/oauth/token_storage.php +++ /dev/null @@ -1,220 +0,0 @@ -db = $db; - $this->user = $user; - $this->service_name = $service_name; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - } - - /** - * {@inheritdoc} - */ - public function retrieveAccessToken() - { - if( $this->cachedToken instanceOf TokenInterface ) { - return $this->token; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; - } - - /** - * {@inheritdoc} - */ - public function storeAccessToken(TokenInterface $token) - { - $this->cachedToken = $token; - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - 'oauth_token' => serialize($token), - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('INSERT', $data); - $this->db->sql_query($sql); - } - - /** - * {@inheritdoc} - */ - public function hasAccessToken() - { - if( $this->cachedToken ) { - return true; - } - - $data = array( - 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, - ); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - return false; - } - - return true; - } - - /** - * {@inheritdoc} - */ - public function clearToken() - { - $this->cachedToken = null; - - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); - - if ($this->user->data['user_id'] == ANONYMOUS) - { - $sql .= ' AND session_id = ' . $this->user->data['session_id']; - } - - $this->db->sql_query($sql); - } - - /** - * Updates the user_id field in the database assosciated with the token - * - * @param int $user_id - */ - public function set_user_id($user_id) - { - if (!$this->cachedToken) - { - return; - } - - $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' - SET ' . $db->sql_build_array('UPDATE', array( - 'user_id' => (int) $user_id - )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = ' . $this->user->data['session_id']; - $this->db->sql_query($sql); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth.php b/phpBB/phpbb/auth/provider/oauth.php deleted file mode 100644 index aeca2a4869..0000000000 --- a/phpBB/phpbb/auth/provider/oauth.php +++ /dev/null @@ -1,304 +0,0 @@ -db = $db; - $this->config = $config; - $this->request = $request; - $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; - $this->services = array(); - } - - /** - * {@inheritdoc} - */ - public function login($username, $password) - { - // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); - - if ($this->request->is_set('code', phpbb_request_interface::GET)) - { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } - - // Perform authentication - } else { - $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points - header('Location: ' . $url); - } - } - - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - - /** - * Returns the cached current_uri object or creates and caches it if it is - * not already created - * - * @return \OAuth\Common\Http\Uri\UriInterface - */ - protected function get_current_uri() - { - if ($this->current_uri) - { - return $this->current_uri; - } - - $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); - $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); - - $this->current_uri = $current_uri; - return $current_uri; - } - - /** - * Returns the cached service object or creates a new one - * - * @param string $service_name The name of the service - * @param phpbb_auth_oauth_token_storage $storage - * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} - * @param array $scope The scope of the request against - * the api. - * @return \OAuth\Common\Service\ServiceInterface - */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) - { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - - $current_uri = $this->get_current_uri(); - - // Setup the credentials for the requests - $credentials = new Credentials( - $service_credentials['key'], - $service_credentials['secret'], - $current_uri->getAbsoluteUri() - ); - - $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; - } - - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php new file mode 100644 index 0000000000..aeca2a4869 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -0,0 +1,304 @@ +db = $db; + $this->config = $config; + $this->request = $request; + $this->user = $user; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->services = array(); + } + + /** + * {@inheritdoc} + */ + public function login($username, $password) + { + // Requst the name of the OAuth service + $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); + if ($service_name === '') + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + // Get the service credentials for the given service + $service_credentials = $this->get_credentials($service_name); + + // Check that the service has settings + if ($service_credentials['key'] == false || $service_credentials['secret'] == false) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + // TODO: change error message + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + // This was a callback request from the service provider + $service->requestAccessToken( $_GET['code'] ); + + // Send a request with it + $path = $this->get_path($service_name); + if ($path) + { + $result = json_decode( $service->request($path), true ); + } + + // Perform authentication + } else { + $url = $service->getAuthorizationUri(); + // TODO: modify $url for the appropriate return points + header('Location: ' . $url); + } + } + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @param string $service_name The name of the service + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + protected function get_service_credentials($service_name) + { + return array( + 'key' => $this->config['auth_oauth_' . $service_name . '_key'], + 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], + ); + } + + /** + * Returns the cached current_uri object or creates and caches it if it is + * not already created + * + * @return \OAuth\Common\Http\Uri\UriInterface + */ + protected function get_current_uri() + { + if ($this->current_uri) + { + return $this->current_uri; + } + + $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); + $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); + $current_uri->setQuery(''); + + $this->current_uri = $current_uri; + return $current_uri; + } + + /** + * Returns the cached service object or creates a new one + * + * @param string $service_name The name of the service + * @param phpbb_auth_oauth_token_storage $storage + * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} + * @param array $scope The scope of the request against + * the api. + * @return \OAuth\Common\Service\ServiceInterface + */ + protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + { + if ($this->services[$service_name]) + { + return $this->services[$service_name]; + } + + $current_uri = $this->get_current_uri(); + + // Setup the credentials for the requests + $credentials = new Credentials( + $service_credentials['key'], + $service_credentials['secret'], + $current_uri->getAbsoluteUri() + ); + + $service_factory = new \OAuth\ServiceFactory(); + $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + return $this->service[$service_name]; + } + + /** + * Returns the scopes of the service required for authentication + * + * @param string $service_name + * @return array An array of the scopes required from the service + */ + protected function get_scopes($service_name) + { + $scopes = array(); + + switch ($service_name) + { + case 'GitHub': + $scopes[] = 'user'; + break; + case 'google': + $scopes[] = 'userinfo_email'; + $scopes[] = 'userinfo_profile'; + break; + case 'instagram': + case 'microsoft': + $scopes[] = 'basic'; + break; + case 'linkedin': + $scopes[] = 'r_basicprofile'; + break; + } + + return $scopes; + } + + /** + * Returns the path desired of the service + * + * @param string $service_name + * @return string|UriInterface|null A null return means do not + * request additional information. + */ + protected function get_path($service_name) + { + switch ($service_name) + { + case 'bitly': + case 'tumblr': + $path = 'user/info'; + break; + case 'box': + $path = '/users/me'; + break; + case 'facebook': + $path = '/me'; + break; + case 'FitBit': + $path = 'user/-/profile.json'; + break; + case 'foursquare': + case 'instagram': + $path = 'users/self'; + break; + case 'GitHub': + $path = 'user/emails'; + break; + case 'google': + $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; + break; + case 'linkedin': + $path = '/people/~?format=json'; + break; + case 'soundCloud': + $path = 'me.json'; + break; + case 'twitter': + $path = 'account/verify_credentials.json'; + break; + default: + $path = null; + break; + } + + return $path; + } +} diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php new file mode 100644 index 0000000000..fcc277053c --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -0,0 +1,220 @@ +db = $db; + $this->user = $user; + $this->service_name = $service_name; + $this->auth_provider_oauth_table = $auth_provider_oauth_table; + } + + /** + * {@inheritdoc} + */ + public function retrieveAccessToken() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->token; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } + + /** + * {@inheritdoc} + */ + public function storeAccessToken(TokenInterface $token) + { + $this->cachedToken = $token; + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function hasAccessToken() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + ); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $data['session_id'] = $this->user->data['session_id']; + } + + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * {@inheritdoc} + */ + public function clearToken() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + + if ($this->user->data['user_id'] == ANONYMOUS) + { + $sql .= ' AND session_id = ' . $this->user->data['session_id']; + } + + $this->db->sql_query($sql); + } + + /** + * Updates the user_id field in the database assosciated with the token + * + * @param int $user_id + */ + public function set_user_id($user_id) + { + if (!$this->cachedToken) + { + return; + } + + $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' + SET ' . $db->sql_build_array('UPDATE', array( + 'user_id' => (int) $user_id + )) . ' + WHERE user_id = ' . $this->user->data['user_id'] . ' + AND session_id = ' . $this->user->data['session_id']; + $this->db->sql_query($sql); + } +} -- cgit v1.2.1 From a43a8f8c72f14b683f7db39a20c6d5fc4f154744 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:09:13 -0400 Subject: [feature/oauth] Update class name based on last commit PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index aeca2a4869..b6af9758e7 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -124,7 +124,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } - $storage = new phpbb_auth_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); if ($this->request->is_set('code', phpbb_request_interface::GET)) diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index fcc277053c..227b51efc9 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -26,7 +26,7 @@ use OAuth\Common\Storage\Exception\TokenNotFoundException; * * @package auth */ -class phpbb_auth_oauth_token_storage implements TokenStorageInterface +class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface { /** * Cache driver. -- cgit v1.2.1 From 00d0e102008767f712145f55348a662f3e6750d6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 14:17:54 -0400 Subject: [feature/oauth] Move last file to appropriate location PHPBB3-11673 --- .../db/migration/data/310/auth_provider_oauth.php | 45 ---------------------- .../db/migration/data/310/auth_provider_oauth.php | 45 ++++++++++++++++++++++ 2 files changed, 45 insertions(+), 45 deletions(-) delete mode 100644 phpBB/includes/db/migration/data/310/auth_provider_oauth.php create mode 100644 phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php (limited to 'phpBB') diff --git a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php b/phpBB/includes/db/migration/data/310/auth_provider_oauth.php deleted file mode 100644 index 92da42ba31..0000000000 --- a/phpBB/includes/db/migration/data/310/auth_provider_oauth.php +++ /dev/null @@ -1,45 +0,0 @@ -db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth'); - } - - public function update_schema() - { - return array( - 'add_tables' => array( - $this->table_prefix . 'auth_provider_oauth' => array( - 'COLUMNS' => array( - 'user_id' => array('UINT', 0), // phpbb_users.user_id - 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set - 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider - 'oauth_token' => array('TEXT_UNI'), // Serialized token - ), - 'KEYS' => array( - 'user_id' => array('INDEX', 'user_id'), - 'oauth_provider' => array('INDEX', 'oauth_provider'), - ), - ), - ), - ); - } - - public function revert_schema() - { - return array( - 'drop_tables' => array( - $this->table_prefix . 'auth_provider_oauth', - ), - ); - } -} diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php new file mode 100644 index 0000000000..92da42ba31 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -0,0 +1,45 @@ +db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth'); + } + + public function update_schema() + { + return array( + 'add_tables' => array( + $this->table_prefix . 'auth_provider_oauth' => array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), // phpbb_users.user_id + 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set + 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'oauth_token' => array('TEXT_UNI'), // Serialized token + ), + 'KEYS' => array( + 'user_id' => array('INDEX', 'user_id'), + 'oauth_provider' => array('INDEX', 'oauth_provider'), + ), + ), + ), + ); + } + + public function revert_schema() + { + return array( + 'drop_tables' => array( + $this->table_prefix . 'auth_provider_oauth', + ), + ); + } +} -- cgit v1.2.1 From 947aa2b6b442b5e1ce06c755c3e8ebea677f63e3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 15:16:34 -0400 Subject: [feature/oauth] Create OAuth service classes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 31 ------------------- phpBB/phpbb/auth/provider/oauth/service/base.php | 32 ++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/box.php | 26 ++++++++++++++++ .../phpbb/auth/provider/oauth/service/facebook.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 26 ++++++++++++++++ .../auth/provider/oauth/service/foursqare.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/github.php | 34 +++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 35 ++++++++++++++++++++++ .../auth/provider/oauth/service/instagram.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/interface.php | 31 +++++++++++++++++++ .../phpbb/auth/provider/oauth/service/linkedin.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/microsoft.php | 34 +++++++++++++++++++++ .../auth/provider/oauth/service/soundcloud.php | 26 ++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 26 ++++++++++++++++ .../phpbb/auth/provider/oauth/service/twitter.php | 26 ++++++++++++++++ 16 files changed, 442 insertions(+), 31 deletions(-) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/base.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/bitly.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/box.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/facebook.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/fitbit.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/foursqare.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/github.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/google.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/instagram.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/interface.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/linkedin.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/microsoft.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/soundcloud.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/tumblr.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/twitter.php (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index b6af9758e7..75e8a54ed4 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -220,37 +220,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } - /** - * Returns the scopes of the service required for authentication - * - * @param string $service_name - * @return array An array of the scopes required from the service - */ - protected function get_scopes($service_name) - { - $scopes = array(); - - switch ($service_name) - { - case 'GitHub': - $scopes[] = 'user'; - break; - case 'google': - $scopes[] = 'userinfo_email'; - $scopes[] = 'userinfo_profile'; - break; - case 'instagram': - case 'microsoft': - $scopes[] = 'basic'; - break; - case 'linkedin': - $scopes[] = 'r_basicprofile'; - break; - } - - return $scopes; - } - /** * Returns the path desired of the service * diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php new file mode 100644 index 0000000000..98a1fa16e4 --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -0,0 +1,32 @@ + Date: Sun, 14 Jul 2013 15:35:12 -0400 Subject: [feature/oauth] Last five oauth services PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 26 ++++++++++++++++++++++ .../phpbb/auth/provider/oauth/service/dropbox.php | 26 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 26 ++++++++++++++++++++++ .../auth/provider/oauth/service/vkontakte.php | 26 ++++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 26 ++++++++++++++++++++++ 5 files changed, 130 insertions(+) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/amazon.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/dropbox.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/paypal.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/vkontakte.php create mode 100644 phpBB/phpbb/auth/provider/oauth/service/yammer.php (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php new file mode 100644 index 0000000000..1348bd5ebe --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -0,0 +1,26 @@ + Date: Sun, 14 Jul 2013 15:52:57 -0400 Subject: [feature/oauth] Set required scopes on more providers PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 10 +++++++++- phpBB/phpbb/auth/provider/oauth/service/paypal.php | 12 +++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index 1348bd5ebe..cea4438323 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -22,5 +22,13 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_auth_scope() + { + return array( + 'profile', + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 983b008dc3..26038d4fcb 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -22,5 +22,15 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_auth_scope() + { + return array( + 'openid', + 'profile', + 'email', + ); + } } -- cgit v1.2.1 From 6a2871692cb9b2e9027b026604e8f456f17d1b44 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 16:00:41 -0400 Subject: [feature/oauth] Get service credentials on each OAuth service PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/box.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/dropbox.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 13 +++++++++++-- phpBB/phpbb/auth/provider/oauth/service/foursqare.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/github.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/instagram.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/interface.php | 13 +++++++++++++ phpBB/phpbb/auth/provider/oauth/service/linkedin.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/microsoft.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 11 +++++++++++ phpBB/phpbb/auth/provider/oauth/service/soundcloud.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/twitter.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/vkontakte.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/yammer.php | 11 ++++++++++- 19 files changed, 201 insertions(+), 12 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index cea4438323..740add0f3c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth 'profile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_amazon_key'], + 'secret' => $this->config['auth_oauth_amazon_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 23769b36a5..1de3183b84 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_bitly_key'], + 'secret' => $this->config['auth_oauth_bitly_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php index cfa788da4d..19e409a943 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ b/phpBB/phpbb/auth/provider/oauth/service/box.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_box_key'], + 'secret' => $this->config['auth_oauth_box_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php index 655c4305f3..3b4920bb0e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_dropbox extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_dropbox_key'], + 'secret' => $this->config['auth_oauth_dropbox_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 723c8f09f2..0652028bf8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_facebook_key'], + 'secret' => $this->config['auth_oauth_facebook_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php index a0f63a40e7..d75b971fcf 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php @@ -20,7 +20,16 @@ if (!defined('IN_PHPBB')) * * @package auth */ -class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base +class phpbb_auth_provider_oauth_service_fitbit extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_fitbit_key'], + 'secret' => $this->config['auth_oauth_fitbit_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php index 9eb868b1c4..d03725bcfd 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_foursquare extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_foursquare_key'], + 'secret' => $this->config['auth_oauth_foursquare_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php index 1eddb26906..30d23b0e4f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ b/phpBB/phpbb/auth/provider/oauth/service/github.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_github extends phpbb_auth_provider_oauth 'user', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_github_key'], + 'secret' => $this->config['auth_oauth_github_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index d72c66ac5e..50cfee86e0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -32,4 +32,15 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth 'userinfo_profile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_google_key'], + 'secret' => $this->config['auth_oauth_google_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php index c40acf9507..ae30d2d0b6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ b/phpBB/phpbb/auth/provider/oauth/service/instagram.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_instagram extends phpbb_auth_provider_oa 'basic', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_instagram_key'], + 'secret' => $this->config['auth_oauth_instagram_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index c79413ee3a..80f2ee7259 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -28,4 +28,17 @@ interface phpbb_auth_provider_oauth_service_interface * @return array An array of the required scopes */ public function get_auth_scope(); + + /** + * Returns an array containing the service credentials belonging to requested + * service. + * + * @return array An array containing the 'key' and the 'secret' of the + * service in the form: + * array( + * 'key' => string + * 'secret' => string + * ) + */ + public function get_service_credentials(); } diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php index 118379b4ab..3231270cff 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_linkedin extends phpbb_auth_provider_oau 'r_basicprofile', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_linkedin_key'], + 'secret' => $this->config['auth_oauth_linkedin_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php index 0ad2a5173b..7fb47f45fc 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php @@ -31,4 +31,15 @@ class phpbb_auth_provider_oauth_service_microsoft extends phpbb_auth_provider_oa 'basic', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_microsoft_key'], + 'secret' => $this->config['auth_oauth_microsoft_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 26038d4fcb..48b361921a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -33,4 +33,15 @@ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth 'email', ); } + + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_paypal_key'], + 'secret' => $this->config['auth_oauth_paypal_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php index 0b5de5af20..e000c68a6f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_soundcloud extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_soundcloud_key'], + 'secret' => $this->config['auth_oauth_soundcloud_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php index be4871322c..2098cc92e1 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_tumblr extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_tumblr_key'], + 'secret' => $this->config['auth_oauth_tumblr_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php index e58b02fa41..57d07e1c15 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ b/phpBB/phpbb/auth/provider/oauth/service/twitter.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_twitter extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_twitter_key'], + 'secret' => $this->config['auth_oauth_twitter_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php index f6398a137d..6b43bf39d8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_vkontakte extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_vkontakte_key'], + 'secret' => $this->config['auth_oauth_vkontakte_secret'], + ); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php index 4cbc153329..13c638def7 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ b/phpBB/phpbb/auth/provider/oauth/service/yammer.php @@ -22,5 +22,14 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_yammer extends phpbb_auth_provider_oauth_service_base { - + /** + * {@inheritdoc} + */ + public function get_service_credentials() + { + return array( + 'key' => $this->config['auth_oauth_yammer_key'], + 'secret' => $this->config['auth_oauth_yammer_secret'], + ); + } } -- cgit v1.2.1 From a8e60c306d605815abfa0f4204e30466ecfbd539 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 16:01:41 -0400 Subject: [feature/oauth] Remove get_service_credentials() from oauth provider PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 75e8a54ed4..c4908dbf6c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -147,26 +147,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } - /** - * Returns an array containing the service credentials belonging to requested - * service. - * - * @param string $service_name The name of the service - * @return array An array containing the 'key' and the 'secret' of the - * service in the form: - * array( - * 'key' => string - * 'secret' => string - * ) - */ - protected function get_service_credentials($service_name) - { - return array( - 'key' => $this->config['auth_oauth_' . $service_name . '_key'], - 'secret' => $this->config['auth_oauth_' . $service_name . '_secret'], - ); - } - /** * Returns the cached current_uri object or creates and caches it if it is * not already created -- cgit v1.2.1 From 440904a0c8b9fb8da124d879366ae5284532c23e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:03:02 -0400 Subject: [feature/oauth] Add OAuth services to service file PHPBB3-11673 --- phpBB/config/auth_providers.yml | 74 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index ead540c953..5282dac5b9 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -45,3 +45,77 @@ services: - %tables.auth_provider_oauth% tags: - { name: auth.provider } + auth.provider.oauth.service_collection: + class: phpbb_di_service_collection + arguments: + - @service_container + tags: + - { name: service_collection, tag: auth.provider.oauth.service } + auth.provider.oauth.service.amazon: + class: phpbb_auth_provider_oauth_service_amazon + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.bitly: + class: phpbb_auth_provider_oauth_service_bitly + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.box: + class: phpbb_auth_provider_oauth_service_box + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.dropbox: + class: phpbb_auth_provider_oauth_service_dropbox + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.facebook: + class: phpbb_auth_provider_oauth_service_facebook + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.fitbit: + class: phpbb_auth_provider_oauth_service_fitbit + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.foursquare: + class: phpbb_auth_provider_oauth_service_foursquare + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.github: + class: phpbb_auth_provider_oauth_service_github + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.instagram: + class: phpbb_auth_provider_oauth_service_instagram + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.linkedin: + class: phpbb_auth_provider_oauth_service_linkedin + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.microsoft: + class: phpbb_auth_provider_oauth_service_microsoft + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.paypal: + class: phpbb_auth_provider_oauth_service_paypal + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.soundclod: + class: phpbb_auth_provider_oauth_service_soundcloud + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.tumblr: + class: phpbb_auth_provider_oauth_service_tumblr + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.twitter: + class: phpbb_auth_provider_oauth_service_twitter + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.vkontakte: + class: phpbb_auth_provider_oauth_service_vkontakte + tages: + - { tag: auth.provider.oauth.service } + auth.provider.oauth.service.yammer: + class: phpbb_auth_provider_oauth_service_yammer + tages: + - { tag: auth.provider.oauth.service } -- cgit v1.2.1 From 247a002a144ecfc882f365ad54c63663a9b00090 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:23:40 -0400 Subject: [feature/oauth] Add constructors PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/bitly.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/box.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/dropbox.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/facebook.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/foursqare.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/github.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/instagram.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/linkedin.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/microsoft.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/paypal.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/soundcloud.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/twitter.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/vkontakte.php | 17 +++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 17 +++++++++++++++++ 18 files changed, 306 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php index 740add0f3c..fe27a6110f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ b/phpBB/phpbb/auth/provider/oauth/service/amazon.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_amazon extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 1de3183b84..6b6e08c19a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php index 19e409a943..083212ec2a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ b/phpBB/phpbb/auth/provider/oauth/service/box.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_box extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php index 3b4920bb0e..4fadcbca11 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_dropbox extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 0652028bf8..87e8749b55 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php index d75b971fcf..bf1aeac98e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_fitbit extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php index d03725bcfd..00ebd9889e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_foursquare extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php index 30d23b0e4f..91ae0c1287 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ b/phpBB/phpbb/auth/provider/oauth/service/github.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_github extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 50cfee86e0..b9b1851424 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php index ae30d2d0b6..0570f79138 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ b/phpBB/phpbb/auth/provider/oauth/service/instagram.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_instagram extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php index 3231270cff..faf26132b0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_linkedin extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php index 7fb47f45fc..d607f3392d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_microsoft extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php index 48b361921a..8a81c460ce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ b/phpBB/phpbb/auth/provider/oauth/service/paypal.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_paypal extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php index e000c68a6f..ac43ea5e48 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_soundcloud extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php index 2098cc92e1..9b6d2e2f5e 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_tumblr extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php index 57d07e1c15..23dbdbb6c2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ b/phpBB/phpbb/auth/provider/oauth/service/twitter.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_twitter extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php index 6b43bf39d8..8a328b234f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_vkontakte extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php index 13c638def7..fe14f13077 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ b/phpBB/phpbb/auth/provider/oauth/service/yammer.php @@ -22,6 +22,23 @@ if (!defined('IN_PHPBB')) */ class phpbb_auth_provider_oauth_service_yammer extends phpbb_auth_provider_oauth_service_base { + /** + * phpBB config + * + * @var phpbb_config + */ + protected $config; + + /** + * Constructor + * + * @param phpbb_config $config + */ + public function __construct(phpbb_config $config) + { + $this->config = $config; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 80c5a4252569b4b219904f16069ca319670c8555 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:26:09 -0400 Subject: [feature/oauth] Add constructor arguments to services file PHPBB3-11673 --- phpBB/config/auth_providers.yml | 68 ++++++++++++++++++++++++++++++----------- 1 file changed, 51 insertions(+), 17 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 5282dac5b9..0696b01001 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -53,69 +53,103 @@ services: - { name: service_collection, tag: auth.provider.oauth.service } auth.provider.oauth.service.amazon: class: phpbb_auth_provider_oauth_service_amazon - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.bitly: class: phpbb_auth_provider_oauth_service_bitly - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.box: class: phpbb_auth_provider_oauth_service_box - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.dropbox: class: phpbb_auth_provider_oauth_service_dropbox - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.facebook: class: phpbb_auth_provider_oauth_service_facebook - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.fitbit: class: phpbb_auth_provider_oauth_service_fitbit - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.foursquare: class: phpbb_auth_provider_oauth_service_foursquare - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.github: class: phpbb_auth_provider_oauth_service_github - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.instagram: class: phpbb_auth_provider_oauth_service_instagram - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.linkedin: class: phpbb_auth_provider_oauth_service_linkedin - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.microsoft: class: phpbb_auth_provider_oauth_service_microsoft - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.paypal: class: phpbb_auth_provider_oauth_service_paypal - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.soundclod: class: phpbb_auth_provider_oauth_service_soundcloud - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.tumblr: class: phpbb_auth_provider_oauth_service_tumblr - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.twitter: class: phpbb_auth_provider_oauth_service_twitter - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.vkontakte: class: phpbb_auth_provider_oauth_service_vkontakte - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } auth.provider.oauth.service.yammer: class: phpbb_auth_provider_oauth_service_yammer - tages: + arguments: + - @config + tags: - { tag: auth.provider.oauth.service } -- cgit v1.2.1 From 0156bac3e2121cf23d0fef048233257fcb2c0d25 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:40:09 -0400 Subject: [feature/oauth] Update auth provider oauth to take in service providers PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 + phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 0696b01001..a781ad2999 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -43,6 +43,7 @@ services: - @request - @user - %tables.auth_provider_oauth% + - @auth.provider.oauth.service_collection tags: - { name: auth.provider } auth.provider.oauth.service_collection: diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c4908dbf6c..4db9946e50 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -67,6 +67,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $services; + /** + * All OAuth service providers + * + * @var array Contains phpbb_auth_provider_oauth_service_interface + */ + protected $service_providers; + /** * Cached current uri object * @@ -82,14 +89,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_request $request * @param phpbb_user $user * @param string $auth_provider_oauth_table + * @param phpbb_auth_provider_oauth_service_interface $service_providers */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table, phpbb_auth_provider_oauth_service_interface $service_providers) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->service_providers = $service_providers; $this->services = array(); } -- cgit v1.2.1 From eb17462f906a9010ca193b2dd28375f2fcc38c03 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sun, 14 Jul 2013 17:45:05 -0400 Subject: [feature/oauth] Fix typo PHPBB3-11673 --- phpBB/config/auth_providers.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index a781ad2999..0d2075bc87 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -57,100 +57,100 @@ services: arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.bitly: class: phpbb_auth_provider_oauth_service_bitly arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.box: class: phpbb_auth_provider_oauth_service_box arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.dropbox: class: phpbb_auth_provider_oauth_service_dropbox arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.facebook: class: phpbb_auth_provider_oauth_service_facebook arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.fitbit: class: phpbb_auth_provider_oauth_service_fitbit arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.foursquare: class: phpbb_auth_provider_oauth_service_foursquare arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.github: class: phpbb_auth_provider_oauth_service_github arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.instagram: class: phpbb_auth_provider_oauth_service_instagram arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.linkedin: class: phpbb_auth_provider_oauth_service_linkedin arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.microsoft: class: phpbb_auth_provider_oauth_service_microsoft arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.paypal: class: phpbb_auth_provider_oauth_service_paypal arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.soundclod: class: phpbb_auth_provider_oauth_service_soundcloud arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.tumblr: class: phpbb_auth_provider_oauth_service_tumblr arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.twitter: class: phpbb_auth_provider_oauth_service_twitter arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.vkontakte: class: phpbb_auth_provider_oauth_service_vkontakte arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } auth.provider.oauth.service.yammer: class: phpbb_auth_provider_oauth_service_yammer arguments: - @config tags: - - { tag: auth.provider.oauth.service } + - { name: auth.provider.oauth.service } -- cgit v1.2.1 From 6e1c522bdd0e3c67786656a866219c57b7b1e4dc Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 14:57:00 -0400 Subject: [feature/oauth] Update oauth to reflect recent changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4db9946e50..3ef6d8c934 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -109,7 +109,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - if ($service_name === '') + $service_name = strtolower($service_name); + if ($service_name === '' && isset($this->services[$service_name])) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -120,18 +121,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->get_credentials($service_name); - - // Check that the service has settings - if ($service_credentials['key'] == false || $service_credentials['secret'] == false) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } + $service_credentials = $this->services[$service_name]->get_credentials($service_name); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); -- cgit v1.2.1 From 8641127da5dd71d4f8fc7acc6ca0b2a34a4ede56 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:06:54 -0400 Subject: [feature/oauth] Correct function call PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3ef6d8c934..9ee689172c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -121,10 +121,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->services[$service_name]->get_credentials($service_name); + $service_credentials = $this->services[$service_name]->get_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->get_scopes($service_name)); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { -- cgit v1.2.1 From 47b998ae486ebe9c0f9df5be4e3d836b31f2c7a3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:21:20 -0400 Subject: [feature/oauth] Define method to perform login actions for a provider PHPB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++--------- phpBB/phpbb/auth/provider/oauth/service/base.php | 23 ++++++++++++++++++++++ .../auth/provider/oauth/service/interface.php | 14 +++++++++++++ 3 files changed, 39 insertions(+), 9 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9ee689172c..fc6fce3db0 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -128,15 +128,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if ($this->request->is_set('code', phpbb_request_interface::GET)) { - // This was a callback request from the service provider - $service->requestAccessToken( $_GET['code'] ); - - // Send a request with it - $path = $this->get_path($service_name); - if ($path) - { - $result = json_decode( $service->request($path), true ); - } + $this->services[$service_name]->set_external_service_provider($service); + $result = $this->services[$service_name]->perform_auth_login(); // Perform authentication } else { diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index 98a1fa16e4..d59199f987 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -22,6 +22,21 @@ if (!defined('IN_PHPBB')) */ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_provider_oauth_service_interface { + /** + * External OAuth service provider + * + * @var \OAuth\Common\Service\ServiceInterface + */ + protected $service_provider; + + /** + * {@inheritdoc} + */ + public function get_external_service_provider() + { + return $this->service_provider; + } + /** * {@inheritdoc} */ @@ -29,4 +44,12 @@ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_prov { return array(); } + + /** + * {@inheritdoc} + */ + public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider) + { + $this->service_provider = $service; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 80f2ee7259..5893bc1740 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -29,6 +29,13 @@ interface phpbb_auth_provider_oauth_service_interface */ public function get_auth_scope(); + /** + * Returns the external library service provider once it has been set + * + * @param \OAuth\Common\Service\ServiceInterface|null + */ + public function get_external_service_provider(); + /** * Returns an array containing the service credentials belonging to requested * service. @@ -41,4 +48,11 @@ interface phpbb_auth_provider_oauth_service_interface * ) */ public function get_service_credentials(); + + /** + * Sets the external library service provider + * + * @param \OAuth\Common\Service\ServiceInterface $service + */ + public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); } -- cgit v1.2.1 From e9bf2bf09a2b1fcee0d206b691a739600fee49e0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 15 Jul 2013 15:28:13 -0400 Subject: [feature/oauth] Update interface appropriately PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/interface.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 5893bc1740..4d06606f49 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -49,6 +49,13 @@ interface phpbb_auth_provider_oauth_service_interface */ public function get_service_credentials(); + /** + * Returns the results of the authentication in json format + * + * @return type The results of the authentication action in json format. + */ + public function perform_auth_login(); + /** * Sets the external library service provider * -- cgit v1.2.1 From 469879716d86757c2e583bc746bebaa39cd630ef Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 11:51:10 -0400 Subject: [feature/oauth] Bitly authentication method, no user_id association PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 + phpBB/phpbb/auth/provider/oauth/service/bitly.php | 31 ++++++++++++++++++++++- 2 files changed, 31 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 0d2075bc87..74f674a1f9 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -62,6 +62,7 @@ services: class: phpbb_auth_provider_oauth_service_bitly arguments: - @config + - @request tags: - { name: auth.provider.oauth.service } auth.provider.oauth.service.box: diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 6b6e08c19a..cbfad3d852 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** @@ -49,4 +58,24 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ 'secret' => $this->config['auth_oauth_bitly_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('user/info'), true ); + + // Get the user id + } } -- cgit v1.2.1 From fe9428b7250fce4cee0d601591e3fac117911d2e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:12:14 -0400 Subject: [feature/oauth] Create means to associate phpBB account with external PHPBB3-11673 --- phpBB/develop/create_schema_files.php | 14 +++++++++++++- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 3 ++- phpBB/phpbb/auth/provider/oauth/service/interface.php | 3 ++- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 13 ++++++++++++- 4 files changed, 29 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index c7d3cc4106..2cfe336511 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -923,7 +923,7 @@ function get_schema_struct() ), ); - $schemda_data['auth_provider_oauth'] = array( + $schemda_data['auth_provider_oauth_token_storage'] = array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set @@ -936,6 +936,18 @@ function get_schema_struct() ), ); + $schemda_data['auth_provider_oauth_account_assoc'] = array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), + 'oauth_provider' => array('VCHAR'), + 'oauth_provider_id' => array('TEXT_UNI'), + ), + 'PRIMARY_KEY' => array( + 'user_id', + 'oauth_provider', + ), + ); + $schema_data['phpbb_banlist'] = array( 'COLUMNS' => array( 'ban_id' => array('UINT', NULL, 'auto_increment'), diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index cbfad3d852..b6b99c0850 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -76,6 +76,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ // Send a request with it $result = json_decode( $this->service_provider->request('user/info'), true ); - // Get the user id + // Return the unique identifier returned from bitly + return $result['data']['login']; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 4d06606f49..a69148695d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -52,7 +52,8 @@ interface phpbb_auth_provider_oauth_service_interface /** * Returns the results of the authentication in json format * - * @return type The results of the authentication action in json format. + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. */ public function perform_auth_login(); diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 92da42ba31..86e446e48e 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -18,7 +18,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration { return array( 'add_tables' => array( - $this->table_prefix . 'auth_provider_oauth' => array( + $this->table_prefix . 'auth_provider_oauth_token_storage' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set @@ -30,6 +30,17 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration 'oauth_provider' => array('INDEX', 'oauth_provider'), ), ), + $this->table_prefix . 'auth_provider_oauth_account_assoc' => array( + 'COLUMNS' => array( + 'user_id' => array('UINT', 0), + 'oauth_provider' => array('VCHAR'), + 'oauth_provider_id' => array('TEXT_UNI'), + ), + 'PRIMARY_KEY' => array( + 'user_id', + 'oauth_provider', + ), + ), ), ); } -- cgit v1.2.1 From 662b8fdcec2ce6127bd97fbaf3e15db8d4de2170 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:21:28 -0400 Subject: [feature/oauth] Remove OAuth providers to make PR smaller PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/amazon.php | 62 --------------------- phpBB/phpbb/auth/provider/oauth/service/box.php | 52 ------------------ .../phpbb/auth/provider/oauth/service/dropbox.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/fitbit.php | 52 ------------------ .../auth/provider/oauth/service/foursqare.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/github.php | 62 --------------------- .../auth/provider/oauth/service/instagram.php | 62 --------------------- .../phpbb/auth/provider/oauth/service/linkedin.php | 62 --------------------- .../auth/provider/oauth/service/microsoft.php | 62 --------------------- phpBB/phpbb/auth/provider/oauth/service/paypal.php | 64 ---------------------- .../auth/provider/oauth/service/soundcloud.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/tumblr.php | 52 ------------------ .../phpbb/auth/provider/oauth/service/twitter.php | 52 ------------------ .../auth/provider/oauth/service/vkontakte.php | 52 ------------------ phpBB/phpbb/auth/provider/oauth/service/yammer.php | 52 ------------------ 15 files changed, 842 deletions(-) delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/amazon.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/box.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/dropbox.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/fitbit.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/foursqare.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/github.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/instagram.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/linkedin.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/microsoft.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/paypal.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/soundcloud.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/tumblr.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/twitter.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/vkontakte.php delete mode 100644 phpBB/phpbb/auth/provider/oauth/service/yammer.php (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/amazon.php b/phpBB/phpbb/auth/provider/oauth/service/amazon.php deleted file mode 100644 index fe27a6110f..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/amazon.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'profile', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_amazon_key'], - 'secret' => $this->config['auth_oauth_amazon_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/box.php b/phpBB/phpbb/auth/provider/oauth/service/box.php deleted file mode 100644 index 083212ec2a..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/box.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_box_key'], - 'secret' => $this->config['auth_oauth_box_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php b/phpBB/phpbb/auth/provider/oauth/service/dropbox.php deleted file mode 100644 index 4fadcbca11..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/dropbox.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_dropbox_key'], - 'secret' => $this->config['auth_oauth_dropbox_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php b/phpBB/phpbb/auth/provider/oauth/service/fitbit.php deleted file mode 100644 index bf1aeac98e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/fitbit.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_fitbit_key'], - 'secret' => $this->config['auth_oauth_fitbit_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php b/phpBB/phpbb/auth/provider/oauth/service/foursqare.php deleted file mode 100644 index 00ebd9889e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/foursqare.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_foursquare_key'], - 'secret' => $this->config['auth_oauth_foursquare_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/github.php b/phpBB/phpbb/auth/provider/oauth/service/github.php deleted file mode 100644 index 91ae0c1287..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/github.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'user', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_github_key'], - 'secret' => $this->config['auth_oauth_github_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/instagram.php b/phpBB/phpbb/auth/provider/oauth/service/instagram.php deleted file mode 100644 index 0570f79138..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/instagram.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'basic', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_instagram_key'], - 'secret' => $this->config['auth_oauth_instagram_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php b/phpBB/phpbb/auth/provider/oauth/service/linkedin.php deleted file mode 100644 index faf26132b0..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/linkedin.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'r_basicprofile', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_linkedin_key'], - 'secret' => $this->config['auth_oauth_linkedin_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php b/phpBB/phpbb/auth/provider/oauth/service/microsoft.php deleted file mode 100644 index d607f3392d..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/microsoft.php +++ /dev/null @@ -1,62 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'basic', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_microsoft_key'], - 'secret' => $this->config['auth_oauth_microsoft_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/paypal.php b/phpBB/phpbb/auth/provider/oauth/service/paypal.php deleted file mode 100644 index 8a81c460ce..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/paypal.php +++ /dev/null @@ -1,64 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_auth_scope() - { - return array( - 'openid', - 'profile', - 'email', - ); - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_paypal_key'], - 'secret' => $this->config['auth_oauth_paypal_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php b/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php deleted file mode 100644 index ac43ea5e48..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/soundcloud.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_soundcloud_key'], - 'secret' => $this->config['auth_oauth_soundcloud_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php b/phpBB/phpbb/auth/provider/oauth/service/tumblr.php deleted file mode 100644 index 9b6d2e2f5e..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/tumblr.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_tumblr_key'], - 'secret' => $this->config['auth_oauth_tumblr_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/twitter.php b/phpBB/phpbb/auth/provider/oauth/service/twitter.php deleted file mode 100644 index 23dbdbb6c2..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/twitter.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_twitter_key'], - 'secret' => $this->config['auth_oauth_twitter_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php b/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php deleted file mode 100644 index 8a328b234f..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/vkontakte.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_vkontakte_key'], - 'secret' => $this->config['auth_oauth_vkontakte_secret'], - ); - } -} diff --git a/phpBB/phpbb/auth/provider/oauth/service/yammer.php b/phpBB/phpbb/auth/provider/oauth/service/yammer.php deleted file mode 100644 index fe14f13077..0000000000 --- a/phpBB/phpbb/auth/provider/oauth/service/yammer.php +++ /dev/null @@ -1,52 +0,0 @@ -config = $config; - } - - /** - * {@inheritdoc} - */ - public function get_service_credentials() - { - return array( - 'key' => $this->config['auth_oauth_yammer_key'], - 'secret' => $this->config['auth_oauth_yammer_secret'], - ); - } -} -- cgit v1.2.1 From bbbe442c425d333d7fea35b03217d0f222f1e2cc Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:24:11 -0400 Subject: [feature/oauth] Finish clean up of removed providers PHPBB3-11673 --- phpBB/config/auth_providers.yml | 88 +---------------------------------------- 1 file changed, 2 insertions(+), 86 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 74f674a1f9..98b51fb917 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -52,12 +52,6 @@ services: - @service_container tags: - { name: service_collection, tag: auth.provider.oauth.service } - auth.provider.oauth.service.amazon: - class: phpbb_auth_provider_oauth_service_amazon - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } auth.provider.oauth.service.bitly: class: phpbb_auth_provider_oauth_service_bitly arguments: @@ -65,92 +59,14 @@ services: - @request tags: - { name: auth.provider.oauth.service } - auth.provider.oauth.service.box: - class: phpbb_auth_provider_oauth_service_box - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.dropbox: - class: phpbb_auth_provider_oauth_service_dropbox - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } auth.provider.oauth.service.facebook: class: phpbb_auth_provider_oauth_service_facebook arguments: - @config tags: - { name: auth.provider.oauth.service } - auth.provider.oauth.service.fitbit: - class: phpbb_auth_provider_oauth_service_fitbit - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.foursquare: - class: phpbb_auth_provider_oauth_service_foursquare - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.github: - class: phpbb_auth_provider_oauth_service_github - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.instagram: - class: phpbb_auth_provider_oauth_service_instagram - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.linkedin: - class: phpbb_auth_provider_oauth_service_linkedin - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.microsoft: - class: phpbb_auth_provider_oauth_service_microsoft - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.paypal: - class: phpbb_auth_provider_oauth_service_paypal - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.soundclod: - class: phpbb_auth_provider_oauth_service_soundcloud - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.tumblr: - class: phpbb_auth_provider_oauth_service_tumblr - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.twitter: - class: phpbb_auth_provider_oauth_service_twitter - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.vkontakte: - class: phpbb_auth_provider_oauth_service_vkontakte - arguments: - - @config - tags: - - { name: auth.provider.oauth.service } - auth.provider.oauth.service.yammer: - class: phpbb_auth_provider_oauth_service_yammer + auth.provider.oauth.service.google: + class: phpbb_auth_provider_oauth_service_google arguments: - @config tags: -- cgit v1.2.1 From 2faaa7f63cd45244cd536b507325e65c5f085b39 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 12:50:42 -0400 Subject: [feature/oauth] Update service files + check for existing links PHPBB3-11673 --- phpBB/config/auth_providers.yml | 3 ++- phpBB/config/tables.yml | 3 ++- phpBB/phpbb/auth/provider/oauth/oauth.php | 32 ++++++++++++++++++++++++------- 3 files changed, 29 insertions(+), 9 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 98b51fb917..b7486eabf4 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -42,7 +42,8 @@ services: - @config - @request - @user - - %tables.auth_provider_oauth% + - %tables.auth_provider_oauth_token_storage% + - %tables.auth_provider_oauth_account_assoc% - @auth.provider.oauth.service_collection tags: - { name: auth.provider } diff --git a/phpBB/config/tables.yml b/phpBB/config/tables.yml index 48098ba8c2..e12720023d 100644 --- a/phpBB/config/tables.yml +++ b/phpBB/config/tables.yml @@ -1,5 +1,6 @@ parameters: - tables.auth_provider_oauth: %core.table_prefix%auth_provider_oauth + tables.auth_provider_oauth_token_storage: %core.table_prefix%auth_provider_oauth_token_storage + tables.auth_provider_oauth_account_assoc: %core.table_prefix%auth_provider_oauth_account_assoc tables.config: %core.table_prefix%config tables.config_text: %core.table_prefix%config_text tables.ext: %core.table_prefix%ext diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index fc6fce3db0..afaae8a8ea 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -58,7 +58,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * * @var string */ - protected $auth_provider_oauth_table; + protected $auth_provider_oauth_token_storage_table; + + /** + * OAuth account association table + * + * @var string + */ + protected $auth_provider_oauth_token_account_assoc; /** * Cached services once they has been created @@ -88,16 +95,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_config $config * @param phpbb_request $request * @param phpbb_user $user - * @param string $auth_provider_oauth_table + * @param string $auth_provider_oauth_token_storage_table + * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_auth_provider_oauth_service_interface $service_providers */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_table, phpbb_auth_provider_oauth_service_interface $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_auth_provider_oauth_service_interface $service_providers) { $this->db = $db; $this->config = $config; $this->request = $request; $this->user = $user; - $this->auth_provider_oauth_table = $auth_provider_oauth_table; + $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; + $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->services = array(); } @@ -123,15 +132,24 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->services[$service_name]->get_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { $this->services[$service_name]->set_external_service_provider($service); - $result = $this->services[$service_name]->perform_auth_login(); + $unique_id = $this->services[$service_name]->perform_auth_login(); - // Perform authentication + // Check to see if this provider is already assosciated with an account + $data = array( + 'oauth_provider' => $service_name, + 'oauth_provider_id' => $unique_id + ); + $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points -- cgit v1.2.1 From 36f7913cc06aa299fa93ce83e4084993d31f1368 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 15:31:13 -0400 Subject: [feature/oauth] Finish authenticating user code PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index afaae8a8ea..921ce830d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -150,6 +150,33 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); + + if (!$row) + { + // Account not tied to any existing account + // TODO: determine action that should occur + } + + // Retrieve the user's account + $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts + FROM ' . USERS_TABLE . " + WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: Update exception type and change it to language constant + throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); + } + + // The user is now authenticated and can be logged in + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); } else { $url = $service->getAuthorizationUri(); // TODO: modify $url for the appropriate return points -- cgit v1.2.1 From 2eb47d00e078cf7b0dd3a12e2557a33ca89d297a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 15:33:14 -0400 Subject: [feature/oauth] Remove unused method PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 51 ------------------------------- 1 file changed, 51 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 921ce830d9..2ad204c472 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -236,55 +236,4 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $this->service[$service_name]; } - - /** - * Returns the path desired of the service - * - * @param string $service_name - * @return string|UriInterface|null A null return means do not - * request additional information. - */ - protected function get_path($service_name) - { - switch ($service_name) - { - case 'bitly': - case 'tumblr': - $path = 'user/info'; - break; - case 'box': - $path = '/users/me'; - break; - case 'facebook': - $path = '/me'; - break; - case 'FitBit': - $path = 'user/-/profile.json'; - break; - case 'foursquare': - case 'instagram': - $path = 'users/self'; - break; - case 'GitHub': - $path = 'user/emails'; - break; - case 'google': - $path = 'https://www.googleapis.com/oauth2/v1/userinfo'; - break; - case 'linkedin': - $path = '/people/~?format=json'; - break; - case 'soundCloud': - $path = 'me.json'; - break; - case 'twitter': - $path = 'account/verify_credentials.json'; - break; - default: - $path = null; - break; - } - - return $path; - } } -- cgit v1.2.1 From 772a977afcd4919c9d8bfcc8e402f4af4d3aefbf Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 16:03:29 -0400 Subject: [feature/oauth] Facebook support PHPBB3-11673 --- .../phpbb/auth/provider/oauth/service/facebook.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 87e8749b55..fcf41755b7 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -49,4 +49,25 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau 'secret' => $this->config['auth_oauth_facebook_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('/me'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From a673eb8cbc8c464e550a5528f932e07a079f1fac Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 16:04:44 -0400 Subject: [feature/oauth] Google support PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/google.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index b9b1851424..70bad77697 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -60,4 +60,25 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth 'secret' => $this->config['auth_oauth_google_secret'], ); } + + /** + * {@inheritdoc} + */ + public function perform_auth_login() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // This was a callback request from bitly, get the token + $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + + // Send a request with it + $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From 0f292f70c78b5c2e7e19ba02bb484d14b2a94c9d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 20:05:13 -0400 Subject: [feature/oauth] Fix fatal error PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2ad204c472..c10ac3e9da 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -77,7 +77,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * All OAuth service providers * - * @var array Contains phpbb_auth_provider_oauth_service_interface + * @var phpbb_di_service_collection Contains phpbb_auth_provider_oauth_service_interface */ protected $service_providers; @@ -97,9 +97,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param phpbb_user $user * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc - * @param phpbb_auth_provider_oauth_service_interface $service_providers + * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_auth_provider_oauth_service_interface $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers) { $this->db = $db; $this->config = $config; -- cgit v1.2.1 From b67032fb028b096b33c72fe7aabec55056243755 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 20:49:25 -0400 Subject: [feature/oauth] Temporary workaround for only allowing one auth provider PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c10ac3e9da..6f2fc52cfa 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -116,6 +116,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function login($username, $password) { + // Temporary workaround for only having one authentication provider available + if ($username && $password) + { + // TODO: Remove before merging + global $phpbb_root_path, $phpEx; + $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); + return $provider->login($username, $password); + } + // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); $service_name = strtolower($service_name); -- cgit v1.2.1 From f852485513ee4e032cf9c25acb2d72980f783c24 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 21:02:00 -0400 Subject: [feature/oauth] Fix a bunch of errors in oauth.php PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6f2fc52cfa..9be404dade 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -128,7 +128,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Requst the name of the OAuth service $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); $service_name = strtolower($service_name); - if ($service_name === '' && isset($this->services[$service_name])) + if ($service_name === '' || !array_key_exists($service_name, $this->service_providers)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -139,15 +139,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->services[$service_name]->get_credentials(); + $service_credentials = $this->service_providers[$service_name]->get_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->services[$service_name]->get_auth_scope()); + $service = $this->get_service($service_name, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { - $this->services[$service_name]->set_external_service_provider($service); - $unique_id = $this->services[$service_name]->perform_auth_login(); + $this->service_providers[$service_name]->set_external_service_provider($service); + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); // Check to see if this provider is already assosciated with an account $data = array( -- cgit v1.2.1 From 4c48da0597c148c58925cdedbd4e79fb63eaf76a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 18 Jul 2013 21:03:57 -0400 Subject: [feature/oauth] Clean up unneeded complexity PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9be404dade..20c82e63d7 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -67,13 +67,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $auth_provider_oauth_token_account_assoc; - /** - * Cached services once they has been created - * - * @var array Contains \OAuth\Common\Service\ServiceInterface or null - */ - protected $services; - /** * All OAuth service providers * @@ -108,7 +101,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; - $this->services = array(); } /** @@ -226,11 +218,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { - if ($this->services[$service_name]) - { - return $this->services[$service_name]; - } - $current_uri = $this->get_current_uri(); // Setup the credentials for the requests @@ -241,8 +228,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - $this->service[$service_name] = $service_factory->createService($service_name, $credentials, $storage, $scopes); - - return $this->service[$service_name]; + return $service_factory->createService($service_name, $credentials, $storage, $scopes); } } -- cgit v1.2.1 From d804842cef945dbc7ec2c6c1d145587c62f06f65 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 15:58:32 -0400 Subject: [feature/oauth] Fall back to DB login if OAuth is enabled but not requested PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 20c82e63d7..7f3de0f4d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -109,7 +109,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Temporary workaround for only having one authentication provider available - if ($username && $password) + if (!$this->request->is_set_post('oauth_service')) { // TODO: Remove before merging global $phpbb_root_path, $phpEx; -- cgit v1.2.1 From cd49cfacfb0faddce8343837b69eb919b8652352 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 16:23:13 -0400 Subject: [feature/oauth] Initial step in creating OAuth login support PHPBB3-11673 --- phpBB/includes/functions.php | 12 +++++++++++- phpBB/phpbb/auth/provider/oauth/oauth.php | 10 ++++++++++ phpBB/styles/prosilver/template/login_body.html | 6 +++++- 3 files changed, 26 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 49f2e469bc..1bb9cc8299 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3199,7 +3199,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config; - global $request; + global $request, $phpbb_container; if (!class_exists('phpbb_captcha_factory', false)) { @@ -3367,12 +3367,22 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields['credential'] = $credential; } + $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; + + if ($oauth_login) + { + $auth_provider = $phpbb_container->get('auth.provider.oauth'); + $oauth_box_data = $auth_provider->get_login_data(); + } + $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, + 'OAUTH_LOGIN' => $oauth_login, + 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 7f3de0f4d9..eeb4b23be4 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -230,4 +230,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_factory = new \OAuth\ServiceFactory(); return $service_factory->createService($service_name, $credentials, $storage, $scopes); } + + /** + * Returns an array of login data for all enabled OAuth services. + * + * @return array + */ + public function get_login_data() + { + return array(); + } } diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index 89ef8acd6f..4a51cf477f 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -46,7 +46,11 @@
{S_HIDDEN_FIELDS}
- + + +
+ hi +
-- cgit v1.2.1 From 0be81468e7f61b8c2fc1c9729ff5d217c7424026 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 16:35:18 -0400 Subject: [feature/oauth] Possible way of getting the login data to login_box() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 18 +++++++++++++++++- phpBB/styles/prosilver/template/login_body.html | 2 +- 2 files changed, 18 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index eeb4b23be4..e43579a740 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -238,6 +238,22 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_login_data() { - return array(); + $login_data = array(); + + foreach ($this->service_providers as $service_name => $service_provider) + { + // Only include data if the credentials are set + $credentials = $service_provider->get_service_credentials(); + if ($credentials['key'] && $credentials['secret']) + { + $login_data[$service_provider] = array(); + + // Build the redirect url for the box + $redirect_url = build_url(false) . '&oauth_service=' . $service_name; + $login_data[$service_provider]['url'] = redirect($redirect_url, true); + } + } + + return $login_data; } } diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index 4a51cf477f..85a47be4ad 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -49,7 +49,7 @@
- hi +
-- cgit v1.2.1 From 5578b7a578cd9b2e8045d65c883a355f7a9f5394 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 22 Jul 2013 17:27:16 -0400 Subject: [feature/oauth] Initial UI element added, this is non-final At this point, all UI changes are purely for testing and should not be considered final. PHPBB3-11673 --- phpBB/includes/functions.php | 7 +++++++ phpBB/styles/prosilver/template/login_body.html | 7 ++++++- 2 files changed, 13 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 1bb9cc8299..bbe3033fb5 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3373,6 +3373,13 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $auth_provider = $phpbb_container->get('auth.provider.oauth'); $oauth_box_data = $auth_provider->get_login_data(); + foreach ($oauth_box_data as $service_name => $data) + { + $template->assign_block_vars('oauth', array( + 'SERVICE_NAME' => $service_name, + 'REDIRECT_URL' => $data['url'], + )); + } } $s_hidden_fields = build_hidden_fields($s_hidden_fields); diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index 85a47be4ad..64b3915a1b 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -49,7 +49,12 @@
- + +
+
 
