/**
* Action for URL that the client redirects to when coming back from providers.
*/
public function actionRemoteLogin()
{
if (null !== $this->_remoteError) {
$this->_redirectError($this->_remoteError);
}
if (null === ($_providerId = Option::request('pid'))) {
throw new BadRequestException('No remote login provider specified.');
}
$this->layout = false;
$_flow = FilterInput::request('flow', Flows::CLIENT_SIDE, FILTER_SANITIZE_NUMBER_INT);
// Check local then global...
if (null === ($_providerModel = Provider::model()->byPortal($_providerId)->find())) {
/** @var \stdClass $_providerModel */
$_providerModel = Fabric::getProviderCredentials($_providerId);
if (empty($_providerModel)) {
throw new BadRequestException('The provider "' . $_providerId . '" is not available.');
}
// Translate from back-end to front-end
$_model = new stdClass();
$_model->id = $_providerModel->id;
$_model->provider_name = $_providerModel->provider_name_text;
$_model->config_text = $_providerModel->config_text;
$_model->api_name = $_providerModel->endpoint_text;
$_model->is_active = $_providerModel->enable_ind;
$_model->is_login_provider = $_providerModel->login_provider_ind;
$_providerModel = $_model;
}
// Set our store...
Oasys::setStore($_store = new ProviderUserStore(Session::getCurrentUserId(), $_providerModel->id));
$_config = Provider::buildConfig($_providerModel, Pii::getState($_providerId . '.user_config', array()), array('flow_type' => $_flow, 'redirect_uri' => Curl::currentUrl(false) . '?pid=' . $_providerModel->provider_name));
$_provider = Oasys::getProvider($_providerId, $_config);
if ($_provider->handleRequest()) {
// Now let the user model figure out what to do...
try {
$_user = User::remoteLoginRequest($_providerId, $_provider, $_providerModel);
Log::debug('Remote login success: ' . $_user->email . ' (id#' . $_user->id . ')');
} catch (\Exception $_ex) {
Log::error($_ex->getMessage());
// No soup for you!
$this->_redirectError($_ex->getMessage());
}
// Go home baby!
$this->redirect('/');
}
Log::error('Seems that the provider rejected the login...');
$this->_redirectError('Error during remote login sequence. Please try again.');
}
/**
* Construct a link to authorize the application
*
* @param array $payload
*
* @return string
*/
public function getAuthorizationUrl($payload = array())
{
$_map = $this->_config->getEndpoint(EndpointTypes::AUTHORIZE);
$_scope = $this->getConfig('scope');
$_referrer = Option::get($this->_requestPayload, 'referrer', Option::server('HTTP_REFERER', Curl::currentUrl()), true);
$_redirectUri = $this->getConfig('redirect_uri', $_referrer);
$_origin = $this->getConfig('origin_uri', $_redirectUri);
$_proxyUrl = $this->getConfig('redirect_proxy_url');
$_state = array('request' => array('method' => Option::server('REQUEST_METHOD'), 'referrer' => $_referrer, 'query_string' => Option::server('QUERY_STRING'), 'remote_addr' => Option::server('REMOTE_ADDR'), 'time' => microtime(true), 'uri' => Option::server('REQUEST_URI'), 'payload' => $this->_requestPayload), 'origin' => $_origin, 'api_key' => sha1($_origin), 'redirect_uri' => $_redirectUri);
Log::debug('Request state built: ' . print_r($_state, true));
$_payload = array_merge(array('client_id' => $this->getConfig('client_id'), 'redirect_uri' => $_redirectUri, 'response_type' => 'code', 'scope' => is_array($_scope) ? implode(' ', $_scope) : $_scope, 'state' => Storage::freeze($_state)), Option::clean(Option::get($_map, 'parameters', array())));
if (!empty($_proxyUrl)) {
Log::info('Proxying request through: ' . $_proxyUrl);
$_payload['redirect_uri'] = $_proxyUrl;
}
$_qs = http_build_query($_payload);
$this->setConfig('authorize_url', $_authorizeUrl = $_map['endpoint'] . Curl::urlSeparator($_map['endpoint']) . $_qs);
Log::debug('Authorization URL created: ' . $_authorizeUrl);
return $_authorizeUrl;
}
* This file is part of the DreamFactory Oasys (Open Authentication SYStem)
*
* DreamFactory Oasys (Open Authentication SYStem) <http://dreamfactorysoftware.github.io>
* Copyright 2014 DreamFactory Software, Inc. <*****@*****.**>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace DreamFactory\Oasys\Configs\Schemas;
/**
* oauth.schema.php
* The config schema for an OAuth service
*/
use DreamFactory\Oasys\Enums\AccessTypes;
use DreamFactory\Oasys\Enums\Flows;
use DreamFactory\Oasys\Enums\GrantTypes;
use DreamFactory\Oasys\Enums\OAuthTypes;
use DreamFactory\Oasys\Enums\TokenTypes;
