/** * This event will be trigger if the session is not set but the token is provided * ---------- * User can authenticate via the token and registers the session for Device to retrieve data * This is needed since the browser store the cookie to mark the state as login otherwise reading data from external apps will be directed to login * @param String $token token stored per user */ private function verify($token, $appId) { if (isset($token) && isset($appId)) { $model = OauthFactory::getModel('token'); $apps = OauthFactory::getModel('application'); /* login to session */ if ($model->authenticateToken($token, $appId)) { $userId = $model->getUserId(); $user = JFactory::getUser($userId); $mainframe = JFactory::getApplication(); // check if the token is expired if ($model->isExpires($token)) { $apps->removeDevice($appId); $mainframe->redirect(JRoute::_('index.php/?option=com_oauth&view=oauth&task=authenticate&appId=' . $appId, false), JText::_('PLG_SYSTEM_OAUTH_TOKEN_EXPIRED'), 'Error'); } else { if (!$model->isAuthorized($token)) { $mainframe->redirect(JRoute::_('index.php/?option=com_profile&view=edit&task=applications', false), JText::_('PLG_SYSTEM_OAUTH_TOKEN_DEAUTHORIZED'), 'Error'); } else { $this->userLogin($user); } } } else { $mainframe = JFactory::getApplication(); $mainframe->redirect(JRoute::_('index.php/?option=com_oauth&view=oauth&task=authenticate&appId=' . $appId, false), JText::_('PLG_SYSTEM_OAUTH_TOKEN_INVALID'), 'Error'); } } }
/** * The purpose of this view is to retrieve the token generated for the app * Process flow: * 1) Navigate to index.php/component/oauth/?view=oauth&task=authenticate&appId=[appId] * 2) Get the device approved * 3) Run in the background to retrieve the token generated in this view */ public function display() { $model = OauthFactory::getModel('application'); $token = $model->getAppToken(JRequest::getVar('appId')); // make sure only the token belongs to the user will be generate if ($model->isAppBelongToUser(JRequest::getVar('appId'))) { $vals['token'] = $token; echo json_encode($vals); } exit; }
public function applications() { JRequest::setVar('view', 'applications'); $mainframe = JFactory::getApplication(); $apps = new Applications(); // this is for auto installation method $redirectUri = JRequest::getVar('redirect_uri'); $clientId = JRequest::getVar('client_id'); $clientSecret = JRequest::getVar('client_secret'); $deviceId = JRequest::getVar('deviceId'); // if this is a request for grant/revoke if ($_POST && $deviceId) { switch (JRequest::getVar('deviceAction')) { case 'grant': $apps->grantAccess($deviceId); break; case 'revoke': $apps->revokeAccess($deviceId); break; } } else { if ($clientId && $clientSecret && $redirectUri) { header("Content-Type: application/json"); header("Cache-Control: no-store"); JRequest::setVar('installing', true); if ($_POST || JRequest::getVar('silent')) { $model = OauthFactory::getModel('Application'); // use library for the OAuth to standardize require_once JPATH_ROOT . DS . 'components' . DS . 'com_oauth' . DS . 'libraries' . DS . 'PDOOAuth2.inc'; $oauth = new PDOOAuth2(); if ($oauth->addClient($clientId, $clientSecret, $redirectUri)) { $authData = array('client_id' => $clientId, 'response_type' => 'code', 'redirect_uri' => $redirectUri); $oauth->finishClientAuthorization(true, $authData); /* if this is a silent request, give a silent feedback */ if (JRequest::getVar('silent')) { echo json_encode(array('success' => 'true')); exit; } JRequest::setVar('authorize', true); JRequest::setVar('appName', $clientId); $mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_APPLICATION_INSTALL')); } else { if (JRequest::getVar('silent')) { echo json_encode(array('success' => false, 'error' => JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER'))); exit; } $mainframe->enqueueMessage(JText::_('COM_OAUTH_LABEL_FAILED_TO_REGISTER'), 'Error'); } } } } parent::display(); }