+
{oauth.SERVICE_NAME}
+
+
-- cgit v1.2.1 From 93cbdc37b51edf14cb2dbebb1ccb71a612f7fd94 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:06:01 -0400 Subject: [feature/oauth] ACP options for OAuth, needs some work PHPBB3-11673 --- phpBB/adm/style/auth_provider_oauth.html | 15 +++++++++++++++ phpBB/includes/acp/acp_board.php | 10 +++++++++- phpBB/language/en/acp/board.php | 9 +++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 22 ++++++++++++++++++++++ 4 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 phpBB/adm/style/auth_provider_oauth.html (limited to 'phpBB') diff --git a/phpBB/adm/style/auth_provider_oauth.html b/phpBB/adm/style/auth_provider_oauth.html new file mode 100644 index 0000000000..e3e246d727 --- /dev/null +++ b/phpBB/adm/style/auth_provider_oauth.html @@ -0,0 +1,15 @@ +

{L_AUTH_PROVIDER_OAUTH_TITLE}

+ + +
+ {oauth_services.ACTUAL_NAME} +
+

{L_AUTH_PROVIDER_OAUTH_KEY_EXPLAIN}
+
+
+
+

{L_AUTH_PROVIDER_OAUTH_SECRET_EXPLAIN}
+
+
+
+ diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 12e2a1bf72..0af0fbec86 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -658,7 +658,15 @@ class acp_board $auth_tpl = $provider->get_acp_template($this->new_config); if ($auth_tpl) { - $template->assign_vars($auth_tpl['TEMPLATE_VARS']); + if (array_key_exists('BLOCK_VAR_NAME', $auth_tpl)) + { + foreach ($auth_tpl['TEMPLATE_VARS'] as $block_vars) + { + $template->assign_block_vars($auth_tpl['BLOCK_VAR_NAME'], $block_vars); + } + } else { + $template->assign_vars($auth_tpl['TEMPLATE_VARS']); + } $template->assign_block_vars('auth_tpl', array( 'TEMPLATE_FILE' => $auth_tpl['TEMPLATE_FILE'], )); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index ce15dfefb4..892d3f61fe 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -394,6 +394,15 @@ $lang = array_merge($lang, array( 'AUTH_METHOD' => 'Select an authentication method', + 'AUTH_PROVIDER_OAUTH_KEY' => 'Key', + 'AUTH_PROVIDER_OAUTH_KEY_EXPLAIN' => '', + 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', + 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', + 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', + 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', + 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', + 'AUTH_PROVIDER_OAUTH_SECRET_EXPLAIN' => '', + 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username. Apache authentication can only be used with mod_php (not with a CGI version) and safe_mode disabled.', 'LDAP_DN' => 'LDAP base dn', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index e43579a740..31450a573f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -256,4 +256,26 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $login_data; } + + /** + * {@inheritdoc} + */ + public function get_acp_template($new_config) + { + $ret = array( + 'BLOCK_VAR_NAME' => 'oauth_services', + 'TEMPLATE_FILE' => 'auth_provider_oauth.html', + 'TEMPLATE_VARS' => array(), + ); + + foreach ($this->service_providers as $service_name => $service_provider) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $ret['TEMPLATE_VARS'][$actual_name] = array(); + $ret['TEMPLATE_VARS'][$actual_name]['NAME'] = $actual_name; + $ret['TEMPLATE_VARS'][$actual_name]['ACTUAL_NAME'] = 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name); + } + + return $ret; + } } -- cgit v1.2.1 From 32678f63ed04a8770720da4d94d01648dc595e82 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:13:51 -0400 Subject: [feature/oauth] Finish the template so it "works" PHPBB3-11673 --- phpBB/adm/style/auth_provider_oauth.html | 4 ++-- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 ++++++--- 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/adm/style/auth_provider_oauth.html b/phpBB/adm/style/auth_provider_oauth.html index e3e246d727..87f8716c5e 100644 --- a/phpBB/adm/style/auth_provider_oauth.html +++ b/phpBB/adm/style/auth_provider_oauth.html @@ -5,11 +5,11 @@ {oauth_services.ACTUAL_NAME}

{L_AUTH_PROVIDER_OAUTH_KEY_EXPLAIN}
-
+

{L_AUTH_PROVIDER_OAUTH_SECRET_EXPLAIN}
-
+
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 31450a573f..6ad0293e8e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -271,9 +271,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base foreach ($this->service_providers as $service_name => $service_provider) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $ret['TEMPLATE_VARS'][$actual_name] = array(); - $ret['TEMPLATE_VARS'][$actual_name]['NAME'] = $actual_name; - $ret['TEMPLATE_VARS'][$actual_name]['ACTUAL_NAME'] = 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name); + $ret['TEMPLATE_VARS'][$actual_name] = array( + 'ACTUAL_NAME' => 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name), + 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], + 'NAME' => $actual_name, + 'SECRET' => $new_config['auth_oauth_' . $actual_name . '_secret'], + ); } return $ret; -- cgit v1.2.1 From 2fc4be1a31e44f30ea96914bf657e4e7b2236760 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:24:31 -0400 Subject: [feature/oauth] Fix language bug with new ACP OAuth template PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6ad0293e8e..a94e6041d9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -272,7 +272,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); $ret['TEMPLATE_VARS'][$actual_name] = array( - 'ACTUAL_NAME' => 'L_AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name), + 'ACTUAL_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], 'NAME' => $actual_name, 'SECRET' => $new_config['auth_oauth_' . $actual_name . '_secret'], -- cgit v1.2.1 From af6a4b21614c602ae8fe5323fab2b384c6ad5393 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:29:38 -0400 Subject: [feature/oauth] Clean up the OAuth ACP template PHPBB3-11673 --- phpBB/adm/style/auth_provider_oauth.html | 6 ++++-- phpBB/language/en/acp/board.php | 3 +-- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/adm/style/auth_provider_oauth.html b/phpBB/adm/style/auth_provider_oauth.html index 87f8716c5e..25e40ff596 100644 --- a/phpBB/adm/style/auth_provider_oauth.html +++ b/phpBB/adm/style/auth_provider_oauth.html @@ -1,14 +1,16 @@

