OpenIDConnectClient::refresh, PHP Exemples de code

Exemple #1

0

Afficher le fichier

Fichier : BaseController.php Projet : kylenave/nosh-core

 protected function register_scope($id, $type, $table)
 {
     if ($type == 'Condition') {
         if ($table == 'encounters') {
             $table_key = 'eid_';
         }
         if ($table == 'issues') {
             $table_key = 'issue_id';
         }
         $resource_set_array = array('name' => 'Condition', 'icon' => 'https://noshchartingsystem.com/i-condition.png', 'scopes' => array(URL::to('/') . '/fhir/Condition/' . $table_key . $id, URL::to('/') . '/fhir/Condition?identifier=' . $table_key . $id));
     }
     if ($type == 'MedicationStatement') {
         $resource_set_array = array('name' => 'Medication List', 'icon' => 'https://noshchartingsystem.com/i-pharmacy.png', 'scopes' => array(URL::to('/') . '/fhir/MedicationStatement/' . $id, URL::to('/') . '/fhir/MedicationStatement?identifier=' . $id));
     }
     if ($type == 'Allergy') {
         $resource_set_array = array('name' => 'Allergy', 'icon' => 'https://noshchartingsystem.com/i-allergy.png', 'scopes' => array(URL::to('/') . '/fhir/AllergyIntolerance/' . $id, URL::to('/') . '/fhir/AllergyIntolerance?identifier=' . $id));
     }
     if ($type == 'Immunization') {
         $resource_set_array = array('name' => 'Immunization', 'icon' => 'https://noshchartingsystem.com/i-immunization.png', 'scopes' => array(URL::to('/') . '/fhir/Immunization/' . $id, URL::to('/') . '/fhir/Immunization?identifier=' . $id));
     }
     if ($type == 'Encounter') {
         $resource_set_array = array('name' => 'Encounter', 'icon' => 'https://noshchartingsystem.com/i-medical-records.png', 'scopes' => array(URL::to('/') . '/fhir/Encounter/' . $id, URL::to('/') . '/fhir/Encounter?identifier=' . $id));
     }
     if ($type == 'FamilyHistory') {
         $resource_set_array = array('name' => 'Family History', 'icon' => 'https://noshchartingsystem.com/i-family-practice.png', 'scopes' => array(URL::to('/') . '/fhir/FamilyHistory/' . $id, URL::to('/') . '/fhir/FamilyHistory?identifier=' . $id));
     }
     if ($type == 'Binary') {
         $resource_set_array[] = array('name' => 'Binary Files', 'icon' => 'https://noshchartingsystem.com/i-file.png', 'scopes' => array(URL::to('/') . '/fhir/Binary/' . $id, URL::to('/') . '/fhir/Binary?identifier=' . $id));
     }
     if ($type == 'Observation') {
         $resource_set_array = array('name' => 'Observation', 'icon' => 'https://noshchartingsystem.com/i-cardiology.png', 'scopes' => array(URL::to('/') . '/fhir/Observation/' . $id, URL::to('/') . '/fhir/Observation?identifier=' . $id));
     }
     $open_id_url = str_replace('/nosh', '/uma-server-webapp/', URL::to('/'));
     $practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
     $client_id = $practice->uma_client_id;
     $client_secret = $practice->uma_client_secret;
     $refresh_token = $practice->uma_refresh_token;
     $oidc1 = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
     $oidc1->refresh($refresh_token, true);
     $response = $oidc1->resource_set($resource_set_array['name'], $resource_set_array['icon'], $resource_set_array['scopes']);
     if (isset($response['resource_set_id'])) {
         foreach ($resource_set_array['scopes'] as $scope_item) {
             $response_data1 = array('resource_set_id' => $response['resource_set_id'], 'scope' => $scope_item, 'user_access_policy_uri' => $response['user_access_policy_uri'], 'table_id' => $id, 'table' => $table);
             DB::table('uma')->insert($response_data1);
             $this->audit('Add');
         }
     }
     return true;
 }

