/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token
* and user services like WP JSON API and WP REST API.
* @param [type] $user_id User ID to
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
// If the token key is there but the ID is either 0 or empty
// we will assume it is a valid client access token and will need to investigate the
// request further.
} elseif (isset($token['user_id']) && $token['user_id'] === 0) {
}
}
}
/**
* @Get("/auth")
*/
public function authAction()
{
$storage = new OAuth2\Storage\Mongo(DI::getDefault()->getMongo());
$server = new \OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
}
public function getServer($force = false)
{
if ($this->_server === null || $force === true) {
$storages = $this->createStorages();
$server = new \OAuth2\Server($storages, $this->options);
$server->addGrantType(new \OAuth2\GrantType\UserCredentials($storages['user_credentials']));
$server->addGrantType(new \OAuth2\GrantType\RefreshToken($storages['refresh_token'], ['always_issue_new_refresh_token' => true]));
$this->_server = $server;
}
return $this->_server;
}
/**
* 搭建OAuth2 的服务
*/
public function oauth_server()
{
require_once './OAuth2/Autoloader.php';
\OAuth2\Autoloader::register();
$dsn = 'mysql:host=127.0.0.1;dbname=opencenter';
$this->storage = new \OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => 'root', 'password' => 'suzhouadmin'));
$server = new \OAuth2\Server($this->storage);
$this->server_all = $server;
$server->addGrantType(new \OAuth2\GrantType\ClientCredentials($this->storage));
$server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->storage));
}
public function __construct()
{
global $CONFIG;
\OAuth2\Autoloader::register();
$storage = new \OAuth2\Storage\Pdo(array('dsn' => "mysql:dbname=" . $CONFIG->dbname . ";host=" . $CONFIG->dbhost, 'username' => $CONFIG->dbuser, 'password' => $CONFIG->dbpass));
$server = new \OAuth2\Server($storage, array('access_lifetime' => 3600 * 24 * 7, 'enforce_state' => false));
$uc_storage = new UserCredentialsStorage();
$server->addGrantType(new \OAuth2\GrantType\UserCredentials($uc_storage));
$server->addGrantType(new \OAuth2\GrantType\RefreshToken($storage, array('always_issue_new_refresh_token' => true, 'refresh_token_lifetime' => 3600 * 24 * 30 * 6)));
$this->server = $server;
}
/**
* Create an OAuth2 Server
*
*/
public function createServer()
{
// Init storage
$storage = new OAuth2\Storage\Pdo($this->modx->config['connections'][0], $this->tablenames);
if (!$storage instanceof OAuth2\Storage\Pdo) {
$this->modx->log(modX::LOG_LEVEL_ERROR, '[OAuth2Server] could not load a valid storage class!');
return null;
}
// Init server
$server = new OAuth2\Server($storage, $this->options['server']);
if (!$server instanceof OAuth2\Server) {
$this->modx->log(modX::LOG_LEVEL_ERROR, '[OAuth2Server] could not load a valid server class!');
return null;
}
// Only auth code and refresh token grant types supported right now
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage, $this->options['server']));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $this->options['server']));
return $server;
}
/**
* Get oauth2 server instance
* @param type $force
* @return \OAuth2\Server
*/
public function getServer($force = false)
{
if ($this->_server === null || $force === true) {
$storages = $this->createStorages();
$server = new \OAuth2\Server($storages, $this->options);
foreach ($this->grantTypes as $name => $options) {
if (!isset($storages[$name]) || empty($options['class'])) {
throw new \yii\base\InvalidConfigException('Invalid grant types configuration.');
}
$class = $options['class'];
unset($options['class']);
$reflection = new \ReflectionClass($class);
$config = array_merge([0 => $storages[$name]], [$options]);
$instance = $reflection->newInstanceArgs($config);
$server->addGrantType($instance);
}
$this->_server = $server;
}
return $this->_server;
}
/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token and
* user services like WP JSON API and WP REST API.
