public function logRequest($requestMethod, $requestUri, array $requestData, $responseCode, array $responseOutput, array $bulkSet = array())
{
$days = bdApi_Option::get('logRetentionDays');
if ($days == 0) {
return false;
}
$dw = XenForo_DataWriter::create('bdApi_DataWriter_Log');
$dw->bulkSet($bulkSet);
if (!isset($bulkSet['client_id'])) {
/* @var $session bdApi_Session */
$session = XenForo_Application::getSession();
$dw->set('client_id', $session->getOAuthClientId());
}
if (!isset($bulkSet['user_id'])) {
$visitor = XenForo_Visitor::getInstance();
$dw->set('user_id', $visitor->get('user_id'));
}
if (!isset($bulkSet['ip_address'])) {
$dw->set('ip_address', isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '');
}
$dw->set('request_date', XenForo_Application::$time);
$dw->set('request_method', $requestMethod);
$dw->set('request_uri', $requestUri);
$dw->set('request_data', $this->_filterData($requestData));
$dw->set('response_code', $responseCode);
$dw->set('response_output', $this->_filterData($responseOutput));
return $dw->save();
}
public function actionAuthorizeGuest()
{
$requestPaths = XenForo_Application::get('requestPaths');
$social = $this->_input->filterSingle('social', XenForo_Input::STRING);
switch ($social) {
case 'facebook':
$facebookLink = XenForo_Link::buildPublicLink('full:register/facebook', null, array('reg' => 1, 'redirect' => $requestPaths['fullUri']));
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $facebookLink);
case 'twitter':
$twitterLink = XenForo_Link::buildPublicLink('full:register/twitter', null, array('reg' => 1, 'redirect' => $requestPaths['fullUri']));
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $twitterLink);
}
/* @var $oauth2Model bdApi_Model_OAuth2 */
$oauth2Model = $this->getModelFromCache('bdApi_Model_OAuth2');
/* @var $clientModel bdApi_Model_Client */
$clientModel = $oauth2Model->getClientModel();
$clientId = $this->_input->filterSingle('client_id', XenForo_Input::STRING);
$client = $clientModel->getClientById($clientId);
if (empty($client)) {
return $this->responseError(new XenForo_Phrase('bdapi_authorize_error_client_x_not_found', array('client' => $clientId)), 404);
}
$authorizeParams = $this->_input->filter($oauth2Model->getAuthorizeParamsInputFilter());
$redirectParams = $authorizeParams;
$redirectParams['timestamp'] = time() + bdApi_Option::get('authorizeBypassSecs');
$redirectParams['hash'] = bdApi_Crypt::encryptTypeOne(serialize($authorizeParams), $redirectParams['timestamp']);
$redirect = XenForo_Link::buildPublicLink('account/authorize', null, $redirectParams);
$viewParams = array('client' => $client, 'authorizeParams' => $authorizeParams, 'social' => $social, 'redirect' => $redirect);
$view = $this->responseView('bdApi_ViewPublic_Account_Authorize', 'bdapi_error_authorize_guest', $viewParams);
$view->responseCode = 403;
return $view;
}
public function insertConversationAlert(array $conversation, array $alertUser, $action, array $triggerUser = null, array $extraData = null, array &$messageInfo = null)
{
parent::insertConversationAlert($conversation, $alertUser, $action, $triggerUser, $extraData, $messageInfo);
if (!bdApi_Option::getSubscription(bdApi_Model_Subscription::TYPE_NOTIFICATION) || !bdApi_Option::get('userNotificationConversation')) {
return;
}
if (!$triggerUser) {
$triggerUser = array('user_id' => $conversation['last_message_user_id'], 'username' => $conversation['last_message_username']);
}
if ($triggerUser['user_id'] == $alertUser['user_id']) {
return;
}
if (empty($extraData)) {
$extraData = array();
}
$extraData['object_data'] = array('notification_id' => 0, 'notification_html' => '');
$extraData['object_data']['message'] = array('conversation_id' => $conversation['conversation_id'], 'title' => $conversation['title'], 'message' => XenForo_Template_Helper_Core::callHelper('snippet', array($messageInfo['message'], 140, array('stripQuote' => true))));
if (isset($extraData['message_id'])) {
$extraData['object_data']['message']['message_id'] = $extraData['message_id'];
} else {
$extraData['object_data']['message']['message_id'] = $conversation['first_message_id'];
