public function setUp()
{
parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$expires = time() + 100;
$this->code = random::generatePassword(8);
$this->object = API_OAuth2_AuthCode::create(self::$DI['app'], $this->account, $this->code, $expires);
}
public function setUp()
{
parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$expires = time() + 100;
$this->token = random::generatePassword(8);
$this->scope = 'scopidou';
$this->object = API_OAuth2_RefreshToken::create(self::$DI['app'], $this->account, $expires, $this->token, $this->scope);
}
public function setUp()
{
parent::setUp();
$account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
try {
new API_OAuth2_Token(self::$DI['app']['phraseanet.appbox'], $account);
$this->fail();
} catch (Exception $e) {
}
$this->object = API_OAuth2_Token::create(self::$DI['app']['phraseanet.appbox'], $account);
}
/**
*
* @param Application $app
* @param User $user
* @param type $name
* @return API_OAuth2_Application
*/
public static function create(Application $app, User $user = null, $name)
{
$sql = '
INSERT INTO api_applications (
application_id, creator, created_on, name, last_modified,
nonce, client_id, client_secret, activated, grant_password
)
VALUES (
null, :usr_id, NOW(), :name, NOW(), :nonce, :client_id,
:client_secret, :activated, :grant_password
)';
$nonce = random::generatePassword(6);
$client_secret = API_OAuth2_Token::generate_token();
$client_token = API_OAuth2_Token::generate_token();
$params = [':usr_id' => $user ? $user->getId() : null, ':name' => $name, ':client_id' => $client_token, ':client_secret' => $client_secret, ':nonce' => $nonce, ':activated' => 1, ':grant_password' => 0];
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute($params);
$stmt->closeCursor();
$application_id = $app['phraseanet.appbox']->get_connection()->lastInsertId();
$application = new self($app, $application_id);
if ($user) {
API_OAuth2_Account::create($app, $user, $application);
}
return $application;
}
public static function create(Application $app, API_OAuth2_Account $account, $route, $status_code, $format, $ressource, $general = null, $aspect = null, $action = null)
{
$sql = '
INSERT INTO
api_logs (
api_log_id,
api_account_id,
api_log_route,
api_log_date,
api_log_status_code,
api_log_format,
api_log_ressource,
api_log_general,
api_log_aspect,
api_log_action
)
VALUES (
null,
:account_id,
:route,
NOW(),
:status_code,
:format,
:ressource,
:general,
:aspect,
:action
)';
$params = [':account_id' => $account->get_id(), ':route' => $route, ':status_code' => $status_code, ':format' => $format, ':ressource' => $ressource, ':general' => $general, ':aspect' => $aspect, ':action' => $action];
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute($params);
$stmt->closeCursor();
$log_id = $app['phraseanet.appbox']->get_connection()->lastInsertId();
return new self($app, $log_id);
}
/**
*
* @param appbox $appbox
* @param API_OAuth2_Account $account
* @param string $scope
* @return API_OAuth2_Token
*/
public static function create(appbox $appbox, API_OAuth2_Account $account, $scope = null)
{
$sql = 'INSERT INTO api_oauth_tokens
(oauth_token, session_id, api_account_id, expires, scope)
VALUES (:token, null, :account_id, :expire, :scope)';
$expires = new \DateTime('+1 hour');
$params = [':token' => self::generate_token(), ':account_id' => $account->get_id(), ':expire' => $expires->format(DATE_ISO8601), ':scope' => $scope];
$stmt = $appbox->get_connection()->prepare($sql);
$stmt->execute($params);
$stmt->closeCursor();
return new API_OAuth2_Token($appbox, $account);
}
public function testLoad_with_user()
{
$loaded = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$this->assertInstanceOf('API_OAuth2_Account', $loaded);
$this->assertEquals($this->object, $loaded);
}
/**
*
* @param Application $app
* @param API_OAuth2_Account $account
* @param int $expires
* @param type $refresh_token
* @param type $scope
* @return API_OAuth2_RefreshToken
*/
