public function checkSecurity($authToken = true, $userToken = false, $mustBeOfficial = false)
{
if ($authToken) {
if (empty($this->authToken)) {
return $this->replyError('Missing authToken');
}
$tokenClass = new AuthToken();
try {
$app = $tokenClass->validate($this->authToken);
} catch (Exception $e) {
return $this->replyError('Invalid authToken');
}
$this->app = $app;
if ($mustBeOfficial && !$this->app->isOfficial()) {
return $this->replyError('Permission denied');
}
}
if ($userToken) {
if (empty($this->authToken)) {
return $this->replyError('Missing userToken');
}
$token = new UserToken();
$tokenData = $token->get($this->userToken);
if (!$tokenData || $tokenData->app != $this->app->id) {
return $this->replyError('Invalid userToken');
}
$userClass = new User();
$user = $userClass->get($tokenData->uid);
$this->user = $user;
}
return true;
}
/**
* Regenerates the authentication token and sets it for this user.
*
* @param string $server the sever to retrieve the token from
* @return string the newly generated auth token
*/
public function regenerateAuthToken($server = null)
{
if (!isset($server)) {
$server = $this->getAuthServer();
}
$authTokenClient = new AuthToken($this->email, $this->password, 'adwords', $this->getUserAgent(), 'GOOGLE', $server);
$authToken = $authTokenClient->getAuthToken();
$this->setAuthToken($authToken);
return $authToken;
}
public function __construct()
{
$token = Request::header('X-Auth-Token');
$this->user = json_decode(AuthToken::validate($token));
$this->page = Input::get('page');
$this->per_page = Input::get('per_page');
}
public function create()
{
$data = array('id' => $_POST['app'], 'secret' => $_POST['secret']);
if (empty($data['id']) || empty($data['secret'])) {
throw new Exception('missing id or secret');
}
$app = new App();
$appInfo = $app->get($data['id']);
if ($appInfo->secret != $data['secret']) {
throw new Exception('invalid autentication');
}
if ($appInfo->isBanned()) {
throw new Exception("This app can't create tokens");
}
$token = new AuthToken(array('app' => $data['id']));
return $token->save();
}
public function __construct()
{
$token = Request::header('X-Auth-Token');
$this->user = json_decode(AuthToken::validate($token));
$this->api_token = Input::get('api_token');
$this->page = Input::get('page');
$this->per_page = Input::get('per_page');
$this->type = Input::get('type');
$this->dbConnect = Helpers::dbConnect();
}
public function beforeSave()
{
//
// Fill auth_id on message if there is a user authenticated.
//
$auth_token = AuthToken::current();
if ($auth_token) {
$this->setAttribute('auth_id', $auth_token->auth_id);
}
parent::beforeSave();
}
public function facebookLogin()
{
$params = Input::all();
$user = Helpers::fbAuth($params['access_token']);
if ($user != null) {
$authToken = AuthToken::create($user['user_info']);
$publicToken = AuthToken::publicToken($authToken);
return Response::json(array('status' => '1', 'message' => 'Success Facebook Auth', 'token' => $publicToken, 'state' => $user['state'], 'user' => $user['user_info']));
} else {
return Response::json(array('status' => '0', 'message' => 'Wrong access_token', 'state' => 'wrong_access_token', 'user' => $user));
}
}
/**
* updates an auth-token
*
* @author Matthias Pfefferle
* @param int $pUserId
* @param int $pOnlineIdentityId
* @param string $pToken
* @param string $pTokenSecret
* @param boolean $pActive
* @return AuthToken
*/
public static function saveToken($pUserId, $pOnlineIdentityId, $pToken, $pTokenSecret, $pActive = false)
{
if ($lCheck = self::getByUserAndOnlineIdentity($pUserId, $pOnlineIdentityId)) {
$lToken = $lCheck;
} else {
$lToken = new AuthToken();
}
if ($pActive && $pOnlineIdentityId) {
$lIdentity = OnlineIdentityTable::getInstance()->retrieveByPK($pOnlineIdentityId);
$lIdentity->save();
}
$lToken->setTokenKey($pToken);
$lToken->setOnlineIdentityId($pOnlineIdentityId);
// get online-identity
$lOnlineIdentity = OnlineIdentityTable::getInstance()->find($pOnlineIdentityId);
$lToken->setCommunityId($lOnlineIdentity->getCommunityId());
$lToken->setTokenType(self::TOKEN_TYPE_OAUTH);
$lToken->setTokenSecret($pTokenSecret);
$lToken->setUserId($pUserId);
$lToken->save();
return $lToken;
}
public function __construct()
{
//not sure
$token = Request::header('X-Auth-Token');
$this->user = json_decode(AuthToken::validate($token));
$this->api_token = Input::get('api_token');
//end not sure
$this->page = Request::Input('page');
$this->per_page = Request::Input('per_page');
$this->ofset = 0;
if (is_null($this->page) || empty($this->page)) {
$this->page = 1;
}
if (is_null($this->per_page) || empty($this->per_page)) {
$this->per_page = 20;
}
if ($this->page != 1) {
$this->ofset = ($this->page - 1) * $this->per_page;
}
$this->users = array();
}
$source = 'Ads PHP Client Library Examples';
try {
print 'Requesting AuthTokens ';
while (TRUE) {
// Repeatedly request new authTokens, to trigger a CAPTCHA challenge.