}
$fakeAlert = array('alert_id' => 0, 'alerted_user_id' => $alertUser['user_id'], 'user_id' => $triggerUser['user_id'], 'username' => $triggerUser['username'], 'content_type' => 'conversation', 'content_id' => $conversation['conversation_id'], 'action' => $action, 'event_date' => XenForo_Application::$time, 'view_date' => 0, 'extra_data' => serialize($extraData));
if ($fakeAlert['alerted_user_id'] > 0) {
/* @var $alertModel bdApi_XenForo_Model_Alert */
$alertModel = $this->getModelFromCache('XenForo_Model_Alert');
$option = $alertModel->bdApi_getUserNotificationOption($fakeAlert['alerted_user_id']);
}
if (!empty($option)) {
if ($fakeAlert['user_id'] == XenForo_Visitor::getUserId()) {
$fakeAlert = array_merge($fakeAlert, XenForo_Visitor::getInstance()->toArray());
} else {
/** @var XenForo_Model_User $userModel */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$user = $userModel->getUserById($fakeAlert['user_id']);
$fakeAlert = array_merge($fakeAlert, $user);
}
/* @var $subscriptionModel bdApi_Model_Subscription */
$subscriptionModel = $this->getModelFromCache('bdApi_Model_Subscription');
$subscriptionModel->ping($option, 'insert', bdApi_Model_Subscription::TYPE_NOTIFICATION, $fakeAlert);
}
return;
}
public static function addHeaders(XenForo_ViewRenderer_Abstract $viewRenderer, Zend_Controller_Response_Http $response)
{
if (!bdApi_Option::get('cors')) {
return;
}
$request = $viewRenderer->getRequest();
$origin = $request->getHeader('Origin');
if (!empty($origin)) {
$response->setHeader('Access-Control-Allow-Origin', $origin, true);
$response->setHeader('Access-Control-Allow-Credentials', 'true', true);
} else {
$response->setHeader('Access-Control-Allow-Origin', '*', true);
}
$method = $request->getHeader('Access-Control-Request-Method');
if (!empty($method)) {
$response->setHeader('Access-Control-Allow-Method', $method, true);
}
$headers = $request->getHeader('Access-Control-Request-Headers');
if (!empty($headers)) {
$response->setHeader('Access-Control-Allow-Headers', $headers, true);
}
}
public function generateClientSecret()
{
return $this->_generateRandomString(bdApi_Option::get('secretLength'));
}
public function updateSessionActivity($controllerResponse, $controllerName, $action)
{
if (!bdApi_Option::get('trackSession')) {
return;
}
if (!$this->_request->isGet()) {
return;
}
$session = bdApi_Data_Helper_Core::safeGetSession();
if (empty($session)) {
return;
}
$visitorUserId = XenForo_Visitor::getUserId();
if ($visitorUserId === 0) {
return;
}
if ($controllerResponse instanceof XenForo_ControllerResponse_Reroute) {
return;
} elseif ($controllerResponse instanceof XenForo_ControllerResponse_Redirect) {
return;
}
$params = $this->_request->getUserParams();
$this->_prepareSessionActivityForApi($controllerName, $action, $params);
/** @var XenForo_Model_User $userModel */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$userModel->updateSessionActivity($visitorUserId, $this->_request->getClientIp(false), $controllerName, $action, 'valid', $params);
}
/**
* Constructor
*
* @param bdApi_Model_OAuth2 $model
*/
public function __construct(bdApi_Model_OAuth2 $model)
{
$storage = new bdApi_OAuth2_Storage($model);
parent::__construct(array('access_token' => $storage, 'authorization_code' => $storage, 'client_credentials' => $storage, 'user_credentials' => $storage, 'refresh_token' => $storage), array('auth_code_lifetime' => bdApi_Option::get('authCodeTTL'), 'access_lifetime' => bdApi_Option::get('tokenTTL'), 'refresh_token_lifetime' => bdApi_Option::get('refreshTokenTTLDays') * 86400, 'token_param_name' => 'oauth_token', 'enforce_state' => false, 'require_exact_redirect_uri' => false, 'allow_implicit' => true, 'always_issue_new_refresh_token' => true));
$this->_model = $model;
}
public function start($sessionId = null, $ipAddress = null)
{
parent::start($sessionId, $ipAddress);
/* @var $oauth2Model bdApi_Model_OAuth2 */
$oauth2Model = XenForo_Model::create('bdApi_Model_OAuth2');
$helper = bdApi_Template_Helper_Core::getInstance();
$this->_oauthToken = $oauth2Model->getServer()->getEffectiveToken();
