/**
*
* @return \models\API2ApplicationModel
*/
public function loadByAppAndRequestToken(API2ApplicationModel $app, $requestToken)
{
global $DB;
$stat = $DB->prepare("SELECT api2_application_request_token.* FROM api2_application_request_token" . " WHERE api2_application_id = :api2_application_id AND request_token = :request_token");
$stat->execute(array('api2_application_id' => $app->getId(), 'request_token' => $requestToken));
if ($stat->rowCount() > 0) {
$token = new API2ApplicationRequestTokenModel();
$token->setFromDataBaseRow($stat->fetch());
return $token;
}
}
function requestTokenJson(Application $app)
{
$data = array_merge($_GET, $_POST);
if (!$app['apiApp'] || !$app['apiAppLoadedBySecret']) {
return json_encode(array('success' => false));
}
// Settings
$requestToken = new \models\API2ApplicationRequestTokenModel();
if ($app['apiApp']->getIsCallbackUrl() && isset($data['callback_url']) && trim($data['callback_url'])) {
if ($app['apiApp']->isCallbackUrlAllowed(trim($data['callback_url']))) {
$requestToken->setCallbackUrl(trim($data['callback_url']));
} else {
return json_encode(array('success' => false, 'error_message' => 'That callback URL is not allowed'));
}
}
if ($app['apiApp']->getIsCallbackDisplay() && isset($data['callback_display']) && strtolower(trim($data['callback_display'])) == "true") {
$requestToken->setIsCallbackDisplay(true);
}
if ($app['apiApp']->getIsCallbackJavascript() && isset($data['callback_javascript']) && strtolower(trim($data['callback_javascript'])) == "true") {
$requestToken->setIsCallbackJavascript(true);
}
// $requestToken->setUserId(); TODO
$scopeArray = isset($data['scope']) ? explode(",", str_replace(" ", ",", $data['scope'])) : array();
$requestToken->setIsEditor(in_array('permission_editor', $scopeArray) && $app['apiApp']->getIsEditor());
$requestToken->setStateFromUser(isset($data['state']) ? $data['state'] : null);
// Check
if (!$requestToken->isAnyCallbackSet()) {
return json_encode(array('success' => false, 'error_message' => 'You must pass a callback'));
}
// Generate Token
$tokenRepo = new API2ApplicationRequestTokenRepository();
$token = $tokenRepo->create($app['apiApp'], $requestToken);
return json_encode(array('success' => true, 'request_token' => $token->getRequestToken()));
}
public function createForAppAndUserFromRequestToken(API2ApplicationModel $app, UserAccountModel $user, API2ApplicationRequestTokenModel $requestToken)
{
global $DB;
$token = new \models\API2ApplicationUserAuthorisationTokenModel();
$token->setApi2ApplicationId($app->getId());
$token->setUserId($user->getId());
$token->setRequestToken($requestToken->getRequestToken());
$token->setAuthorisationToken(createKey(1, 255));
global $DB;
try {
$DB->beginTransaction();
// Mark Request Token used
$stat = $DB->prepare("UPDATE api2_application_request_token SET used_at=:used_at " . "WHERE api2_application_id=:api2_application_id AND request_token=:request_token");
$stat->execute(array('used_at' => \TimeSource::getFormattedForDataBase(), 'api2_application_id' => $app->getId(), 'request_token' => $requestToken->getRequestToken()));
// TODO make sure token is unique!!!!!
$stat = $DB->prepare("INSERT INTO api2_application_user_authorisation_token (api2_application_id, user_id, authorisation_token, request_token, created_at) " . "VALUES (:api2_application_id, :user_id, :authorisation_token,:request_token, :created_at)");
$stat->execute(array('api2_application_id' => $app->getId(), 'user_id' => $user->getId(), 'authorisation_token' => $token->getAuthorisationToken(), 'request_token' => $token->getRequestToken(), 'created_at' => \TimeSource::getFormattedForDataBase()));
$DB->commit();
} catch (Exception $e) {
$DB->rollBack();
}
return $token;
}
/**
* @dataProvider dataForTestGetCallbackUrlWithParams
*/
function testGetCallbackUrlWithParams($url, $params, $result)
{
$rt = new API2ApplicationRequestTokenModel();
$rt->setCallbackUrl($url);
$this->assertEquals($result, $rt->getCallbackUrlWithParams($params));
}