$authToken = new AuthToken($email, $password, $service, $source);
$value = $authToken->GetAuthToken();
print '.';
}
} catch (AuthTokenException $e) {
print "\n";
if ($e->GetError() == 'CaptchaRequired') {
print "A CAPTCHA is required.\n";
printf("View CAPTCHA challenge image: %s/accounts/%s\n", $authToken->GetServer(), $e->GetCaptchaUrl());
$captchaToken = $e->GetCaptchaToken();
$captchaResponse = readInput('Enter CAPTCHA response: ');
// Request new AuthToken using CAPTCHA token and response.
try {
$authToken = new AuthToken($email, $password, $service, $source, NULL, NULL, $captchaToken, $captchaResponse);
$value = $authToken->GetAuthToken();
print "CAPTCHA challenge passed.\n";
} catch (AuthTokenException $e) {
print "CAPTCHA challenge failed.\n";
}
} else {
printf("AuthTokenException: %s\n", $e->GetError());
}
}
} catch (Exception $e) {
print $e->getMessage();
}
/**
* Regenerates the authentication token and sets it for this user.
* @param string $server The server to retrieve the token from.
* @return string The newly generated auth token.
*/
public function RegenerateAuthToken($server = NULL)
{
if (!isset($server)) {
$server = $this->GetAuthServer();
}
$authTokenClient = new AuthToken($this->email, $this->password, 'gam', $this->GetClientLibraryUserAgent(), 'GOOGLE', $server);
$authToken = $authTokenClient->GetAuthToken();
$this->SetAuthToken($authToken);
return $authToken;
}
/**
* Run method with main page logic
*
* Populate template and display form for registration. For POST requests, check if the user
* already exists. If not, create new User and AuthToken entries and send an email notification to the user
* @access public
*/
public function run()
{
$form_errors = array();
$form_values = array("username" => "", "password" => "", "password2" => "", "ulid" => "");
$session = Session::getInstance();
$user = $session->getUser();
// Session should not have a defined user
if ($user != null) {
$session->setMessage("You are already a user", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
if (!empty($_POST)) {
$form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
$form_values["ulid"] = isset($_POST["ulid"]) ? trim($_POST["ulid"]) : "";
if (empty($form_values["username"])) {
$form_errors["username"] = "******";
}
if (empty($form_values["password"])) {
$form_errors["password"] = "******";
}
if (empty($form_values["password2"])) {
$form_errors["password"] = "******";
}
if (empty($form_values["ulid"])) {
$form_errors["ulid"] = "No ulid specified";
} else {
if (!preg_match("/[a-z]{5,7}/", $form_values["ulid"])) {
$form_errors["ulid"] = "Ulid is not in the proper format.";
}
}
$userDAO = UserDAO::getInstance();
$user = $userDAO->loadByUsername($form_values["username"]);
// User already exists
if ($user != null) {
$form_errors["username"] = "******";
}
if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
$form_errors["password"] = "******";
}
$user = $userDAO->loadByUlid($form_values["ulid"]);
// User already exists
if ($user != null) {
$form_errors["ulid"] = "Ulid is already registered";
}
if (empty($form_errors)) {
$user = new User();
$user->setUsername($form_values["username"]);
$user->setPassHash(sha1($form_values["password"]));
$user->setUlid($form_values["ulid"]);
$status = $userDAO->insert($user);
if ($status) {
$token = new AuthToken();
$token->setUser($user);
$tokenDAO = AuthTokenDAO::getInstance();
$status = $tokenDAO->insert($token);
if ($status) {
$session->setMessage("Registration started. Check your email for a message to continue");
if (defined("SMTP_HOST") && strcmp(SMTP_HOST, "") != 0) {
$from_addr = EMAIL_ADDRESS;
//$to = "*****@*****.**";
$to = "{$form_values["ulid"]}@" . User::ISU_EMAIL_DOMAIN;
$subject = "Verify registration with " . SITE_NAME;
$body = "To start the next step of the registration process, click the verify link below and enter the requested information. If the URL does not appear as a link, copy the URL, paste it into your browser's address bar and proceed to the web page.\n\n" . joinPath(BASE_URL, "verify.php") . "?token={$token->getToken()}\n";
$headers = array("From" => $from_addr, "To" => $to, "Subject" => $subject);
$stmp = Mail::factory("smtp", array("host" => SMTP_HOST, "auth" => true, "username" => SMTP_USERNAME, "password" => SMTP_PASSWORD));
$mail = $stmp->send($to, $headers, $body);
}
header("Location: " . BASE_URL);
return;
}
}
}
}
$user = $session->getUser();
$this->template->render(array("title" => "Register", "main_page" => "register_tpl.php", "user" => $user, "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
}
//
});
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function () {
if (Auth::check()) {
$authToken = AuthToken::create(Auth::user());
$publicToken = AuthToken::publicToken($authToken);
}
if (!Auth::check()) {
return Redirect::to('/login');
}
// if (!Sentry::check()) return Redirect::guest('login');
});
Route::filter('auth.basic', function () {
return Auth::basic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
public static function parse($input)
{
if (($input = json_decode($input, true)) === FALSE || !isset($input['requests']) || !is_array($input['requests']) || !isset($input['authToken'])) {
throw new ServerException('Query.parse: malformat query.');
}
$query = new Query();
$query->authToken = AuthToken::parse($input['authToken']);
$query->requests = array();
foreach ($input['requests'] as $request) {
$query->requests[] = Request::parse($request);
}
return $query;
}