if (empty($this->_oauthToken) and isset($_REQUEST['oauth_token'])) {
// added support for one time oauth token
$parts = explode(',', $_REQUEST['oauth_token']);
$userId = 0;
$timestamp = 0;
$once = '';
$client = null;
if (count($parts) == 4) {
$userId = intval($parts[0]);
$timestamp = intval($parts[1]);
$once = $parts[2];
if ($timestamp >= XenForo_Application::$time) {
$client = $oauth2Model->getClientModel()->getClientById($parts[3]);
}
}
if (!empty($client)) {
if ($userId == 0) {
// guest
if ($once == md5($userId . $timestamp . $client['client_secret'])) {
// make up fake token with full scopes for guest
$this->_oauthToken = array('token_id' => 0, 'client_id' => $client['client_id'], 'token_text' => '', 'expire_date' => XenForo_Application::$time, 'issue_date' => XenForo_Application::$time, 'user_id' => $userId, 'scope' => $helper->scopeJoin($oauth2Model->getSystemSupportedScopes()));
}
} else {
// user
$userTokens = $oauth2Model->getTokenModel()->getTokens(array('user_id' => $userId));
foreach ($userTokens as $userToken) {
if ($userToken['expire_date'] >= XenForo_Application::$time) {
if ($once == md5($userId . $timestamp . $userToken['token_text'] . $client['client_secret'])) {
$this->_oauthToken = $userToken;
}
}
}
}
if (!empty($this->_oauthToken)) {
// oauth token is set using one time token
// update the token text to avoid exposing real access token
$this->_oauthToken['token_text'] = $_REQUEST['oauth_token'];
}
}
}
if (!empty($this->_oauthToken)) {
if (!empty($this->_oauthToken['user_id'])) {
$this->changeUserId($this->_oauthToken['user_id']);
}
$scopes = $helper->scopeSplit($this->_oauthToken['scope']);
$this->set('scopes', $scopes);
} else {
$guestScopes = array();
if (!bdApi_Option::get('restrictAccess')) {
$guestScopes[] = bdApi_Model_OAuth2::SCOPE_READ;
}
$this->set('scopes', $guestScopes);
}
}
public function actionPostTokenGoogle()
{
$client = $this->_getClientOrError();
/* @var $userExternalModel XenForo_Model_UserExternal */
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$googleToken = $this->_input->filterSingle('google_token', XenForo_Input::STRING);
$httpClient = XenForo_Helper_Http::getClient('https://www.googleapis.com/plus/v1/people/me');
$httpClient->setParameterGet('access_token', $googleToken);
$response = $httpClient->request('GET');
$googleUser = json_decode($response->getBody(), true);
if (empty($googleUser['id'])) {
return $this->responseError(new XenForo_Phrase('bdapi_invalid_google_token'));
}
$googleAssoc = $userExternalModel->getExternalAuthAssociation('google', $googleUser['id']);
if (empty($googleAssoc)) {
$userData = array();
if (!empty($googleUser['displayName'])) {
$testDw = XenForo_DataWriter::create('XenForo_DataWriter_User');
$testDw->set('username', $googleUser['displayName']);
if (!$testDw->hasErrors()) {
// good username
$userData['username'] = $googleUser['displayName'];
}
}
if (!empty($googleUser['emails'])) {
foreach ($googleUser['emails'] as $googleEmail) {
$userData['user_email'] = $googleEmail['value'];
break;
}
}
if (!empty($googleUser['birthday'])) {
if (preg_match('#^(?<year>\\d+)-(?<month>\\d+)-(?<day>\\d+)$#', $googleUser['birthday'], $birthdayMatches)) {
$userData['user_dob_year'] = $birthdayMatches['year'];
$userData['user_dob_month'] = $birthdayMatches['month'];
$userData['user_dob_day'] = $birthdayMatches['day'];
}
}
$extraData = array('external_provider' => 'google', 'external_provider_key' => $googleUser['id']);
if (!empty($userData['user_email'])) {
$extraData['user_email'] = $userData['user_email'];
}
$extraData = serialize($extraData);
$extraTimestamp = time() + bdApi_Option::get('refreshTokenTTLDays') * 86400;
$userData += array('extra_data' => bdApi_Crypt::encryptTypeOne($extraData, $extraTimestamp), 'extra_timestamp' => $extraTimestamp);
$data = array('status' => 'ok', 'message' => new XenForo_Phrase('bdapi_no_google_association_found'), 'user_data' => $userData);
return $this->responseData('bdApi_ViewApi_OAuth_TokenGoogle_NoAssoc', $data);
}
return $this->_actionPostTokenNonStandard($client, $googleAssoc['user_id']);
}
