/**
* Tests whether settings are saved correctly by simulating post
* requests using mock data.
*/
function test_endpoint_save_settings()
{
// Load mock data
require 'mock_data.php';
if (!class_exists('SBTEndpointUpdate')) {
require BASE_PATH . '/controllers/SBTEndpointUpdate.php';
}
// Fake post request - populate it with mock data
$_POST['endpoint_name'] = $config['wp_endpoint_2_name'];
$_POST['endpoint_url'] = $config['wp_endpoint_2_url'];
$_POST['consumer_key'] = $config['wp_endpoint_2_consumer_key'];
$_POST['consumer_secret'] = $config['wp_endpoint_2_consumer_secret'];
$_POST['authorization_url'] = $config['wp_endpoint_2_authorization_url'];
$_POST['access_token_url'] = $config['wp_endpoint_2_access_token_url'];
$_POST['request_token_url'] = $config['wp_endpoint_2_request_token_url'];
$_POST['authentication_method'] = $config['wp_endpoint_2_authentication_method'];
$_POST['basic_auth_username'] = $config['wp_endpoint_2_basic_auth_username'];
$_POST['basic_auth_password'] = $config['wp_endpoint_2_basic_auth_password'];
$_POST['basic_auth_method'] = $config['wp_endpoint_2_basic_auth_method'];
$_POST['sdk_deploy_url'] = $config['sdk_deploy_url'];
$_POST['delete_endpoint'] = 'no';
$_POST['libraries_list'] = $config['js_library'];
// Update the endpoint
$update = new SBTEndpointUpdate();
// Load settings
if (!class_exists('SBTSettings')) {
require BASE_PATH . '/core/models/SBTSettings.php';
}
$settings = new SBTSettings();
// Check that settings have been saved
$this->assertEquals($config['wp_endpoint_2_name'], $settings->getName());
$this->assertEquals($config['wp_endpoint_2_url'], $settings->getURL());
$this->assertEquals($config['wp_endpoint_2_consumer_key'], $settings->getConsumerKey());
$this->assertEquals($config['wp_endpoint_2_consumer_secret'], $settings->getConsumerSecret());
$this->assertEquals($config['wp_endpoint_2_authorization_url'], $settings->getAuthorizationURL());
$this->assertEquals($config['wp_endpoint_2_access_token_url'], $settings->getAccessTokenURL());
$this->assertEquals($config['wp_endpoint_2_request_token_url'], $settings->getRequestTokenURL());
$this->assertEquals($config['wp_endpoint_2_authentication_method'], $settings->getAuthenticationMethod());
$this->assertEquals($config['wp_endpoint_2_basic_auth_username'], $settings->getBasicAuthUsername());
$this->assertEquals($config['wp_endpoint_2_basic_auth_password'], $settings->getBasicAuthPassword());
$this->assertEquals($config['wp_endpoint_2_basic_auth_method'], $settings->getBasicAuthMethod());
$this->assertEquals($config['sdk_deploy_url'], $settings->getSDKDeployURL());
$this->assertEquals($config['js_library'], $settings->getJSLibrary());
// Now delete the endpoint
$_POST['delete_endpoint'] = 'yes';
// Perform update
$update = new SBTEndpointUpdate();
// Make sure that the endpoint has been deleted
$settings = new SBTSettings();
$this->assertNotEquals($config['wp_endpoint_2_name'], $settings->getName());
}
/**
* The callback function for authenticating the user and then storing the token in the CredentialStore (no content
* is being requested).