{L_AUTH_PROVIDER_OAUTH_TITLE}

+

{L_AUTH_PROVIDER_OAUTH_EXPLAIN}

+
{oauth_services.ACTUAL_NAME}
-

{L_AUTH_PROVIDER_OAUTH_KEY_EXPLAIN}
+
-

{L_AUTH_PROVIDER_OAUTH_SECRET_EXPLAIN}
+
diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 892d3f61fe..553cd1a6eb 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -394,14 +394,13 @@ $lang = array_merge($lang, array( 'AUTH_METHOD' => 'Select an authentication method', + 'AUTH_PROVIDER_OAUTH_EXPLAIN' => 'Each OAuth provider requires a unique secret and key in order to authenticate with the external server.
These should be supplied by the OAuth service when you register your website with them and should be entered exactly as provided to you.
Any service that does not have both a key and a secret entered here will not be available for use by the forum users.', 'AUTH_PROVIDER_OAUTH_KEY' => 'Key', - 'AUTH_PROVIDER_OAUTH_KEY_EXPLAIN' => '', 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', - 'AUTH_PROVIDER_OAUTH_SECRET_EXPLAIN' => '', 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username. Apache authentication can only be used with mod_php (not with a CGI version) and safe_mode disabled.', -- cgit v1.2.1 From 0857d14030177271bd346f188ced38e9d6da47ff Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:41:21 -0400 Subject: [feature/oauth] Update auth provider interface docs for block vars in ACP PHPBB3-11673 --- phpBB/includes/acp/acp_board.php | 5 ++--- phpBB/phpbb/auth/provider/interface.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 3 ++- 3 files changed, 22 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 0af0fbec86..51a7628b68 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -660,13 +660,12 @@ class acp_board { if (array_key_exists('BLOCK_VAR_NAME', $auth_tpl)) { - foreach ($auth_tpl['TEMPLATE_VARS'] as $block_vars) + foreach ($auth_tpl['BLOCK_VARS'] as $block_vars) { $template->assign_block_vars($auth_tpl['BLOCK_VAR_NAME'], $block_vars); } - } else { - $template->assign_vars($auth_tpl['TEMPLATE_VARS']); } + $template->assign_vars($auth_tpl['TEMPLATE_VARS']); $template->assign_block_vars('auth_tpl', array( 'TEMPLATE_FILE' => $auth_tpl['TEMPLATE_FILE'], )); diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 47043bc107..f4344c1dc7 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -80,6 +80,24 @@ interface phpbb_auth_provider_interface * 'TEMPLATE_FILE' => string, * 'TEMPLATE_VARS' => array(...), * ) + * An optional third element may be added to this + * array: 'BLOCK_VAR_NAME'. If this is present, + * then it's value should be a string that is used + * to designate the name of the loop used in the + * ACP template file. In addition to this, an + * additional key named 'BLOCK_VARS' is required. + * This must be an array containing at least one + * array of variables that will be assigned during + * the loop in the template. An example of this is + * presented below: + * array( + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array( + * 'KEY IS UNIMPORTANT' => array(...), + * ), + * 'TEMPLATE_FILE' => string, + * 'TEMPLATE_VARS' => array(...), + * ) */ public function get_acp_template($new_config); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a94e6041d9..133d9f11ef 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -264,6 +264,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $ret = array( 'BLOCK_VAR_NAME' => 'oauth_services', + 'BLOCK_VARS' => array(), 'TEMPLATE_FILE' => 'auth_provider_oauth.html', 'TEMPLATE_VARS' => array(), ); @@ -271,7 +272,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base foreach ($this->service_providers as $service_name => $service_provider) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $ret['TEMPLATE_VARS'][$actual_name] = array( + $ret['BLOCK_VARS'][$actual_name] = array( 'ACTUAL_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'], 'NAME' => $actual_name, -- cgit v1.2.1 From 77c32645437c77e99f36f6595e1a42cd0f7b7235 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 14:52:32 -0400 Subject: [feature/oauth] OAuth acp() method to return config field names PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 133d9f11ef..978c84cd6d 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -257,6 +257,23 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $login_data; } + /** + * {@inheritdoc} + */ + public function acp() + { + $ret = array(); + + foreach ($this->service_providers as $service_name => $service_provider) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $ret[] = 'auth_oauth_' . $actual_name . '_key'; + $ret[] = 'auth_oauth_' . $actual_name . '_secret'; + } + + return $ret; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 9805927fac30d9c5d99f5f5f8d7207c9a6064724 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 15:26:33 -0400 Subject: [feature/oauth] OAuth init method to minimally validate entered data PHPBB3-11673 --- phpBB/language/en/acp/board.php | 15 ++++++++------- phpBB/phpbb/auth/provider/oauth/oauth.php | 18 ++++++++++++++++++ 2 files changed, 26 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 553cd1a6eb..f76834ae50 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -394,13 +394,14 @@ $lang = array_merge($lang, array( 'AUTH_METHOD' => 'Select an authentication method', - 'AUTH_PROVIDER_OAUTH_EXPLAIN' => 'Each OAuth provider requires a unique secret and key in order to authenticate with the external server.
These should be supplied by the OAuth service when you register your website with them and should be entered exactly as provided to you.
Any service that does not have both a key and a secret entered here will not be available for use by the forum users.', - 'AUTH_PROVIDER_OAUTH_KEY' => 'Key', - 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', - 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', - 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', - 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', - 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', + 'AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING' => 'Both the key and secret of each enabled OAuth service provider must be provided. Only one was provided for an OAuth service provider.', + 'AUTH_PROVIDER_OAUTH_EXPLAIN' => 'Each OAuth provider requires a unique secret and key in order to authenticate with the external server.
These should be supplied by the OAuth service when you register your website with them and should be entered exactly as provided to you.
Any service that does not have both a key and a secret entered here will not be available for use by the forum users.', + 'AUTH_PROVIDER_OAUTH_KEY' => 'Key', + 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', + 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', + 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', + 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', + 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', 'APACHE_SETUP_BEFORE_USE' => 'You have to setup apache authentication before you switch phpBB to this authentication method. Keep in mind that the username you use for apache authentication has to be the same as your phpBB username. Apache authentication can only be used with mod_php (not with a CGI version) and safe_mode disabled.', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 978c84cd6d..a2d5c3fcd5 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -103,6 +103,24 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->service_providers = $service_providers; } + /** + * {@inheritdoc} + */ + public function init() + { + // This does not test whether or not the key and secret provided are valid. + foreach ($this->service_providers as $service_provider) + { + $credentials = $service_provider->get_service_credentials(); + + if (($credentials['key'] && !$credentials['secret']) || (!$credentials['key'] && $credentials['secret'])) + { + return $this->user->lang['AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING']; + } + } + return false; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From c26b68cc54b19d91affae6f4dbab67a33939ca23 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 19:27:55 -0400 Subject: [feature/oauth] Update error message with actual error PHPBB3-11673 --- phpBB/language/en/common.php | 1 + phpBB/phpbb/auth/provider/oauth/oauth.php | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index b188d90f3a..a68c027554 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -351,6 +351,7 @@ $lang = array_merge($lang, array( 'LOGIN_CONFIRM_EXPLAIN' => 'To prevent brute forcing accounts the board requires you to enter a confirmation code after a maximum amount of failed logins. The code is displayed in the image you should see below. If you are visually impaired or cannot otherwise read this code please contact the %sBoard Administrator%s.', // unused 'LOGIN_ERROR_ATTEMPTS' => 'You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below.', 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE' => 'You have not been authenticated by Apache.', + 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST' => 'A non-existant OAuth service has been requested.', 'LOGIN_ERROR_PASSWORD' => 'You have specified an incorrect password. Please check your password and try again. If you continue to have problems please contact the %sBoard Administrator%s.', 'LOGIN_ERROR_PASSWORD_CONVERT' => 'It was not possible to convert your password when updating this bulletin board’s software. Please %srequest a new password%s. If you continue to have problems please contact the %sBoard Administrator%s.', 'LOGIN_ERROR_USERNAME' => 'You have specified an incorrect username. Please check your username and try again. If you continue to have problems please contact the %sBoard Administrator%s.', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a2d5c3fcd5..c01b23c70e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -142,8 +142,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - // TODO: change error message - 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'error_msg' => 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST', 'user_row' => array('user_id' => ANONYMOUS), ); } -- cgit v1.2.1 From b1938576f15a43c8bf2967ab38f4484a07cc0344 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:04:29 -0400 Subject: [feature/oauth] Fix outstanding issues with OAuth Includes a temporary change that allows me to test against google. This will be removed shortly. PHPBB3-11673 --- phpBB/includes/functions.php | 2 +- phpBB/phpbb/auth/provider/oauth/oauth.php | 26 +++++++++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index bbe3033fb5..b14f03f5a0 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3226,7 +3226,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa trigger_error('NO_AUTH_ADMIN'); } - if (isset($_POST['login'])) + if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external')) { // Get credential if ($admin) diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c01b23c70e..3ffdcd4b00 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -127,7 +127,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function login($username, $password) { // Temporary workaround for only having one authentication provider available - if (!$this->request->is_set_post('oauth_service')) + if (!$this->request->is_set('oauth_service')) { // TODO: Remove before merging global $phpbb_root_path, $phpEx; @@ -136,9 +136,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Requst the name of the OAuth service - $service_name = $this->request->variable('oauth_service', '', false, phpbb_request_interface::POST); - $service_name = strtolower($service_name); - if ($service_name === '' || !array_key_exists($service_name, $this->service_providers)) + $service_name_original = $this->request->variable('oauth_service', '', false); + $service_name = 'auth.provider.oauth.service.' . strtolower($service_name_original); + if ($service_name_original === '' || !array_key_exists($service_name, $this->service_providers)) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -148,10 +148,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Get the service credentials for the given service - $service_credentials = $this->service_providers[$service_name]->get_credentials(); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); + $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); if ($this->request->is_set('code', phpbb_request_interface::GET)) { @@ -217,7 +217,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery(''); + $current_uri->setQuery('?mode=login&login=external&oauth_service=google'); $this->current_uri = $current_uri; return $current_uri; @@ -233,7 +233,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * the api. * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, phpbb_auth_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { $current_uri = $this->get_current_uri(); @@ -245,7 +245,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $service_factory = new \OAuth\ServiceFactory(); - return $service_factory->createService($service_name, $credentials, $storage, $scopes); + $service = $service_factory->createService($service_name, $credentials, $storage, $scopes); + + if (!$service) + { + // Update to an actual error message + throw new Exception('Service not created: ' . $service_name); + } + + return $service; } /** -- cgit v1.2.1 From c166801fe3f7a76484eee870aac19294d192c84c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:07:04 -0400 Subject: [feature/oauth] Remove temporary google testing code PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3ffdcd4b00..c6f7dc223e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -206,9 +206,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * Returns the cached current_uri object or creates and caches it if it is * not already created * + * @param string $service_name The name of the service * @return \OAuth\Common\Http\Uri\UriInterface */ - protected function get_current_uri() + protected function get_current_uri($service_name) { if ($this->current_uri) { @@ -217,7 +218,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery('?mode=login&login=external&oauth_service=google'); + $current_uri->setQuery('mode=login&login=external&oauth_service=' . $service_name); $this->current_uri = $current_uri; return $current_uri; @@ -235,7 +236,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) { - $current_uri = $this->get_current_uri(); + $current_uri = $this->get_current_uri($service_name); // Setup the credentials for the requests $credentials = new Credentials( -- cgit v1.2.1 From fe9c97cfb45be2943eebb8ed5cbab51150e828ee Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:16:19 -0400 Subject: [feature/oauth] Fix errors in OAuth PHPBB3-11673 --- phpBB/config/auth_providers.yml | 2 ++ phpBB/phpbb/auth/provider/oauth/service/base.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 11 ++++++++++- phpBB/phpbb/auth/provider/oauth/service/google.php | 11 ++++++++++- 4 files changed, 23 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index b7486eabf4..393c2a4229 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -64,11 +64,13 @@ services: class: phpbb_auth_provider_oauth_service_facebook arguments: - @config + - @request tags: - { name: auth.provider.oauth.service } auth.provider.oauth.service.google: class: phpbb_auth_provider_oauth_service_google arguments: - @config + - @request tags: - { name: auth.provider.oauth.service } diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index d59199f987..ccfe57c8e2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -50,6 +50,6 @@ abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_prov */ public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider) { - $this->service_provider = $service; + $this->service_provider = $service_provider; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index fcf41755b7..4758ae11f8 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 70bad77697..3e5735b97c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -29,14 +29,23 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth */ protected $config; + /** + * phpBB request + * + * @var phpbb_request + */ + protected $request; + /** * Constructor * * @param phpbb_config $config + * @param phpbb_request $request */ - public function __construct(phpbb_config $config) + public function __construct(phpbb_config $config, phpbb_request $request) { $this->config = $config; + $this->request = $request; } /** -- cgit v1.2.1 From 8d568dae7116ac05eda593835d99e6e6f22dc9f7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 21:22:52 -0400 Subject: [feature/oauth] Fix SQL error in token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 227b51efc9..385fa58f25 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -141,7 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('INSERT', $data); + ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); } -- cgit v1.2.1 From e60f4bc88b32465b1d31049f2eb14b1793747dc6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:15:53 -0400 Subject: [feature/oauth] Finalize schema changes PHPBB3-11673 --- phpBB/config/tables.yml | 4 +-- phpBB/develop/create_schema_files.php | 12 +++---- phpBB/install/schemas/firebird_schema.sql | 21 ++++++++++++ phpBB/install/schemas/mssql_schema.sql | 37 ++++++++++++++++++++++ phpBB/install/schemas/mysql_40_schema.sql | 20 ++++++++++++ phpBB/install/schemas/mysql_41_schema.sql | 20 ++++++++++++ phpBB/install/schemas/oracle_schema.sql | 28 ++++++++++++++++ phpBB/install/schemas/postgres_schema.sql | 24 ++++++++++++++ phpBB/install/schemas/sqlite_schema.sql | 20 ++++++++++++ .../db/migration/data/310/auth_provider_oauth.php | 4 +-- 10 files changed, 180 insertions(+), 10 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/tables.yml b/phpBB/config/tables.yml index e12720023d..a4c730e3bf 100644 --- a/phpBB/config/tables.yml +++ b/phpBB/config/tables.yml @@ -1,6 +1,6 @@ parameters: - tables.auth_provider_oauth_token_storage: %core.table_prefix%auth_provider_oauth_token_storage - tables.auth_provider_oauth_account_assoc: %core.table_prefix%auth_provider_oauth_account_assoc + tables.auth_provider_oauth_token_storage: %core.table_prefix%oauth_token + tables.auth_provider_oauth_account_assoc: %core.table_prefix%oauth_accounts tables.config: %core.table_prefix%config tables.config_text: %core.table_prefix%config_text tables.ext: %core.table_prefix%ext diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index 2cfe336511..af6e959b98 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -923,28 +923,28 @@ function get_schema_struct() ), ); - $schemda_data['auth_provider_oauth_token_storage'] = array( + $schema_data['phpbb_oauth_tokens'] = array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set - 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'provider' => array('VCHAR'), // Name of the OAuth provider 'oauth_token' => array('TEXT_UNI'), // Serialized token ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), - 'oauth_provider' => array('INDEX', 'oauth_provider'), + 'provider' => array('INDEX', 'oauth_provider'), ), ); - $schemda_data['auth_provider_oauth_account_assoc'] = array( + $schema_data['phpbb_oauth_accounts'] = array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), - 'oauth_provider' => array('VCHAR'), + 'provider' => array('VCHAR'), 'oauth_provider_id' => array('TEXT_UNI'), ), 'PRIMARY_KEY' => array( 'user_id', - 'oauth_provider', + 'provider', ), ); diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index ca68ea387d..1eabd2f049 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -128,6 +128,27 @@ CREATE INDEX phpbb_acl_users_user_id ON phpbb_acl_users(user_id);; CREATE INDEX phpbb_acl_users_auth_option_id ON phpbb_acl_users(auth_option_id);; CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users(auth_role_id);; +# Table: 'phpbb_oauth_tokens' +CREATE TABLE phpbb_oauth_tokens ( + user_id INTEGER DEFAULT 0 NOT NULL, + session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, + provider VARCHAR(255) CHARACTER SET NONE NOT NULL, + oauth_token BLOB SUB_TYPE TEXT CHARACTER SET UTF8 NOT NULL +);; + +CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens(user_id);; +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens(oauth_provider);; + +# Table: 'phpbb_oauth_accounts' +CREATE TABLE phpbb_oauth_accounts ( + user_id INTEGER DEFAULT 0 NOT NULL, + provider VARCHAR(255) CHARACTER SET NONE NOT NULL, + oauth_provider_id BLOB SUB_TYPE TEXT CHARACTER SET UTF8 NOT NULL +);; + +ALTER TABLE phpbb_oauth_accounts ADD PRIMARY KEY (user_id, provider);; + + # Table: 'phpbb_banlist' CREATE TABLE phpbb_banlist ( ban_id INTEGER NOT NULL, diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index a2a6d2192c..36e3910bc8 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -166,6 +166,43 @@ CREATE INDEX [auth_role_id] ON [phpbb_acl_users]([auth_role_id]) ON [PRIMARY] GO +/* + Table: 'phpbb_oauth_tokens' +*/ +CREATE TABLE [phpbb_oauth_tokens] ( + [user_id] [int] DEFAULT (0) NOT NULL , + [session_id] [char] (32) DEFAULT ('') NOT NULL , + [provider] [varchar] (255) NOT NULL , + [oauth_token] [varchar] (4000) NOT NULL +) ON [PRIMARY] +GO + +CREATE INDEX [user_id] ON [phpbb_oauth_tokens]([user_id]) ON [PRIMARY] +GO + +CREATE INDEX [provider] ON [phpbb_oauth_tokens]([oauth_provider]) ON [PRIMARY] +GO + + +/* + Table: 'phpbb_oauth_accounts' +*/ +CREATE TABLE [phpbb_oauth_accounts] ( + [user_id] [int] DEFAULT (0) NOT NULL , + [provider] [varchar] (255) NOT NULL , + [oauth_provider_id] [varchar] (4000) NOT NULL +) ON [PRIMARY] +GO + +ALTER TABLE [phpbb_oauth_accounts] WITH NOCHECK ADD + CONSTRAINT [PK_phpbb_oauth_accounts] PRIMARY KEY CLUSTERED + ( + [user_id], + [provider] + ) ON [PRIMARY] +GO + + /* Table: 'phpbb_banlist' */ diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index 2c5931bae4..ea9c6419db 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -90,6 +90,26 @@ CREATE TABLE phpbb_acl_users ( ); +# Table: 'phpbb_oauth_tokens' +CREATE TABLE phpbb_oauth_tokens ( + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + session_id binary(32) DEFAULT '' NOT NULL, + provider varbinary(255) NOT NULL, + oauth_token blob NOT NULL, + KEY user_id (user_id), + KEY provider (oauth_provider) +); + + +# Table: 'phpbb_oauth_accounts' +CREATE TABLE phpbb_oauth_accounts ( + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + provider varbinary(255) NOT NULL, + oauth_provider_id blob NOT NULL, + PRIMARY KEY (user_id, provider) +); + + # Table: 'phpbb_banlist' CREATE TABLE phpbb_banlist ( ban_id mediumint(8) UNSIGNED NOT NULL auto_increment, diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index 7b7be3c462..0d81f03d17 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -90,6 +90,26 @@ CREATE TABLE phpbb_acl_users ( ) CHARACTER SET `utf8` COLLATE `utf8_bin`; +# Table: 'phpbb_oauth_tokens' +CREATE TABLE phpbb_oauth_tokens ( + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + session_id char(32) DEFAULT '' NOT NULL, + provider varchar(255) NOT NULL, + oauth_token text NOT NULL, + KEY user_id (user_id), + KEY provider (oauth_provider) +) CHARACTER SET `utf8` COLLATE `utf8_bin`; + + +# Table: 'phpbb_oauth_accounts' +CREATE TABLE phpbb_oauth_accounts ( + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + provider varchar(255) NOT NULL, + oauth_provider_id text NOT NULL, + PRIMARY KEY (user_id, provider) +) CHARACTER SET `utf8` COLLATE `utf8_bin`; + + # Table: 'phpbb_banlist' CREATE TABLE phpbb_banlist ( ban_id mediumint(8) UNSIGNED NOT NULL auto_increment, diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index 75c01446d8..0868972d2d 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -210,6 +210,34 @@ CREATE INDEX phpbb_acl_users_auth_option_id ON phpbb_acl_users (auth_option_id) CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id) / +/* + Table: 'phpbb_oauth_tokens' +*/ +CREATE TABLE phpbb_oauth_tokens ( + user_id number(8) DEFAULT '0' NOT NULL, + session_id char(32) DEFAULT '' , + provider varchar2(255) NOT NULL, + oauth_token clob NOT NULL +) +/ + +CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id) +/ +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider) +/ + +/* + Table: 'phpbb_oauth_accounts' +*/ +CREATE TABLE phpbb_oauth_accounts ( + user_id number(8) DEFAULT '0' NOT NULL, + provider varchar2(255) NOT NULL, + oauth_provider_id clob NOT NULL, + CONSTRAINT pk_phpbb_oauth_accounts PRIMARY KEY (user_id, provider) +) +/ + + /* Table: 'phpbb_banlist' */ diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index c7fbe9a507..4b8f8f61e1 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -188,6 +188,30 @@ CREATE INDEX phpbb_acl_users_user_id ON phpbb_acl_users (user_id); CREATE INDEX phpbb_acl_users_auth_option_id ON phpbb_acl_users (auth_option_id); CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id); +/* + Table: 'phpbb_oauth_tokens' +*/ +CREATE TABLE phpbb_oauth_tokens ( + user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), + session_id char(32) DEFAULT '' NOT NULL, + provider varchar(255) NOT NULL, + oauth_token varchar(4000) NOT NULL +); + +CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); + +/* + Table: 'phpbb_oauth_accounts' +*/ +CREATE TABLE phpbb_oauth_accounts ( + user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), + provider varchar(255) NOT NULL, + oauth_provider_id varchar(4000) NOT NULL, + PRIMARY KEY (user_id, provider) +); + + /* Table: 'phpbb_banlist' */ diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index 72b2b276da..3e429850b4 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -89,6 +89,26 @@ CREATE INDEX phpbb_acl_users_user_id ON phpbb_acl_users (user_id); CREATE INDEX phpbb_acl_users_auth_option_id ON phpbb_acl_users (auth_option_id); CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id); +# Table: 'phpbb_oauth_tokens' +CREATE TABLE phpbb_oauth_tokens ( + user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', + session_id char(32) NOT NULL DEFAULT '', + provider varchar(255) NOT NULL , + oauth_token text(65535) NOT NULL +); + +CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); + +# Table: 'phpbb_oauth_accounts' +CREATE TABLE phpbb_oauth_accounts ( + user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', + provider varchar(255) NOT NULL , + oauth_provider_id text(65535) NOT NULL , + PRIMARY KEY (user_id, provider) +); + + # Table: 'phpbb_banlist' CREATE TABLE phpbb_banlist ( ban_id INTEGER PRIMARY KEY NOT NULL , diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 86e446e48e..5a7f9b5c8d 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -18,7 +18,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration { return array( 'add_tables' => array( - $this->table_prefix . 'auth_provider_oauth_token_storage' => array( + $this->table_prefix . 'oauth_token' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set @@ -30,7 +30,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration 'oauth_provider' => array('INDEX', 'oauth_provider'), ), ), - $this->table_prefix . 'auth_provider_oauth_account_assoc' => array( + $this->table_prefix . 'oauth_accounts' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), 'oauth_provider' => array('VCHAR'), -- cgit v1.2.1 From 2483efe9a34df48a82bcceff5f966881fea2a37e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:18:41 -0400 Subject: [feature/oauth] Actual final schema changes PHPBB3-11673 --- phpBB/develop/create_schema_files.php | 10 +++++----- phpBB/install/schemas/firebird_schema.sql | 8 ++++---- phpBB/install/schemas/mssql_schema.sql | 8 ++++---- phpBB/install/schemas/mysql_40_schema.sql | 4 ++-- phpBB/install/schemas/mysql_41_schema.sql | 4 ++-- phpBB/install/schemas/oracle_schema.sql | 8 ++++---- phpBB/install/schemas/postgres_schema.sql | 8 ++++---- phpBB/install/schemas/sqlite_schema.sql | 8 ++++---- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 10 +++++----- 9 files changed, 34 insertions(+), 34 deletions(-) (limited to 'phpBB') diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index af6e959b98..6f88b28140 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -927,20 +927,20 @@ function get_schema_struct() 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set - 'provider' => array('VCHAR'), // Name of the OAuth provider - 'oauth_token' => array('TEXT_UNI'), // Serialized token + 'provider' => array('VCHAR', ''), // Name of the OAuth provider + 'oauth_token' => array('TEXT_UNI', ''), // Serialized token ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), - 'provider' => array('INDEX', 'oauth_provider'), + 'provider' => array('INDEX', 'oauth_provider'), ), ); $schema_data['phpbb_oauth_accounts'] = array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), - 'provider' => array('VCHAR'), - 'oauth_provider_id' => array('TEXT_UNI'), + 'provider' => array('VCHAR', ''), + 'oauth_provider_id' => array('TEXT_UNI', ''), ), 'PRIMARY_KEY' => array( 'user_id', diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index 1eabd2f049..55ddd00d7d 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -132,8 +132,8 @@ CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users(auth_role_id);; CREATE TABLE phpbb_oauth_tokens ( user_id INTEGER DEFAULT 0 NOT NULL, session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, - provider VARCHAR(255) CHARACTER SET NONE NOT NULL, - oauth_token BLOB SUB_TYPE TEXT CHARACTER SET UTF8 NOT NULL + provider VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL, + oauth_token BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL );; CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens(user_id);; @@ -142,8 +142,8 @@ CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens(oauth_provider);; # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( user_id INTEGER DEFAULT 0 NOT NULL, - provider VARCHAR(255) CHARACTER SET NONE NOT NULL, - oauth_provider_id BLOB SUB_TYPE TEXT CHARACTER SET UTF8 NOT NULL + provider VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL, + oauth_provider_id BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL );; ALTER TABLE phpbb_oauth_accounts ADD PRIMARY KEY (user_id, provider);; diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index 36e3910bc8..b2fe8d1710 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -172,8 +172,8 @@ GO CREATE TABLE [phpbb_oauth_tokens] ( [user_id] [int] DEFAULT (0) NOT NULL , [session_id] [char] (32) DEFAULT ('') NOT NULL , - [provider] [varchar] (255) NOT NULL , - [oauth_token] [varchar] (4000) NOT NULL + [provider] [varchar] (255) DEFAULT ('') NOT NULL , + [oauth_token] [varchar] (4000) DEFAULT ('') NOT NULL ) ON [PRIMARY] GO @@ -189,8 +189,8 @@ GO */ CREATE TABLE [phpbb_oauth_accounts] ( [user_id] [int] DEFAULT (0) NOT NULL , - [provider] [varchar] (255) NOT NULL , - [oauth_provider_id] [varchar] (4000) NOT NULL + [provider] [varchar] (255) DEFAULT ('') NOT NULL , + [oauth_provider_id] [varchar] (4000) DEFAULT ('') NOT NULL ) ON [PRIMARY] GO diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index ea9c6419db..9eb2e10e96 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -94,7 +94,7 @@ CREATE TABLE phpbb_acl_users ( CREATE TABLE phpbb_oauth_tokens ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, session_id binary(32) DEFAULT '' NOT NULL, - provider varbinary(255) NOT NULL, + provider varbinary(255) DEFAULT '' NOT NULL, oauth_token blob NOT NULL, KEY user_id (user_id), KEY provider (oauth_provider) @@ -104,7 +104,7 @@ CREATE TABLE phpbb_oauth_tokens ( # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - provider varbinary(255) NOT NULL, + provider varbinary(255) DEFAULT '' NOT NULL, oauth_provider_id blob NOT NULL, PRIMARY KEY (user_id, provider) ); diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index 0d81f03d17..a4237acb8a 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -94,7 +94,7 @@ CREATE TABLE phpbb_acl_users ( CREATE TABLE phpbb_oauth_tokens ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, session_id char(32) DEFAULT '' NOT NULL, - provider varchar(255) NOT NULL, + provider varchar(255) DEFAULT '' NOT NULL, oauth_token text NOT NULL, KEY user_id (user_id), KEY provider (oauth_provider) @@ -104,7 +104,7 @@ CREATE TABLE phpbb_oauth_tokens ( # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - provider varchar(255) NOT NULL, + provider varchar(255) DEFAULT '' NOT NULL, oauth_provider_id text NOT NULL, PRIMARY KEY (user_id, provider) ) CHARACTER SET `utf8` COLLATE `utf8_bin`; diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index 0868972d2d..6a6d691190 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -216,8 +216,8 @@ CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id) CREATE TABLE phpbb_oauth_tokens ( user_id number(8) DEFAULT '0' NOT NULL, session_id char(32) DEFAULT '' , - provider varchar2(255) NOT NULL, - oauth_token clob NOT NULL + provider varchar2(255) DEFAULT '' , + oauth_token clob DEFAULT '' ) / @@ -231,8 +231,8 @@ CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider) */ CREATE TABLE phpbb_oauth_accounts ( user_id number(8) DEFAULT '0' NOT NULL, - provider varchar2(255) NOT NULL, - oauth_provider_id clob NOT NULL, + provider varchar2(255) DEFAULT '' , + oauth_provider_id clob DEFAULT '' , CONSTRAINT pk_phpbb_oauth_accounts PRIMARY KEY (user_id, provider) ) / diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index 4b8f8f61e1..135cd23fb8 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -194,8 +194,8 @@ CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id); CREATE TABLE phpbb_oauth_tokens ( user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), session_id char(32) DEFAULT '' NOT NULL, - provider varchar(255) NOT NULL, - oauth_token varchar(4000) NOT NULL + provider varchar(255) DEFAULT '' NOT NULL, + oauth_token varchar(4000) DEFAULT '' NOT NULL ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); @@ -206,8 +206,8 @@ CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); */ CREATE TABLE phpbb_oauth_accounts ( user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), - provider varchar(255) NOT NULL, - oauth_provider_id varchar(4000) NOT NULL, + provider varchar(255) DEFAULT '' NOT NULL, + oauth_provider_id varchar(4000) DEFAULT '' NOT NULL, PRIMARY KEY (user_id, provider) ); diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index 3e429850b4..625e19eb98 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -93,8 +93,8 @@ CREATE INDEX phpbb_acl_users_auth_role_id ON phpbb_acl_users (auth_role_id); CREATE TABLE phpbb_oauth_tokens ( user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', session_id char(32) NOT NULL DEFAULT '', - provider varchar(255) NOT NULL , - oauth_token text(65535) NOT NULL + provider varchar(255) NOT NULL DEFAULT '', + oauth_token text(65535) NOT NULL DEFAULT '' ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); @@ -103,8 +103,8 @@ CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', - provider varchar(255) NOT NULL , - oauth_provider_id text(65535) NOT NULL , + provider varchar(255) NOT NULL DEFAULT '', + oauth_provider_id text(65535) NOT NULL DEFAULT '', PRIMARY KEY (user_id, provider) ); diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 5a7f9b5c8d..0d8e8858bb 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -22,23 +22,23 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set - 'oauth_provider' => array('VCHAR'), // Name of the OAuth provider + 'provider' => array('VCHAR', ''), // Name of the OAuth provider 'oauth_token' => array('TEXT_UNI'), // Serialized token ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), - 'oauth_provider' => array('INDEX', 'oauth_provider'), + 'provider' => array('INDEX', 'oauth_provider'), ), ), $this->table_prefix . 'oauth_accounts' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), - 'oauth_provider' => array('VCHAR'), - 'oauth_provider_id' => array('TEXT_UNI'), + 'provider' => array('VCHAR', ''), + 'oauth_provider_id' => array('TEXT_UNI', ''), ), 'PRIMARY_KEY' => array( 'user_id', - 'oauth_provider', + 'provider', ), ), ), -- cgit v1.2.1 From b1c62793c61715b6f5cbfb96b9b02c1bafd76cf7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:19:48 -0400 Subject: [feature/oauth] Fix token storage after sql changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 385fa58f25..8b6a3de327 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -88,7 +88,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -131,7 +131,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, 'oauth_token' => serialize($token), ); @@ -156,7 +156,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'oauth_provider' => $this->service_name, + 'provider' => $this->service_name, ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + AND provider = ' . $this->db->sql_escape($this->oauth_provider); if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From dc050e7ece74979b093d5249e4283e3959172b43 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:20:26 -0400 Subject: [feature/oauth] Fix OAuth after schema changes PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c6f7dc223e..2a5e70939c 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -160,7 +160,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Check to see if this provider is already assosciated with an account $data = array( - 'oauth_provider' => $service_name, + 'provider' => $service_name, 'oauth_provider_id' => $unique_id ); $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' -- cgit v1.2.1 From da6a8787f8443ea02f405a913aa5d0721034f819 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:26:22 -0400 Subject: [feature/oauth] Fix SQL error found in install PHPBB3-11673 --- phpBB/develop/create_schema_files.php | 2 +- phpBB/install/schemas/firebird_schema.sql | 2 +- phpBB/install/schemas/mssql_schema.sql | 2 +- phpBB/install/schemas/mysql_40_schema.sql | 2 +- phpBB/install/schemas/mysql_41_schema.sql | 2 +- phpBB/install/schemas/oracle_schema.sql | 2 +- phpBB/install/schemas/postgres_schema.sql | 2 +- phpBB/install/schemas/sqlite_schema.sql | 2 +- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) (limited to 'phpBB') diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index 6f88b28140..a722a88ff3 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -932,7 +932,7 @@ function get_schema_struct() ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), - 'provider' => array('INDEX', 'oauth_provider'), + 'provider' => array('INDEX', 'provider'), ), ); diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index 55ddd00d7d..ce9be26e68 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -137,7 +137,7 @@ CREATE TABLE phpbb_oauth_tokens ( );; CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens(user_id);; -CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens(oauth_provider);; +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens(provider);; # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index b2fe8d1710..94cfa98784 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -180,7 +180,7 @@ GO CREATE INDEX [user_id] ON [phpbb_oauth_tokens]([user_id]) ON [PRIMARY] GO -CREATE INDEX [provider] ON [phpbb_oauth_tokens]([oauth_provider]) ON [PRIMARY] +CREATE INDEX [provider] ON [phpbb_oauth_tokens]([provider]) ON [PRIMARY] GO diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index 9eb2e10e96..fe09756b1e 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -97,7 +97,7 @@ CREATE TABLE phpbb_oauth_tokens ( provider varbinary(255) DEFAULT '' NOT NULL, oauth_token blob NOT NULL, KEY user_id (user_id), - KEY provider (oauth_provider) + KEY provider (provider) ); diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index a4237acb8a..a385010f43 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -97,7 +97,7 @@ CREATE TABLE phpbb_oauth_tokens ( provider varchar(255) DEFAULT '' NOT NULL, oauth_token text NOT NULL, KEY user_id (user_id), - KEY provider (oauth_provider) + KEY provider (provider) ) CHARACTER SET `utf8` COLLATE `utf8_bin`; diff --git a/phpBB/install/schemas/oracle_schema.sql b/phpBB/install/schemas/oracle_schema.sql index 6a6d691190..f32980e378 100644 --- a/phpBB/install/schemas/oracle_schema.sql +++ b/phpBB/install/schemas/oracle_schema.sql @@ -223,7 +223,7 @@ CREATE TABLE phpbb_oauth_tokens ( CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id) / -CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider) +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider) / /* diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index 135cd23fb8..f64f4981d5 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -199,7 +199,7 @@ CREATE TABLE phpbb_oauth_tokens ( ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); -CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider); /* Table: 'phpbb_oauth_accounts' diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index 625e19eb98..54f3a132ef 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -98,7 +98,7 @@ CREATE TABLE phpbb_oauth_tokens ( ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); -CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (oauth_provider); +CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider); # Table: 'phpbb_oauth_accounts' CREATE TABLE phpbb_oauth_accounts ( diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 0d8e8858bb..febd399c98 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -27,7 +27,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), - 'provider' => array('INDEX', 'oauth_provider'), + 'provider' => array('INDEX', 'provider'), ), ), $this->table_prefix . 'oauth_accounts' => array( -- cgit v1.2.1 From 4369cc88762466f16da5aed3bff0037e9d7a46d2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:29:11 -0400 Subject: [feature/oauth] Fix more errors related to sql changes PHPBB3-11673 --- phpBB/config/tables.yml | 2 +- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/tables.yml b/phpBB/config/tables.yml index a4c730e3bf..0d364eb6b0 100644 --- a/phpBB/config/tables.yml +++ b/phpBB/config/tables.yml @@ -1,5 +1,5 @@ parameters: - tables.auth_provider_oauth_token_storage: %core.table_prefix%oauth_token + tables.auth_provider_oauth_token_storage: %core.table_prefix%oauth_tokens tables.auth_provider_oauth_account_assoc: %core.table_prefix%oauth_accounts tables.config: %core.table_prefix%config tables.config_text: %core.table_prefix%config_text diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index febd399c98..5e3fa919e8 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -18,7 +18,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration { return array( 'add_tables' => array( - $this->table_prefix . 'oauth_token' => array( + $this->table_prefix . 'oauth_tokens' => array( 'COLUMNS' => array( 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set -- cgit v1.2.1 From 5fa08b92a29d7349c089eab33b4c38513ef964fd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:32:59 -0400 Subject: [feature/oauth] Fix typo in token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 8b6a3de327..42142b4fbe 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -83,7 +83,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface public function retrieveAccessToken() { if( $this->cachedToken instanceOf TokenInterface ) { - return $this->token; + return $this->cachedToken; } $data = array( -- cgit v1.2.1 From 38d4eb073e1915f60cb4c9912d7567cf032e0776 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 23 Jul 2013 22:35:34 -0400 Subject: [feature/oauth] Fix last typo. Authentication works for accounts in db PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 2a5e70939c..39657011c2 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -163,7 +163,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'provider' => $service_name, 'oauth_provider_id' => $unique_id ); - $sql = 'SELECT user_id FROM' . $this->auth_provider_oauth_token_account_assoc . ' + $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); -- cgit v1.2.1 From 5401673f965aaef7048797d1f696bd5e43bbfaf6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:35:36 -0400 Subject: [feature/oauth] Move language constants for oauth services to common.php PHPBB3-11673 --- phpBB/language/en/acp/board.php | 3 --- phpBB/language/en/common.php | 3 +++ 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index f76834ae50..abc7738ee3 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -397,9 +397,6 @@ $lang = array_merge($lang, array( 'AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING' => 'Both the key and secret of each enabled OAuth service provider must be provided. Only one was provided for an OAuth service provider.', 'AUTH_PROVIDER_OAUTH_EXPLAIN' => 'Each OAuth provider requires a unique secret and key in order to authenticate with the external server.
These should be supplied by the OAuth service when you register your website with them and should be entered exactly as provided to you.
Any service that does not have both a key and a secret entered here will not be available for use by the forum users.', 'AUTH_PROVIDER_OAUTH_KEY' => 'Key', - 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', - 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', - 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth', 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret', diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index a68c027554..0b658f22b6 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -88,6 +88,9 @@ $lang = array_merge($lang, array( 'ATTACHED_IMAGE_NOT_IMAGE' => 'The image file you tried to attach is invalid.', 'AUTHOR' => 'Author', 'AUTH_NO_PROFILE_CREATED' => 'The creation of a user profile was unsuccessful.', + 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', + 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', + 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', 'AVATAR_DISALLOWED_CONTENT' => 'The upload was rejected because the uploaded file was identified as a possible attack vector.', 'AVATAR_DISALLOWED_EXTENSION' => 'This file cannot be displayed because the extension %s is not allowed.', 'AVATAR_EMPTY_REMOTE_DATA' => 'The specified avatar could not be uploaded because the remote data appears to be invalid or corrupted.', -- cgit v1.2.1 From ffb14a69887e0410c5093f23142bbc3375552620 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:36:08 -0400 Subject: [feature/oauth] Fix OAuth login PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 39657011c2..6e822101e3 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -160,7 +160,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Check to see if this provider is already assosciated with an account $data = array( - 'provider' => $service_name, + 'provider' => $service_name_original, 'oauth_provider_id' => $unique_id ); $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . ' -- cgit v1.2.1 From 58d5820069a5889ae2f09319ae4f972c8b8f87a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 10:39:48 -0400 Subject: [feature/oauth] Basic login functionality now working These changes are currently unique to OAuth and need to be made generic so that any auth provider can modify the login template. PHPBB3-11673 --- phpBB/includes/functions.php | 7 ++----- phpBB/phpbb/auth/provider/oauth/oauth.php | 11 ++++++----- 2 files changed, 8 insertions(+), 10 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b14f03f5a0..02cdfd7ed1 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3373,12 +3373,9 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa { $auth_provider = $phpbb_container->get('auth.provider.oauth'); $oauth_box_data = $auth_provider->get_login_data(); - foreach ($oauth_box_data as $service_name => $data) + foreach ($oauth_box_data as $data) { - $template->assign_block_vars('oauth', array( - 'SERVICE_NAME' => $service_name, - 'REDIRECT_URL' => $data['url'], - )); + $template->assign_block_vars('oauth', $data); } } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6e822101e3..0762e202db 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -272,11 +272,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $credentials = $service_provider->get_service_credentials(); if ($credentials['key'] && $credentials['secret']) { - $login_data[$service_provider] = array(); - - // Build the redirect url for the box - $redirect_url = build_url(false) . '&oauth_service=' . $service_name; - $login_data[$service_provider]['url'] = redirect($redirect_url, true); + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; + $login_data[$service_name] = array( + 'REDIRECT_URL' => redirect($redirect_url, true), + 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], + ); } } -- cgit v1.2.1 From 669586c134641b29a95faa43090df124b59d4e14 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 12:55:43 -0400 Subject: [feature/oauth] Token must be updated with the user_id PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0762e202db..90ce1f8f5a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -171,8 +171,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // Account not tied to any existing account - // TODO: determine action that should occur + // The user does not yet exist, ask if they wish to register the account + throw new Exception($unique_id); } // Retrieve the user's account @@ -189,6 +189,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); } + // Update token storage to store the user_id + $storage->set_user_id($row['user_id']); + // The user is now authenticated and can be logged in return array( 'status' => LOGIN_SUCCESS, -- cgit v1.2.1 From 581cb37b8c7ae4f1902cfd6114a34ce1510139a8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 13:46:33 -0400 Subject: [feature/oauth] Start linking/registering OAuth accounts during login PHPBB3-11673 --- phpBB/includes/constants.php | 1 + phpBB/phpbb/auth/auth.php | 15 +++++++++++++++ phpBB/phpbb/auth/provider/interface.php | 5 +++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 10 +++++++++- 4 files changed, 30 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index c1f4c6ac0e..ae55a71e50 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -61,6 +61,7 @@ define('LOGIN_CONTINUE', 1); define('LOGIN_BREAK', 2); define('LOGIN_SUCCESS', 3); define('LOGIN_SUCCESS_CREATE_PROFILE', 20); +define('LOGIN_SUCCESS_LINK_PROFILE', 21); define('LOGIN_ERROR_USERNAME', 10); define('LOGIN_ERROR_PASSWORD', 11); define('LOGIN_ERROR_ACTIVE', 12); diff --git a/phpBB/phpbb/auth/auth.php b/phpBB/phpbb/auth/auth.php index 279959974d..400f5fef6d 100644 --- a/phpBB/phpbb/auth/auth.php +++ b/phpBB/phpbb/auth/auth.php @@ -970,6 +970,21 @@ class phpbb_auth ); } + // If the auth provider wants us to link an empty account do so and redirect + if ($login['status'] == LOGIN_SUCCESS_LINK_PROFILE) + { + // If this status exists a fourth field is in the $login array called 'redirect_data' + // This data is passed along as GET data to the next page allow the account to be linked + $url = 'ucp.php?mode=login_link'; + + foreach ($login['redirect_data'] as $key => $value) + { + $url .= '&' . $key . '=' . $value; + } + + redirect($url); + } + // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index f4344c1dc7..9cee63abeb 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -45,6 +45,11 @@ interface phpbb_auth_provider_interface * 'error_msg' => string * 'user_row' => array * ) + * A fourth key of the array may be present 'redirect_data' + * This key is only used when 'status' is equal to + * LOGIN_SUCCESS_LINK_PROFILE and it's value is an + * associative array that is turned into GET variables on + * the redirect url. */ public function login($username, $password); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 90ce1f8f5a..5fc940fade 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -172,7 +172,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { // The user does not yet exist, ask if they wish to register the account - throw new Exception($unique_id); + return array( + 'status' => LOGIN_SUCCESS_LINK_PROFILE, + 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', + 'user_row' => array(), + 'redirect_data' => array( + 'auth_provider' => 'oauth', + 'oauth_service' => $service_name_original, + ), + ); } // Retrieve the user's account -- cgit v1.2.1 From 5843294813fc654a37e13e9da357e7515a41968a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 14:05:39 -0400 Subject: [feature/oauth] Update comment to better reflect the action PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 5fc940fade..a8b55fc532 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -171,7 +171,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // The user does not yet exist, ask if they wish to register the account + // The user does not yet exist, ask to link or create profile return array( 'status' => LOGIN_SUCCESS_LINK_PROFILE, 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', -- cgit v1.2.1 From 27ea03d3e098ca53f9f49da5024f7d7c64989153 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 14:55:08 -0400 Subject: [feature/oauth] Initial login_link ucp class PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 phpBB/includes/ucp/ucp_login_link.php (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php new file mode 100644 index 0000000000..719dec5ea0 --- /dev/null +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -0,0 +1,32 @@ + Date: Wed, 24 Jul 2013 15:06:38 -0400 Subject: [feature/oauth] Fix error in token_storage::set_user_id() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 42142b4fbe..ec54c07fea 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -191,7 +191,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if ($this->user->data['user_id'] == ANONYMOUS) { - $sql .= ' AND session_id = ' . $this->user->data['session_id']; + $sql .= ' AND session_id = \'' . $this->user->data['session_id'] . '\''; } $this->db->sql_query($sql); @@ -210,11 +210,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $sql = 'UPDATE ' . $this->auth_provider_oauth_table . ' - SET ' . $db->sql_build_array('UPDATE', array( + SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = ' . $this->user->data['session_id']; + AND session_id = \'' . $this->user->data['session_id'] . '\''; $this->db->sql_query($sql); } } -- cgit v1.2.1 From 9cbf670f518b05cbb0600d20cfa30e3a9f4bd9e3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 15:31:12 -0400 Subject: [feature/oauth] Some work on login_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 719dec5ea0..522a8b305c 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,6 +27,9 @@ class ucp_login_link function main($id, $mode) { + global $config, $phpbb_container, $request, $template; + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); } } \ No newline at end of file -- cgit v1.2.1 From f8dbaa148dccb105133b5a91d58686d79f020afe Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 16:02:33 -0400 Subject: [feature/oauth] Fixes for problems found by tests PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index ec54c07fea..de99f9bd31 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, ); @@ -130,9 +130,9 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; $data = array( - 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, - 'oauth_token' => serialize($token), + 'user_id' => $this->user->data['user_id'], + 'provider' => $this->service_name, + 'oauth_token' => serialize($token), ); if ($this->user->data['user_id'] == ANONYMOUS) @@ -155,7 +155,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, ); @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = ' . $this->db->sql_escape($this->oauth_provider); + AND provider = \'' . $this->db->sql_escape($this->oauth_provider) . '\''; if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From 7c065bc9a2b0af8f6ea1d99260cdb6498e0c1f7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 24 Jul 2013 16:06:19 -0400 Subject: [feature/oauth] Finish fixes from tests and tests for token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index de99f9bd31..e1cf579370 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -187,7 +187,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = \'' . $this->db->sql_escape($this->oauth_provider) . '\''; + AND provider = \'' . $this->db->sql_escape($this->service_name) . '\''; if ($this->user->data['user_id'] == ANONYMOUS) { -- cgit v1.2.1 From fcac58e065ed888662f5e8c99bd6cbf1943778b7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 25 Jul 2013 11:41:04 -0400 Subject: [feature/oauth] Have login_link loaded in ucp.php PHPBB3-11673 --- phpBB/ucp.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB') diff --git a/phpBB/ucp.php b/phpBB/ucp.php index 7180c54de6..b07e0139d4 100644 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -80,6 +80,15 @@ switch ($mode) login_box(request_var('redirect', "index.$phpEx")); break; + case 'login_link': + if ($user->data['is_registered']) + { + redirect(append_sid("{$phpbb_root_path}index.$phpEx")); + } + + $module->load('ucp', 'login_link'); + break; + case 'logout': if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id) { -- cgit v1.2.1 From 317a71a8384f137cedca3c9afbb02605876920c3 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 25 Jul 2013 12:49:30 -0400 Subject: [feature/oauth] Template for ucp_login_link started PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 5 ++++- phpBB/language/en/ucp.php | 2 ++ phpBB/styles/prosilver/template/ucp_login_link.html | 11 +++++++++++ phpBB/ucp.php | 1 + 4 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 phpBB/styles/prosilver/template/ucp_login_link.html (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 522a8b305c..7e6374ee83 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -31,5 +31,8 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + + $this->tpl_name = 'ucp_login_link'; + $this->page_title = 'UCP_LOGIN_LINK'; } -} \ No newline at end of file +} diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 51823ddb12..32b70e661b 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -270,6 +270,7 @@ $lang = array_merge($lang, array( 'LINK_REMOTE_SIZE' => 'Avatar dimensions', 'LINK_REMOTE_SIZE_EXPLAIN' => 'Specify the width and height of the avatar, leave blank to attempt automatic verification.', 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', + 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', 'LOGIN_KEY' => 'Login Key', 'LOGIN_TIME' => 'Login Time', 'LOGIN_REDIRECT' => 'You have been successfully logged in.', @@ -480,6 +481,7 @@ $lang = array_merge($lang, array( 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', 'UCP_ICQ' => 'ICQ number', 'UCP_JABBER' => 'Jabber address', + 'UCP_LOGIN_LINK' => 'Set up an external account', 'UCP_MAIN' => 'Overview', 'UCP_MAIN_ATTACHMENTS' => 'Manage attachments', diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html new file mode 100644 index 0000000000..ddde41f374 --- /dev/null +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -0,0 +1,11 @@ + + +
+
+ +

