public function actionAuthorizeGuest() { $requestPaths = XenForo_Application::get('requestPaths'); $social = $this->_input->filterSingle('social', XenForo_Input::STRING); switch ($social) { case 'facebook': $facebookLink = XenForo_Link::buildPublicLink('full:register/facebook', null, array('reg' => 1, 'redirect' => $requestPaths['fullUri'])); return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $facebookLink); case 'twitter': $twitterLink = XenForo_Link::buildPublicLink('full:register/twitter', null, array('reg' => 1, 'redirect' => $requestPaths['fullUri'])); return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $twitterLink); } /* @var $oauth2Model bdApi_Model_OAuth2 */ $oauth2Model = $this->getModelFromCache('bdApi_Model_OAuth2'); /* @var $clientModel bdApi_Model_Client */ $clientModel = $oauth2Model->getClientModel(); $clientId = $this->_input->filterSingle('client_id', XenForo_Input::STRING); $client = $clientModel->getClientById($clientId); if (empty($client)) { return $this->responseError(new XenForo_Phrase('bdapi_authorize_error_client_x_not_found', array('client' => $clientId)), 404); } $authorizeParams = $this->_input->filter($oauth2Model->getAuthorizeParamsInputFilter()); $redirectParams = $authorizeParams; $redirectParams['timestamp'] = time() + bdApi_Option::get('authorizeBypassSecs'); $redirectParams['hash'] = bdApi_Crypt::encryptTypeOne(serialize($authorizeParams), $redirectParams['timestamp']); $redirect = XenForo_Link::buildPublicLink('account/authorize', null, $redirectParams); $viewParams = array('client' => $client, 'authorizeParams' => $authorizeParams, 'social' => $social, 'redirect' => $redirect); $view = $this->responseView('bdApi_ViewPublic_Account_Authorize', 'bdapi_error_authorize_guest', $viewParams); $view->responseCode = 403; return $view; }
public static function prepareDiscoveryParams(array &$params, Zend_Controller_Response_Http $response, $topicType, $topicId, $selfLink, $subscriptionOption) { if (!bdApi_Option::getSubscription($topicType)) { // subscription for this topic type has been disabled return false; } // subscription discovery $hubLink = bdApi_Data_Helper_Core::safeBuildApiLink('subscriptions', null, array('hub.topic' => bdApi_Model_Subscription::getTopic($topicType, $topicId), 'oauth_token' => '')); $response->setHeader('Link', sprintf('<%s>; rel=hub', $hubLink)); $response->setHeader('Link', sprintf('<%s>; rel=self', $selfLink)); // subscription info if (!empty($subscriptionOption)) { $subscriptionOption = @unserialize($subscriptionOption); if (!empty($subscriptionOption['subscriptions'])) { /* @var $session bdApi_Session */ $session = XenForo_Application::getSession(); $clientId = $session->getOAuthClientId(); foreach ($subscriptionOption['subscriptions'] as $subscription) { if ($subscription['client_id'] == $clientId) { $params['subscription_callback'] = $subscription['callback']; } } } } return true; }
public function logRequest($requestMethod, $requestUri, array $requestData, $responseCode, array $responseOutput, array $bulkSet = array()) { $days = bdApi_Option::get('logRetentionDays'); if ($days == 0) { return false; } $dw = XenForo_DataWriter::create('bdApi_DataWriter_Log'); $dw->bulkSet($bulkSet); if (!isset($bulkSet['client_id'])) { /* @var $session bdApi_Session */ $session = XenForo_Application::getSession(); $dw->set('client_id', $session->getOAuthClientId()); } if (!isset($bulkSet['user_id'])) { $visitor = XenForo_Visitor::getInstance(); $dw->set('user_id', $visitor->get('user_id')); } if (!isset($bulkSet['ip_address'])) { $dw->set('ip_address', isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''); } $dw->set('request_date', XenForo_Application::$time); $dw->set('request_method', $requestMethod); $dw->set('request_uri', $requestUri); $dw->set('request_data', $this->_filterData($requestData)); $dw->set('response_code', $responseCode); $dw->set('response_output', $this->_filterData($responseOutput)); return $dw->save(); }
public function resetUnreadAlertsCounter($userId) { if (bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_NOTIFICATION)) { // subscription for alert is enabled $userOption = $this->bdApi_getUserNotificationOption($userId); if (!empty($userOption)) { /* @var $subscriptionModel bdApi_Model_Subscription */ $subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription'); $subscriptionModel->ping($userOption, 'read', bdApi_Model_Subscription::TYPE_NOTIFICATION, 0); } } parent::resetUnreadAlertsCounter($userId); }