* @param [type] $o [description]
* @return [type] [description]
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
}
}
}
/**
* Returns an OAuth2 access token to the client
*
* @param array $post Post data
*
* @return mixed
*/
function getToken($post)
{
$old_server_method = $_SERVER['REQUEST_METHOD'];
if (!empty($_SERVER['CONTENT_TYPE'])) {
$old_content_type = $_SERVER['CONTENT_TYPE'];
}
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$_POST = $post;
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') {
$val_array = array('password' => $_POST['password']);
$users = array($_POST['username'] => $val_array);
$user_credentials = array('user_credentials' => $users);
$storage = new OAuth2\Storage\Memory($user_credentials);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') {
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
} else {
$val_array = array('client_secret' => OAUTH_CLIENT_SECRET);
$clients = array(OAUTH_CLIENTID => $val_array);
$credentials = array('client_credentials' => $clients);
$storage = new OAuth2\Storage\Memory($credentials);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
}
$response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return');
$_SERVER['REQUEST_METHOD'] = $old_server_method;
if (!empty($old_content_type)) {
$_SERVER['CONTENT_TYPE'] = $old_content_type;
}
return json_decode($response, true);
}
public function testServiceCreatedWithOverriddenValues()
{
$adapter = $this->getMockBuilder('OAuth2\\Storage\\Pdo')->disableOriginalConstructor()->getMock();
$this->services->setService('TestAdapter', $adapter);
$this->services->setService('Config', array('zf-oauth2' => array('storage' => 'TestAdapter', 'enforce_state' => false, 'allow_implicit' => true, 'access_lifetime' => 12000)));
$expectedService = new \OAuth2\Server($adapter, array('enforce_state' => false, 'allow_implicit' => true, 'access_lifetime' => 12000));
$expectedService->addGrantType(new ClientCredentials($adapter));
$expectedService->addGrantType(new AuthorizationCode($adapter));
$expectedService->addGrantType(new UserCredentials($adapter));
$expectedService->addGrantType(new RefreshToken($adapter));
$service = $this->factory->createService($this->services);
$this->assertInstanceOf('OAuth2\\Server', $service);
$this->assertEquals($expectedService, $service);
}
* @copyright 2014-2016 Restya
* @license http://restya.com/ Restya Licence
* @link http://restya.com/
*/
session_start();
require_once 'config.inc.php';
require_once 'libs/core.php';
require_once 'libs/vendors/OAuth2/Autoloader.php';
if (file_exists(APP_PATH . '/tmp/cache/site_url_for_shell.php')) {
include_once APP_PATH . '/tmp/cache/site_url_for_shell.php';
}
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
if (!$server->validateAuthorizeRequest($request, $response)) {
$response->send();
die;
}
$val_arr = array($_GET['client_id']);
$oauth_client = executeQuery('SELECT client_name FROM oauth_clients WHERE client_id = $1', $val_arr);
$error_msg = 0;
if (!empty($_POST['email'])) {
$val_arr = array($_POST['email']);
$log_user = executeQuery('SELECT id, role_id, password, is_ldap::boolean::int FROM users WHERE email = $1 or username = $1', $val_arr);
$_POST['password'] = crypt($_POST['password'], $log_user['password']);
$val_arr = array($_POST['email'], $_POST['password'], 1);
$user = executeQuery('SELECT * FROM users_listing WHERE (email = $1 or username = $1) AND password = $2 AND is_active = $3', $val_arr);
<?php
require 'vendor/autoload.php';
$dsn = 'mysql:dbname=oauth2_db;host=localhost';
$username = '******';
$password = '';
// error reporting enabled
ini_set('display_errors', 1);
error_reporting(E_ALL);
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
<?php
require_once __DIR__ . '/oAuth2_server/src/OAuth2/Autoloader.php';
$dsn = 'mysql:dbname=points;host=localhost';
$username = '******';
$password = '******';
OAuth2\Autoloader::register();
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$response = new OAuth2\Response();
$request = OAuth2\Request::createFromGlobals();
if (!$server->verifyResourceRequest($request, $response)) {
$response->send();
} else {
$return['status'] = 'ok';
$return['message'] = "";
}
<?php
require_once 'vendor/bshaffer/oauth2-server-php/src/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$dsn = 'mysql:dbname=oauth;host=localhost';
$username = '******';
$password = '******';
ini_set('display_errors', 1);
error_reporting(E_ALL);
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// create the grant type