{SITENAME} - {L_LOGIN_LINK}

+ +
+
+ + diff --git a/phpBB/ucp.php b/phpBB/ucp.php index b07e0139d4..d69d938038 100644 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -87,6 +87,7 @@ switch ($mode) } $module->load('ucp', 'login_link'); + $module->display($user->lang['UCP_LOGIN_LINK']); break; case 'logout': -- cgit v1.2.1 From 59852b5997905ed6f815c3cc4b9220872e1090d2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 25 Jul 2013 14:53:05 -0400 Subject: [feature/oauth] More work on login linking accounts PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 23 +++++++++++++++ phpBB/language/en/ucp.php | 1 + .../styles/prosilver/template/ucp_login_link.html | 34 ++++++++++++++++++++++ 3 files changed, 58 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 7e6374ee83..62641f0367 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -32,6 +32,29 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Process POST and GET data + $login_error = false; + $login_username = ''; + + // Common template elements + $template->assign_vars(array( + 'PASSWORD_CREDENTIAL' => 'password', + 'USERNAME_CREDENTIAL' => 'username', + )); + + // Registration template + $register_link = 'ucp.php?mode=register'; + + $template->assign_vars(array( + 'REGISTER_LINK' => redirect($register_link, true), + )); + + // Link to existing account template + $template->assign_vars(array( + 'LOGIN_ERROR' => $login_error, + 'LOGIN_USERNAME' => $login_username, + )); + $this->tpl_name = 'ucp_login_link'; $this->page_title = 'UCP_LOGIN_LINK'; } diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 32b70e661b..f44fd8905b 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -271,6 +271,7 @@ $lang = array_merge($lang, array( 'LINK_REMOTE_SIZE_EXPLAIN' => 'Specify the width and height of the avatar, leave blank to attempt automatic verification.', 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', + 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', 'LOGIN_KEY' => 'Login Key', 'LOGIN_TIME' => 'Login Time', 'LOGIN_REDIRECT' => 'You have been successfully logged in.', diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html index ddde41f374..02a9873f2b 100644 --- a/phpBB/styles/prosilver/template/ucp_login_link.html +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -5,6 +5,40 @@

{SITENAME} - {L_LOGIN_LINK}

+

{L_LOGIN_LINK_EXPLAIN}

+ +
+

{L_REGISTER}

+
+ +
+

{L_LOGIN}

+ +
+
+
{LOGIN_ERROR}
+
+
+
+
+
+
+
+
+ + + + + + {S_LOGIN_REDIRECT} +
+
 
+
{S_HIDDEN_FIELDS}
+
+
+
+
+ -- cgit v1.2.1 From 75206c74be23e17b2661faa0693cd308cab4d382 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 11:58:24 -0400 Subject: [feature/oauth] Basic checking for data needed in login linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 16 +++++++++++++++- phpBB/language/en/ucp.php | 5 +++-- phpBB/styles/prosilver/template/ucp_login_link.html | 4 ++++ 3 files changed, 22 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 62641f0367..1fb75deb61 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,17 +27,31 @@ class ucp_login_link function main($id, $mode) { - global $config, $phpbb_container, $request, $template; + global $config, $phpbb_container, $request, $template, $user; $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Initialize necessary variables + $login_link_error = null; + + // Ensure the person was sent here with login_link data + $data = $request->variable('login_link', array()); + + if (empty($data)) + { + $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; + } else { + + } + // Process POST and GET data $login_error = false; $login_username = ''; // Common template elements $template->assign_vars(array( + 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'password', 'USERNAME_CREDENTIAL' => 'username', )); diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index f44fd8905b..6e48e3b801 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -270,8 +270,9 @@ $lang = array_merge($lang, array( 'LINK_REMOTE_SIZE' => 'Avatar dimensions', 'LINK_REMOTE_SIZE_EXPLAIN' => 'Specify the width and height of the avatar, leave blank to attempt automatic verification.', 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', - 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', - 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', + 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', + 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', + 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.', 'LOGIN_KEY' => 'Login Key', 'LOGIN_TIME' => 'Login Time', 'LOGIN_REDIRECT' => 'You have been successfully logged in.', diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html index 02a9873f2b..5a03e08bc5 100644 --- a/phpBB/styles/prosilver/template/ucp_login_link.html +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -7,6 +7,10 @@

{L_LOGIN_LINK_EXPLAIN}

+
+
{LOGIN_ERROR}
+
+

{L_REGISTER}

-- cgit v1.2.1 From bcdeafedd7178d27dcd0fafd4b22cddeaefc80b0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 12:55:57 -0400 Subject: [feature/oauth] Login works on login_link now, still does not actually link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 97 +++++++++++++++++++--- .../styles/prosilver/template/ucp_login_link.html | 2 +- 2 files changed, 88 insertions(+), 11 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 1fb75deb61..1b9b0e45cb 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,7 +27,7 @@ class ucp_login_link function main($id, $mode) { - global $config, $phpbb_container, $request, $template, $user; + global $auth, $config, $phpbb_container, $request, $template, $user; $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); @@ -35,25 +35,84 @@ class ucp_login_link // Initialize necessary variables $login_link_error = null; - // Ensure the person was sent here with login_link data - $data = $request->variable('login_link', array()); + // Build the data array + $data = $this->get_login_link_data_array(); + // Ensure the person was sent here with login_link data if (empty($data)) { $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; - } else { - } - // Process POST and GET data - $login_error = false; - $login_username = ''; + // Have the authentication provider check that all necessary data is available + + + // Perform link action if there is no error + if (!login_link_error) + { + if ($request->is_set_post('login')) + { + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + + $result = $auth->login($login_username, $login_password); + + if ($result['status'] != LOGIN_SUCCESS) + { + // Handle all errors first + if ($result['status'] == LOGIN_BREAK) + { + trigger_error($result['error_msg']); + } + + switch ($result['status']) + { + case LOGIN_ERROR_ATTEMPTS: + + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + + $login_error = $user->lang[$result['error_msg']]; + break; + + case LOGIN_ERROR_PASSWORD_CONVERT: + $login_error = sprintf( + $user->lang[$result['error_msg']], + ($config['email_enable']) ? '' : '', + ($config['email_enable']) ? '' : '', + ($config['board_contact']) ? '' : '', + ($config['board_contact']) ? '' : '' + ); + break; + + // Username, password, etc... + default: + $login_error = $user->lang[$result['error_msg']]; + + // Assign admin contact to some error messages + if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') + { + $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); + } + + break; + } + } else { + // The user is now logged in, attempt to link the user to the external account + $auth_provider->link_account($data); + } + } + } // Common template elements $template->assign_vars(array( 'LOGIN_LINK_ERROR' => $login_link_error, - 'PASSWORD_CREDENTIAL' => 'password', - 'USERNAME_CREDENTIAL' => 'username', + 'PASSWORD_CREDENTIAL' => 'login_password', + 'USERNAME_CREDENTIAL' => 'login_username', )); // Registration template @@ -72,4 +131,22 @@ class ucp_login_link $this->tpl_name = 'ucp_login_link'; $this->page_title = 'UCP_LOGIN_LINK'; } + + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(phpbb_request_interface::GET); + $login_link_data = array(); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); + } + } + + return $login_link_data; + } } diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html index 5a03e08bc5..1c1fbdf528 100644 --- a/phpBB/styles/prosilver/template/ucp_login_link.html +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -8,7 +8,7 @@

