Beispiel #1
0
 protected function getOAuth2Server($args)
 {
     $platform = empty($args['platform']) ? 'base' : $args['platform'];
     $oauth2Server = SugarOAuth2Server::getOAuth2Server();
     $oauth2Server->setPlatform($platform);
     return $oauth2Server;
 }
 public function preDisplay()
 {
     if (session_id()) {
         // kill old session
         session_destroy();
     }
     SugarAutoLoader::load('custom/include/RestService.php');
     $restServiceClass = SugarAutoLoader::customClass('RestService');
     $service = new $restServiceClass();
     SugarOAuth2Server::getOAuth2Server();
     // to load necessary classes
     SugarAutoLoader::requireWithCustom('clients/base/api/OAuth2Api.php');
     $oapiClassName = SugarAutoLoader::customClass('OAuth2Api');
     $oapi = new $oapiClassName();
     $args = $_REQUEST;
     $args['client_id'] = 'sugar';
     $args['client_secret'] = '';
     if (!empty($_REQUEST['SAMLResponse'])) {
         $args['grant_type'] = SugarOAuth2Storage::SAML_GRANT_TYPE;
         $args['assertion'] = $_REQUEST['SAMLResponse'];
     } else {
         if (empty($args['grant_type'])) {
             $args['grant_type'] = OAuth2::GRANT_TYPE_USER_CREDENTIALS;
             if (!empty($args['user_name']) && isset($args['user_password'])) {
                 // old-style login, let's translate it
                 $args['username'] = $args['user_name'];
                 $args['password'] = $args['user_password'];
             }
         }
     }
     try {
         $this->authorization = $oapi->token($service, $args);
     } catch (Exception $e) {
         $GLOBALS['log']->error("Login exception: " . $e->getMessage());
         sugar_die($e->getMessage());
     }
     if (!empty($_REQUEST['dataOnly'])) {
         $this->dataOnly = true;
     }
     if (!empty($_REQUEST['platform'])) {
         $this->platform = $_REQUEST['platform'];
     }
     parent::preDisplay();
 }
Beispiel #3
0
 /**
  * Handles authentication of the current user from the download token
  *
  * @param string $token The download autentication token.
  * @param string $platform the platform for the download
  * @returns bool Was the login successful
  */
 protected function authenticateUserForDownload()
 {
     $valid = false;
     // Find the token
     if (!isset($_GET['platform'])) {
         return false;
     }
     $platform = $_GET['platform'];
     if (isset($_GET[self::DOWNLOAD_COOKIE])) {
         $token = $_GET[self::DOWNLOAD_COOKIE];
     } else {
         if (isset($_COOKIE[self::DOWNLOAD_COOKIE . '_' . $platform])) {
             $token = $_COOKIE[self::DOWNLOAD_COOKIE . '_' . $platform];
         }
     }
     if (!empty($token)) {
         $oauthServer = SugarOAuth2Server::getOAuth2Server();
         $oauthServer->setPlatform($platform);
         $tokenData = $oauthServer->verifyDownloadToken($token);
         $GLOBALS['current_user'] = BeanFactory::getBean('Users', $tokenData['user_id']);
         $valid = $this->userAfterAuthenticate($tokenData['user_id'], $oauthServer);
     }
     return $valid;
 }