$grantType = new OAuth2\GrantType\UserCredentials($storage);
// add the grant type to your OAuth server
$server->addGrantType($grantType);
function app()
{
// 创建服务容器。
$app = new Container();
// 注册加载服务。
$app['loader'] = function () {
require_once __DIR__ . '/../../application/libraries/Loader.php';
return new Loader();
};
//注册http核心服务。
$app['http'] = function () {
return new Slim();
};
// 注册数据库配置信息。
$app['db_config'] = $app['loader']->config('database', $app);
// 注册全局配置信息。
$app['global_config'] = $app['loader']->config('config', $app);
// 注册数据库服务。
$app['pdo'] = function () use($app) {
$db_config = $app['db_config']['default'];
$pdo = new \PDO($db_config['dsn'], $db_config['username'], $db_config['password']);
$pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
$pdo->query('SET NAMES ' . $db_config['char_set']);
return new NotORM($pdo);
};
// 注册事件服务。
$app['event'] = function () {
return new Evenement\EventEmitter();
};
// 注册命令服务。
$app['buslocator'] = function () {
return new CommandHandlerLocator();
};
$app['bus'] = function () use($app) {
$app['loader']->config('bus', $app);
return new SequentialCommandBus($app['buslocator']);
};
// 注册视图服务。
$app['view'] = function () use($app) {
$config = $app['loader']->config('config', $app);
$loader = new Twig_Loader_Filesystem($config['view']['templates']);
$twig = new Twig_Environment($loader, array('cache' => $config['view']['compilation_cache']));
return $twig;
};
// 注册认证服务。
$app['oauth2'] = function () use($app) {
$db_config = $app['db_config']['oauth2'];
$storage = new \OAuth2\Storage\Pdo(array('dsn' => $db_config['dsn'], 'username' => $db_config['username'], 'password' => $db_config['password']));
$server = new \OAuth2\Server($storage);
require_once __DIR__ . '/../../application/libraries/PasswordCredentials.php';
$server->addGrantType(new \OAuth2\GrantType\UserCredentials(new \OAuth2\Storage\PasswordCredentials()));
require_once __DIR__ . '/../../application/libraries/RefreshToken.php';
$server->addGrantType(new \OAuth2\GrantType\RefreshToken(new \OAuth2\Storage\RefreshToken(), array('always_issue_new_refresh_token' => true)));
return $server;
};
// 注册Json解析服务。
$app['encoder'] = function () {
return new JsonEncoder();
};
$app['decoder'] = function () {
return new JsonDecoder();
};
$app['JsonValidator'] = function () {
return new JsonValidator();
};
// 载入助手函数。
$app['loader']->helper('function', $app);
return $app;
}
});
});
post('upload/file', 'FileController@uploadFile');
get('download/{id}', 'FileController@getDownload');
Route::resource('project', 'ProjectController');
Route::resource('clients', 'ClientController');
Route::resource('role', 'RoleController');
});
App::bind('App\\Services\\Interfaces\\SendMailInterface', 'App\\Services\\SESSendMail');
/* Routes for desktop and mobile apps */
Route::group(['prefix' => 'rest'], function () {
post('get-timeentries-by-uid', 'RestController@getTimeEntryByUid');
post('auth', 'RestController@login');
get('projects', 'RestController@getProjectList');
get('tags', 'RestController@getTags');
post('timesheet/save', 'RestController@save');
post('timesheet/delete', 'RestController@deleteTimeEntry');
post('timesheet/sync-timesheets', 'RestController@syncTimesheets');
});
/************************************ OAUTH ***********************************************/
/* Routes for oauth */
post('oauth/token', 'Auth\\OAuthController@getOAuthToken');
//oauth singleton object
App::singleton('oauth2', function () {
$storage = new OAuth2\Storage\Pdo(array('dsn' => 'mysql:dbname=' . env('DB_DATABASE') . ';host=' . env('DB_HOST'), 'username' => env('DB_USERNAME'), 'password' => env('DB_PASSWORD')));
$server = new OAuth2\Server($storage, array('access_lifetime' => env('ACCESS_TOKEN_LIFETIME')));
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
$server->addGrantType(new App\Http\Controllers\Auth\DesktopAppGrantType($storage));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, ['always_issue_new_refresh_token' => true]));
return $server;
});
require_once dirname(__FILE__) . '/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
// Grab the options
$o = get_option("wo_options");
if (0 == $o["enabled"]) {
do_action('wo_before_unavailable_error');
$response = new OAuth2\Response(array('error' => 'temporarily_unavailable'));
$response->send();
exit;
}
global $wp_query;
$method = $wp_query->get('oauth');
$well_known = $wp_query->get('well-known');
$storage = new OAuth2\Storage\Wordpressdb();