{L_LOGIN_LINK_EXPLAIN}

-
{LOGIN_ERROR}
+
{LOGIN_LINK_ERROR}
-- cgit v1.2.1 From c09bda10fcf3fc7b84908bc15d86eca86b71f232 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:10:56 -0400 Subject: [feature/oauth] Properly check that all data needed is available PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 13 ++++++++++--- phpBB/language/en/ucp.php | 1 + phpBB/phpbb/auth/provider/oauth/oauth.php | 18 ++++++++++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 1b9b0e45cb..c99f162f1a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -33,7 +33,9 @@ class ucp_login_link $auth_provider = $phpbb_container->get($auth_provider); // Initialize necessary variables + $login_error = null; $login_link_error = null; + $login_username = null; // Build the data array $data = $this->get_login_link_data_array(); @@ -45,10 +47,14 @@ class ucp_login_link } // Have the authentication provider check that all necessary data is available - + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $login_link_error = $user->lang[$result]; + } // Perform link action if there is no error - if (!login_link_error) + if (!$login_link_error) { if ($request->is_set_post('login')) { @@ -143,7 +149,8 @@ class ucp_login_link { if (strpos($var_name, 'login_link_') === 0) { - $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); + $key_name = str_replace('login_link_', '', $var_name); + $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); } } diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 6e48e3b801..bfc27013fe 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -272,6 +272,7 @@ $lang = array_merge($lang, array( 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', + 'LOGIN_LINK_MISSING_DATA' => 'Data that is necessary to link your account with an external service is not available. Please restart the login process.', 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.', 'LOGIN_KEY' => 'Login Key', 'LOGIN_TIME' => 'Login Time', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a8b55fc532..eaa111d194 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -337,4 +337,22 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $ret; } + + /** + * {@inheritdoc} + */ + public function login_link_has_necessary_data($login_link_data) + { + if (empty($login_link_data)) + { + return 'LOGIN_LINK_NO_DATA_PROVIDED'; + } + + if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + + return null; + } } -- cgit v1.2.1 From ec160814b8bc21ab61314712660153b3f95eb7c9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:48:23 -0400 Subject: [feature/oauth] More work on getting login link working PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 140 +++++++++++++++++++--------------- 1 file changed, 79 insertions(+), 61 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index c99f162f1a..18d07fb520 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -27,10 +27,7 @@ class ucp_login_link function main($id, $mode) { - global $auth, $config, $phpbb_container, $request, $template, $user; - - $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); - $auth_provider = $phpbb_container->get($auth_provider); + global $config, $phpbb_container, $request, $template, $user; // Initialize necessary variables $login_error = null; @@ -53,83 +50,45 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } + // Use the auth_provider requested even if different from configured + $auth_provider = 'auth_provider.' . (array_key_exists('auth_provider', $data)) ? $data['auth_provider'] : $config['auth_method']; + $auth_provider = $phpbb_container->get($auth_provider); + // Perform link action if there is no error if (!$login_link_error) { if ($request->is_set_post('login')) { - $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); - - $result = $auth->login($login_username, $login_password); + // We only care if there is or is not an error + $login_error = $this->perform_login_action(); - if ($result['status'] != LOGIN_SUCCESS) + if (!$login_error) { - // Handle all errors first - if ($result['status'] == LOGIN_BREAK) - { - trigger_error($result['error_msg']); - } + // The user is now logged in, attempt to link the user to the external account + $result = $auth_provider->link_account($data); - switch ($result['status']) + if ($result) { - case LOGIN_ERROR_ATTEMPTS: - - $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_LOGIN); - - $template->assign_vars(array( - 'CAPTCHA_TEMPLATE' => $captcha->get_template(), - )); - - $login_error = $user->lang[$result['error_msg']]; - break; - - case LOGIN_ERROR_PASSWORD_CONVERT: - $login_error = sprintf( - $user->lang[$result['error_msg']], - ($config['email_enable']) ? '' : '', - ($config['email_enable']) ? '' : '', - ($config['board_contact']) ? '' : '', - ($config['board_contact']) ? '' : '' - ); - break; - - // Username, password, etc... - default: - $login_error = $user->lang[$result['error_msg']]; - - // Assign admin contact to some error messages - if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') - { - $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); - } - - break; + $login_link_error = $user->lang[$result]; + } else { + // Perform a redirect as the account has been linked } - } else { - // The user is now logged in, attempt to link the user to the external account - $auth_provider->link_account($data); } } } - // Common template elements + $register_link = redirect('ucp.php?mode=register', true); + $template->assign_vars(array( + // Common template elements 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', - )); - // Registration template - $register_link = 'ucp.php?mode=register'; - - $template->assign_vars(array( - 'REGISTER_LINK' => redirect($register_link, true), - )); + // Registration elements + 'REGISTER_LINK' => $register_link, - // Link to existing account template - $template->assign_vars(array( + // Login elements 'LOGIN_ERROR' => $login_error, 'LOGIN_USERNAME' => $login_username, )); @@ -156,4 +115,63 @@ class ucp_login_link return $login_link_data; } + + protected function perform_login_action() + { + global $auth, $config, $request, $template, $user; + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + + $result = $auth->login($login_username, $login_password); + + $login_error = null; + + if ($result['status'] != LOGIN_SUCCESS) + { + // Handle all errors first + if ($result['status'] == LOGIN_BREAK) + { + trigger_error($result['error_msg']); + } + + switch ($result['status']) + { + case LOGIN_ERROR_ATTEMPTS: + + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + + $login_error = $user->lang[$result['error_msg']]; + break; + + case LOGIN_ERROR_PASSWORD_CONVERT: + $login_error = sprintf( + $user->lang[$result['error_msg']], + ($config['email_enable']) ? '' : '', + ($config['email_enable']) ? '' : '', + ($config['board_contact']) ? '' : '', + ($config['board_contact']) ? '' : '' + ); + break; + + // Username, password, etc... + default: + $login_error = $user->lang[$result['error_msg']]; + + // Assign admin contact to some error messages + if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') + { + $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '', ''); + } + + break; + } + } + + return $login_error; + } } -- cgit v1.2.1 From 600c29e6ecc189aed1ba6b993c3fe79033285df1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 14:01:44 -0400 Subject: [feature/oauth] Most of ucp page related to login option should be done now PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 18d07fb520..c2fc0fdfab 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -43,6 +43,10 @@ class ucp_login_link $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; } + // Use the auth_provider requested even if different from configured + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); + // Have the authentication provider check that all necessary data is available $result = $auth_provider->login_link_has_necessary_data($data); if ($result !== null) @@ -50,10 +54,6 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } - // Use the auth_provider requested even if different from configured - $auth_provider = 'auth_provider.' . (array_key_exists('auth_provider', $data)) ? $data['auth_provider'] : $config['auth_method']; - $auth_provider = $phpbb_container->get($auth_provider); - // Perform link action if there is no error if (!$login_link_error) { @@ -72,6 +72,7 @@ class ucp_login_link $login_link_error = $user->lang[$result]; } else { // Perform a redirect as the account has been linked + $this->perform_redirect(); } } } @@ -120,7 +121,7 @@ class ucp_login_link { global $auth, $config, $request, $template, $user; $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('password', '', true, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); $result = $auth->login($login_username, $login_password); @@ -174,4 +175,10 @@ class ucp_login_link return $login_error; } + + protected function perform_redirect() + { + // TODO: Make redirect to same page as login would have + redirect('index.php'); + } } -- cgit v1.2.1 From 9eb4d55e8215d93256ae4ea241d40efa1d5b5854 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 14:27:12 -0400 Subject: [feature/oauth] Start work on linking an oauth account Updates token storage to allow retrieval only by session_id PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 36 +++++++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 123 +++++++++++++++++----- 2 files changed, 130 insertions(+), 29 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index eaa111d194..0bcbcda74e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -355,4 +355,40 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return null; } + + /** + * {@inheritdoc} + */ + public function link_account(array $link_data) + { + // We must have an oauth_service listed, check for it two ways + if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) + { + if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service')) + { + $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); + } + + if (!$link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + } + + $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); + if (!array_key_exists($service_name, $this->service_providers)) + { + return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST'; + } + + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + + // Check for an access token, they should have one + if (!$storage->has_access_token_by_sesion()) + { + return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; + } + + $token = $storage->retrieve_access_token_by_session(); + } } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index e1cf579370..af85f5598f 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -96,30 +96,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); - - if (!$row) - { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); - } - - $token = unserialize($row['oauth_token']); - - // Ensure that the token was serialized/unserialized correctly - if (!($token instanceof TokenInterface)) - { - $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); - } - - $this->cachedToken = $token; - return $token; + return $this->_retrieve_access_token($data); } /** @@ -164,11 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->_has_acess_token($data); if (!$row) { @@ -217,4 +190,96 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface AND session_id = \'' . $this->user->data['session_id'] . '\''; $this->db->sql_query($sql); } + + /** + * Checks to see if an access token exists solely by the session_id of the user + * + * @return bool true if they have token, false if they don't + */ + public function has_access_token_by_session() + { + if( $this->cachedToken ) { + return true; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + $row = $this->_has_acess_token($data); + + if (!$row) + { + return false; + } + + return true; + } + + /** + * A helper function that performs the query for has access token functions + * + * @param array $data + * @return mixed + */ + protected function _has_acess_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } + + public function retrieve_access_token_by_session() + { + if( $this->cachedToken instanceOf TokenInterface ) { + return $this->cachedToken; + } + + $data = array( + 'session_id' => $this->user->data['session_id'], + 'provider' => $this->service_name, + ); + + return $this->_retrieve_access_token($data); + } + + /** + * A helper function that performs the query for retrieve access token functions + * Also checks if the token is a valid token + * + * @param array $data + * @return mixed + */ + protected function _retrieve_access_token($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + // TODO: translate + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + // TODO: translate + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; + } } -- cgit v1.2.1 From 641433920e43478a021743557f69382292f60f68 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 15:07:24 -0400 Subject: [feature/oauth] Worked in at least one test PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0bcbcda74e..56655fdfd9 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -177,8 +177,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED', 'user_row' => array(), 'redirect_data' => array( - 'auth_provider' => 'oauth', - 'oauth_service' => $service_name_original, + 'auth_provider' => 'oauth', + 'login_link_oauth_service' => $service_name_original, ), ); } @@ -384,11 +384,30 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one - if (!$storage->has_access_token_by_sesion()) + if (!$storage->has_access_token_by_session()) { return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } - $token = $storage->retrieve_access_token_by_session(); + // Prepare for an authentication request + $this->get_current_uri(strtolower($link_data['oauth_service'])); + $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); + $scopes = $this->service_providers[$service_name]->get_auth_scope(); + $service = $this->get_service($service_name, $storage, $service_credentials, $scopes); + $this->service_providers[$service_name]->set_external_service_provider($service); + + // The user has already authenticated successfully, request to authenticate again + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + + // Insert into table, they will be able to log in after this + $data = array( + 'user_id' => $this->user->data['user_id'], + 'provider' => strtolower($link_data['oauth_service']), + 'oauth_provider_id' => $unique_id, + ); + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' + ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); } } -- cgit v1.2.1 From 3d55e5faa91f0161bc020720a81b50171b30f49d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:03:54 -0400 Subject: [feature/oauth] Works in all tests now PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 21 ++++++++++++++------- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/service/google.php | 20 +++++++++++++++++++- 3 files changed, 36 insertions(+), 11 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index c2fc0fdfab..5b58e91b9a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -59,11 +59,19 @@ class ucp_login_link { if ($request->is_set_post('login')) { + $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); + $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); + + $login_result = $auth_provider->login($login_username, $login_password); + // We only care if there is or is not an error - $login_error = $this->perform_login_action(); + $login_error = $this->process_login_result($login_result); if (!$login_error) { + // Give the user_id to the data + $data['user_id'] = $login_result['user_row']['user_id']; + // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); @@ -71,6 +79,9 @@ class ucp_login_link { $login_link_error = $user->lang[$result]; } else { + // Finish login + $result = $user->session_create($login_result['user_row']['user_id'], false, false, true); + // Perform a redirect as the account has been linked $this->perform_redirect(); } @@ -117,13 +128,9 @@ class ucp_login_link return $login_link_data; } - protected function perform_login_action() + protected function process_login_result($result) { - global $auth, $config, $request, $template, $user; - $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST); - $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST); - - $result = $auth->login($login_username, $login_password); + global $config, $request, $template, $user; $login_error = null; diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 56655fdfd9..6526667794 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -394,15 +394,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service($service_name, $storage, $service_credentials, $scopes); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes); $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again - $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + $unique_id = $this->service_providers[$service_name]->perform_auth_link(); // Insert into table, they will be able to log in after this $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => $link_data['user_id'], 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 3e5735b97c..c5de1e01d2 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -81,7 +81,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth throw new Exception('Invalid service provider type'); } - // This was a callback request from bitly, get the token + // This was a callback request, get the token $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); // Send a request with it @@ -90,4 +90,22 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Return the unique identifier returned from bitly return $result['id']; } + + /** + * {@inheritdoc} + */ + public function perform_auth_link() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } -- cgit v1.2.1 From d21ab4f629342d9f1bb46f489f166c9016ebe72b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:07:11 -0400 Subject: [feature/oauth] Update the OAuth service interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/facebook.php | 18 ++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/service/google.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/interface.php | 9 +++++++++ 5 files changed, 47 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6526667794..4266a8de0d 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -398,7 +398,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again - $unique_id = $this->service_providers[$service_name]->perform_auth_link(); + $unique_id = $this->service_providers[$service_name]->perform_token_auth(); // Insert into table, they will be able to log in after this $data = array( diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index b6b99c0850..9b8e7ebb03 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -79,4 +79,22 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ // Return the unique identifier returned from bitly return $result['data']['login']; } + + /** + * {@inheritdoc} + */ + public function perform_token_auth() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('user/info'), true ); + + // Return the unique identifier returned from bitly + return $result['data']['login']; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 4758ae11f8..16919081cc 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -79,4 +79,22 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau // Return the unique identifier returned from bitly return $result['id']; } + + /** + * {@inheritdoc} + */ + public function perform_token_auth() + { + if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) + { + // TODO: make exception class and use language constant + throw new Exception('Invalid service provider type'); + } + + // Send a request with it + $result = json_decode( $this->service_provider->request('/me'), true ); + + // Return the unique identifier returned from bitly + return $result['id']; + } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index c5de1e01d2..b49a833cce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -94,7 +94,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth /** * {@inheritdoc} */ - public function perform_auth_link() + public function perform_token_auth() { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index a69148695d..0d6ae7417f 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -57,6 +57,15 @@ interface phpbb_auth_provider_oauth_service_interface */ public function perform_auth_login(); + /** + * Returns the results of the authentication in json format + * Use this function when the user already has an access token + * + * @return string The unique identifier returned by the service provider + * that is used to authenticate the user with phpBB. + */ + public function perform_token_auth(); + /** * Sets the external library service provider * -- cgit v1.2.1 From e91b73e62d32a031625651133a51e9310cfcadbf Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:12:36 -0400 Subject: [feature/oauth] Update the auth interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 16 ++++++++++++++++ phpBB/phpbb/auth/provider/interface.php | 20 ++++++++++++++++++++ 2 files changed, 36 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 7eaf8bb2d3..ca1c635b15 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -69,4 +69,20 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface { return; } + + /** + * {@inheritdoc} + */ + public function login_link_has_necessary_data($login_link_data) + { + return; + } + + /** + * {@inheritdoc} + */ + public function link_account(array $link_data) + { + return; + } } diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 9cee63abeb..a2d57a6917 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -125,4 +125,24 @@ interface phpbb_auth_provider_interface * session should be closed, or null if not implemented. */ public function validate_session($user); + + /** + * Checks to see if $login_link_data contains all information except for the + * user_id of an account needed to successfully link an external account to + * a forum account. + * + * @param array $link_data Any data needed to link a phpBB account to + * an external account. + * @return string|null Returns a string with a language constant if there + * is data missing or null if there is no error. + */ + public function login_link_has_necessary_data($login_link_data); + + /** + * Links an external account to a phpBB account. + * + * @param array $link_data Any data needed to link a phpBB account to + * an external account. + */ + public function link_account(array $link_data); } -- cgit v1.2.1 From e53ebb1b68494690749472378de1044d31645f17 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 16:28:12 -0400 Subject: [feature/oauth] Update user_id on the access token PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4266a8de0d..cfeee94439 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -409,5 +409,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); + + // Update token storage to store the user_id + $storage->set_user_id($link_data['user_id']); } } -- cgit v1.2.1 From bf9d4e0cdf0fc99555ebd9860665ce898a8d9497 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:08:13 -0400 Subject: [feature/oauth] Consolidate repeated query into one function PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 56 +++++++++++------------ 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index af85f5598f..b38029c650 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -141,14 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data['session_id'] = $this->user->data['session_id']; } - $row = $this->_has_acess_token($data); - - if (!$row) - { - return false; - } - - return true; + return $this->_has_acess_token($data); } /** @@ -207,31 +200,25 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - $row = $this->_has_acess_token($data); - - if (!$row) - { - return false; - } - - return true; + return $this->_has_acess_token($data); } /** * A helper function that performs the query for has access token functions * * @param array $data - * @return mixed + * @return bool */ protected function _has_acess_token($data) { - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->get_access_token_row($data); - return $row; + if (!$row) + { + return false; + } + + return true; } public function retrieve_access_token_by_session() @@ -257,11 +244,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected function _retrieve_access_token($data) { - $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' - WHERE ' . $this->db->sql_build_array('SELECT', $data); - $result = $this->db->sql_query($sql); - $row = $this->db->sql_fetchrow($result); - $this->db->sql_freeresult($result); + $row = $this->get_access_token_row($data); if (!$row) { @@ -282,4 +265,21 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; return $token; } + + /** + * A helper function that performs the query for retrieving an access token + * + * @param array $data + * @return mixed + */ + protected function get_access_token_row($data) + { + $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } } -- cgit v1.2.1 From b74e65801a17ec5d221661ac92f1c437cc7ade1a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:14:48 -0400 Subject: [feature/oauth] Clean up documentation PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/service/google.php | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index a2d57a6917..fd3fa7d879 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -87,7 +87,7 @@ interface phpbb_auth_provider_interface * ) * An optional third element may be added to this * array: 'BLOCK_VAR_NAME'. If this is present, - * then it's value should be a string that is used + * then its value should be a string that is used * to designate the name of the loop used in the * ACP template file. In addition to this, an * additional key named 'BLOCK_VARS' is required. diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 16919081cc..dc742cca0d 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -70,13 +70,13 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau throw new Exception('Invalid service provider type'); } - // This was a callback request from bitly, get the token + // This was a callback request, get the token $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); // Send a request with it $result = json_decode( $this->service_provider->request('/me'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } @@ -94,7 +94,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau // Send a request with it $result = json_decode( $this->service_provider->request('/me'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index b49a833cce..e2b0f7d36a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Send a request with it $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } @@ -105,7 +105,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth // Send a request with it $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); - // Return the unique identifier returned from bitly + // Return the unique identifier return $result['id']; } } -- cgit v1.2.1 From c5515eaf5466f2122a69c35aacd17b3614f46462 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:16:25 -0400 Subject: [feature/oauth] Reword some of the language text PHPBB3-11673 --- phpBB/language/en/ucp.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index bfc27013fe..101fc7663a 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -270,8 +270,8 @@ $lang = array_merge($lang, array( 'LINK_REMOTE_SIZE' => 'Avatar dimensions', 'LINK_REMOTE_SIZE_EXPLAIN' => 'Specify the width and height of the avatar, leave blank to attempt automatic verification.', 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', - 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', - 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', + 'LOGIN_LINK' => 'Link or Register Your External Account with This Board', + 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on this board. You must now either link this account to an existing account or create a new account.', 'LOGIN_LINK_MISSING_DATA' => 'Data that is necessary to link your account with an external service is not available. Please restart the login process.', 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.', 'LOGIN_KEY' => 'Login Key', -- cgit v1.2.1 From 6a45cd7bcafda208a6e0f096c8cc8c0fc45abe16 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:30:49 -0400 Subject: [feature/oauth] Login_link register form PHPBB3-11673 --- phpBB/styles/prosilver/template/ucp_login_link.html | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'phpBB') diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html index 1c1fbdf528..baf7d56176 100644 --- a/phpBB/styles/prosilver/template/ucp_login_link.html +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -13,6 +13,15 @@

{L_REGISTER}

+ +
+
+
+
 
+
{S_HIDDEN_FIELDS}
+
+
+
-- cgit v1.2.1 From 0cbfa8ffd465bdff113bdbc92326c2d272afe15d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 30 Jul 2013 14:45:05 -0400 Subject: [feature/oauth] Start working on login_link registration support PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 5b58e91b9a..73991dc1a4 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -89,8 +89,6 @@ class ucp_login_link } } - $register_link = redirect('ucp.php?mode=register', true); - $template->assign_vars(array( // Common template elements 'LOGIN_LINK_ERROR' => $login_link_error, @@ -98,7 +96,7 @@ class ucp_login_link 'USERNAME_CREDENTIAL' => 'login_username', // Registration elements - 'REGISTER_LINK' => $register_link, + 'REGISTER_ACTION' => $this->get_register_redirect($data), // Login elements 'LOGIN_ERROR' => $login_error, @@ -109,6 +107,20 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } + protected function get_register_redirect($data) + { + global $config, $phpbb_root_path, $phpEx, $request; + + $params = 'mode=register&login_link=1&auth_provider=' . $request->variable('auth_provider', $config['auth_method']); + + foreach ($data as $key => $value) + { + $params .= '&login_link_' . $key . '=' . $value; + } + + return append_sid("{$phpbb_root_path}ucp.$phpEx", $params); + } + protected function get_login_link_data_array() { global $request; -- cgit v1.2.1 From b6d93d21bade3cab9f9434e6a87802913587feae Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 13:46:40 -0400 Subject: [feature/oauth] Login_link in registration PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 11 ++++---- phpBB/includes/ucp/ucp_register.php | 52 +++++++++++++++++++++++++++++++++-- 2 files changed, 56 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 73991dc1a4..e60628e3c1 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -94,9 +94,10 @@ class ucp_login_link 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', + 'S_HIDDEN_FIELDS' => $this->get_hidden_fields(), // Registration elements - 'REGISTER_ACTION' => $this->get_register_redirect($data), + 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), // Login elements 'LOGIN_ERROR' => $login_error, @@ -107,18 +108,18 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } - protected function get_register_redirect($data) + protected function get_register_hidden_fields($data) { global $config, $phpbb_root_path, $phpEx, $request; - $params = 'mode=register&login_link=1&auth_provider=' . $request->variable('auth_provider', $config['auth_method']); + $fields = array(); foreach ($data as $key => $value) { - $params .= '&login_link_' . $key . '=' . $value; + $fields['login_link_' . $key] = $value; } - return append_sid("{$phpbb_root_path}ucp.$phpEx", $params); + return build_hidden_fields($s_hidden_fields); } protected function get_login_link_data_array() diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 70fbfe46fb..d52e172ec2 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -27,7 +27,7 @@ class ucp_register function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; - global $request; + global $request, $phpbb_container; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) @@ -78,11 +78,28 @@ class ucp_register } } - $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); + // Handle login_link data added to $_hidden_fields + $login_link_data = $this->get_login_link_data_array(); + + if ($login_link_data !== array()) + { + // Confirm that we have all necessary data + $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); + $auth_provider = $phpbb_container->get($auth_provider); + + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $error[] = $user->lang[$result]; + } + + $s_hidden_fields = array_merge($s_hidden_fields, $login_link_data); + } + if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; @@ -398,6 +415,19 @@ class ucp_register } } + // Perform account linking if necessary + if ($login_link_data !== array()) + { + $login_link_data['user_id'] = $user_id; + + $result = $auth_provider->link_account($login_link_data); + + if ($result) + { + $message = $message . '

' . $user->lang[$result]; + } + } + $message = $message . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); trigger_error($message); } @@ -474,4 +504,22 @@ class ucp_register $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; } + + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(phpbb_request_interface::POST); + $login_link_data = array(); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); + } + } + + return $login_link_data; + } } -- cgit v1.2.1 From 3b19d5c1984c26a137013f0c60a45001321bfa88 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 14:46:31 -0400 Subject: [feature/oauth] Fix errors on ucp_login_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index e60628e3c1..9f2fa6330a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -28,6 +28,7 @@ class ucp_login_link function main($id, $mode) { global $config, $phpbb_container, $request, $template, $user; + global $phpbb_root_path, $phpEx; // Initialize necessary variables $login_error = null; @@ -94,7 +95,7 @@ class ucp_login_link 'LOGIN_LINK_ERROR' => $login_link_error, 'PASSWORD_CREDENTIAL' => 'login_password', 'USERNAME_CREDENTIAL' => 'login_username', - 'S_HIDDEN_FIELDS' => $this->get_hidden_fields(), + 'S_HIDDEN_FIELDS' => $this->get_hidden_fields($data), // Registration elements 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), @@ -108,10 +109,8 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } - protected function get_register_hidden_fields($data) + protected function get_hidden_fields($data) { - global $config, $phpbb_root_path, $phpEx, $request; - $fields = array(); foreach ($data as $key => $value) @@ -119,7 +118,7 @@ class ucp_login_link $fields['login_link_' . $key] = $value; } - return build_hidden_fields($s_hidden_fields); + return build_hidden_fields($fields); } protected function get_login_link_data_array() -- cgit v1.2.1 From aa80ac44a4f4f84d0fc41fa0218cc7d7140c3df0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 14:54:16 -0400 Subject: [feature/oauth] Login_link works with ucp_register now PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index d52e172ec2..8400e98630 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -81,6 +81,7 @@ class ucp_register $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); + $s_hidden_fields = array(); // Handle login_link data added to $_hidden_fields $login_link_data = $this->get_login_link_data_array(); @@ -91,13 +92,13 @@ class ucp_register $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); - $result = $auth_provider->login_link_has_necessary_data($data); + $result = $auth_provider->login_link_has_necessary_data($login_link_data); if ($result !== null) { $error[] = $user->lang[$result]; } - $s_hidden_fields = array_merge($s_hidden_fields, $login_link_data); + $s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data)); } if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) @@ -105,9 +106,9 @@ class ucp_register $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; - $s_hidden_fields = array( + $s_hidden_fields = array_merge($s_hidden_fields, array( 'change_lang' => $change_lang, - ); + )); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) @@ -433,10 +434,10 @@ class ucp_register } } - $s_hidden_fields = array( + $s_hidden_fields = array_merge($s_hidden_fields, array( 'agreed' => 'true', 'change_lang' => 0, - ); + )); if ($config['coppa_enable']) { @@ -516,10 +517,23 @@ class ucp_register { if (strpos($var_name, 'login_link_') === 0) { - $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); + $key_name = str_replace('login_link_', '', $var_name); + $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); } } return $login_link_data; } + + protected function get_login_link_data_for_hidden_fields($data) + { + $new_data = array(); + + foreach ($data as $key => $value) + { + $new_data['login_link_' . $key] = $value; + } + + return $new_data; + } } -- cgit v1.2.1 From 3264a7ece5cd4b964b854d6d3a1af044e2e70282 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 16:33:54 -0400 Subject: [feature/oauth] Attempt to fix postgres issue PHPBB3-11673 --- phpBB/develop/create_schema_files.php | 2 +- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/develop/create_schema_files.php b/phpBB/develop/create_schema_files.php index a722a88ff3..b634c236b0 100644 --- a/phpBB/develop/create_schema_files.php +++ b/phpBB/develop/create_schema_files.php @@ -928,7 +928,7 @@ function get_schema_struct() 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set 'provider' => array('VCHAR', ''), // Name of the OAuth provider - 'oauth_token' => array('TEXT_UNI', ''), // Serialized token + 'oauth_token' => array('MTEXT', ''), // Serialized token ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 5e3fa919e8..07541c7eac 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -23,7 +23,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration 'user_id' => array('UINT', 0), // phpbb_users.user_id 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set 'provider' => array('VCHAR', ''), // Name of the OAuth provider - 'oauth_token' => array('TEXT_UNI'), // Serialized token + 'oauth_token' => array('MTEXT', ''), // Serialized token ), 'KEYS' => array( 'user_id' => array('INDEX', 'user_id'), -- cgit v1.2.1 From c33f97038675c7ca79c8cbb0ece08c989f411c9b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 31 Jul 2013 16:50:19 -0400 Subject: [feature/oauth] Forgot to update schema files PHPBB3-11673 --- phpBB/install/schemas/firebird_schema.sql | 2 +- phpBB/install/schemas/mssql_schema.sql | 4 ++-- phpBB/install/schemas/mysql_40_schema.sql | 2 +- phpBB/install/schemas/mysql_41_schema.sql | 2 +- phpBB/install/schemas/postgres_schema.sql | 2 +- phpBB/install/schemas/sqlite_schema.sql | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/install/schemas/firebird_schema.sql b/phpBB/install/schemas/firebird_schema.sql index ce9be26e68..1e47008d73 100644 --- a/phpBB/install/schemas/firebird_schema.sql +++ b/phpBB/install/schemas/firebird_schema.sql @@ -133,7 +133,7 @@ CREATE TABLE phpbb_oauth_tokens ( user_id INTEGER DEFAULT 0 NOT NULL, session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, provider VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL, - oauth_token BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL + oauth_token BLOB SUB_TYPE TEXT CHARACTER SET NONE DEFAULT '' NOT NULL );; CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens(user_id);; diff --git a/phpBB/install/schemas/mssql_schema.sql b/phpBB/install/schemas/mssql_schema.sql index 94cfa98784..922313236e 100644 --- a/phpBB/install/schemas/mssql_schema.sql +++ b/phpBB/install/schemas/mssql_schema.sql @@ -173,8 +173,8 @@ CREATE TABLE [phpbb_oauth_tokens] ( [user_id] [int] DEFAULT (0) NOT NULL , [session_id] [char] (32) DEFAULT ('') NOT NULL , [provider] [varchar] (255) DEFAULT ('') NOT NULL , - [oauth_token] [varchar] (4000) DEFAULT ('') NOT NULL -) ON [PRIMARY] + [oauth_token] [text] DEFAULT ('') NOT NULL +) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO CREATE INDEX [user_id] ON [phpbb_oauth_tokens]([user_id]) ON [PRIMARY] diff --git a/phpBB/install/schemas/mysql_40_schema.sql b/phpBB/install/schemas/mysql_40_schema.sql index fe09756b1e..e07a768387 100644 --- a/phpBB/install/schemas/mysql_40_schema.sql +++ b/phpBB/install/schemas/mysql_40_schema.sql @@ -95,7 +95,7 @@ CREATE TABLE phpbb_oauth_tokens ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, session_id binary(32) DEFAULT '' NOT NULL, provider varbinary(255) DEFAULT '' NOT NULL, - oauth_token blob NOT NULL, + oauth_token mediumblob NOT NULL, KEY user_id (user_id), KEY provider (provider) ); diff --git a/phpBB/install/schemas/mysql_41_schema.sql b/phpBB/install/schemas/mysql_41_schema.sql index a385010f43..d3ed1ee15e 100644 --- a/phpBB/install/schemas/mysql_41_schema.sql +++ b/phpBB/install/schemas/mysql_41_schema.sql @@ -95,7 +95,7 @@ CREATE TABLE phpbb_oauth_tokens ( user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, session_id char(32) DEFAULT '' NOT NULL, provider varchar(255) DEFAULT '' NOT NULL, - oauth_token text NOT NULL, + oauth_token mediumtext NOT NULL, KEY user_id (user_id), KEY provider (provider) ) CHARACTER SET `utf8` COLLATE `utf8_bin`; diff --git a/phpBB/install/schemas/postgres_schema.sql b/phpBB/install/schemas/postgres_schema.sql index f64f4981d5..14435898eb 100644 --- a/phpBB/install/schemas/postgres_schema.sql +++ b/phpBB/install/schemas/postgres_schema.sql @@ -195,7 +195,7 @@ CREATE TABLE phpbb_oauth_tokens ( user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0), session_id char(32) DEFAULT '' NOT NULL, provider varchar(255) DEFAULT '' NOT NULL, - oauth_token varchar(4000) DEFAULT '' NOT NULL + oauth_token TEXT DEFAULT '' NOT NULL ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); diff --git a/phpBB/install/schemas/sqlite_schema.sql b/phpBB/install/schemas/sqlite_schema.sql index 54f3a132ef..de88900f06 100644 --- a/phpBB/install/schemas/sqlite_schema.sql +++ b/phpBB/install/schemas/sqlite_schema.sql @@ -94,7 +94,7 @@ CREATE TABLE phpbb_oauth_tokens ( user_id INTEGER UNSIGNED NOT NULL DEFAULT '0', session_id char(32) NOT NULL DEFAULT '', provider varchar(255) NOT NULL DEFAULT '', - oauth_token text(65535) NOT NULL DEFAULT '' + oauth_token mediumtext(16777215) NOT NULL DEFAULT '' ); CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id); -- cgit v1.2.1 From abee7760182f010dcd92b95c4c14c99a39798c5f Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 1 Aug 2013 21:30:36 -0400 Subject: [feature/oauth] Clean up oauth.php PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index cfeee94439..8979f413b5 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -129,8 +129,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - // TODO: Remove before merging - global $phpbb_root_path, $phpEx; $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); return $provider->login($username, $password); } @@ -151,7 +149,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope()); + $query = 'mode=login&login=external&oauth_service=' . $service_name; + $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); if ($this->request->is_set('code', phpbb_request_interface::GET)) { @@ -215,39 +214,45 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base /** * Returns the cached current_uri object or creates and caches it if it is - * not already created + * not already created. In each case the query string is updated based on + * the $query parameter. * - * @param string $service_name The name of the service + * @param string $service_name The name of the service + * @param string $query The query string of the current_uri + * used in redirects * @return \OAuth\Common\Http\Uri\UriInterface */ - protected function get_current_uri($service_name) + protected function get_current_uri($service_name, $query) { if ($this->current_uri) { + $this->current_uri->setQuery($query); return $this->current_uri; } $uri_factory = new \OAuth\Common\Http\Uri\UriFactory(); $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER)); - $current_uri->setQuery('mode=login&login=external&oauth_service=' . $service_name); + $current_uri->setQuery($query); $this->current_uri = $current_uri; return $current_uri; } /** - * Returns the cached service object or creates a new one + * Returns a new service object * * @param string $service_name The name of the service * @param phpbb_auth_oauth_token_storage $storage * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials} * @param array $scope The scope of the request against * the api. + * @param string $query The query string of the + * current_uri used in redirection * @return \OAuth\Common\Service\ServiceInterface */ - protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array()) + protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array(), $query) { - $current_uri = $this->get_current_uri($service_name); + $current_uri = $this->get_current_uri($service_name, $query); // Setup the credentials for the requests $credentials = new Credentials( @@ -390,11 +395,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Prepare for an authentication request - $this->get_current_uri(strtolower($link_data['oauth_service'])); - $this->current_uri->setQuery('mode=login_link&login_link_oauth_service=' . $service_name); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes); + $query = 'mode=login_link&login_link_oauth_service=' . $service_name; + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); // The user has already authenticated successfully, request to authenticate again -- cgit v1.2.1 From abe9f27723fdc979069082dbe6af3c8a0aceace6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 1 Aug 2013 21:34:50 -0400 Subject: [feature/oauth] Clean up OAuth services PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/base.php b/phpBB/phpbb/auth/provider/oauth/service/base.php index ccfe57c8e2..1eb49b4265 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/base.php +++ b/phpBB/phpbb/auth/provider/oauth/service/base.php @@ -16,7 +16,7 @@ if (!defined('IN_PHPBB')) } /** -* Bitly OAuth service +* Base OAuth abstract class that all OAuth services should implement * * @package auth */ -- cgit v1.2.1 From 245e71e4e20b8d4ec80fc5e059dc12db51d10651 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:05:09 -0400 Subject: [feature/oauth] Add get_login_data to the auth_provider_interface PHPBB3-11673 --- phpBB/includes/functions.php | 20 ++++++++++++++++++++ phpBB/phpbb/auth/provider/base.php | 8 ++++++++ phpBB/phpbb/auth/provider/interface.php | 21 +++++++++++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 4 +--- 4 files changed, 50 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 02cdfd7ed1..79391aba56 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3367,6 +3367,26 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields['credential'] = $credential; } + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + + $auth_provider_data = $auth_provider->get_login_data(); + if ($auth_provider_data) + { + if (isset($auth_provider_data['VARS'])) + { + $template->assign_vars($auth_provider_data['VARS']); + } + + if (isset($auth_provider_data['BLOCK_VAR_NAME'])) + { + $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $auth_provider_data['BLOCK_VARS']); + } + + $template->assign_vars(array( + 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'], + )); + } + $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; if ($oauth_login) diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index ca1c635b15..ae1daba82b 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -54,6 +54,14 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface return; } + /** + * {@inheritdoc} + */ + public function get_login_data() + { + return; + } + /** * {@inheritdoc} */ diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index fd3fa7d879..21526fd858 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -106,6 +106,27 @@ interface phpbb_auth_provider_interface */ public function get_acp_template($new_config); + /** + * Returns an array of data necessary to build custom elements on the login + * form. + * + * @return array|null If this function is not implemented on an auth + * provider then it returns null. If it is implemented + * it will return an array of up to four elements of + * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is + * present then 'BLOCK_VARS' must also be present in + * the array. The fourth element 'VARS' is also + * optional. The array, with all four elements present + * looks like the following: + * array( + * 'TEMPLATE_FILE' => string, + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array(...), + * 'VARS' => array(...), + * ) + */ + public function get_login_data(); + /** * Performs additional actions during logout. * diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 8979f413b5..62024ff094 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -274,9 +274,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** - * Returns an array of login data for all enabled OAuth services. - * - * @return array + * {@inheritdoc} */ public function get_login_data() { -- cgit v1.2.1 From 1ae2283b348d6fef1f9e90a49e2a25914465585e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:21:07 -0400 Subject: [feature/oauth] Finish updating interface and related code PHPBB3-11673 --- phpBB/includes/functions.php | 19 ++++--------------- phpBB/phpbb/auth/provider/oauth/oauth.php | 8 ++++++-- phpBB/styles/prosilver/template/login_body.html | 13 ++++--------- phpBB/styles/prosilver/template/login_body_oauth.html | 8 ++++++++ 4 files changed, 22 insertions(+), 26 deletions(-) create mode 100644 phpBB/styles/prosilver/template/login_body_oauth.html (limited to 'phpBB') diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 79391aba56..5849a21013 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -3379,7 +3379,10 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa if (isset($auth_provider_data['BLOCK_VAR_NAME'])) { - $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $auth_provider_data['BLOCK_VARS']); + foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars) + { + $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars); + } } $template->assign_vars(array( @@ -3387,26 +3390,12 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa )); } - $oauth_login = ($config['auth_method'] == 'oauth') ? true : false; - - if ($oauth_login) - { - $auth_provider = $phpbb_container->get('auth.provider.oauth'); - $oauth_box_data = $auth_provider->get_login_data(); - foreach ($oauth_box_data as $data) - { - $template->assign_block_vars('oauth', $data); - } - } - $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $l_explain, - 'OAUTH_LOGIN' => $oauth_login, - 'U_SEND_PASSWORD' => ($config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') : '', 'U_RESEND_ACTIVATION' => ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=resend_act') : '', 'U_TERMS_USE' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=terms'), diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 62024ff094..1cc19d143e 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -278,7 +278,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_login_data() { - $login_data = array(); + $login_data = array( + 'TEMPLATE_FILE' => 'login_body_oauth.html', + 'BLOCK_VAR_NAME' => 'oauth', + 'BLOCK_VARS' => array(), + ); foreach ($this->service_providers as $service_name => $service_provider) { @@ -288,7 +292,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; - $login_data[$service_name] = array( + $login_data['BLOCK_VARS'][$service_name] = array( 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], ); diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index 64b3915a1b..e00e5d7a67 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -46,16 +46,11 @@
{S_HIDDEN_FIELDS}
-
+
-
- -
-
 