protected function _bdApi_pingUser($action) { if (!bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_USER)) { // subscription for user has been disabled return false; } $userOption = $this->get('bdapi_user'); if (!empty($userOption)) { $userOption = @unserialize($userOption); if (!empty($userOption)) { /* @var $subscriptionModel bdApi_Model_Subscription */ $subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription'); $subscriptionModel->ping($userOption, $action, bdApi_Model_Subscription::TYPE_USER, $this->get('user_id')); } } return true; }
protected function _bdApi_pingThreadPost($action) { if (!bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_THREAD_POST)) { // subscription for thread post has been disabled return false; } $thread = $this->getDiscussionData(); if (!empty($thread['bdapi_thread_post'])) { $threadOption = @unserialize($thread['bdapi_thread_post']); if (!empty($threadOption)) { /* @var $subscriptionModel bdApi_Model_Subscription */ $subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription'); $subscriptionModel->ping($threadOption, $action, bdApi_Model_Subscription::TYPE_THREAD_POST, $this->get('post_id')); } } return true; }
protected function _postSave() { if ($this->isInsert() && bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_NOTIFICATION)) { /* @var $subscriptionModel bdApi_Model_Subscription */ $subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription'); $alertedUserId = $this->get('alerted_user_id'); if ($alertedUserId > 0) { /* @var $alertModel bdApi_XenForo_Model_Alert */ $alertModel = $this->getModelFromCache('XenForo_Model_Alert'); $option = $alertModel->bdApi_getUserNotificationOption($this->get('alerted_user_id')); } else { $option = $subscriptionModel->getClientSubscriptionsData(); } if (!empty($option)) { $subscriptionModel->ping($option, 'insert', bdApi_Model_Subscription::TYPE_NOTIFICATION, $this->get('alert_id')); } } parent::_postSave(); }
public function insertConversationAlert(array $conversation, array $alertUser, $action, array $triggerUser = null, array $extraData = null, array &$messageInfo = null) { parent::insertConversationAlert($conversation, $alertUser, $action, $triggerUser, $extraData, $messageInfo); if (!bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_NOTIFICATION) || !bdApi_Option::get('userNotificationConversation')) { return; } if (!$triggerUser) { $triggerUser = array('user_id' => $conversation['last_message_user_id'], 'username' => $conversation['last_message_username']); } if ($triggerUser['user_id'] == $alertUser['user_id']) { return; } if (empty($extraData)) { $extraData = array(); } $extraData['object_data'] = array('notification_id' => 0, 'notification_html' => ''); $extraData['object_data']['message'] = array('conversation_id' => $conversation['conversation_id'], 'title' => $conversation['title'], 'message' => XenForo_Template_Helper_Core::callHelper('snippet', array($messageInfo['message'], 140, array('stripQuote' => true)))); if (isset($extraData['message_id'])) { $extraData['object_data']['message']['message_id'] = $extraData['message_id']; } else { $extraData['object_data']['message']['message_id'] = $conversation['first_message_id']; } $fakeAlert = array('alert_id' => 0, 'alerted_user_id' => $alertUser['user_id'], 'user_id' => $triggerUser['user_id'], 'username' => $triggerUser['username'], 'content_type' => 'conversation', 'content_id' => $conversation['conversation_id'], 'action' => $action, 'event_date' => XenForo_Application::$time, 'view_date' => 0, 'extra_data' => serialize($extraData)); if ($fakeAlert['alerted_user_id'] > 0) { /* @var $alertModel bdApi_XenForo_Model_Alert */ $alertModel = $this->getModelFromCache('XenForo_Model_Alert'); $option = $alertModel->bdApi_getUserNotificationOption($fakeAlert['alerted_user_id']); } if (!empty($option)) { if ($fakeAlert['user_id'] == XenForo_Visitor::getUserId()) { $fakeAlert = array_merge($fakeAlert, XenForo_Visitor::getInstance()->toArray()); } else { /** @var XenForo_Model_User $userModel */ $userModel = $this->getModelFromCache('XenForo_Model_User'); $user = $userModel->getUserById($fakeAlert['user_id']); $fakeAlert = array_merge($fakeAlert, $user); } /* @var $subscriptionModel bdApi_Model_Subscription */ $subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription'); $subscriptionModel->ping($option, 'insert', bdApi_Model_Subscription::TYPE_NOTIFICATION, $fakeAlert); } return; }