$config = array('use_crypto_tokens' => false, 'store_encrypted_token_string' => false, 'use_openid_connect' => $o['use_openid_connect'] == '' ? false : $o['use_openid_connect'], 'issuer' => site_url(null, 'https'), 'id_lifetime' => $o['id_token_lifetime'] == '' ? 3600 : $o['id_token_lifetime'], 'access_lifetime' => $o['access_token_lifetime'] == '' ? 3600 : $o['access_token_lifetime'], 'refresh_token_lifetime' => $o['refresh_token_lifetime'] == '' ? 86400 : $o['refresh_token_lifetime'], 'www_realm' => 'Service', 'token_param_name' => 'access_token', 'token_bearer_header_name' => 'Bearer', 'enforce_state' => $o['enforce_state'] == '1' ? true : false, 'require_exact_redirect_uri' => $o['require_exact_redirect_uri'] == '1' ? true : false, 'allow_implicit' => $o['implicit_enabled'] == '1' ? true : false, 'allow_credentials_in_request_body' => true, 'allow_public_clients' => false, 'always_issue_new_refresh_token' => true, 'redirect_status_code' => 302);
$server = new OAuth2\Server($storage, $config);
/*
|--------------------------------------------------------------------------
| SUPPORTED GRANT TYPES
|--------------------------------------------------------------------------
|
| Authorization Code will always be on. This may be a bug or a f@#$ up on
| my end. None the less, these are controlled in the server settings page.
|
*/
$support_grant_types = array();
if ('1' == $o['auth_code_enabled']) {
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
}
if ('1' == $o['client_creds_enabled']) {
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
<?php
$dsn = 'mysql:host=db;dbname=test;port=3306';
$username = '******';
$password = '******';
$storagePdo = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$storageRedis = new OAuth2\Storage\Redis(new \Predis\Client('tcp://redis:6379'));
$server = new OAuth2\Server(['client_credentials' => $storagePdo, 'scope' => $storagePdo, 'access_token' => $storageRedis, 'authorization_code' => $storageRedis]);
$server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storageRedis));
{
$stmt = $this->db->prepare(sprintf('SELECT * from %s c JOIN %s u ON c.user_id = u.user_id where c.client_id = :client_id and u.email_verified = 1', $this->config['client_table'], $this->config['user_table']));
$stmt->execute(compact('client_id'));
$result = $stmt->fetch();
// make this extensible
return $result && $result['client_secret'] == $client_secret;
}
}
$authenticateForRole = function () {
//global $conOptions;
$_dsn = diyConfig::read('db.dsn');
$_username = diyConfig::read('db.username');
$_password = diyConfig::read('db.password');
$storage = new PdoStorageWithEmailVerification(array('dsn' => $_dsn, 'username' => $_username, 'password' => $_password));
//$storage = new OAuth2\Storage\Pdo(array('dsn' => $_dsn, 'username' => $_username, 'password' => $_password));
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage), array('allow_credentials_in_request_body => true'));
$cryptoStorage = new OAuth2\Storage\CryptoToken($storage);
$server->addStorage($cryptoStorage, "access_token");
$cryptoResponseType = new OAuth2\ResponseType\CryptoToken($storage);
$server->addResponseType($cryptoResponseType);
return $server;
};
$diy_storage = function () {
//global $conOptions;
$_dbfile = diyConfig::read('db.file');
$db = new PDO(sprintf('sqlite:%s', $_dbfile));
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
return $db;
};
<?php
//database configuration
$dsn = 'mysql:dbname=oauth2server;host=localhost';
$username = '******';
$password = '******';
ini_set('display_errors', 1);
error_reporting(E_ALL);
require_once 'src/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// Add the "Client Credentials" grant type
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
// Add the "Authorization Code" grant type
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
//Add the "Refresh Token" grant type
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, array('always_issue_new_refresh_token' => true)));
public function testServiceCreatedWithSelectedGrandTypes()
{
$adapter = $this->getMockBuilder('OAuth2\\Storage\\Pdo')->disableOriginalConstructor()->getMock();
$this->services->setService('TestAdapter', $adapter);
$this->services->setService('Config', ['zf-oauth2' => ['storage' => 'TestAdapter', 'grant_types' => ['client_credentials' => false, 'password' => true, 'refresh_token' => true]]]);
$expectedService = new \OAuth2\Server($adapter, ['enforce_state' => true, 'allow_implicit' => false, 'access_lifetime' => 3600]);