public static function create(Application $app, API_OAuth2_Account $account, $expires, $refresh_token, $scope)
{
$sql = 'INSERT INTO api_oauth_refresh_tokens
(refresh_token, api_account_id, expires, scope)
VALUES (:refresh_token, :account_id, :expires, :scope)';
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$params = [":refresh_token" => $refresh_token, ":account_id" => $account->get_id(), ":expires" => $expires, ":scope" => $scope];
$stmt->execute($params);
$stmt->closeCursor();
return new self($app, $refresh_token);
}
/**
*
* @param Application $app
* @param API_OAuth2_Account $account
* @param type $code
* @param int $expires
* @return API_OAuth2_AuthCode
*/
public static function create(Application $app, API_OAuth2_Account $account, $code, $expires)
{
$sql = 'INSERT INTO api_oauth_codes (code, api_account_id, expires)
VALUES (:code, :account_id, FROM_UNIXTIME(:expires))';
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$params = [":code" => $code, ":account_id" => $account->get_id(), ":expires" => $expires];
$stmt->execute($params);
$stmt->closeCursor();
return new self($app, $code);
}
/**
*
* @param int $usr_id
* @return API_OAuth2_Account
*/
private function createAccount($usr_id)
{
$user = $this->app['manipulator.user']->getRepository()->find($usr_id);
return API_OAuth2_Account::create($this->app, $user, $this->client);
}
/**
* Display authorized applications that can access user informations
*
* @param Application $app A Silex application where the controller is mounted on
* @param Request $request The current request
* @param Integer $application_id The application id
*
* @return JsonResponse
*/
public function grantAccess(Application $app, Request $request, $application_id)
{
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
$app->abort(400, $app->trans('Bad request format, only JSON is allowed'));
}
$error = false;
try {
$account = \API_OAuth2_Account::load_with_user($app, new \API_OAuth2_Application($app, $application_id), $app['authentication']->getUser());
$account->set_revoked((bool) $request->query->get('revoke'), false);
} catch (NotFoundHttpException $e) {
$error = true;
}
return $app->json(['success' => !$error]);
}
/**
* @dataProvider revokeProvider
*/
public function testAUthorizedAppGrantAccessSuccessfull($revoke, $expected)
{
self::$DI['client']->request('GET', '/account/security/application/' . self::$DI['oauth2-app-user']->get_id() . '/grant/', ['revoke' => $revoke], [], ['HTTP_ACCEPT' => 'application/json', 'HTTP_X-Requested-With' => 'XMLHttpRequest']);
$response = self::$DI['client']->getResponse();
$this->assertTrue($response->isOk());
$json = json_decode($response->getContent());
$this->assertInstanceOf('StdClass', $json);
$this->assertObjectHasAttribute('success', $json);
$this->assertTrue($json->success);
$account = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$this->assertEquals($expected, $account->is_revoked());
}
public function testCheckNativeApp()
{
$value = self::$DI['app']['conf']->get(['registry', 'api-clients', 'navigator-enabled']);
self::$DI['app']['conf']->set(['registry', 'api-clients', 'navigator-enabled'], false);
$fail = null;
try {
$nativeApp = \API_OAuth2_Application::load_from_client_id(self::$DI['app'], \API_OAuth2_Application_Navigator::CLIENT_ID);
$account = \API_OAuth2_Account::create(self::$DI['app'], self::$DI['user'], $nativeApp);
$token = $account->get_token()->get_value();
$this->setToken($token);
self::$DI['client']->request('GET', '/api/v1/databoxes/list/', $this->getParameters(), [], ['HTTP_Accept' => $this->getAcceptMimeType()]);
$content = $this->unserialize(self::$DI['client']->getResponse()->getContent());
if (403 != $content['meta']['http_code']) {
$fail = new \Exception('Result does not match expected 403, returns ' . $content['meta']['http_code']);
}
} catch (\Exception $e) {
$fail = $e;
}
self::$DI['app']['conf']->set(['registry', 'api-clients', 'navigator-enabled'], false);
if ($fail) {
throw $fail;
}
}