*/
public function authenticationCallback()
{
if (!isset($_GET['code'])) {
return;
}
$store = SBTCredentialStore::getInstance();
$settings = new SBTSettings();
$endpointName = "connections";
if (isset($_GET['endpointName'])) {
$endpointName = $_GET['endpointName'];
}
$parameters = array('callback_uri' => $settings->getOAuth2CallbackURL($endpointName), 'code' => $_GET['code'], 'grant_type' => 'authorization_code', 'client_id' => $settings->getClientId($endpointName), 'client_secret' => $settings->getClientSecret($endpointName));
$tokenURL = $settings->getAccessTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&');
$client = new Client($tokenURL);
$client->setDefaultOption('verify', false);
$headers = null;
$body = null;
$options = array();
$response = null;
try {
$request = $client->createRequest('GET', $tokenURL, $headers, $body, $options);
if ($settings->forceSSLTrust($endpointName)) {
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false);
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false);
}
$response = $request->send();
foreach ($response->getHeaderLines() as $h) {
if (strpos($h, "Content-Type") === 0) {
header($h, TRUE);
}
}
header(':', true, $response->getStatusCode());
header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode());
parse_str($response->getBody(TRUE), $info);
if (!isset($info['access_token'])) {
die('Missing access token. Something went wrong - make sure that your client ID and client secret are correct and try again.');
}
$accessToken = $store->getOAuthAccessToken($endpointName);
if ($accessToken == null || $accessToken == "") {
$store->storeOAuthAccessToken($info['access_token'], $endpointName);
}
header("Location: " . $settings->getOAuthOrigin($endpointName));
} catch (Guzzle\Http\Exception\BadResponseException $e) {
$response = $e->getResponse();
print_r($response->getBody(TRUE));
}
}
/**
* Gets the access token.
*/
private function _getAccessToken($endpointName = "connections")
{
$settings = new SBTSettings();
$store = SBTCredentialStore::getInstance();
$random = mt_rand(0, 999999);
$nonce = sha1($random);
$parameters = array('oauth_nonce' => $nonce, 'oauth_version' => '1.0', 'oauth_token' => $store->getRequestToken($endpointName), 'oauth_timestamp' => time(), 'oauth_signature' => $settings->getConsumerSecret($endpointName) . '&' . $store->getRequestTokenSecret($endpointName), 'oauth_signature_method' => 'PLAINTEXT', 'oauth_verifier' => $store->getVerifierToken($endpointName), 'oauth_consumer_key' => $settings->getConsumerKey($endpointName));
$serviceURL = $settings->getAccessTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&');
$client = new Client($serviceURL);
$client->setDefaultOption('verify', false);
$headers = null;
$body = null;
$options = array();
$response = null;
try {
$request = $client->createRequest('GET', $serviceURL, $headers, $body, $options);
if ($settings->forceSSLTrust($endpointName)) {
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false);
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false);
}
$response = $request->send();
} catch (Guzzle\Http\Exception\BadResponseException $e) {
$response = $e->getResponse();
$store->deleteOAuthCredentials($endpointName);
print_r($response->getBody(TRUE));
header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode());
die("Your tokens expired. Make sure you are logged out of SmartCloud, clear your cache and cookies and try again.");
}
parse_str($response->getBody(TRUE), $info);
if (isset($info['oauth_token'])) {
$store->storeOAuthAccessToken($info['oauth_token'], $endpointName);
}
if (isset($info['oauth_token_secret'])) {
$store->storeTokenSecret($info["oauth_token_secret"], $endpointName);
}
}
$plugin = null;
// See if the user is loading a plugin
if (!empty($_REQUEST['plugin'])) {
$plugin = $_REQUEST['plugin'];
}
// Load plugin dependencies
if ($plugin != null) {
switch ($plugin) {
case "guzzle":
// Load dependencies for Guzzle
require_once "controllers/endpoint/SBTOAuth1Endpoint.php";
// Load properties
require_once 'models/SBTSettings.php';
$settings = new SBTSettings();
// Init the OAuth options
$options = array('consumer_key' => $settings->getConsumerKey(), 'consumer_secret' => $settings->getConsumerSecret(), 'server_uri' => $settings->getURL(), 'request_token_uri' => $settings->getRequestTokenURL(), 'authorize_uri' => $settings->getAuthorizationURL(), 'access_token_uri' => $settings->getAccessTokenURL());
// Instantiate controller object
$obj = new $class($options);
// Call method on you controller object
call_user_func_array(array($obj, $method), array());
break;
}
} else {
// Make sure that the classpath isn't blacklisted
$blacklisted = false;
foreach ($blacklist as $blacklistedItem) {
if (startsWith($classpath, $blacklistedItem)) {
$blacklisted = true;
break;
}
}