$expectedService->addGrantType(new UserCredentials($adapter));
$expectedService->addGrantType(new RefreshToken($adapter));
$service = $this->factory->createService($this->services);
$this->assertInstanceOf('ZF\\OAuth2\\Factory\\OAuth2ServerInstanceFactory', $service);
$server = $service();
$this->assertInstanceOf('OAuth2\\Server', $server);
$this->assertEquals($expectedService, $server);
}
function CheckLogin()
{
$this->Logger->Write('Starting CheckLogin');
switch ($this->CallType) {
case "open":
//user openregister no need authorization
if ($this->Code == 'openregisteruser' && $this->Module == 'user') {
return true;
}
$db_host = $this->Config['db_host'];
$db_name = $this->Config['db_name'];
$dsn = "mysql:dbname={$db_name};host={$db_host}";
$username = $this->Config['db_user'];
$password = $this->Config['db_pass'];
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$response = new OAuth2\Response();
$request = OAuth2\Request::createFromGlobals();
if (!$server->verifyResourceRequest($request, $response)) {
$response->send();
exit;
} else {
//get current login id
//$this->Logger->Write('Invoke Open API:'.$this->Module.",".$this->Code);
$access_token = $request->request['access_token'];
if ($access_token && $access_token != '') {
$sql = "select token.user_id,u.uname from oauth_access_tokens token left join user u on u.uid=token.user_id where token.access_token='{$access_token}'";
$row = $this->DataBaseHandler->FetchFirst($sql);
if ($row) {
//$this->Logger->Write('Get user id:'.$row['user_id'].' for access token:'.$access_token);
$access_uid = $row['user_id'];
$this->User['uid'] = $access_uid;
$this->User['uname'] = $row['uname'];
$this->IsLogin = 1;
}
} else {
$error = array();
$error["error"] = "error";
$error["error_description"] = "access token is incorrect.";
echo json_encode($error);
exit;
}
}
return $this->IsLogin;
break;
case "localsite":
session_start();
if ($_SESSION['ip_point']) {
$this->IPLocation = $_SESSION['ip_point'];
} else {
$this->IPLocation = $this->BaiduMap->GetPointByIP(getIP());
$_SESSION['ip_point'] = $this->IPLocation;
}
//var_dump($this->IPLocation);
$auth = $this->CookieHandler->GetVar('authstr');
$post_auth = $this->Post['cookie_auth'] ? $this->Post['cookie_auth'] : $this->Get['cookie_auth'];
$login = 0;
if ($post_auth != '' && (!$auth || $auth == '')) {
$pid = 0;
$pwd = '';
list($pid, $pwd) = explode('*', $post_auth);
$user = $this->UserLogic->GetUser($pid);
if ($pwd == $user['password']) {
$login = 1;
$this->User = $user;
}
return $login;
}
if ($auth && $auth != '') {
$dauth = authcode($auth, 'DECODE', $this->Config['auth_key']);
//$dauth=urldecode($auth);
$uid = 0;
$password = '';
list($uid, $password) = explode('\\~', $dauth);
$this->TemplateHandler->AssignValue('auth', $uid . '*' . $password);
//need to verify the user id and password are valid in cookie;
$u = array();
if ($_SESSION['uid'] && $_SESSION['uid'] > 0) {
$u['uid'] = $_SESSION['uid'];
}
if ($_SESSION['uemail'] && $_SESSION['uemail'] != "") {
$u['uemail'] = $_SESSION['uemail'];
}
if ($_SESSION['uname']) {
$u['uname'] = $_SESSION['uname'];
}
if ($_SESSION['face_url']) {
$u['face_url'] = $_SESSION['face_url'];
}
if ($_SESSION['face_url_p']) {
$u['face_url_p'] = $_SESSION['face_url_p'];
}
if (count($u) > 0 && $u['uid'] > 0) {
$this->User = $u;
$this->SessionUser = $u;
$login = 1;
} else {
$user = $this->UserLogic->GetUser($uid);
if ($password == $user['password']) {
$this->User = $user;
$this->SessionUser = $user;
$_SESSION['uid'] = $uid;
$_SESSION['uemail'] = $email;
$_SESSION['uname'] = $user['uname'];
$_SESSION['face_url'] = $user['face_url'];
$_SESSION['face_url_p'] = $user['face_url_p'];
$login = 1;
$this->UserLogic->UpdateLoginInfo($user['uid'], time());
}
}
$name = $user['uname'] == '' ? $user['uemail'] : $user['uname'];
}
$this->IsLogin = $login;
$this->TemplateHandler->AssignValue('login', $login);
$this->TemplateHandler->AssignValue('user', $this->User);
if ($_SESSION['open']) {
$this->TemplateHandler->AssignValue('open_login', true);
$this->Open_login = true;
} else {
$this->TemplateHandler->AssignValue('open_login', false);
$this->Open_login = false;
}
$this->TemplateHandler->AssignValue('sessionuser', $this->SessionUser);
$this->Logger->Write('Finished CheckLogin');
return $login;
break;
}
}
<?php
$database = 'aums_api';
$dsn = 'mysql:dbname=' . $database . ';host=localhost';
$username = '******';
$password = '******';
DB::$user = $username;
DB::$password = $password;
DB::$dbName = $database;
// error reporting (this is a demo, after all!)