Exemple #2

0

Afficher le fichier

Fichier : LoginController.php Projet : kylenave/nosh-core

 public function uma_auth()
 {
     $open_id_url = str_replace('/nosh', '/uma-server-webapp/', URL::to('/'));
     $practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
     $client_id = $practice->uma_client_id;
     $client_secret = $practice->uma_client_secret;
     $url = route('uma_auth');
     $oidc = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
     $oidc->setRedirectURL($url);
     if ($practice->uma_refresh_token == '') {
         $oidc->addScope('openid');
         $oidc->addScope('email');
         $oidc->addScope('profile');
         $oidc->addScope('offline_access');
         $oidc->addScope('uma_protection');
     } else {
         $oidc->addScope('openid');
         $oidc->addScope('email');
         $oidc->addScope('profile');
     }
     $oidc->authenticate(true);
     $firstname = $oidc->requestUserInfo('given_name');
     $lastname = $oidc->requestUserInfo('family_name');
     $email = $oidc->requestUserInfo('email');
     $npi = $oidc->requestUserInfo('npi');
     $access_token = $oidc->getAccessToken();
     if ($npi != '') {
         $provider = DB::table('providers')->where('npi', '=', $npi)->first();
         if ($provider) {
             $user = User::where('id', '=', $provider->id)->first();
         } else {
             $user = false;
         }
     } else {
         $user = User::where('uid', '=', $oidc->requestUserInfo('sub'))->first();
         //$user = User::where('firstname', '=', $firstname)->where('email', '=', $email)->where('lastname', '=', $lastname)->where('active', '=', '1')->first();
     }
     if ($user) {
         // Add refresh token, if there is one
         if ($oidc->getRefreshToken() != '') {
             $refresh_data['uma_refresh_token'] = $oidc->getRefreshToken();
             DB::table('practiceinfo')->where('practice_id', '=', '1')->update($refresh_data);
             // Register scopes, if none are set yet
             $uma = DB::table('uma')->first();
             if (!$uma) {
                 $resource_set_array[] = array('name' => 'Patient', 'icon' => 'https://noshchartingsystem.com/i-patient.png', 'scopes' => array(URL::to('/') . '/fhir/Patient/1', URL::to('/') . '/fhir/Patient?identifier=1', URL::to('/') . '/fhir/Patient?_id=1', URL::to('/') . '/fhir/Medication', URL::to('/') . '/fhir/Practitioner'));
                 $resource_set_array[] = array('name' => 'Condition', 'icon' => 'https://noshchartingsystem.com/i-condition.png', 'scopes' => array(URL::to('/') . '/fhir/Condition/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Medication List', 'icon' => 'https://noshchartingsystem.com/i-pharmacy.png', 'scopes' => array(URL::to('/') . '/fhir/MedicationStatement/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Allergy', 'icon' => 'https://noshchartingsystem.com/i-allergy.png', 'scopes' => array(URL::to('/') . '/fhir/AllergyIntolerance/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Immunization', 'icon' => 'https://noshchartingsystem.com/i-immunization.png', 'scopes' => array(URL::to('/') . '/fhir/Immunization/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Encounter', 'icon' => 'https://noshchartingsystem.com/i-medical-records.png', 'scopes' => array(URL::to('/') . '/fhir/Encounter/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Family History', 'icon' => 'https://noshchartingsystem.com/i-family-practice.png', 'scopes' => array(URL::to('/') . '/fhir/FamilyHistory/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Binary Files', 'icon' => 'https://noshchartingsystem.com/i-file.png', 'scopes' => array(URL::to('/') . '/fhir/Binary/?subject:Patient=1'));
                 $resource_set_array[] = array('name' => 'Observation', 'icon' => 'https://noshchartingsystem.com/i-cardiology.png', 'scopes' => array(URL::to('/') . '/fhir/Observation/?subject:Patient=1'));
                 $oidc1 = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
                 $oidc1->refresh($refresh_data['uma_refresh_token'], true);
                 foreach ($resource_set_array as $resource_set_item) {
                     $response = $oidc1->resource_set($resource_set_item['name'], $resource_set_item['icon'], $resource_set_item['scopes']);
                     if (isset($response['resource_set_id'])) {
                         foreach ($resource_set_item['scopes'] as $scope_item) {
                             $response_data1 = array('resource_set_id' => $response['resource_set_id'], 'scope' => $scope_item, 'user_access_policy_uri' => $response['user_access_policy_uri']);
                             DB::table('uma')->insert($response_data1);
                             $this->audit('Add');
                         }
                     }
                 }
             }
         }
         Auth::login($user);
         $practice = Practiceinfo::find($user->practice_id);
         Session::put('user_id', $user->id);
         Session::put('group_id', $user->group_id);
         Session::put('practice_id', $user->practice_id);
         Session::put('version', $practice->version);
         Session::put('practice_active', $practice->active);
         Session::put('displayname', $user->displayname);
         Session::put('documents_dir', $practice->documents_dir);
         Session::put('rcopia', $practice->rcopia_extension);
         Session::put('mtm_extension', $practice->mtm_extension);
         Session::put('patient_centric', $practice->patient_centric);
         Session::put('uma_auth_access_token', $access_token);
         setcookie("login_attempts", 0, time() + 900, '/');
         return Redirect::intended('/');
     } else {