-
{oauth.SERVICE_NAME}
-
- -
+ + + diff --git a/phpBB/styles/prosilver/template/login_body_oauth.html b/phpBB/styles/prosilver/template/login_body_oauth.html new file mode 100644 index 0000000000..eb6c627c6f --- /dev/null +++ b/phpBB/styles/prosilver/template/login_body_oauth.html @@ -0,0 +1,8 @@ +
+ +
+
 
+
{oauth.SERVICE_NAME}
+
+ +
\ No newline at end of file -- cgit v1.2.1 From 2222f3f38048b004b353f0f346cee1d1a0eafd37 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:23:18 -0400 Subject: [feature/oauth] Fix error caused by previous change in OAuth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 1cc19d143e..3528c0b83f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -149,7 +149,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $query = 'mode=login&login=external&oauth_service=' . $service_name; + $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); if ($this->request->is_set('code', phpbb_request_interface::GET)) @@ -399,7 +399,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $query = 'mode=login_link&login_link_oauth_service=' . $service_name; + $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); -- cgit v1.2.1 From e16dd958e351c39371db943fec359677c950c9ec Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:31:12 -0400 Subject: [feature/oauth] OAuth clear tokens on logout PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 3528c0b83f..786caf5463 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -419,4 +419,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Update token storage to store the user_id $storage->set_user_id($link_data['user_id']); } + + /** + * {@inheritdoc} + */ + public function logout($data, $new_session) + { + // Clear all tokens belonging to the user + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " + WHERE session_id = '" . $this->db->sql_escape($this->user->session_id) . "' + AND user_id = " . (int) $this->user->data['user_id']; + $this->db->sql_query($sql); + + return; + } } -- cgit v1.2.1 From 3cbb97316066b606548af5d24b4fe2199533cffe Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 2 Aug 2013 14:37:15 -0400 Subject: [feature/oauth] Pass users_table as parameter to OAuth in construct PHPBB3-11673 --- phpBB/config/auth_providers.yml | 1 + phpBB/phpbb/auth/provider/oauth/oauth.php | 13 +++++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index 393c2a4229..bad6be9880 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -45,6 +45,7 @@ services: - %tables.auth_provider_oauth_token_storage% - %tables.auth_provider_oauth_account_assoc% - @auth.provider.oauth.service_collection + - %tables.users% tags: - { name: auth.provider } auth.provider.oauth.service_collection: diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 786caf5463..4973cde349 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -74,6 +74,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $service_providers; + /** + * Users table + * + * @var string + */ + protected $users_table; + /** * Cached current uri object * @@ -91,8 +98,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface + * @param string $users)table */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table) { $this->db = $db; $this->config = $config; @@ -101,6 +109,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table; $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; + $this->users_table = $users_table; } /** @@ -184,7 +193,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . USERS_TABLE . " + FROM ' . $this->users_table . " WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); -- cgit v1.2.1 From baa3a750c4cd2112202c40b39d1f3fdf5b05bdb1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 5 Aug 2013 15:34:26 -0400 Subject: [feature/oauth] Start general auth linking page PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 27 ++++++++++++++++++++++ phpBB/language/en/ucp.php | 1 + phpBB/styles/prosilver/template/ucp_auth_link.html | 3 +++ 3 files changed, 31 insertions(+) create mode 100644 phpBB/includes/ucp/ucp_auth_link.php create mode 100644 phpBB/styles/prosilver/template/ucp_auth_link.html (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php new file mode 100644 index 0000000000..266273cff8 --- /dev/null +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -0,0 +1,27 @@ +tpl_name = 'ucp_auth_link'; + $this->page_title = 'UCP_AUTH_LINK'; + } +} diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 101fc7663a..a25fb54c8c 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -479,6 +479,7 @@ $lang = array_merge($lang, array( 'UCP_ADMIN_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. The administrator will review your account and if approved you will receive an email at the address you specified.', 'UCP_AIM' => 'AOL Instant Messenger', 'UCP_ATTACHMENTS' => 'Attachments', + 'UCP_AUTH_LINK' => 'Link an external account', 'UCP_COPPA_BEFORE' => 'Before %s', 'UCP_COPPA_ON_AFTER' => 'On or after %s', 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html new file mode 100644 index 0000000000..a129e36c2c --- /dev/null +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -0,0 +1,3 @@ + + + -- cgit v1.2.1 From 4683c37682541f73deca1f1476daf8c24f6962d6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 5 Aug 2013 15:38:58 -0400 Subject: [feature/oauth] Forgot to have login_link be "in login" in ucp PHPBB3-11673 --- phpBB/includes/ucp/info/ucp_auth_link.php | 34 +++++++++++++++++++++++++++++++ phpBB/language/en/ucp.php | 3 ++- phpBB/ucp.php | 2 +- 3 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 phpBB/includes/ucp/info/ucp_auth_link.php (limited to 'phpBB') diff --git a/phpBB/includes/ucp/info/ucp_auth_link.php b/phpBB/includes/ucp/info/ucp_auth_link.php new file mode 100644 index 0000000000..c5cd997af4 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_auth_link.php @@ -0,0 +1,34 @@ + 'ucp_auth_link', + 'title' => 'UCP_AUTH_LINK', + 'version' => '1.0.0', + 'modes' => array( + 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_MAIN')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index a25fb54c8c..993e5b56f8 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -479,7 +479,8 @@ $lang = array_merge($lang, array( 'UCP_ADMIN_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. The administrator will review your account and if approved you will receive an email at the address you specified.', 'UCP_AIM' => 'AOL Instant Messenger', 'UCP_ATTACHMENTS' => 'Attachments', - 'UCP_AUTH_LINK' => 'Link an external account', + 'UCP_AUTH_LINK' => 'External accounts', + 'UCP_AUTH_LINK_MANAGE' => 'Manage external accounts', 'UCP_COPPA_BEFORE' => 'Before %s', 'UCP_COPPA_ON_AFTER' => 'On or after %s', 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', diff --git a/phpBB/ucp.php b/phpBB/ucp.php index d69d938038..f1f8f2a829 100644 --- a/phpBB/ucp.php +++ b/phpBB/ucp.php @@ -21,7 +21,7 @@ require($phpbb_root_path . 'includes/functions_module.' . $phpEx); $id = request_var('i', ''); $mode = request_var('mode', ''); -if (in_array($mode, array('login', 'logout', 'confirm', 'sendpassword', 'activate'))) +if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate'))) { define('IN_LOGIN', true); } -- cgit v1.2.1 From 6be6de2b29cb7cbcf8b882e0f11cb0b02232aff9 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 7 Aug 2013 21:40:16 -0400 Subject: [feature/oauth] Migration update for new ucp module PHPBB3-11673 --- .../phpbb/db/migration/data/310/auth_provider_oauth.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 07541c7eac..8706d14798 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -49,8 +49,23 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration { return array( 'drop_tables' => array( - $this->table_prefix . 'auth_provider_oauth', + $this->table_prefix . 'oauth_tokens', + $this->table_prefix . 'oauth_accounts', ), ); } + + public function update_data() + { + return array( + array('module.add', array( + 'ucp', + 'UCP_AUTH_LINK', + array( + 'module_basename' => 'ucp_auth_link', + 'modes' => array('auth_link'), + ), + )), + ); + } } -- cgit v1.2.1 From 786da260c0e5f5c87b6b617fcb35d43141c75d50 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 04:36:49 -0400 Subject: [feature/oauth] Fix ucp_auth_link headers/footers PHPBB3-11673 --- phpBB/styles/prosilver/template/ucp_auth_link.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html index a129e36c2c..12353f31bd 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -1,3 +1,3 @@ - + - + -- cgit v1.2.1 From b5255d42b56b1d0d14bcd9a70218689932065ce6 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 04:38:38 -0400 Subject: [feature/oauth] Default auth_link into UCP_PROFILE not UCP_MAIN PHPBB3-11673 --- phpBB/includes/ucp/info/ucp_auth_link.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/info/ucp_auth_link.php b/phpBB/includes/ucp/info/ucp_auth_link.php index c5cd997af4..ee88b15ea8 100644 --- a/phpBB/includes/ucp/info/ucp_auth_link.php +++ b/phpBB/includes/ucp/info/ucp_auth_link.php @@ -19,7 +19,7 @@ class ucp_auth_link_info 'title' => 'UCP_AUTH_LINK', 'version' => '1.0.0', 'modes' => array( - 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_MAIN')), + 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_PROFILE')), ), ); } -- cgit v1.2.1 From deb62d51fe4e06e52fbc4042b692071bcd8f9d39 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:12:41 -0400 Subject: [feature/oauth] Start building the template PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 28 ++++++++++++++++++++++ phpBB/language/en/ucp.php | 1 + phpBB/styles/prosilver/template/ucp_auth_link.html | 8 +++++++ 3 files changed, 37 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 266273cff8..6bf74d4fbf 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,6 +21,34 @@ class ucp_auth_link public function main($id, $mode) { + global $template, $phpbb_container; + + $error = array(); + $s_hidden_fields = array(); + add_form_key('ucp_auth_link'); + + $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); + + if ($submit) + { + if (!check_form_key('ucp_reg_details')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + + } + } + + $s_hidden_fields = build_hidden_fields($s_hidden_fields); + + $template->assign_vars(array( + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action, + )); + $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 993e5b56f8..4798b1e81c 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -481,6 +481,7 @@ $lang = array_merge($lang, array( 'UCP_ATTACHMENTS' => 'Attachments', 'UCP_AUTH_LINK' => 'External accounts', 'UCP_AUTH_LINK_MANAGE' => 'Manage external accounts', + 'UCP_AUTH_LINK_TITLE' => 'Manage Your External Accounts', 'UCP_COPPA_BEFORE' => 'Before %s', 'UCP_COPPA_ON_AFTER' => 'On or after %s', 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html index 12353f31bd..b521518bf3 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -1,3 +1,11 @@ +

{L_UCP_AUTH_LINK_TITLE}

+ +
+ +{S_HIDDEN_FIELDS} +{S_FORM_TOKEN} +
+ -- cgit v1.2.1 From 0b80aaf2178e5a40f9429ce972c490f6067ef114 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:16:39 -0400 Subject: [feature/oauth] Add method to return necessary data for auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 11 ++++++++++- phpBB/phpbb/auth/provider/base.php | 8 ++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 6bf74d4fbf..c1d97c8cf8 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,7 +21,16 @@ class ucp_auth_link public function main($id, $mode) { - global $template, $phpbb_container; + global $config, $request, $template, $phpbb_container; + + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + + // confirm that the auth provider supports this page + $provider_data = $auth_provider->get_auth_link_data(); + if ($provider_data === null) + { + // does not support this page, throw error? + } $error = array(); $s_hidden_fields = array(); diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index ae1daba82b..2f1bf8f601 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -62,6 +62,14 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface return; } + /** + * {@inheritdoc} + */ + public function get_auth_link_data() + { + return; + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From 69cb2e4c603243f75fcfd288d0018390b763ce05 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Fri, 9 Aug 2013 05:26:44 -0400 Subject: [feature/oauth] More template work PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ phpBB/phpbb/auth/provider/oauth/oauth.php | 10 ++++++++++ phpBB/styles/prosilver/template/ucp_auth_link.html | 6 +----- phpBB/styles/prosilver/template/ucp_auth_link_oauth.html | 5 +++++ 4 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 phpBB/styles/prosilver/template/ucp_auth_link_oauth.html (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index c1d97c8cf8..cb6d85d6b7 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -30,6 +30,7 @@ class ucp_auth_link if ($provider_data === null) { // does not support this page, throw error? + throw new Exception('TEMPORARY EXCEPTION'); } $error = array(); @@ -54,6 +55,8 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( + 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], + 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action, )); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 4973cde349..d27e40ca77 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -442,4 +442,14 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return; } + + /** + * {@inheritdoc} + */ + public function get_auth_link_data() + { + return array( + 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', + ); + } } diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html index b521518bf3..5e5fc6d2f0 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -2,10 +2,6 @@

{L_UCP_AUTH_LINK_TITLE}

-
- -{S_HIDDEN_FIELDS} -{S_FORM_TOKEN} -
+ diff --git a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html new file mode 100644 index 0000000000..ca13ff0ab6 --- /dev/null +++ b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html @@ -0,0 +1,5 @@ +
+ +{S_HIDDEN_FIELDS} +{S_FORM_TOKEN} +
\ No newline at end of file -- cgit v1.2.1 From a479f919ff17bc96e55baf8c4b811ac4ec22d8f1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 12:53:10 -0400 Subject: [feature/oauth] Error handling on page PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 26 ++++++++++++++++++---- phpBB/styles/prosilver/template/ucp_auth_link.html | 2 ++ 2 files changed, 24 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index cb6d85d6b7..cf92b5d58d 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -23,23 +23,23 @@ class ucp_auth_link { global $config, $request, $template, $phpbb_container; + $error = array(); + $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); // confirm that the auth provider supports this page $provider_data = $auth_provider->get_auth_link_data(); if ($provider_data === null) { - // does not support this page, throw error? - throw new Exception('TEMPORARY EXCEPTION'); + $error[] = 'UCP_AUTH_LINK_NOT_SUPPORTED'; } - $error = array(); $s_hidden_fields = array(); add_form_key('ucp_auth_link'); $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); - if ($submit) + if (!sizeof($error) && $submit) { if (!check_form_key('ucp_reg_details')) { @@ -55,6 +55,8 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( + 'ERROR' => $this->build_error_text($error), + 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], 'S_HIDDEN_FIELDS' => $s_hidden_fields, @@ -64,4 +66,20 @@ class ucp_auth_link $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } + + private function build_error_text(array $errors) + { + global $user; + + // Replace all errors that are language constants + foreach ($errors as $key => $error) + { + if (isset($user->lang[$error])) + { + $errors[$key] = $user->lang($error); + } + } + + return implode('
', $errors); + } } diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html index 5e5fc6d2f0..8ba16c55c8 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -2,6 +2,8 @@

{L_UCP_AUTH_LINK_TITLE}

+
{ERROR}
+ -- cgit v1.2.1 From e04844c95f52c6da295d20bccc9530ee7e4b63f7 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 13:18:00 -0400 Subject: [feature/oauth] Build OAuth data for ucp_auth_link PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 43 +++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d27e40ca77..d0b5583d77 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -448,7 +448,50 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function get_auth_link_data() { + $block_vars = array(); + + // Get all external accounts tied to the current user + $data = array( + 'user_id' => $user->data['user_id'], + ); + $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' + WHERE ' . $this->db->sql_build_array('SELECT', $data); + $result = $this->db->sql_query($sql); + $rows = $this->db->sql_fetchrowset($result); + $this->db->sql_freeresult($result); + + $oauth_user_ids = array(); + + if ($row !== false && !empty($rows)) + { + foreach ($row as $row) + { + $oauth_user_ids[$row['provider']] = $row['oauth_provider_id']; + } + } + unset($rows); + + foreach ($this->service_providers as $service_name => $service_provider) + { + // Only include data if the credentials are set + $credentials = $service_provider->get_service_credentials(); + if ($credentials['key'] && $credentials['secret']) + { + $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); + $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; + + $block_vars[$service_name] = array( + 'REDIRECT_URL' => redirect($redirect_url, true), + 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], + 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, + ); + } + } + return array( + 'BLOCK_VAR_NAME' => 'oauth', + 'BLOCK_VARS' => $block_vars, + 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', ); } -- cgit v1.2.1 From 4003e077c170e2c9aebbf582cb08249d80d37a3d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 14:43:18 -0400 Subject: [feature/oauth] Get the OAuth template in place for ucp_auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 6 ++--- phpBB/styles/prosilver/template/ucp_auth_link.html | 8 ++++-- .../prosilver/template/ucp_auth_link_oauth.html | 31 +++++++++++++++++++--- 4 files changed, 49 insertions(+), 9 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index cf92b5d58d..05896f93b0 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -52,6 +52,19 @@ class ucp_auth_link } } + if (isset($provider_data['VARS'])) + { + $template->assign_vars($provider_data['VARS']); + } + + if (isset($provider_data['BLOCK_VAR_NAME'])) + { + foreach ($provider_data['BLOCK_VARS'] as $block_vars) + { + $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars); + } + } + $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array( diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d0b5583d77..1b0674a13b 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -452,7 +452,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get all external accounts tied to the current user $data = array( - 'user_id' => $user->data['user_id'], + 'user_id' => $this->user->data['user_id'], ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); @@ -462,9 +462,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $oauth_user_ids = array(); - if ($row !== false && !empty($rows)) + if ($rows !== false && !empty($rows)) { - foreach ($row as $row) + foreach ($rows as $row) { $oauth_user_ids[$row['provider']] = $row['oauth_provider_id']; } diff --git a/phpBB/styles/prosilver/template/ucp_auth_link.html b/phpBB/styles/prosilver/template/ucp_auth_link.html index 8ba16c55c8..3c56415db0 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link.html @@ -2,8 +2,12 @@

{L_UCP_AUTH_LINK_TITLE}

-
{ERROR}
+
+
+
{ERROR}
- + +
+
diff --git a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html index ca13ff0ab6..5950535c80 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html @@ -1,5 +1,28 @@ -
+ + +

{oauth.SERVICE_NAME}

-{S_HIDDEN_FIELDS} -{S_FORM_TOKEN} -
\ No newline at end of file +
+ +
+
{L_UCP_AUTH_LINK_ID}{L_COLON}
+
{oauth.UNIQUE_ID}
+
+
+
 
+
{S_HIDDEN_FIELDS}
+
+ +
+
{L_UCP_AUTH_LINK_ASK}
+
+
+
 
+
{S_HIDDEN_FIELDS}
+
+ +
+ {S_HIDDEN_FIELDS} + {S_FORM_TOKEN} + + -- cgit v1.2.1 From 836d3ba22ec997f6c823c9b4594fb42c49524732 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 12 Aug 2013 15:29:08 -0400 Subject: [feature/oauth] Handle hidden fields PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 4 ++++ phpBB/styles/prosilver/template/ucp_auth_link_oauth.html | 5 +++-- 3 files changed, 20 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 05896f93b0..5b8169e3de 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -54,6 +54,13 @@ class ucp_auth_link if (isset($provider_data['VARS'])) { + // Handle hidden fields separately + if (isset($provider_data['VARS']['HIDDEN_FIELDS'])) + { + $s_hidden_fields = array_merge($s_hidden_fields, $provider_data['VARS']['HIDDEN_FIELDS']); + unset($provider_data['VARS']['HIDDEN_FIELDS']); + } + $template->assign_vars($provider_data['VARS']); } @@ -61,6 +68,12 @@ class ucp_auth_link { foreach ($provider_data['BLOCK_VARS'] as $block_vars) { + // See if there are additional hidden fields. This should be an associative array + if (isset($block_vars['HIDDEN_FIELDS'])) + { + $block_vars['HIDDEN_FIELDS'] = build_hidden_fields($block_vars['HIDDEN_FIELDS']); + } + $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars); } } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 1b0674a13b..cfffdf2c96 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -481,6 +481,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; $block_vars[$service_name] = array( + 'HIDDEN_FIELDS' => array( + 'oauth_service' => $actual_name, + ), + 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, diff --git a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html index 5950535c80..886aca2aa6 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html @@ -10,7 +10,7 @@
 
-
{S_HIDDEN_FIELDS}
+
@@ -18,10 +18,11 @@
 
-
{S_HIDDEN_FIELDS}
+
+ {oauth.HIDDEN_FIELDS} {S_HIDDEN_FIELDS} {S_FORM_TOKEN} -- cgit v1.2.1 From 67b1ec5bb85fb40f098a1c568276c8fd9a7b8976 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:19:26 -0400 Subject: [feature/oauth] Start implementing link/unlink actions PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 13 +++++++++++++ phpBB/phpbb/auth/provider/oauth/oauth.php | 15 +++++++++++---- phpBB/styles/prosilver/template/ucp_auth_link_oauth.html | 4 ++-- 3 files changed, 26 insertions(+), 6 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 5b8169e3de..6c56f8ac3c 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -48,7 +48,20 @@ class ucp_auth_link if (!sizeof($error)) { + // Any post data could be necessary for auth (un)linking + $link_data = $request->get_super_global(phpbb_request_interface::POST); + // The current user_id is also necessary + $link_data['user_id'] = $user->data['user_id']; + + if ($request->variable('link', false, false, phpbb_request_interface::POST)) + { + $error[] = $auth_provider->link_account($link_data); + } + else + { + $error[] = $auth_provider->unlink_account($link_data); + } } } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index cfffdf2c96..d2f7eb5527 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -405,10 +405,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } + // Prepare the query string + if ($this->request->variable('mode', 'login_link')) + { + $query = 'mode=login_link'; + } else { + $query = 'i=ucp_auth_link&mode=auth_link'; + } + $query .= '&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); - $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); $this->service_providers[$service_name]->set_external_service_provider($service); @@ -462,7 +470,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $oauth_user_ids = array(); - if ($rows !== false && !empty($rows)) + if ($rows !== false && sizeof($rows)) { foreach ($rows as $row) { @@ -478,14 +486,13 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if ($credentials['key'] && $credentials['secret']) { $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name); - $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name; $block_vars[$service_name] = array( 'HIDDEN_FIELDS' => array( + 'link' => (!isset($oauth_user_ids[$actual_name])), 'oauth_service' => $actual_name, ), - 'REDIRECT_URL' => redirect($redirect_url, true), 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)], 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null, ); diff --git a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html index 886aca2aa6..a50c786b48 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html @@ -10,7 +10,7 @@
 