use Kisma\Core\Utility\Curl;
return array('client_id' => array('type' => 'text', 'maxlength' => 64, 'class' => 'required'), 'client_secret' => array('type' => 'text', 'maxlength' => 128, 'class' => 'required'), 'redirect_uri' => array('type' => 'text', 'maxlength' => 1024, 'class' => 'required', 'placeholder' => Curl::currentUrl(false, false)), 'scope' => array('type' => 'textarea', 'hint' => 'Comma-separated list of desired scopes.'), 'certificate_file' => array('type' => 'textarea', 'maxlength' => 1024, 'placeholder' => 'Provider Default'), 'authorize_url' => array('type' => 'text', 'maxlength' => 1024, 'placeholder' => 'Provider Default'), 'grant_type' => array('type' => 'select', 'value' => GrantTypes::AUTHORIZATION_CODE, 'data' => GrantTypes::getDefinedConstants(true, null, true)), 'auth_type' => array('type' => 'select', 'value' => OAuthTypes::URI, 'data' => OAuthTypes::getDefinedConstants(true, null, true)), 'access_type' => array('type' => 'select', 'value' => AccessTypes::OFFLINE, 'data' => AccessTypes::getDefinedConstants(true, null, true)), 'flow_type' => array('type' => 'select', 'value' => Flows::SERVER_SIDE, 'data' => Flows::getDefinedConstants(true, null, true)), 'access_token_param_name' => array('type' => 'text', 'maxlength' => 64, 'hint' => 'The name of the parameter to use when sending the access token via URL.'), 'auth_header_name' => array('type' => 'text', 'maxlength' => 64, 'hint' => 'The name of the parameter to use when sending the access token via HTTP header.'), 'access_token_type' => array('type' => 'select', 'default' => TokenTypes::URI, 'data' => TokenTypes::getDefinedConstants(true, null, true), 'hint' => 'The type of, and way the provider expects to receive, the token.'), 'access_token' => array('type' => 'text', 'maxlength' => 128, 'placeholder' => 'Not Stored', 'private' => true), 'access_token_secret' => array('type' => 'text', 'maxlength' => 128, 'placeholder' => 'Not Stored', 'private' => true), 'access_token_expires' => array('type' => 'text', 'class' => 'number', 'private' => true), 'refresh_token' => array('type' => 'text', 'maxlength' => 128, 'private' => true), 'refresh_token_expires' => array('type' => 'text', 'class' => 'number', 'private' => true), 'redirect_proxy_url' => array('type' => 'text', 'maxlength' => 1024));
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- Footer -->
<?php
include __DIR__ . '/views/_footer.php';
?>
<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js"></script>
<script src="//google-code-prettify.googlecode.com/svn/loader/run_prettify.js"></script>
<script src="js/app.jquery.js"></script>
<script>
// This needs to be last because _options is defined in app.jquery.js... lame, I know...
_options.baseUrl = <?php
echo "'" . Curl::currentUrl(false, false) . "'";
?>
;
_options.providers = <?php
echo json_encode($_providerCache);
?>
;
</script>
</body>
</html>
$_step = 'light';
$_headline = 'DSP Settings';
$_themeList = null;
// Change these to update the CDN versions used. Set to false to disable
$_bootstrapVersion = '3.1.1';
// Set to false to disable
$_bootswatchVersion = '3.1.1';
$_dataTablesVersion = '1.9.4';
$_bootswatchTheme = FilterInput::request('theme', Pii::getState('admin.default_theme', 'default'), FILTER_SANITIZE_STRING);
Pii::setState('dsp.admin_theme', $_bootswatchTheme);
$_useBootswatchThemes = 'default' != $_bootswatchTheme;
$_fontAwesomeVersion = '4.0.3';
// Set to false to disable
$_jqueryVersion = '1.11.0';
$_themes = array('Default', 'Amelia', 'Cerulean', 'Cosmo', 'Cyborg', 'Flatly', 'Journal', 'Readable', 'Simplex', 'Slate', 'Spacelab', 'United');
$_url = Curl::currentUrl(false);
foreach ($_themes as $_item) {
$_name = strtolower($_item);
$_class = $_bootswatchTheme == $_name ? 'class="active"' : null;
$_themeList .= <<<HTML
\t<li {$_class}><a href="{$_url}?theme={$_name}">{$_item}</a></li>
HTML;
}
// Our css building begins...
$_css = '<link href="https://fonts.googleapis.com/css?family=Open+Sans:400,700,800" rel="stylesheet" type="text/css">';
$_scripts = null;
if ($_useBootswatchThemes) {
$_css .= '<link href="//netdna.bootstrapcdn.com/bootswatch/' . $_bootswatchVersion . '/' . $_bootswatchTheme . '/bootstrap.min.css" rel="stylesheet" media="screen">';
} else {
if (false !== $_bootstrapVersion) {
$_css .= '<link href="//netdna.bootstrapcdn.com/bootstrap/' . $_bootstrapVersion . '/css/bootstrap.min.css" rel="stylesheet" media="screen">';
