/**
* Authorize an Application
* */
public function executeAuthorize(sfWebRequest $request)
{
$user_id = $this->getUser()->getAttribute('user_id', null, 'sfGuardSecurityUser');
$client_id = $request->getParameter('client_id');
// OAuth 2.0
if ($client_id == NULL) {
$client_id = $request->getParameter('oauth_consumer_key', ' ');
}
// OAuth 1.0
$this->consumer = Doctrine::getTable('sfOauthServerConsumer')->findOneByConsumerKey($client_id);
// Check if the client_id exist
$this->forward404Unless($this->consumer);
if ($this->consumer->getProtocole() == 1) {
$this->callback = $request->getParameter('oauth_callback', $this->consumer->getCallback());
$oauthServer = new sfoauthserver(new sfOAuthDataStore());
$this->token = $request->getParameter('oauth_token');
$this->forward404Unless($oauthServer->checkAuthorizeRequest($this->token));
if (!Doctrine::getTable('SfOauthServerUserScope')->isApplicationAuthorized($this->consumer->getId(), $user_id, $this->consumer->getScope())) {
if ($request->isMethod(sfRequest::POST)) {
if ($request->getParameter('accept') == 'Yes') {
$oauthServer->authorizeToken($this->token, $user_id);
return $this->redirect($this->callback);
} else {
$param = '?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request';
return $this->redirect($this->callback . $param);
}
}
} else {
$oauthServer->authorizeToken($this->token, $user_id);
return $this->redirect($this->callback);
}
} else {
if ($this->consumer->getProtocole() == 2) {
$this->redirect_uri = $request->getParameter('redirect_uri', $this->consumer->getCallback());
if ($this->redirect_uri == NULL) {
$this->redirect_uri = $this->consumer->getCallback();
}
$oauth = new sfOauth2Server();
$oauth->setUserId($user_id);
if ($request->isMethod(sfRequest::POST)) {
if ($request->getParameter('accept') == 'Yes') {
Doctrine::getTable('SfOauthServerUserScope')->authorizeApplication($this->consumer->getId(), $user_id, $this->consumer->getScope());
$oauth->finishClientAuthorization($request->getParameter('accept') == 'Yes', array_merge($_POST, array('scope' => $this->consumer->getScope())));
}
} else {
if (Doctrine::getTable('SfOauthServerUserScope')->isApplicationAuthorized($this->consumer->getId(), $user_id, $this->consumer->getScope())) {
$oauth->finishClientAuthorization(1, array_merge($_GET, array('scope' => $this->consumer->getScope())));
}
}
}
}
}
/**
* @see sfTask
*/
protected function execute($arguments = array(), $options = array())
{
$databaseManager = new sfDatabaseManager($this->configuration);
$oauth2 = new sfOauth2Server();
$accessTokenLife = $oauth2->getVariable('access_token_lifetime');
$authCodeLife = $oauth2->getVariable('auth_code_lifetime');
$expireRequestToken = $this->logSection('oauth 2.0', sprintf('auth code aged over %d secondes will be deleted ...', $authCodeLife));
$this->logSection('oauth 2.0', sprintf('access tokens aged over %d secondes will be deleted ...', $accessTokenLife));
$tokens = Doctrine::getTable('sfOauthServerRequestToken')->findAll();
foreach ($tokens as $token) {
if ($token->getProtocole() == '2' && $token->getExpires() > $authCodeLife || $token->getProtocole() == '1' && time() - strtotime($token->getCreated_at()) > 300) {
$token->delete();
}
}
$this->logSection('oauth', sprintf('%d auth tokens have been deleted', $tokens->count()));
$tokens = Doctrine::getTable('sfOauthServerAccessToken')->createQuery('t')->where('t.expires > ?', $accessTokenLife)->execute();
foreach ($tokens as $token) {
$token->delete();
}
$this->logSection('oauth', sprintf('%d access tokens have been deleted', $tokens->count()));
}
public function executeAccessToken(sfWebRequest $request)
{
$req = OAuthRequest::from_request(NULL, $request->getUri());
// To get variable in header
if ($req->get_parameter('oauth_version') == '1.0') {
$oauthServer = new sfoauthserver(new sfOAuthDataStore());
$req = OAuthRequest::from_request(NULL, $request->getUri());
$q = Doctrine::getTable('sfOauthServerRequestToken')->findOneByToken($req->get_parameter('oauth_token'));
$this->token = $oauthServer->fetch_access_token($req);
if ($q->getUserId() == NULL && $q->getScope()) {
throw new OAuthException('Token unauthorized');
}
return $this->setTemplate('token');
} else {
$q = Doctrine::getTable('sfOauthServerRequestToken')->findOneByToken($request->getParameter('code'));
$oauthServer2 = new sfOauth2Server();
$oauthServer2->setUserId($q->getUserId());
$oauthServer2->grantAccessToken($q->getScope());
return sfView::NONE;
}
}