         $practice_npi = $oidc->requestUserInfo('practice_npi');
         $practice_id = false;
         if ($practice_npi != '') {
             $practice_npi_array = explode(',', $practice_npi);
             $practice_npi_array_null = array();
             foreach ($practice_npi_array as $practice_npi_item) {
                 $practice_query = DB::table('practiceinfo')->where('npi', '=', $practice_npi_item)->first();
                 if ($practice_query) {
                     $practice_id = $practice_query->practice_id;
                 } else {
                     $practice_npi_array_null[] = $practice_npi_item;
                 }
             }
         }
         if ($practice_id == false) {
             if (count($practice_npi_array_null) == 1) {
                 $url = 'http://docnpi.com/api/index.php?ident=' . $practice_npi_array_null[0] . '&is_ident=true&format=aha';
                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_URL, $url);
                 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
                 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                 curl_setopt($ch, CURLOPT_TIMEOUT, 15);
                 $data1 = curl_exec($ch);
                 curl_close($ch);
                 $html = new Htmldom($data1);
                 $practicename = '';
                 $address = '';
                 $street_address1 = '';
                 $city = '';
                 $state = '';
                 $zip = '';
                 if (isset($html)) {
                     $li = $html->find('li', 0);
                     if (isset($li)) {
                         $nomatch = $li->innertext;
                         if ($nomatch != ' no matching results ') {
                             $name_item = $li->find('span[class=org]', 0);
                             $practicename = $name_item->innertext;
                             $address_item = $li->find('span[class=address]', 0);
                             $address = $address_item->innertext;
                         }
                     }
                 }
                 if ($address != '') {
                     $address_array = explode(',', $address);
                     if (isset($address_array[0])) {
                         $street_address1 = trim($address_array[0]);
                     }
                     if (isset($address_array[1])) {
                         $zip = trim($address_array[1]);
                     }
                     if (isset($address_array[2])) {
                         $city = trim($address_array[2]);
                     }
                     if (isset($address_array[3])) {
                         $state = trim($address_array[3]);
                     }
                 }
                 $practice_data = array('npi' => $practice_npi_array_null[0], 'practice_name' => $practicename, 'street_address1' => $street_address1, 'city' => $city, 'state' => $state, 'zip' => $zip, 'documents_dir' => $practice->documents_dir, 'version' => $practice->version, 'active' => 'Y', 'fax_type' => '', 'vivacare' => '', 'patient_centric' => 'yp', 'smtp_user' => $practice->smtp_user, 'smtp_pass' => $practice->smtp_pass);
                 $practice_id = DB::table('practiceinfo')->insertGetId($practice_data);
                 $this->audit('Add');
             } else {
                 Session::put('practice_npi_array', implode(',', $practice_npi_array_null));
                 Session::put('firstname', $firstname);
                 Session::put('lastname', $lastname);
                 Session::put('username', $oidc->requestUserInfo('sub'));
                 Session::put('middle', $oidc->requestUserInfo('middle_name'));
                 Session::put('displayname', $oidc->requestUserInfo('name'));
                 Session::put('email', $email);
                 Session::put('npi', $npi);
                 Session::put('practice_choose', 'y');
                 Session::put('uid', $oidc->requestUserInfo('sub'));
                 Session::put('uma_auth_access_token', $access_token);
                 return Redirect::to('practice_choose');
             }
         }
         $data = array('username' => $oidc->requestUserInfo('sub'), 'firstname' => $firstname, 'middle' => $oidc->requestUserInfo('middle_name'), 'lastname' => $lastname, 'displayname' => $oidc->requestUserInfo('name'), 'email' => $email, 'group_id' => '2', 'active' => '1', 'practice_id' => $practice_id, 'secret_question' => 'Use HIEofOne to reset your password!', 'uid' => $oidc->requestUserInfo('sub'));
         $id = DB::table('users')->insertGetId($data);
         $this->audit('Add');
         $data1 = array('id' => $id, 'npi' => $npi, 'practice_id' => $practice_id);
         DB::table('providers')->insert($data1);
         $this->audit('Add');
         $user1 = User::where('id', '=', $id)->first();
         Auth::login($user1);
         $practice1 = Practiceinfo::find($user1->practice_id);
         Session::put('user_id', $user1->id);
         Session::put('group_id', $user1->group_id);
         Session::put('practice_id', $user1->practice_id);
         Session::put('version', $practice1->version);
         Session::put('practice_active', $practice1->active);
         Session::put('displayname', $user1->displayname);
         Session::put('documents_dir', $practice1->documents_dir);
         Session::put('rcopia', $practice1->rcopia_extension);
         Session::put('mtm_extension', $practice1->mtm_extension);
         Session::put('patient_centric', $practice1->patient_centric);
         Session::put('uma_auth_access_token', $access_token);
         setcookie("login_attempts", 0, time() + 900, '/');
         return Redirect::intended('/');
     }
 }