-
+
@@ -18,7 +18,7 @@
 
-
+
-- cgit v1.2.1 From ce387d9bfc2b4a5ac18f79585132862ced0a7687 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:21:11 -0400 Subject: [feature/oauth] Fix errors in ucp_auth_link PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 6c56f8ac3c..213fbfdbb5 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -21,7 +21,7 @@ class ucp_auth_link public function main($id, $mode) { - global $config, $request, $template, $phpbb_container; + global $config, $request, $template, $phpbb_container, $user; $error = array(); @@ -41,7 +41,7 @@ class ucp_auth_link if (!sizeof($error) && $submit) { - if (!check_form_key('ucp_reg_details')) + if (!check_form_key('ucp_auth_link')) { $error[] = 'FORM_INVALID'; } -- cgit v1.2.1 From afebbf231adeee6828d75d346b64f3036ff46e7c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:35:37 -0400 Subject: [feature/oauth] Update link_account to allow for two methods of linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 5 ++++- phpBB/includes/ucp/ucp_login_link.php | 3 +++ phpBB/phpbb/auth/provider/oauth/oauth.php | 13 ++++++++++++- 3 files changed, 19 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 213fbfdbb5..43d69be901 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -54,7 +54,10 @@ class ucp_auth_link // The current user_id is also necessary $link_data['user_id'] = $user->data['user_id']; - if ($request->variable('link', false, false, phpbb_request_interface::POST)) + // Tell the provider that the method is auth_link not login_link + $link_data['link_method'] = 'auth_link'; + + if ($request->variable('link', null)) { $error[] = $auth_provider->link_account($link_data); } diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 9f2fa6330a..b09415623b 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -73,6 +73,9 @@ class ucp_login_link // Give the user_id to the data $data['user_id'] = $login_result['user_row']['user_id']; + // Set the link_method to login_link + $data['link_method'] = 'login_link'; + // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index d2f7eb5527..36e605d8fc 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -364,7 +364,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_LINK_NO_DATA_PROVIDED'; } - if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service']) + if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service'] || + !array_key_exists('link_method', $login_link_data) || !$login_link_data['link_method']) { return 'LOGIN_LINK_MISSING_DATA'; } @@ -377,6 +378,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ public function link_account(array $link_data) { + // Check for a valid link method (auth_link or login_link) + if (!array_key_exists('link_method', $link_data) || + !in_array($link_data['link_method'], array( + 'auth_link', + 'login_link', + ))) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { -- cgit v1.2.1 From bb68338861e4fc618407f83706d194e1114ce103 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 15:55:38 -0400 Subject: [feature/oauth] Refactor oauth::link_account for two paths PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 14 +++++++- phpBB/phpbb/auth/provider/oauth/oauth.php | 60 +++++++++++++++++++++++++------ 2 files changed, 62 insertions(+), 12 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 43d69be901..59eedb7c92 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -39,6 +39,7 @@ class ucp_auth_link $submit = $request->variable('submit', false, false, phpbb_request_interface::POST); + // This path is only for primary actions if (!sizeof($error) && $submit) { if (!check_form_key('ucp_auth_link')) @@ -57,7 +58,7 @@ class ucp_auth_link // Tell the provider that the method is auth_link not login_link $link_data['link_method'] = 'auth_link'; - if ($request->variable('link', null)) + if ($request->variable('link', null, false, phpbb_request_interface::POST)) { $error[] = $auth_provider->link_account($link_data); } @@ -68,6 +69,17 @@ class ucp_auth_link } } + // In some cases, an request to an external server may be required in + // these cases, the GET parameter 'link' should exist and should be true + if ($request->variable('link', false)) + { + // In this case the link data should only be populated with the + // link_method as the provider dictates how data is returned to it. + $link_data = array('link_method' => 'auth_link'); + + $error[] = $auth_provider->link_account($link_data); + } + if (isset($provider_data['VARS'])) { // Handle hidden fields separately diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 36e605d8fc..ff715d8944 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -408,8 +408,17 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST'; } - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + switch ($link_data['link_method']) + { + case 'auth_link': + return $this->link_account_auth_link($link_data, $service_name); + case 'login_link': + return $this->link_account_login_link($link_data, $service_name); + } + } + protected function link_account_login_link(array $link_data, $service_name) + { // Check for an access token, they should have one if (!$storage->has_access_token_by_session()) { @@ -417,13 +426,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } // Prepare the query string - if ($this->request->variable('mode', 'login_link')) - { - $query = 'mode=login_link'; - } else { - $query = 'i=ucp_auth_link&mode=auth_link'; - } - $query .= '&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']); // Prepare for an authentication request $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); @@ -440,14 +443,49 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' - ' . $this->db->sql_build_array('INSERT', $data); - $this->db->sql_query($sql); + $this->link_account_perform_link($data); // Update token storage to store the user_id $storage->set_user_id($link_data['user_id']); } + protected function link_account_auth_link(array $link_data, $service_name) + { + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $query = 'i=ucp_auth_link&mode=auth_link&link=1&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); + $scopes = $this->service_providers[$service_name]->get_auth_scope(); + $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); + + if ($this->request->is_set('code', phpbb_request_interface::GET)) + { + $this->service_providers[$service_name]->set_external_service_provider($service); + $unique_id = $this->service_providers[$service_name]->perform_auth_login(); + + // Insert into table, they will be able to log in after this + $data = array( + 'user_id' => $link_data['user_id'], + 'provider' => strtolower($link_data['oauth_service']), + 'oauth_provider_id' => $unique_id, + ); + + $this->link_account_perform_link($data); + + // Update token storage to store the user_id + $storage->set_user_id($link_data['user_id']); + } else { + $url = $service->getAuthorizationUri(); + header('Location: ' . $url); + } + } + + protected function link_account_perform_link($data) + { + $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' + ' . $this->db->sql_build_array('INSERT', $data); + $this->db->sql_query($sql); + } + /** * {@inheritdoc} */ -- cgit v1.2.1 From cd12786e58995d93bb73218fb869bad00ad9674e Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:01:59 -0400 Subject: [feature/oauth] Fix errors found in testing linking PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 2 +- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++------ 2 files changed, 4 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 59eedb7c92..b7fd014493 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -58,7 +58,7 @@ class ucp_auth_link // Tell the provider that the method is auth_link not login_link $link_data['link_method'] = 'auth_link'; - if ($request->variable('link', null, false, phpbb_request_interface::POST)) + if ($request->variable('link', 0, false, phpbb_request_interface::POST)) { $error[] = $auth_provider->link_account($link_data); } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index ff715d8944..6f6e6fd344 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -391,10 +391,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { - if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service')) - { - $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); - } + $link_data['oauth_service'] = $this->request->variable('oauth_service', false); if (!$link_data['oauth_service']) { @@ -452,7 +449,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base protected function link_account_auth_link(array $link_data, $service_name) { $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $query = 'i=ucp_auth_link&mode=auth_link&link=1&login_link_oauth_service=' . strtolower($link_data['oauth_service']); + $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query); @@ -464,7 +461,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Insert into table, they will be able to log in after this $data = array( - 'user_id' => $link_data['user_id'], + 'user_id' => $this->user->data['user_id'], 'provider' => strtolower($link_data['oauth_service']), 'oauth_provider_id' => $unique_id, ); -- cgit v1.2.1 From 9c91446ef793102f700fc81b1efc54055b1831ba Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:07:38 -0400 Subject: [feature/oauth] Document internal functions PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6f6e6fd344..be86180574 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -414,6 +414,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } + /** + * Performs the account linking for login_link + * + * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param string $service_name The name of the service being used in + * linking. + * @return string|null Returns a language constant (string) if an error is + * encountered, or null on success. + */ protected function link_account_login_link(array $link_data, $service_name) { // Check for an access token, they should have one @@ -446,6 +455,15 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $storage->set_user_id($link_data['user_id']); } + /** + * Performs the account linking for login_link + * + * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} + * @param string $service_name The name of the service being used in + * linking. + * @return string|null Returns a language constant (string) if an error is + * encountered, or null on success. + */ protected function link_account_auth_link(array $link_data, $service_name) { $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); @@ -476,7 +494,12 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } } - protected function link_account_perform_link($data) + /** + * Performs the query that inserts an account link + * + * @param array $data This array is passed to db->sql_build_array + */ + protected function link_account_perform_link(array $data) { $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . ' ' . $this->db->sql_build_array('INSERT', $data); -- cgit v1.2.1 From a2237ea8a78b6569213e095bb89a6b3f878d129b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:20:47 -0400 Subject: [feature/oauth] Add unlink_account to auth interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/base.php | 8 ++++++++ phpBB/phpbb/auth/provider/interface.php | 8 ++++++++ 2 files changed, 16 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 2f1bf8f601..09e918cee4 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -101,4 +101,12 @@ abstract class phpbb_auth_provider_base implements phpbb_auth_provider_interface { return; } + + /** + * {@inheritdoc} + */ + public function unlink_account(array $link_data) + { + return; + } } diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 21526fd858..4abbd75055 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -166,4 +166,12 @@ interface phpbb_auth_provider_interface * an external account. */ public function link_account(array $link_data); + + /** + * Unlinks an external account from a phpBB account. + * + * @param array $link_data Any data needed to unlink a phpBB account + * from a phpbb account. + */ + public function unlink_account(array $link_data); } -- cgit v1.2.1 From 9cd80345ad05cccb362ec3eba15304c3f43630ed Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:32:55 -0400 Subject: [feature/oauth] Implement unlinking in OAuth PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ phpBB/phpbb/auth/provider/oauth/oauth.php | 25 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index b7fd014493..df4b433f42 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -66,6 +66,9 @@ class ucp_auth_link { $error[] = $auth_provider->unlink_account($link_data); } + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); } } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index be86180574..9af6f04e38 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -575,4 +575,29 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html', ); } + + /** + * {@inheritdoc} + */ + public function unlink_account(array $link_data) + { + if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + + // Remove the link + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . " + WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "' + AND user_id = " . (int) $this->user->data['user_id']; + $this->db->sql_query($sql); + + // Clear all tokens belonging to the user on this servce + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " + WHERE user_id = " . (int) $this->user->data['user_id'] . " + AND provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'"; + $this->db->sql_query($sql); + + return; + } } -- cgit v1.2.1 From 7bd4c88ec519fa0bf10558c79994d14243255813 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:45:17 -0400 Subject: [feature/oauth] Fix errors in oauth PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 9af6f04e38..0972d59fee 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -425,6 +425,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + // Check for an access token, they should have one if (!$storage->has_access_token_by_session()) { @@ -593,10 +595,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->db->sql_query($sql); // Clear all tokens belonging to the user on this servce - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " - WHERE user_id = " . (int) $this->user->data['user_id'] . " - AND provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'"; - $this->db->sql_query($sql); + $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage->clearToken(); return; } -- cgit v1.2.1 From abebe83edb79b9f3879f8d257eefff01246ba172 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:52:37 -0400 Subject: [feature/oauth] No need for this line PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 0972d59fee..bb8b72ac06 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -487,9 +487,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $this->link_account_perform_link($data); - - // Update token storage to store the user_id - $storage->set_user_id($link_data['user_id']); } else { $url = $service->getAuthorizationUri(); header('Location: ' . $url); -- cgit v1.2.1 From 823b7e2b84b0c1cfda001c509876f1aef1a17b35 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 16:58:46 -0400 Subject: [feature/oauth] Fix small error in method call PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index bb8b72ac06..6d42b06f6a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -391,7 +391,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // We must have an oauth_service listed, check for it two ways if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service']) { - $link_data['oauth_service'] = $this->request->variable('oauth_service', false); + $link_data['oauth_service'] = $this->request->variable('oauth_service', ''); if (!$link_data['oauth_service']) { -- cgit v1.2.1 From 59c8db28d61c9b43ac35f734c0b280bef4a4a8b8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 17:01:15 -0400 Subject: [feature/oauth] Always store session_id with token PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b38029c650..313ad7661b 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -110,13 +110,9 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, 'oauth_token' => serialize($token), + 'session_id' => $this->user->data['session_id'], ); - if ($this->user->data['user_id'] == ANONYMOUS) - { - $data['session_id'] = $this->user->data['session_id']; - } - $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); -- cgit v1.2.1 From d13a1788f0517f3ecb87d1ecedf24833cf3b403a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 17:07:38 -0400 Subject: [feature/oauth] Update language constants for ucp_auth_link PHPBB3-11673 --- phpBB/language/en/ucp.php | 6 +++++- phpBB/styles/prosilver/template/ucp_auth_link_oauth.html | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 4798b1e81c..19892ce194 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -480,8 +480,12 @@ $lang = array_merge($lang, array( 'UCP_AIM' => 'AOL Instant Messenger', 'UCP_ATTACHMENTS' => 'Attachments', 'UCP_AUTH_LINK' => 'External accounts', + 'UCP_AUTH_LINK_ASK' => 'You currently have no account tied to this external service. Click the button below to link your board account to an account with this external service.', + 'UCP_AUTH_LINK_ID' => 'Unique identifier', + 'UCP_AUTH_LINK_LINK' => 'Link', 'UCP_AUTH_LINK_MANAGE' => 'Manage external accounts', - 'UCP_AUTH_LINK_TITLE' => 'Manage Your External Accounts', + 'UCP_AUTH_LINK_TITLE' => 'Manage your external accounts', + 'UCP_AUTH_LINK_UNLINK' => 'Unlink', 'UCP_COPPA_BEFORE' => 'Before %s', 'UCP_COPPA_ON_AFTER' => 'On or after %s', 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', diff --git a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html index a50c786b48..a3e27328cd 100644 --- a/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html +++ b/phpBB/styles/prosilver/template/ucp_auth_link_oauth.html @@ -10,7 +10,7 @@
 
-
+
@@ -18,7 +18,7 @@
 
-
+
-- cgit v1.2.1 From 0ea555bbc78597645cf024a5ba14bfd8149f512a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 17:15:36 -0400 Subject: [feature/oauth] Update auth provider interface PHPBB3-11673 --- phpBB/phpbb/auth/provider/interface.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 4abbd75055..480ee4301b 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -167,6 +167,26 @@ interface phpbb_auth_provider_interface */ public function link_account(array $link_data); + /** + * Returns an array of data necessary to build the ucp_auth_link page + * + * @return array|null If this function is not implemented on an auth + * provider then it returns null. If it is implemented + * it will return an array of up to four elements of + * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is + * present then 'BLOCK_VARS' must also be present in + * the array. The fourth element 'VARS' is also + * optional. The array, with all four elements present + * looks like the following: + * array( + * 'TEMPLATE_FILE' => string, + * 'BLOCK_VAR_NAME' => string, + * 'BLOCK_VARS' => array(...), + * 'VARS' => array(...), + * ) + */ + public function get_auth_link_data(); + /** * Unlinks an external account from a phpBB account. * -- cgit v1.2.1 From 43e08e221f9e70940249b93a229dcec0eb10059b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 22:50:34 -0400 Subject: [feature/oauth] Fix bug found in testing PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index b09415623b..e8e489fe5f 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -48,6 +48,9 @@ class ucp_login_link $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = $phpbb_container->get($auth_provider); + // Set the link_method to login_link + $data['link_method'] = 'login_link'; + // Have the authentication provider check that all necessary data is available $result = $auth_provider->login_link_has_necessary_data($data); if ($result !== null) @@ -73,9 +76,6 @@ class ucp_login_link // Give the user_id to the data $data['user_id'] = $login_result['user_row']['user_id']; - // Set the link_method to login_link - $data['link_method'] = 'login_link'; - // The user is now logged in, attempt to link the user to the external account $result = $auth_provider->link_account($data); -- cgit v1.2.1 From 0ea3103a441282190533c973bfb9fe5ab7b7ac76 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 23:00:45 -0400 Subject: [feature/oauth] Don't allow external login methods on admin auth PHPBB3-11673 --- phpBB/styles/prosilver/template/login_body.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index e00e5d7a67..a1c2735ca9 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -48,7 +48,7 @@ - + -- cgit v1.2.1 From e2d0a0b7c83f40c0602ed9064e12dded96fdc897 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Wed, 14 Aug 2013 23:17:57 -0400 Subject: [feature/oauth] Fix template not refreshing issue PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index df4b433f42..e2bf369984 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -81,6 +81,9 @@ class ucp_auth_link $link_data = array('link_method' => 'auth_link'); $error[] = $auth_provider->link_account($link_data); + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); } if (isset($provider_data['VARS'])) -- cgit v1.2.1 From 83515cd3d42486b7411ac5e817cb5c2378b75fe8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 15 Aug 2013 01:14:37 -0400 Subject: [feature/oauth] Fix remaining issues with token storage PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 57 ++++++++++++++++++++++- 1 file changed, 55 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 313ad7661b..ff1887fce7 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -16,6 +16,7 @@ if (!defined('IN_PHPBB')) } +use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; use OAuth\Common\Storage\TokenStorageInterface; use OAuth\Common\Storage\Exception\StorageException; @@ -109,7 +110,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], 'provider' => $this->service_name, - 'oauth_token' => serialize($token), + 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], ); @@ -248,7 +249,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface throw new TokenNotFoundException('Token not stored'); } - $token = unserialize($row['oauth_token']); + $token = $this->json_decode_token($row['oauth_token']); // Ensure that the token was serialized/unserialized correctly if (!($token instanceof TokenInterface)) @@ -278,4 +279,56 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return $row; } + + public function json_encode_token(TokenInterface $token) + { + $members = array( + 'accessToken' => $token->getAccessToken(), + 'endOfLife' => $token->getEndOfLife(), + 'extraParams' => $token->getExtraParams(), + 'refreshToken' => $token->getRefreshToken(), + + 'token_class' => get_class($token), + ); + + // Handle additional data needed for OAuth1 tokens + if ($token instanceof StdOAuth1Token) + { + $members['requestToken'] = $token->getRequestToken(); + $members['requestTokenSecret'] = $token->getRequestTokenSecret(); + $members['accessTokenSecret'] = $token->getAccessTokenSecret(); + } + + return json_encode($members); + } + + public function json_decode_token($json) + { + $token_data = json_decode($json, true); + + if ($token_data === null) + { + throw new TokenNotFoundException('Token not stored correctly'); + } + + $token_class = $token_data['token_class']; + $access_token = $token_data['accessToken']; + $refresh_token = $token_data['refreshToken']; + $endOfLife = $token_data['endOfLife']; + $extra_params = $token_data['extraParams']; + + // Create the token + $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params); + $token->setEndOfLife($endOfLife); + + // Handle OAuth 1.0 specific elements + if ($token instanceof StdOAuth1Token) + { + $token->setRequestToken($token_data['requestToken']); + $token->setRequestTokenSecret($token_data['requestTokenSecret']); + $token->setAccessTokenSecret($token_data['accessTokenSecret']); + } + + return $token; + } } -- cgit v1.2.1 From 8f75edb8a13dd4e32790652cb1a292db395d786d Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 22 Aug 2013 19:10:43 -0400 Subject: [feature/oauth] Add newline at end of file PHPBB3-11673 --- phpBB/styles/prosilver/template/login_body_oauth.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/styles/prosilver/template/login_body_oauth.html b/phpBB/styles/prosilver/template/login_body_oauth.html index eb6c627c6f..dbbe011c58 100644 --- a/phpBB/styles/prosilver/template/login_body_oauth.html +++ b/phpBB/styles/prosilver/template/login_body_oauth.html @@ -5,4 +5,4 @@
{oauth.SERVICE_NAME}
- \ No newline at end of file + -- cgit v1.2.1 From dbf97fdd52043611a86cb48920bb152122b3f6c2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Thu, 22 Aug 2013 19:37:46 -0400 Subject: [feature/oauth] Subsilver 2 login_body updates PHPBB3-11673 --- phpBB/styles/subsilver2/template/login_body.html | 3 +++ phpBB/styles/subsilver2/template/login_body_oauth.html | 7 +++++++ 2 files changed, 10 insertions(+) create mode 100644 phpBB/styles/subsilver2/template/login_body_oauth.html (limited to 'phpBB') diff --git a/phpBB/styles/subsilver2/template/login_body.html b/phpBB/styles/subsilver2/template/login_body.html index 2b895dda89..ed63e748cf 100644 --- a/phpBB/styles/subsilver2/template/login_body.html +++ b/phpBB/styles/subsilver2/template/login_body.html @@ -61,6 +61,9 @@ {L_HIDE_ME} + + + diff --git a/phpBB/styles/subsilver2/template/login_body_oauth.html b/phpBB/styles/subsilver2/template/login_body_oauth.html new file mode 100644 index 0000000000..6f374fa4f2 --- /dev/null +++ b/phpBB/styles/subsilver2/template/login_body_oauth.html @@ -0,0 +1,7 @@ + + + + {oauth.SERVICE_NAME} + + + -- cgit v1.2.1 From cbd5bbbeb8358a3279ce82cac9becbe55d7803b1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 16:36:14 -0400 Subject: [feature/oauth] Subsilver2 ucp_auth_link templates PHPBB3-11673 --- .../styles/subsilver2/template/ucp_auth_link.html | 17 +++++++++++ .../subsilver2/template/ucp_auth_link_oauth.html | 34 ++++++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 phpBB/styles/subsilver2/template/ucp_auth_link.html create mode 100644 phpBB/styles/subsilver2/template/ucp_auth_link_oauth.html (limited to 'phpBB') diff --git a/phpBB/styles/subsilver2/template/ucp_auth_link.html b/phpBB/styles/subsilver2/template/ucp_auth_link.html new file mode 100644 index 0000000000..c6e4ddd250 --- /dev/null +++ b/phpBB/styles/subsilver2/template/ucp_auth_link.html @@ -0,0 +1,17 @@ + + + + + + + + + + + + + + +
{L_UCP_AUTH_LINK_TITLE}
{ERROR}
+ + diff --git a/phpBB/styles/subsilver2/template/ucp_auth_link_oauth.html b/phpBB/styles/subsilver2/template/ucp_auth_link_oauth.html new file mode 100644 index 0000000000..56a4c89125 --- /dev/null +++ b/phpBB/styles/subsilver2/template/ucp_auth_link_oauth.html @@ -0,0 +1,34 @@ + + + {oauth.SERVICE_NAME} + + + + +
+ + + + + + + + + + + + + + + + + + +
{L_UCP_AUTH_LINK_ID}{L_COLON}{oauth.UNIQUE_ID}
 