ini_set('display_errors', 1);
error_reporting(E_ALL);
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$storage = new OAuth2\Storage\Pdo(['dsn' => $dsn, 'username' => $username, 'password' => $password]);
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$grantType = new OAuth2\GrantType\RefreshToken($storage);
$server->addGrantType($grantType);
// configure available scopes
$defaultScope = 'basic';
$supportedScopes = ['basic', 'extras', 'profile_pic'];
$memory = new OAuth2\Storage\Memory(['default_scope' => $defaultScope, 'supported_scopes' => $supportedScopes]);
$scopeUtil = new OAuth2\Scope($memory);
$server->setScopeUtil($scopeUtil);
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
App::singleton('oauth2', function () {
$storage = new OAuth2\Storage\Pdo(array('dsn' => 'mysql:dbname=insantani;host=localhost', 'username' => 'root', 'password' => ''));
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
$server->setScopeUtil(new OAuth2\Scope(array('supported_scopes' => array('read', 'write'))));
return $server;
});
Route::get('/', function () {
return view('welcome');
});
Route::get('api/products', ['uses' => 'ProductController@products', 'middleware' => 'products']);
Route::get('api/products/{id}', array('uses' => 'ProductController@productDetail', 'middleware' => 'products'))->where('id', '[0-9]+');
Route::get('api/products/{id}/picture', array('uses' => 'ProductController@showPicture', 'middleware' => 'products'))->where('id', '[0-9]+');
Route::get('api/feed', ['uses' => 'ArticleController@articles', 'middleware' => 'articles']);
Route::get('api/search/product/{query}', array('uses' => 'SearchController@searchProduct', 'middleware' => 'products'))->where('query', '.+');
Route::get('api/search/tag/{query}', array('uses' => 'SearchController@searchTags', 'middleware' => 'articles'))->where('query', '.+');
Route::get('api/feed/article/{id}', array('uses' => 'ArticleController@articleDetail', 'middleware' => 'articles'))->where('id', '[0-9]+');
*
* @category PHP
* @package Restyaboard
* @subpackage Core
* @author Restya <*****@*****.**>
* @copyright 2014 Restya
* @license http://restya.com/ Restya Licence
* @link http://restya.com/
*/
require_once 'config.inc.php';
require_once 'libs/vendors/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') {
$val_array = array('password' => $_POST['password']);
$users = array($_POST['username'] => $val_array);
$user_credentials = array('user_credentials' => $users);
$storage = new OAuth2\Storage\Memory($user_credentials);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') {
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
} else {
$val_array = array('client_secret' => OAUTH_CLIENT_SECRET);
$clients = array(OAUTH_CLIENTID => $val_array);
$credentials = array('client_credentials' => $clients);
$storage = new OAuth2\Storage\Memory($credentials);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
}
<?php
date_default_timezone_set('PRC') or die('时区设置失败,请联系管理员!');
require_once './oAuth2_server/src/OAuth2/Autoloader.php';
require_once '../setting/sitesetting.php';
require_once '../Include/functions/global.fun.php';
$db_host = $siteconfig['db_host'];
$db_name = $siteconfig['db_name'];
$dsn = "mysql:dbname={$db_name};host={$db_host}";
$username = $siteconfig['db_user'];
$password = $siteconfig['db_pass'];
OAuth2\Autoloader::register();
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
$response_type = $request->query('response_type') ? $request->query('response_type') : $request->request('response_type');
$grant_type = $request->query('grant_type') ? $request->query('grant_type') : $request->request('grant_type');
if ($request->server('REQUEST_METHOD') == 'POST') {
if (!empty($_POST)) {
if (!isset($grant_type) || $grant_type == '') {
//user submit the login form and verify the username and password.