Exemple #3

0

Afficher le fichier

Fichier : routes.php Projet : carlosqueiroz/nosh-core

 } else {
     // No RPT, Request Permission Ticket
     $url = Request::url();
     $query = DB::table('uma')->where('scope', '=', $url)->first();
     $as_uri = str_replace('/nosh', '/uma-server-webapp/', URL::to('/'));
     $header = ['WWW-Authenticate' => 'UMA realm = "pNOSH_UMA", as_uri = "' . $as_uri . '"'];
     $statusCode = 403;
     if ($query) {
         // Look for additional scopes for resource_set_id
         $query1 = DB::table('uma')->where('resource_set_id', '=', $query->resource_set_id)->get();
         $scopes = array();
         foreach ($query1 as $row1) {
             $scopes[] = $row1->scope;
         }
         $oidc = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
         $oidc->refresh($practice->uma_refresh_token, true);
         $permission_ticket = $oidc->permission_request($query->resource_set_id, $scopes);
         if (isset($permission_ticket['error'])) {
             $response = ['error' => $permission_ticket['error'], 'error_description' => $permission_ticket['error_description']];
         } else {
             $response = ['ticket' => $permission_ticket['ticket']];
         }
     } else {
         $response = ['error' => 'invalid_scope', 'error_description' => 'At least one of the scopes included in the request was not registered previously by this resource server.'];
     }
     return Response::json($response, $statusCode, $header);
 }
 //$payload = Request::header('X-Auth-Token');
 //$user =  DB::table('users')->where('oauth_token', '=', $payload)->where('oauth_token_secret', '>', time())->first();
 //if(!$payload || !$user) {
 //$statusCode = 401;

PHP OpenIDConnectClient::refresh Exemples