{L_UCP_AUTH_LINK_ASK}
+ {oauth.HIDDEN_FIELDS} + {S_HIDDEN_FIELDS} + {S_FORM_TOKEN} +
+ + + -- cgit v1.2.1 From de17d5bdcc1cab495b0b3f2d345fa3ac21f3676c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:07:44 -0400 Subject: [feature/oauth] Subsilver2 ucp_login_link PHPBB3-11673 --- .../styles/subsilver2/template/ucp_login_link.html | 74 ++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 phpBB/styles/subsilver2/template/ucp_login_link.html (limited to 'phpBB') diff --git a/phpBB/styles/subsilver2/template/ucp_login_link.html b/phpBB/styles/subsilver2/template/ucp_login_link.html new file mode 100644 index 0000000000..36ed8a4cc5 --- /dev/null +++ b/phpBB/styles/subsilver2/template/ucp_login_link.html @@ -0,0 +1,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + +
{SITENAME} - {L_LOGIN_LINK}
{L_LOGIN_LINK_EXPLAIN}
{LOGIN_LINK_ERROR}
+
+ + + + + + + + +
{L_REGISTER}
{S_HIDDEN_FIELDS}
+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + {S_LOGIN_REDIRECT} + + + + +
{L_LOGIN}
{LOGIN_ERROR}
 {S_HIDDEN_FIELDS}
+
+
+ + -- cgit v1.2.1 From 27ba57747ab46c0507acc3a87e5b73babda436b1 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:14:30 -0400 Subject: [feature/oauth] Clean up TODOs PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 1 - phpBB/language/en/common.php | 2 ++ phpBB/phpbb/auth/provider/oauth/oauth.php | 4 +--- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 5 ++--- phpBB/phpbb/auth/provider/oauth/service/facebook.php | 2 +- phpBB/phpbb/auth/provider/oauth/service/google.php | 6 ++---- 6 files changed, 8 insertions(+), 12 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index e8e489fe5f..d782e26c2c 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -200,7 +200,6 @@ class ucp_login_link protected function perform_redirect() { - // TODO: Make redirect to same page as login would have redirect('index.php'); } } diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 0b658f22b6..7d6c7aa1be 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -88,6 +88,8 @@ $lang = array_merge($lang, array( 'ATTACHED_IMAGE_NOT_IMAGE' => 'The image file you tried to attach is invalid.', 'AUTHOR' => 'Author', 'AUTH_NO_PROFILE_CREATED' => 'The creation of a user profile was unsuccessful.', + 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.', + 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.', 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 6d42b06f6a..e1172f2e70 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -201,8 +201,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$row) { - // TODO: Update exception type and change it to language constant - throw new Exception('Invalid entry in ' . $this->auth_provider_oauth_token_account_assoc); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY'); } // Update token storage to store the user_id @@ -216,7 +215,6 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); } else { $url = $service->getAuthorizationUri(); - // TODO: modify $url for the appropriate return points header('Location: ' . $url); } } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 9b8e7ebb03..0918f577ec 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request from bitly, get the token @@ -87,8 +87,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index dc742cca0d..836e4ee052 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index e2b0f7d36a..9c782bcaa0 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -77,8 +77,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -98,8 +97,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it -- cgit v1.2.1 From d398ae41c031f70946e82f71599f1821766f3eea Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:20:01 -0400 Subject: [feature/oauth] Finish cleaning up TODOs PHPBB3-11673 --- phpBB/language/en/common.php | 2 ++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 6 ++---- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 7d6c7aa1be..b558b0fad8 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -93,6 +93,8 @@ $lang = array_merge($lang, array( 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', + 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED' => 'OAuth token not stored.', + 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED' => 'OAuth token incorrectly stored.', 'AVATAR_DISALLOWED_CONTENT' => 'The upload was rejected because the uploaded file was identified as a possible attack vector.', 'AVATAR_DISALLOWED_EXTENSION' => 'This file cannot be displayed because the extension %s is not allowed.', 'AVATAR_EMPTY_REMOTE_DATA' => 'The specified avatar could not be uploaded because the remote data appears to be invalid or corrupted.', diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index ff1887fce7..b31ffcd1ab 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -245,8 +245,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if (!$row) { - // TODO: translate - throw new TokenNotFoundException('Token not stored'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED'); } $token = $this->json_decode_token($row['oauth_token']); @@ -255,8 +254,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if (!($token instanceof TokenInterface)) { $this->clearToken(); - // TODO: translate - throw new TokenNotFoundException('Token not stored correctly'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } $this->cachedToken = $token; -- cgit v1.2.1 From 3df958502960b68e37f3cd9d3d51a4ff1d319fde Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 17:21:02 -0400 Subject: [feature/oauth] Fix indentation on new language constants PHPBB3-11673 --- phpBB/language/en/common.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index b558b0fad8..8c36edec58 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -88,13 +88,13 @@ $lang = array_merge($lang, array( 'ATTACHED_IMAGE_NOT_IMAGE' => 'The image file you tried to attach is invalid.', 'AUTHOR' => 'Author', 'AUTH_NO_PROFILE_CREATED' => 'The creation of a user profile was unsuccessful.', - 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.', - 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.', - 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', - 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', - 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', - 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED' => 'OAuth token not stored.', - 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED' => 'OAuth token incorrectly stored.', + 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.', + 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.', + 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', + 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', + 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', + 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED' => 'OAuth token not stored.', + 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED' => 'OAuth token incorrectly stored.', 'AVATAR_DISALLOWED_CONTENT' => 'The upload was rejected because the uploaded file was identified as a possible attack vector.', 'AVATAR_DISALLOWED_EXTENSION' => 'This file cannot be displayed because the extension %s is not allowed.', 'AVATAR_EMPTY_REMOTE_DATA' => 'The specified avatar could not be uploaded because the remote data appears to be invalid or corrupted.', -- cgit v1.2.1 From 76d1e7e111d4a12f50e3c4776b00a6681a83b295 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 21:14:37 -0400 Subject: [feature/oauth] Fix issues on ucp_login_link from review PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 41 ++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index d782e26c2c..2ed6a985d5 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -23,8 +23,17 @@ if (!defined('IN_PHPBB')) */ class ucp_login_link { - var $u_action; - + /** + * @var string + */ + public $u_action; + + /** + * Generates the ucp_login_link page and handles login link process + * + * @param int $id + * @param string $mode + */ function main($id, $mode) { global $config, $phpbb_container, $request, $template, $user; @@ -112,6 +121,14 @@ class ucp_login_link $this->page_title = 'UCP_LOGIN_LINK'; } + /** + * Builds the hidden fields string from the data array. + * + * @param array $data This function only includes data in the array + * that has a key that begins with 'login_link_' + * @return string A string of hidden fields that can be included in the + * template + */ protected function get_hidden_fields($data) { $fields = array(); @@ -124,6 +141,12 @@ class ucp_login_link return build_hidden_fields($fields); } + /** + * Builds the login_link data array + * + * @return array All login_link data. This is all GET data whose names + * begin with 'login_link_' + */ protected function get_login_link_data_array() { global $request; @@ -143,6 +166,13 @@ class ucp_login_link return $login_link_data; } + /** + * Processes the result array from the login process + * @param array $result The login result array + * @return string|null If there was an error in the process, a string is + * returned. If the login was successful, then null is + * returned. + */ protected function process_login_result($result) { global $config, $request, $template, $user; @@ -198,8 +228,13 @@ class ucp_login_link return $login_error; } + /** + * Performs a post login redirect + */ protected function perform_redirect() { - redirect('index.php'); + global $phpEx; + $url = append_sid('index.' . $phpEx); + redirect($url); } } -- cgit v1.2.1 From 310caec5d92d58453d1eee40e9b5a7f0157bd5ea Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 21:34:23 -0400 Subject: [feature/oauth] Fix redirects PHPBB3-11673 --- phpBB/config/auth_providers.yml | 2 ++ phpBB/phpbb/auth/auth.php | 7 ++----- phpBB/phpbb/auth/provider/oauth/oauth.php | 24 +++++++++++++++++++++--- 3 files changed, 25 insertions(+), 8 deletions(-) (limited to 'phpBB') diff --git a/phpBB/config/auth_providers.yml b/phpBB/config/auth_providers.yml index bad6be9880..dfa229fa42 100644 --- a/phpBB/config/auth_providers.yml +++ b/phpBB/config/auth_providers.yml @@ -46,6 +46,8 @@ services: - %tables.auth_provider_oauth_account_assoc% - @auth.provider.oauth.service_collection - %tables.users% + - %core.root_path% + - %core.php_ext% tags: - { name: auth.provider } auth.provider.oauth.service_collection: diff --git a/phpBB/phpbb/auth/auth.php b/phpBB/phpbb/auth/auth.php index 400f5fef6d..5093483d4a 100644 --- a/phpBB/phpbb/auth/auth.php +++ b/phpBB/phpbb/auth/auth.php @@ -975,12 +975,9 @@ class phpbb_auth { // If this status exists a fourth field is in the $login array called 'redirect_data' // This data is passed along as GET data to the next page allow the account to be linked - $url = 'ucp.php?mode=login_link'; - foreach ($login['redirect_data'] as $key => $value) - { - $url .= '&' . $key . '=' . $value; - } + $params = array('mode' => 'login_link'); + $url = append_sid('ucp.' . $phpEx, array_merge($params, $login['redirect_data'])); redirect($url); } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index e1172f2e70..b427ca4e72 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -88,6 +88,20 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected $current_uri; + /** + * phpBB root path + * + * @var string + */ + protected $phpbb_root_path; + + /** + * PHP extenstion + * + * @var string + */ + protected $php_ext; + /** * OAuth Authentication Constructor * @@ -98,9 +112,11 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base * @param string $auth_provider_oauth_token_storage_table * @param string $auth_provider_oauth_token_account_assoc * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface - * @param string $users)table + * @param string $users_table + * @param string $phpbb_root_path + * @param string $php_ext */ - public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table) + public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext) { $this->db = $db; $this->config = $config; @@ -110,6 +126,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc; $this->service_providers = $service_providers; $this->users_table = $users_table; + $this->phpbb_root_path = $phpbb_root_path; + $this->php_ext = $php_ext; } /** @@ -138,7 +156,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Temporary workaround for only having one authentication provider available if (!$this->request->is_set('oauth_service')) { - $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $phpbb_root_path, $phpEx); + $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext); return $provider->login($username, $password); } -- cgit v1.2.1 From a8ffbce99f9ea99bd1fdca0e009001026e2d6950 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:00:16 -0400 Subject: [feature/oauth] Changes due to code review PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 32 +++++++++----------- phpBB/includes/ucp/ucp_login_link.php | 4 ++- phpBB/language/en/common.php | 1 + phpBB/language/en/ucp.php | 10 +++---- phpBB/phpbb/auth/provider/interface.php | 8 ++--- phpBB/phpbb/auth/provider/oauth/oauth.php | 17 ++++++----- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 6 ++-- .../phpbb/auth/provider/oauth/service/facebook.php | 10 +++---- phpBB/phpbb/auth/provider/oauth/service/google.php | 6 ++-- phpBB/phpbb/auth/provider/oauth/token_storage.php | 35 ++++++++++------------ 10 files changed, 62 insertions(+), 67 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index e2bf369984..4fa984c9e7 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -17,8 +17,17 @@ if (!defined('IN_PHPBB')) class ucp_auth_link { + /** + * @var string + */ public $u_action; + /** + * Generates the ucp_auth_link page and handles the auth link process + * + * @param int $id + * @param string $mode + */ public function main($id, $mode) { global $config, $request, $template, $phpbb_container, $user; @@ -72,7 +81,7 @@ class ucp_auth_link } } - // In some cases, an request to an external server may be required in + // In some cases, a request to an external server may be required. In // these cases, the GET parameter 'link' should exist and should be true if ($request->variable('link', false)) { @@ -114,8 +123,11 @@ class ucp_auth_link $s_hidden_fields = build_hidden_fields($s_hidden_fields); + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); + $template->assign_vars(array( - 'ERROR' => $this->build_error_text($error), + 'ERROR' => $error, 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], @@ -126,20 +138,4 @@ class ucp_auth_link $this->tpl_name = 'ucp_auth_link'; $this->page_title = 'UCP_AUTH_LINK'; } - - private function build_error_text(array $errors) - { - global $user; - - // Replace all errors that are language constants - foreach ($errors as $key => $error) - { - if (isset($user->lang[$error])) - { - $errors[$key] = $user->lang($error); - } - } - - return implode('
', $errors); - } } diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 2ed6a985d5..4173c54c42 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -91,7 +91,9 @@ class ucp_login_link if ($result) { $login_link_error = $user->lang[$result]; - } else { + } + else + { // Finish login $result = $user->session_create($login_result['user_row']['user_id'], false, false, true); diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 8c36edec58..5c7df2c5fd 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -90,6 +90,7 @@ $lang = array_merge($lang, array( 'AUTH_NO_PROFILE_CREATED' => 'The creation of a user profile was unsuccessful.', 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.', 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.', + 'AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED' => 'OAuth service not created', 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google', diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 19892ce194..03a14336b5 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -270,7 +270,7 @@ $lang = array_merge($lang, array( 'LINK_REMOTE_SIZE' => 'Avatar dimensions', 'LINK_REMOTE_SIZE_EXPLAIN' => 'Specify the width and height of the avatar, leave blank to attempt automatic verification.', 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', - 'LOGIN_LINK' => 'Link or Register Your External Account with This Board', + 'LOGIN_LINK' => 'Link or register your account on an external service with your board account', 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on this board. You must now either link this account to an existing account or create a new account.', 'LOGIN_LINK_MISSING_DATA' => 'Data that is necessary to link your account with an external service is not available. Please restart the login process.', 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.', @@ -480,18 +480,18 @@ $lang = array_merge($lang, array( 'UCP_AIM' => 'AOL Instant Messenger', 'UCP_ATTACHMENTS' => 'Attachments', 'UCP_AUTH_LINK' => 'External accounts', - 'UCP_AUTH_LINK_ASK' => 'You currently have no account tied to this external service. Click the button below to link your board account to an account with this external service.', + 'UCP_AUTH_LINK_ASK' => 'You currently have no account associated with this external service. Click the button below to link your board account to an account with this external service.', 'UCP_AUTH_LINK_ID' => 'Unique identifier', 'UCP_AUTH_LINK_LINK' => 'Link', - 'UCP_AUTH_LINK_MANAGE' => 'Manage external accounts', - 'UCP_AUTH_LINK_TITLE' => 'Manage your external accounts', + 'UCP_AUTH_LINK_MANAGE' => 'Manage external account associations', + 'UCP_AUTH_LINK_TITLE' => 'Manage your external account associations', 'UCP_AUTH_LINK_UNLINK' => 'Unlink', 'UCP_COPPA_BEFORE' => 'Before %s', 'UCP_COPPA_ON_AFTER' => 'On or after %s', 'UCP_EMAIL_ACTIVATE' => 'Please note that you will need to enter a valid email address before your account is activated. You will receive an email at the address you provide that contains an account activation link.', 'UCP_ICQ' => 'ICQ number', 'UCP_JABBER' => 'Jabber address', - 'UCP_LOGIN_LINK' => 'Set up an external account', + 'UCP_LOGIN_LINK' => 'Set up an external account association', 'UCP_MAIN' => 'Overview', 'UCP_MAIN_ATTACHMENTS' => 'Manage attachments', diff --git a/phpBB/phpbb/auth/provider/interface.php b/phpBB/phpbb/auth/provider/interface.php index 480ee4301b..eadd5f01d1 100644 --- a/phpBB/phpbb/auth/provider/interface.php +++ b/phpBB/phpbb/auth/provider/interface.php @@ -45,9 +45,9 @@ interface phpbb_auth_provider_interface * 'error_msg' => string * 'user_row' => array * ) - * A fourth key of the array may be present 'redirect_data' - * This key is only used when 'status' is equal to - * LOGIN_SUCCESS_LINK_PROFILE and it's value is an + * A fourth key of the array may be present: + * 'redirect_data' This key is only used when 'status' is + * equal to LOGIN_SUCCESS_LINK_PROFILE and its value is an * associative array that is turned into GET variables on * the redirect url. */ @@ -89,7 +89,7 @@ interface phpbb_auth_provider_interface * array: 'BLOCK_VAR_NAME'. If this is present, * then its value should be a string that is used * to designate the name of the loop used in the - * ACP template file. In addition to this, an + * ACP template file. When this is present, an * additional key named 'BLOCK_VARS' is required. * This must be an array containing at least one * array of variables that will be assigned during diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index b427ca4e72..c1c27c979f 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -211,8 +211,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . $this->users_table . " - WHERE user_id = '" . $this->db->sql_escape($row['user_id']) . "'"; + FROM ' . $this->users_table . ' + WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -231,7 +231,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base 'error_msg' => false, 'user_row' => $row, ); - } else { + } + else + { $url = $service->getAuthorizationUri(); header('Location: ' . $url); } @@ -291,8 +293,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base if (!$service) { - // Update to an actual error message - throw new Exception('Service not created: ' . $service_name); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED'); } return $service; @@ -474,7 +475,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base } /** - * Performs the account linking for login_link + * Performs the account linking for auth_link * * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account} * @param string $service_name The name of the service being used in @@ -503,7 +504,9 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base ); $this->link_account_perform_link($data); - } else { + } + else + { $url = $service->getAuthorizationUri(); header('Location: ' . $url); } diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 0918f577ec..59e66c7c34 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -71,10 +71,10 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ } // This was a callback request from bitly, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('user/info'), true ); + $result = json_decode($this->service_provider->request('user/info'), true); // Return the unique identifier returned from bitly return $result['data']['login']; @@ -91,7 +91,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ } // Send a request with it - $result = json_decode( $this->service_provider->request('user/info'), true ); + $result = json_decode($this->service_provider->request('user/info'), true); // Return the unique identifier returned from bitly return $result['data']['login']; diff --git a/phpBB/phpbb/auth/provider/oauth/service/facebook.php b/phpBB/phpbb/auth/provider/oauth/service/facebook.php index 836e4ee052..b853c8c8a5 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/facebook.php +++ b/phpBB/phpbb/auth/provider/oauth/service/facebook.php @@ -66,15 +66,14 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - // TODO: make exception class and use language constant throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('/me'), true ); + $result = json_decode($this->service_provider->request('/me'), true); // Return the unique identifier return $result['id']; @@ -87,12 +86,11 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - // TODO: make exception class and use language constant - throw new Exception('Invalid service provider type'); + throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it - $result = json_decode( $this->service_provider->request('/me'), true ); + $result = json_decode($this->service_provider->request('/me'), true); // Return the unique identifier return $result['id']; diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index 9c782bcaa0..eb4ad6317a 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -81,10 +81,10 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth } // This was a callback request, get the token - $this->service_provider->requestAccessToken( $this->request->variable('code', '') ); + $this->service_provider->requestAccessToken($this->request->variable('code', '')); // Send a request with it - $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); // Return the unique identifier return $result['id']; @@ -101,7 +101,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth } // Send a request with it - $result = json_decode( $this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true ); + $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); // Return the unique identifier return $result['id']; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index b31ffcd1ab..05e308d192 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -83,7 +83,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function retrieveAccessToken() { - if( $this->cachedToken instanceOf TokenInterface ) { + if ($this->cachedToken instanceOf TokenInterface) + { return $this->cachedToken; } @@ -92,7 +93,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -124,7 +125,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function hasAccessToken() { - if( $this->cachedToken ) { + if ($this->cachedToken) { return true; } @@ -133,7 +134,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface 'provider' => $this->service_name, ); - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -149,12 +150,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND provider = \'' . $this->db->sql_escape($this->service_name) . '\''; + WHERE user_id = ' . $this->user->data['user_id'] . " + AND provider = '" . $this->db->sql_escape($this->service_name) . "'"; - if ($this->user->data['user_id'] == ANONYMOUS) + if ($this->user->data['user_id'] === ANONYMOUS) { - $sql .= ' AND session_id = \'' . $this->user->data['session_id'] . '\''; + $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; } $this->db->sql_query($sql); @@ -176,8 +177,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . ' - AND session_id = \'' . $this->user->data['session_id'] . '\''; + WHERE user_id = ' . $this->user->data['user_id'] . " + AND session_id = '" . $this->user->data['session_id'] . "'"; $this->db->sql_query($sql); } @@ -188,7 +189,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function has_access_token_by_session() { - if( $this->cachedToken ) { + if ($this->cachedToken) + { return true; } @@ -208,19 +210,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected function _has_acess_token($data) { - $row = $this->get_access_token_row($data); - - if (!$row) - { - return false; - } - - return true; + return (bool) $this->get_access_token_row($data); } public function retrieve_access_token_by_session() { - if( $this->cachedToken instanceOf TokenInterface ) { + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; } -- cgit v1.2.1 From d847df717573a55cc6e13211fbe853b4784cf53c Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:10:10 -0400 Subject: [feature/oauth] A few more minor changes PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 13 +++++++++++++ phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 8400e98630..e3a1ac1fb0 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -506,6 +506,12 @@ class ucp_register $this->page_title = 'UCP_REGISTRATION'; } + /** + * Creates the login_link data array + * + * @return array Returns an array of all POST paramaters whose names + * begin with 'login_link_' + */ protected function get_login_link_data_array() { global $request; @@ -525,6 +531,13 @@ class ucp_register return $login_link_data; } + /** + * Prepends they key names of an associative array with 'login_link_' for + * inclusion on the page as hidden fields. + * + * @param array $data The array to be modified + * @return array The modified array + */ protected function get_login_link_data_for_hidden_fields($data) { $new_data = array(); diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 05e308d192..c0fce10e17 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -301,7 +301,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface if ($token_data === null) { - throw new TokenNotFoundException('Token not stored correctly'); + throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } $token_class = $token_data['token_class']; -- cgit v1.2.1 From 7f6b2a984927915a70b8e03bbdddd00d73910436 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:12:44 -0400 Subject: [feature/oauth] OAuth service exception PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 4 ++-- .../auth/provider/oauth/service/exception.php | 24 ++++++++++++++++++++++ .../phpbb/auth/provider/oauth/service/facebook.php | 4 ++-- phpBB/phpbb/auth/provider/oauth/service/google.php | 4 ++-- .../auth/provider/oauth/service/interface.php | 2 ++ 5 files changed, 32 insertions(+), 6 deletions(-) create mode 100644 phpBB/phpbb/auth/provider/oauth/service/exception.php (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 59e66c7c34..3dd33427f6 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -67,7 +67,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { // TODO: make exception class and use language constant - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request from bitly, get the token @@ -87,7 +87,7 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php new file mode 100644 index 0000000000..c2749f571a --- /dev/null +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -0,0 +1,24 @@ +service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -86,7 +86,7 @@ class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oau { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/google.php b/phpBB/phpbb/auth/provider/oauth/service/google.php index eb4ad6317a..d4ef6e1d42 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/google.php +++ b/phpBB/phpbb/auth/provider/oauth/service/google.php @@ -77,7 +77,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // This was a callback request, get the token @@ -97,7 +97,7 @@ class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) { - throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); + throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } // Send a request with it diff --git a/phpBB/phpbb/auth/provider/oauth/service/interface.php b/phpBB/phpbb/auth/provider/oauth/service/interface.php index 0d6ae7417f..3bba7c0e2c 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/interface.php +++ b/phpBB/phpbb/auth/provider/oauth/service/interface.php @@ -52,6 +52,7 @@ interface phpbb_auth_provider_oauth_service_interface /** * Returns the results of the authentication in json format * + * @throws phpbb_auth_provider_oauth_service_exception * @return string The unique identifier returned by the service provider * that is used to authenticate the user with phpBB. */ @@ -61,6 +62,7 @@ interface phpbb_auth_provider_oauth_service_interface * Returns the results of the authentication in json format * Use this function when the user already has an access token * + * @throws phpbb_auth_provider_oauth_service_exception * @return string The unique identifier returned by the service provider * that is used to authenticate the user with phpBB. */ -- cgit v1.2.1 From 265a3a35526830a351130aa4c15fa15b733005d2 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:14:56 -0400 Subject: [feature/oauth] Forgot to remove placeholder comment PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/service/bitly.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/bitly.php b/phpBB/phpbb/auth/provider/oauth/service/bitly.php index 3dd33427f6..3bafdd59ce 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/bitly.php +++ b/phpBB/phpbb/auth/provider/oauth/service/bitly.php @@ -66,7 +66,6 @@ class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_ { if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) { - // TODO: make exception class and use language constant throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); } -- cgit v1.2.1 From 2090a5020cec1d0488fa79c31da232517bff775b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Sat, 24 Aug 2013 22:17:15 -0400 Subject: [feature/oauth] Update comment on oauth service exception PHPBB3-16673 --- phpBB/phpbb/auth/provider/oauth/service/exception.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/service/exception.php b/phpBB/phpbb/auth/provider/oauth/service/exception.php index c2749f571a..23d3387951 100644 --- a/phpBB/phpbb/auth/provider/oauth/service/exception.php +++ b/phpBB/phpbb/auth/provider/oauth/service/exception.php @@ -1,8 +1,8 @@ Date: Mon, 2 Sep 2013 15:19:13 -0400 Subject: [feature/oauth] Update lusitanian/oauth to stable branch PHPBB3-11673 --- phpBB/composer.json | 2 +- phpBB/composer.lock | 42 ++++++++++++++++++++++++++---------------- 2 files changed, 27 insertions(+), 17 deletions(-) (limited to 'phpBB') diff --git a/phpBB/composer.json b/phpBB/composer.json index 20fe42735b..b4fad5a529 100644 --- a/phpBB/composer.json +++ b/phpBB/composer.json @@ -1,7 +1,7 @@ { "minimum-stability": "beta", "require": { - "lusitanian/oauth": "0.1.*@dev", + "lusitanian/oauth": "0.2.*", "symfony/config": "2.1.*", "symfony/dependency-injection": "2.1.*", "symfony/event-dispatcher": "2.1.*", diff --git a/phpBB/composer.lock b/phpBB/composer.lock index 4bd73be2fe..d1b90c3a3a 100644 --- a/phpBB/composer.lock +++ b/phpBB/composer.lock @@ -3,28 +3,34 @@ "This file locks the dependencies of your project to a known state", "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file" ], - "hash": "2b416686326d0308f977924abc825639", + "hash": "1be626fe7a2e4d450a6e8d67b9a31fb4", "packages": [ { "name": "lusitanian/oauth", - "version": "dev-master", + "version": "v0.2.1", "source": { "type": "git", "url": "https://github.com/Lusitanian/PHPoAuthLib.git", - "reference": "b7e96d0c36f17aa8a217b6be897363bb2cc93286" + "reference": "00c667d93058e983fc1b7d3d1cebdb1bc03fb043" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Lusitanian/PHPoAuthLib/zipball/b7e96d0c36f17aa8a217b6be897363bb2cc93286", - "reference": "b7e96d0c36f17aa8a217b6be897363bb2cc93286", + "url": "https://api.github.com/repos/Lusitanian/PHPoAuthLib/zipball/00c667d93058e983fc1b7d3d1cebdb1bc03fb043", + "reference": "00c667d93058e983fc1b7d3d1cebdb1bc03fb043", "shasum": "" }, "require": { "php": ">=5.3.0" }, "require-dev": { + "phpunit/phpunit": "3.7.*", + "predis/predis": "0.8.*@dev", "symfony/http-foundation": "~2.1" }, + "suggest": { + "predis/predis": "Allows using the Redis storage backend.", + "symfony/http-foundation": "Allows using the Symfony Session storage backend." + }, "type": "library", "extra": { "branch-alias": { @@ -33,7 +39,8 @@ }, "autoload": { "psr-0": { - "OAuth": "src" + "OAuth": "src", + "OAuth\\Unit": "tests" } }, "notification-url": "https://packagist.org/downloads/", @@ -47,7 +54,9 @@ }, { "name": "Pieter Hordijk", - "email": "info@pieterhordijk.com" + "email": "info@pieterhordijk.com", + "homepage": "https://pieterhordijk.com", + "role": "developer" } ], "description": "PHP 5.3+ oAuth 1/2 Library", @@ -57,7 +66,7 @@ "oauth", "security" ], - "time": "2013-07-12 12:56:37" + "time": "2013-08-29 21:40:04" }, { "name": "symfony/config", @@ -199,17 +208,17 @@ }, { "name": "symfony/http-foundation", - "version": "v2.1.11", + "version": "v2.1.12", "target-dir": "Symfony/Component/HttpFoundation", "source": { "type": "git", "url": "https://github.com/symfony/HttpFoundation.git", - "reference": "v2.1.11" + "reference": "79fd1ab0b85e782d342e83799b39b729fd1a30ee" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/HttpFoundation/zipball/v2.1.11", - "reference": "v2.1.11", + "url": "https://api.github.com/repos/symfony/HttpFoundation/zipball/79fd1ab0b85e782d342e83799b39b729fd1a30ee", + "reference": "79fd1ab0b85e782d342e83799b39b729fd1a30ee", "shasum": "" }, "require": { @@ -222,6 +231,7 @@ "SessionHandlerInterface": "Symfony/Component/HttpFoundation/Resources/stubs" } }, + "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -237,7 +247,7 @@ ], "description": "Symfony HttpFoundation Component", "homepage": "http://symfony.com", - "time": "2013-05-26 18:42:07" + "time": "2013-08-07 13:58:42" }, { "name": "symfony/http-kernel", @@ -1288,9 +1298,9 @@ ], "minimum-stability": "beta", - "stability-flags": { - "lusitanian/oauth": 20 - }, + "stability-flags": [ + + ], "platform": [ ], -- cgit v1.2.1 From 6df2bd4fd3e9babc6a79e4f03d6d5a20d79940f8 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:25:38 -0400 Subject: [feature/oauth] Update storage implementation due to inteface change PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- phpBB/phpbb/auth/provider/oauth/token_storage.php | 22 ++++++++++++++++++++-- 2 files changed, 21 insertions(+), 3 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c1c27c979f..142c209c0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -613,7 +613,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $storage->clearToken(); + $storage->clearToken($service_name); return; } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index c0fce10e17..96f2e2fb0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -145,13 +145,31 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function clearToken() + public function clearToken($service) { $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . " - AND provider = '" . $this->db->sql_escape($this->service_name) . "'"; + AND provider = '" . $this->db->sql_escape($service) . "'"; + + if ($this->user->data['user_id'] === ANONYMOUS) + { + $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + } + + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function clearAllTokens() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id']; if ($this->user->data['user_id'] === ANONYMOUS) { -- cgit v1.2.1 From a2be0aab5f21ee7efe7d765b08853231a38fcf72 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:27:57 -0400 Subject: [feature/oauth] Update oauth::logout() to use clearAllTokens() PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 142c209c0a..a5709d8ff6 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -530,10 +530,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . " - WHERE session_id = '" . $this->db->sql_escape($this->user->session_id) . "' - AND user_id = " . (int) $this->user->data['user_id']; - $this->db->sql_query($sql); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, '', $this->auth_provider_oauth_token_storage_table); + $stroage->clearAllTokens(); return; } -- cgit v1.2.1 From 4348fd83501a56338c1584d96da91b1d6945b93b Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:32:42 -0400 Subject: [feature/oauth] Make token storage service ignorant PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 12 ++++----- phpBB/phpbb/auth/provider/oauth/token_storage.php | 31 ++++++++--------------- 2 files changed, 17 insertions(+), 26 deletions(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a5709d8ff6..5df7db726b 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -175,7 +175,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get the service credentials for the given service $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'mode=login&login=external&oauth_service=' . $service_name_original; $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query); @@ -442,10 +442,10 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_login_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); // Check for an access token, they should have one - if (!$storage->has_access_token_by_session()) + if (!$storage->has_access_token_by_session($service_name)) { return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN'; } @@ -485,7 +485,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base */ protected function link_account_auth_link(array $link_data, $service_name) { - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']); $service_credentials = $this->service_providers[$service_name]->get_service_credentials(); $scopes = $this->service_providers[$service_name]->get_auth_scope(); @@ -530,7 +530,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base public function logout($data, $new_session) { // Clear all tokens belonging to the user - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, '', $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $stroage->clearAllTokens(); return; @@ -610,7 +610,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); - $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); + $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); $storage->clearToken($service_name); return; diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 96f2e2fb0a..15f491c9dc 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -43,13 +43,6 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ protected $user; - /** - * Name of the OAuth provider - * - * @var string - */ - protected $service_name; - /** * OAuth token table * @@ -67,21 +60,19 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @param phpbb_db_driver $db * @param phpbb_user $user - * @param string $service_name * @param string $auth_provider_oauth_table */ - public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name, $auth_provider_oauth_table) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table) { $this->db = $db; $this->user = $user; - $this->service_name = $service_name; $this->auth_provider_oauth_table = $auth_provider_oauth_table; } /** * {@inheritdoc} */ - public function retrieveAccessToken() + public function retrieveAccessToken($service) { if ($this->cachedToken instanceOf TokenInterface) { @@ -90,7 +81,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -104,13 +95,13 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function storeAccessToken(TokenInterface $token) + public function storeAccessToken($service, TokenInterface $token) { $this->cachedToken = $token; $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], ); @@ -123,7 +114,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function hasAccessToken() + public function hasAccessToken($service) { if ($this->cachedToken) { return true; @@ -131,7 +122,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'user_id' => $this->user->data['user_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); if ($this->user->data['user_id'] === ANONYMOUS) @@ -205,7 +196,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface * * @return bool true if they have token, false if they don't */ - public function has_access_token_by_session() + public function has_access_token_by_session($service) { if ($this->cachedToken) { @@ -214,7 +205,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_has_acess_token($data); @@ -231,7 +222,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return (bool) $this->get_access_token_row($data); } - public function retrieve_access_token_by_session() + public function retrieve_access_token_by_session($service) { if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; @@ -239,7 +230,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $data = array( 'session_id' => $this->user->data['session_id'], - 'provider' => $this->service_name, + 'provider' => $service, ); return $this->_retrieve_access_token($data); -- cgit v1.2.1 From 6420fdcc053aa1bfa0e612586a1d4f18a5172e74 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 15:55:23 -0400 Subject: [feature/oauth] Fix typo in OAuth logout method PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 5df7db726b..a0bc3038cb 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -531,7 +531,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base { // Clear all tokens belonging to the user $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table); - $stroage->clearAllTokens(); + $storage->clearAllTokens(); return; } -- cgit v1.2.1 From 51f06f36f1f90429b48cab473f0eaf2b57b1b811 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:31:09 -0400 Subject: [feature/oauth] Fix small issues on ucp pages PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 2 +- phpBB/includes/ucp/ucp_login_link.php | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index 4fa984c9e7..ed348609cf 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -1,7 +1,7 @@ variable_names(phpbb_request_interface::GET); $login_link_data = array(); + $string_start_length = strlen('login_link_'); foreach ($var_names as $var_name) { if (strpos($var_name, 'login_link_') === 0) { - $key_name = str_replace('login_link_', '', $var_name); + $key_name = substr($var_name, $string_start_length); $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); } } -- cgit v1.2.1 From 63ba06406575b5c7882ef26ee3b5469ca16afec5 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:32:24 -0400 Subject: [feature/oauth] Fix small bug introduced by update in OAuth library PHPBB3-11673 --- phpBB/phpbb/auth/provider/oauth/token_storage.php | 30 +++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'phpBB') diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 15f491c9dc..f9ba28ee69 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -74,6 +74,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function retrieveAccessToken($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; @@ -97,6 +99,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function storeAccessToken($service, TokenInterface $token) { + $service = $this->get_service_name_for_db($service); + $this->cachedToken = $token; $data = array( @@ -116,6 +120,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function hasAccessToken($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken) { return true; } @@ -138,6 +144,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function clearToken($service) { + $service = $this->get_service_name_for_db($service); + $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' @@ -198,6 +206,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface */ public function has_access_token_by_session($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken) { return true; @@ -224,6 +234,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface public function retrieve_access_token_by_session($service) { + $service = $this->get_service_name_for_db($service); + if ($this->cachedToken instanceOf TokenInterface) { return $this->cachedToken; } @@ -333,4 +345,22 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface return $token; } + + /** + * Returns the name of the service as it must be stored in the database. + * + * @param string $service The name of the OAuth service + * @return string The name of the OAuth service as it needs to be stored + * in the database. + */ + protected function get_service_name_for_db($service) + { + // Enforce the naming convention for oauth services + if (strpos($service, 'auth.provider.oauth.service.') !== 0) + { + $service = 'auth.provider.oauth.service.' . strtolower($service); + } + + return $service; + } } -- cgit v1.2.1 From 29e3768ecc7bc8adf96d4e31c4e05a6f1de6735a Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:47:40 -0400 Subject: [feature/oauth] More minor changes from review PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 4 ++-- phpBB/includes/ucp/ucp_register.php | 5 +++-- phpBB/phpbb/auth/auth.php | 2 +- phpBB/phpbb/auth/provider/oauth/oauth.php | 6 +++--- phpBB/phpbb/auth/provider/oauth/token_storage.php | 26 +++++++++++------------ 5 files changed, 22 insertions(+), 21 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index bf7df1d4eb..4620eb9b9e 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -236,8 +236,8 @@ class ucp_login_link */ protected function perform_redirect() { - global $phpEx; - $url = append_sid('index.' . $phpEx); + global $phpbb_root_path, $phpEx; + $url = append_sid($phpbb_root_path . 'index.' . $phpEx); redirect($url); } } diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index e3a1ac1fb0..372eecbb57 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -86,7 +86,7 @@ class ucp_register // Handle login_link data added to $_hidden_fields $login_link_data = $this->get_login_link_data_array(); - if ($login_link_data !== array()) + if (!empty($login_link_data)) { // Confirm that we have all necessary data $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); @@ -518,12 +518,13 @@ class ucp_register $var_names = $request->variable_names(phpbb_request_interface::POST); $login_link_data = array(); + $string_start_length = strlen('login_link_'); foreach ($var_names as $var_name) { if (strpos($var_name, 'login_link_') === 0) { - $key_name = str_replace('login_link_', '', $var_name); + $key_name = substr($var_name, $string_start_length); $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); } } diff --git a/phpBB/phpbb/auth/auth.php b/phpBB/phpbb/auth/auth.php index 5093483d4a..81f8c76fc8 100644 --- a/phpBB/phpbb/auth/auth.php +++ b/phpBB/phpbb/auth/auth.php @@ -977,7 +977,7 @@ class phpbb_auth // This data is passed along as GET data to the next page allow the account to be linked $params = array('mode' => 'login_link'); - $url = append_sid('ucp.' . $phpEx, array_merge($params, $login['redirect_data'])); + $url = append_sid($phpbb_root_path . 'ucp.' . $phpEx, array_merge($params, $login['redirect_data'])); redirect($url); } diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a0bc3038cb..be0b8bb7d6 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -211,8 +211,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Retrieve the user's account $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts - FROM ' . $this->users_table . ' - WHERE user_id = ' . (int) $row['user_id']; + FROM ' . $this->users_table . ' + WHERE user_id = ' . (int) $row['user_id']; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); @@ -545,7 +545,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Get all external accounts tied to the current user $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index f9ba28ee69..d21deb8999 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -82,11 +82,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, ); - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -104,7 +104,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = $token; $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, 'oauth_token' => $this->json_encode_token($token), 'session_id' => $this->user->data['session_id'], @@ -127,11 +127,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface } $data = array( - 'user_id' => $this->user->data['user_id'], + 'user_id' => (int) $this->user->data['user_id'], 'provider' => $service, ); - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { $data['session_id'] = $this->user->data['session_id']; } @@ -149,12 +149,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id'] . " + WHERE user_id = ' . (int) $this->user->data['user_id'] . " AND provider = '" . $this->db->sql_escape($service) . "'"; - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { - $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; } $this->db->sql_query($sql); @@ -168,11 +168,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' - WHERE user_id = ' . $this->user->data['user_id']; + WHERE user_id = ' . (int) $this->user->data['user_id']; - if ($this->user->data['user_id'] === ANONYMOUS) + if ((int) $this->user->data['user_id'] === ANONYMOUS) { - $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; } $this->db->sql_query($sql); @@ -194,8 +194,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface SET ' . $this->db->sql_build_array('UPDATE', array( 'user_id' => (int) $user_id )) . ' - WHERE user_id = ' . $this->user->data['user_id'] . " - AND session_id = '" . $this->user->data['session_id'] . "'"; + WHERE user_id = ' . (int) $this->user->data['user_id'] . " + AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'"; $this->db->sql_query($sql); } -- cgit v1.2.1 From ae18f921ea61b20b026c4679b5b27cf40825f5dd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:52:24 -0400 Subject: [feature/oauth] More small fixes PHPBB3-11673 --- phpBB/includes/ucp/ucp_register.php | 2 +- phpBB/styles/prosilver/template/login_body_oauth.html | 2 +- phpBB/styles/prosilver/template/ucp_login_link.html | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 372eecbb57..0c49cd1a5c 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -417,7 +417,7 @@ class ucp_register } // Perform account linking if necessary - if ($login_link_data !== array()) + if (!empty($login_link_data)) { $login_link_data['user_id'] = $user_id; diff --git a/phpBB/styles/prosilver/template/login_body_oauth.html b/phpBB/styles/prosilver/template/login_body_oauth.html index dbbe011c58..156485d211 100644 --- a/phpBB/styles/prosilver/template/login_body_oauth.html +++ b/phpBB/styles/prosilver/template/login_body_oauth.html @@ -4,5 +4,5 @@
 
{oauth.SERVICE_NAME}
- + diff --git a/phpBB/styles/prosilver/template/ucp_login_link.html b/phpBB/styles/prosilver/template/ucp_login_link.html index baf7d56176..d3c6931ce3 100644 --- a/phpBB/styles/prosilver/template/ucp_login_link.html +++ b/phpBB/styles/prosilver/template/ucp_login_link.html @@ -18,7 +18,7 @@
 
-
{S_HIDDEN_FIELDS}
+
{S_HIDDEN_FIELDS}
@@ -32,21 +32,21 @@
{LOGIN_ERROR}
-
+
-
+
- + {S_LOGIN_REDIRECT}
 
-
{S_HIDDEN_FIELDS}
+
{S_HIDDEN_FIELDS}
-- cgit v1.2.1 From d5808f13e5fa70ecc802c2a5a11c3143746c93f0 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 2 Sep 2013 16:54:14 -0400 Subject: [feature/oauth] Fix bug on ucp_auth_link related to error display PHPBB3-11673 --- phpBB/includes/ucp/ucp_auth_link.php | 1 + 1 file changed, 1 insertion(+) (limited to 'phpBB') diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php index ed348609cf..5a5653e0b2 100644 --- a/phpBB/includes/ucp/ucp_auth_link.php +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -125,6 +125,7 @@ class ucp_auth_link // Replace "error" strings with their real, localised form $error = array_map(array($user, 'lang'), $error); + $error = implode('
', $error); $template->assign_vars(array( 'ERROR' => $error, -- cgit v1.2.1 From 3f81057f96ae87d2a881f5c71be1816c703cb1fd Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 9 Sep 2013 11:40:16 -0400 Subject: [feature/oauth] Fix tabindex PHPBB3-11673 --- phpBB/styles/subsilver2/template/ucp_login_link.html | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'phpBB') diff --git a/phpBB/styles/subsilver2/template/ucp_login_link.html b/phpBB/styles/subsilver2/template/ucp_login_link.html index 36ed8a4cc5..5d8e3ee27b 100644 --- a/phpBB/styles/subsilver2/template/ucp_login_link.html +++ b/phpBB/styles/subsilver2/template/ucp_login_link.html @@ -24,7 +24,7 @@ - {S_HIDDEN_FIELDS} + {S_HIDDEN_FIELDS} @@ -47,23 +47,23 @@ - + - + - + {S_LOGIN_REDIRECT}   - {S_HIDDEN_FIELDS} + {S_HIDDEN_FIELDS} -- cgit v1.2.1 From 38afdd792fd9e5a969a6747391c494cd39e0e2a6 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 10 Sep 2013 02:17:41 +0200 Subject: [prep-release-3.0.12] Remove changelog entry for ticket that was not resolved. A wrong fix version was assigned to PHPBB3-11288. --- phpBB/docs/CHANGELOG.html | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 26f1d6ff94..6d8b39d524 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -152,7 +152,6 @@
  • [PHPBB3-11265] - Functional tests do not assert that board installation succeeded
  • [PHPBB3-11269] - Travis functional test case errors
  • [PHPBB3-11278] - Firebird tables are not removed correctly on 3.0.9-rc1 update
    • -
  • [PHPBB3-11288] - Search fooled by hyphens
  • [PHPBB3-11291] - "Could not open input file: ../composer.phar" error during phing's create-package
  • [PHPBB3-11292] - Newlines removed in display of PM reports, no clickable links in PM reports
  • [PHPBB3-11301] - "String offset cast occured" error on PHP 5.4
    • -- cgit v1.2.1 From 7435c40b5cb99b6be59fbd33cc7df0de24a94379 Mon Sep 17 00:00:00 2001 From: Nathan Guse Date: Tue, 10 Sep 2013 21:31:19 -0500 Subject: [ticket/11835] Fix ucp_auth_link adding in migration PHPBB3-11835 --- phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB') diff --git a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php index 8706d14798..cad1c16bb2 100644 --- a/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php +++ b/phpBB/phpbb/db/migration/data/310/auth_provider_oauth.php @@ -60,7 +60,7 @@ class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration return array( array('module.add', array( 'ucp', - 'UCP_AUTH_LINK', + 'UCP_PROFILE', array( 'module_basename' => 'ucp_auth_link', 'modes' => array('auth_link'), -- cgit v1.2.1