Example #1
1
 public function isAccessTokenExpired()
 {
     $storage = new Session();
     try {
         $token = $storage->retrieveAccessToken(self::_SERVICE);
         if (is_null($token)) {
             return true;
         }
         return $token->getEndOfLife() !== TokenInterface::EOL_NEVER_EXPIRES && $token->getEndOfLife() !== TokenInterface::EOL_UNKNOWN && time() > $token->getEndOfLife();
     } catch (TokenNotFoundException $e) {
         return true;
     } catch (ExpiredTokenException $e) {
         return true;
     }
     return false;
 }
Example #2
0
 /**
  * Implements a generic OAuth service provider authentication
  *
  * @param  callable $callback A callable to call when OAuth authentication
  *                            starts
  * @param  string   $oauth    OAuth version to be used for authentication
  *
  * @return null|User          Returns a Grav user instance on success.
  */
 protected function genericOAuthProvider($callback, $oauth = 'oauth2')
 {
     /** @var Session */
     $session = $this->grav['session'];
     switch ($oauth) {
         case 'oauth1':
             if (empty($_GET['oauth_token']) && empty($_GET['oauth_verifier'])) {
                 // Extra request needed for OAuth1 to request a request token :-)
                 $token = $this->service->requestRequestToken();
                 // Create a state token to prevent request forgery.
                 // Store it in the session for later validation.
                 $redirect = $this->service->getAuthorizationUri(['oauth_token' => $token->getRequestToken()]);
                 $this->setRedirect($redirect);
                 // Update OAuth session
                 $session->oauth = $this->action;
             } else {
                 $token = $this->storage->retrieveAccessToken($session->oauth);
                 // This was a callback request from OAuth1 service, get the token
                 if (isset($_GET['_url'])) {
                     parse_str(parse_url($_GET['_url'])['query']);
                     $this->service->requestAccessToken($oauth_token, $_GET['oauth_verifier'], $token->getRequestTokenSecret());
                 } else {
                     $this->service->requestAccessToken($_GET['oauth_token'], $_GET['oauth_verifier'], $token->getRequestTokenSecret());
                 }
                 return $callback();
             }
             break;
         case 'oauth2':
         default:
             if (empty($_GET['code'])) {
                 // Create a state token to prevent request forgery (CSRF).
                 $state = sha1($this->getRandomBytes(1024, false));
                 $redirect = $this->service->getAuthorizationUri(['state' => $state]);
                 $this->setRedirect($redirect);
                 // Update OAuth session
                 $session->oauth = $this->action;
                 // Store CSRF in the session for later validation.
                 $this->storage->storeAuthorizationState($this->action, $state);
             } else {
                 // Retrieve the CSRF state parameter
                 $state = isset($_GET['state']) ? $_GET['state'] : null;
                 // This was a callback request from the OAuth2 service, get the token
                 $this->service->requestAccessToken($_GET['code'], $state);
                 return $callback();
             }
             break;
     }
     return;
 }
Example #3
0
 /**
  * @covers OAuth\Common\Storage\Session::storeAccessToken
  * @covers OAuth\Common\Storage\Session::retrieveAccessToken
  *
  * @runInSeparateProcess
  */
 public function testSerializeUnserialize()
 {
     $mock = $this->getMock('\\OAuth\\Common\\Token\\AbstractToken', array('__sleep'));
     $mock->expects($this->once())->method('__sleep')->will($this->returnValue(array('accessToken')));
     $storage = new Session();
     $storage->storeAccessToken('foo', $mock);
     $retrievedToken = $storage->retrieveAccessToken('foo');
     $this->assertInstanceOf('\\OAuth\\Common\\Token\\AbstractToken', $retrievedToken);
 }
Example #4
0
use OAuth\OAuth1\Service\OpenBankProject;
use OAuth\Common\Storage\Session;
use OAuth\Common\Consumer\Credentials;
use OAuth\OAuth1\Signature\Signature;
/**
 * Bootstrap the example
 */
require_once __DIR__ . '/bootstrap.php';
// Session storage, for testing purposes I choose Session. You can extend TokenStorageInterface and make connection with DB
$storage = new Session();
// Setup the credentials for the requests
$credentials = new Credentials($servicesCredentials['openBankProject']['key'], $servicesCredentials['openBankProject']['secret'], $currentUri->getAbsoluteUri());
$openBankProjectService = new OpenBankProject($credentials, new \OAuth\Common\Http\Client\CurlClient(), $storage, new Signature($credentials));
if (!empty($_GET['oauth_token'])) {
    var_dump($_SESSION);
    $token = $storage->retrieveAccessToken('OpenBankProject');
    // Get access token
    $openBankProjectService->requestAccessToken($_GET['oauth_token'], $_GET['oauth_verifier'], $token->getRequestTokenSecret());
    var_dump(json_decode($openBankProjectService->request('https://apisandbox.openbankproject.com/obp/v1.2.1/banks'), true));
    //Call some standard API
    exit;
} elseif (!empty($_GET['go']) && $_GET['go'] === 'go') {
    // Obtain request token
    $token = $openBankProjectService->requestRequestToken();
    $url = $openBankProjectService->getAuthorizationUri(array('oauth_token' => $token->getRequestToken()));
    header('Location: ' . $url);
    //Redirect to the Authentification server
    exit;
} else {
    $url = $currentUri->getRelativeUri() . '?go=go';
    echo "<a href='{$url}'>Login with Open Project API!</a>";