public static function addHeaders(XenForo_ViewRenderer_Abstract $viewRenderer, Zend_Controller_Response_Http $response) { if (!bdApi_Option::get('cors')) { return; } $request = $viewRenderer->getRequest(); $origin = $request->getHeader('Origin'); if (!empty($origin)) { $response->setHeader('Access-Control-Allow-Origin', $origin, true); $response->setHeader('Access-Control-Allow-Credentials', 'true', true); } else { $response->setHeader('Access-Control-Allow-Origin', '*', true); } $method = $request->getHeader('Access-Control-Request-Method'); if (!empty($method)) { $response->setHeader('Access-Control-Allow-Method', $method, true); } $headers = $request->getHeader('Access-Control-Request-Headers'); if (!empty($headers)) { $response->setHeader('Access-Control-Allow-Headers', $headers, true); } }
public function generateClientSecret() { return $this->_generateRandomString(bdApi_Option::get('secretLength')); }
public function updateSessionActivity($controllerResponse, $controllerName, $action) { if (!bdApi_Option::get('trackSession')) { return; } if (!$this->_request->isGet()) { return; } $session = bdApi_Data_Helper_Core::safeGetSession(); if (empty($session)) { return; } $visitorUserId = XenForo_Visitor::getUserId(); if ($visitorUserId === 0) { return; } if ($controllerResponse instanceof XenForo_ControllerResponse_Reroute) { return; } elseif ($controllerResponse instanceof XenForo_ControllerResponse_Redirect) { return; } $params = $this->_request->getUserParams(); $this->_prepareSessionActivityForApi($controllerName, $action, $params); /** @var XenForo_Model_User $userModel */ $userModel = $this->getModelFromCache('XenForo_Model_User'); $userModel->updateSessionActivity($visitorUserId, $this->_request->getClientIp(false), $controllerName, $action, 'valid', $params); }
/** * Constructor * * @param bdApi_Model_OAuth2 $model */ public function __construct(bdApi_Model_OAuth2 $model) { $storage = new bdApi_OAuth2_Storage($model); parent::__construct(array('access_token' => $storage, 'authorization_code' => $storage, 'client_credentials' => $storage, 'user_credentials' => $storage, 'refresh_token' => $storage), array('auth_code_lifetime' => bdApi_Option::get('authCodeTTL'), 'access_lifetime' => bdApi_Option::get('tokenTTL'), 'refresh_token_lifetime' => bdApi_Option::get('refreshTokenTTLDays') * 86400, 'token_param_name' => 'oauth_token', 'enforce_state' => false, 'require_exact_redirect_uri' => false, 'allow_implicit' => true, 'always_issue_new_refresh_token' => true)); $this->_model = $model; }
public function start($sessionId = null, $ipAddress = null) { parent::start($sessionId, $ipAddress); /* @var $oauth2Model bdApi_Model_OAuth2 */ $oauth2Model = XenForo_Model::create('bdApi_Model_OAuth2'); $helper = bdApi_Template_Helper_Core::getInstance(); $this->_oauthToken = $oauth2Model->getServer()->getEffectiveToken(); if (empty($this->_oauthToken) and isset($_REQUEST['oauth_token'])) { // added support for one time oauth token $parts = explode(',', $_REQUEST['oauth_token']); $userId = 0; $timestamp = 0; $once = ''; $client = null; if (count($parts) == 4) { $userId = intval($parts[0]); $timestamp = intval($parts[1]); $once = $parts[2]; if ($timestamp >= XenForo_Application::$time) { $client = $oauth2Model->getClientModel()->getClientById($parts[3]); } } if (!empty($client)) { if ($userId == 0) { // guest if ($once == md5($userId . $timestamp . $client['client_secret'])) { // make up fake token with full scopes for guest $this->_oauthToken = array('token_id' => 0, 'client_id' => $client['client_id'], 'token_text' => '', 'expire_date' => XenForo_Application::$time, 'issue_date' => XenForo_Application::$time, 'user_id' => $userId, 'scope' => $helper->scopeJoin($oauth2Model->getSystemSupportedScopes())); } } else { // user $userTokens = $oauth2Model->getTokenModel()->getTokens(array('user_id' => $userId)); foreach ($userTokens as $userToken) { if ($userToken['expire_date'] >= XenForo_Application::$time) { if ($once == md5($userId . $timestamp . $userToken['token_text'] . $client['client_secret'])) { $this->_oauthToken = $userToken; } } } } if (!empty($this->_oauthToken)) { // oauth token is set using one time token // update the token text to avoid exposing real access token $this->_oauthToken['token_text'] = $_REQUEST['oauth_token']; } } } if (!empty($this->_oauthToken)) { if (!empty($this->_oauthToken['user_id'])) { $this->changeUserId($this->_oauthToken['user_id']); } $scopes = $helper->scopeSplit($this->_oauthToken['scope']); $this->set('scopes', $scopes); } else { $guestScopes = array(); if (!bdApi_Option::get('restrictAccess')) { $guestScopes[] = bdApi_Model_OAuth2::SCOPE_READ; } $this->set('scopes', $guestScopes); } }
public function actionPostTokenGoogle() { $client = $this->_getClientOrError(); /* @var $userExternalModel XenForo_Model_UserExternal */ $userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal'); $googleToken = $this->_input->filterSingle('google_token', XenForo_Input::STRING); $httpClient = XenForo_Helper_Http::getClient('https://www.googleapis.com/plus/v1/people/me'); $httpClient->setParameterGet('access_token', $googleToken); $response = $httpClient->request('GET'); $googleUser = json_decode($response->getBody(), true); if (empty($googleUser['id'])) { return $this->responseError(new XenForo_Phrase('bdapi_invalid_google_token')); } $googleAssoc = $userExternalModel->getExternalAuthAssociation('google', $googleUser['id']); if (empty($googleAssoc)) { $userData = array(); if (!empty($googleUser['displayName'])) { $testDw = XenForo_DataWriter::create('XenForo_DataWriter_User'); $testDw->set('username', $googleUser['displayName']); if (!$testDw->hasErrors()) { // good username $userData['username'] = $googleUser['displayName']; } } if (!empty($googleUser['emails'])) { foreach ($googleUser['emails'] as $googleEmail) { $userData['user_email'] = $googleEmail['value']; break; } } if (!empty($googleUser['birthday'])) { if (preg_match('#^(?<year>\\d+)-(?<month>\\d+)-(?<day>\\d+)$#', $googleUser['birthday'], $birthdayMatches)) { $userData['user_dob_year'] = $birthdayMatches['year']; $userData['user_dob_month'] = $birthdayMatches['month']; $userData['user_dob_day'] = $birthdayMatches['day']; } } $extraData = array('external_provider' => 'google', 'external_provider_key' => $googleUser['id']); if (!empty($userData['user_email'])) { $extraData['user_email'] = $userData['user_email']; } $extraData = serialize($extraData); $extraTimestamp = time() + bdApi_Option::get('refreshTokenTTLDays') * 86400; $userData += array('extra_data' => bdApi_Crypt::encryptTypeOne($extraData, $extraTimestamp), 'extra_timestamp' => $extraTimestamp); $data = array('status' => 'ok', 'message' => new XenForo_Phrase('bdapi_no_google_association_found'), 'user_data' => $userData); return $this->responseData('bdApi_ViewApi_OAuth_TokenGoogle_NoAssoc', $data); } return $this->_actionPostTokenNonStandard($client, $googleAssoc['user_id']); }
public function isValidTopic(&$topic, array $viewingUser = null) { $this->standardizeViewingUserReference($viewingUser); list($type, $id) = self::parseTopic($topic); if ($type != self::TYPE_CLIENT && !bdApi_Option::getSubscription($type)) { // subscription for this topic type has been disabled return false; } switch ($type) { case self::TYPE_NOTIFICATION: if ($id === 'me') { // now supports user_notification_me $id = $viewingUser['user_id']; $topic = self::getTopic($type, $id); } return $id > 0 and $id == $viewingUser['user_id']; case self::TYPE_THREAD_POST: /* @var $threadModel XenForo_Model_Thread */ $threadModel = $this->getModelFromCache('XenForo_Model_Thread'); $thread = $threadModel->getThreadById($id); return $thread['user_id'] == $viewingUser['user_id']; case self::TYPE_USER: if ($id === 'me') { // now supports user_me $id = $viewingUser['user_id']; $topic = self::getTopic($type, $id); } return $id > 0 and $id == $viewingUser['user_id']; case self::TYPE_CLIENT: $session = bdApi_Data_Helper_Core::safeGetSession(); return $session->getOAuthClientId() !== ''; } return false; }