//than Authorize the request and send back the code
$server->handleAuthorizeRequest($request, $response, true, 2);
echo $response->getHttpHeader('Location');
} else {
if ($grant_type == 'password') {
//app client use password model to authorize
<?php
/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the Closure to execute when that URI is requested.
|
*/
App::singleton('oauth2', function () {
$storage = new OAuth2\Storage\Mongo(App::make('db')->getMongoDB());
$server = new OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
return $server;
});
Route::get('/', function () {
if (Auth::check()) {
$site = \Site::first();
$admin_dashboard = new \app\locker\data\dashboards\AdminDashboard();
//if super admin, show site dashboard, otherwise show list of LRSs can access
if (Auth::user()->role == 'super') {
$list = Lrs::all();
return View::make('partials.site.dashboard', array('site' => $site, 'list' => $list, 'stats' => $admin_dashboard->getFullStats(), 'graph_data' => $admin_dashboard->getGraphData(), 'dash_nav' => true));
} else {
$lrs = Lrs::where('users._id', \Auth::user()->_id)->get();
return View::make('partials.lrs.list', array('lrs' => $lrs, 'list' => $lrs, 'site' => $site));
}
} else {
* If the configuration specify the use of metadata adapter use it or use memory otherwise.
*/
$di->setShared('modelsMetadata', function () {
return new MetaDataAdapter();
});
/**
* Start the session the first time some component request the session service.
*/
$di->setShared('session', function () {
$session = new SessionAdapter();
$session->start();
return $session;
});
/**
* Set OAuth2 server.
*/
$di->setShared('oauth', function () use($config) {
$dsn = strtolower($config->database->adapter) . ':dbname=' . $config->database->dbname . ';host=' . $config->database->host;
OAuth2\Autoloader::register();
$storage = new ApiStorage(['dsn' => $dsn, 'username' => $config->database->username, 'password' => $config->database->password]);
$server = new OAuth2\Server($storage, ['allow_implicit' => true]);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
return $server;
});
/**
* Set Facebook API credentials.
*/
$di->setShared('facebook', function () use($config) {
return new Facebook(['app_id' => $config->fb->appId, 'app_secret' => $config->fb->secret, 'callback_uri' => $config->application->domain . $config->application->baseUri . 'v1/' . $config->fb->callback]);
});
/**
* Execute the Api Authorize operation.
*
* @return mixed RApi object with information on success, boolean false on failure.
*
* @since 1.2
*/
public function apiAuthorize()
{
$user = $this->getLoggedUser();
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
// Validate the authorize request
if (!$this->server->validateAuthorizeRequest($request, $response)) {
$this->response = $response;
return $this;
}
$clientId = $request->query('client_id');
$scopes = RApiOauth2Helper::getClientScopes($clientId);
if ($request->request('authorized', '') == '') {
$clientScopes = !empty($scopes) ? explode(' ', $scopes) : array();
if (!empty($clientScopes)) {
$clientScopes = RApiHalHelper::getWebserviceScopes($clientScopes);
}
$currentUri = JUri::getInstance();
$formAction = JUri::root() . 'index.php?' . $currentUri->getQuery();
// Display an authorization form
$this->response = RLayoutHelper::render('oauth2.authorize', array('view' => $this, 'options' => array('clientId' => $clientId, 'formAction' => $formAction, 'scopes' => $clientScopes)));
return $this;
}
// Print the authorization code if the user has authorized your client
$is_authorized = $request->request('authorized', '') === JText::_('LIB_REDCORE_API_OAUTH2_SERVER_AUTHORIZE_CLIENT_YES');
// We are setting client scope instead of requesting scope from user request
$request->request['scope'] = $scopes;
$this->server->handleAuthorizeRequest($request, $response, $is_authorized, $user->id);
$this->response = $response;
return $this;
}
