public function validate()
{
$ret_val = false;
$request = \Yii::$app->getComponent('request');
$headers = $request->getHeaders();
switch ($headers['Authorization']) {
case false:
//Do authentication with token and verify that token is valid for use
//$token = array_pop(explode(' ', $headers['Authorization']));
$token = ['c1e48dd56b43196a06a66b67ec3bede6', ''];
$ret_val = Token::find()->where(['token' => $token[0], 'identity' => $token[1]])->exists();
break;
}
return $ret_val;
}
function testFind()
{
$patron_id = 1;
$menu_id = 2;
$sender_id = 3;
$test_token = new Token($patron_id, $menu_id, $sender_id);
$test_token->save();
$patron_id2 = 4;
$menu_id2 = 5;
$sender_id2 = 6;
$test_token2 = new Token($patron_id2, $menu_id2, $sender_id2);
$test_token2->save();
$result = Token::find($test_token->getId());
$this->assertEquals($test_token, $result);
}
/**
* Authorize specified OAuth token
*
* Authorizes the authorization token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key The token to be authorized
*
* @access public
**/
public function authorize_token($token_key)
{
$rt = new Token();
$rt->tok = $token_key;
$rt->type = 0;
$rt->state = 0;
if (!$rt->find(true)) {
throw new Exception('Tried to authorize unknown token');
}
$orig_rt = clone $rt;
$rt->state = 1;
# Authorized but not used
if (!$rt->update($orig_rt)) {
throw new Exception('Failed to authorize token');
}
}
/**
*
* @param type $token_key
* @return Token
*/
function getTokenByKey($token_key)
{
$t = new Token();
$t->tok = $token_key;
if ($t->find(true)) {
return $t;
} else {
return null;
}
}
public function doSetPassword()
{
$this->rules = array('password' => 'required|min:6', 'confirmpassword' => 'required|same:password', 'u' => 'required', 't' => 'required');
$validator = Validator::make(Input::all(), $this->rules);
$user = User::find(Input::get('u'));
$token = Token::find(Input::get('t'));
if ($validator->fails()) {
echo "Errors";
return View::make('guest.set-password', array("user" => $user, "token" => $token))->with('flash_error', 'true')->withErrors($validator);
} else {
$user->password = Hash::make(Input::get("password"));
$user->save();
Session::flash('message', "Password Successfully set Please Login");
return Redirect::to('/login');
}
}
/**
* Remove old OMB subscription tokens
*
* @param User $user subscriber
* @param Profile $other subscribee
* @return hook return value
*/
function onEndUnsubscribe($profile, $other)
{
$sub = Subscription::pkeyGet(array('subscriber' => $subscriber->id, 'subscribed' => $other->id));
if (!empty($sub->token)) {
$token = new Token();
$token->tok = $sub->token;
if ($token->find(true)) {
$result = $token->delete();
if (!$result) {
common_log_db_error($token, 'DELETE', __FILE__);
throw new Exception(_m('Could not delete subscription OMB token.'));
}
} else {
common_log(LOG_ERR, "Couldn't find credentials with token {$token->tok}", __FILE__);
}
}
return true;
}
$app->delete('/redeem_token/{token_id}', function ($token_id) use($app) {
$token = Token::find($token_id);
$token->delete();
return $app['twig']->render("bar.html.twig", array('bar' => $bar, 'tokens' => $bar->getAllTokens(), 'items' => $bar->getAllItems(), 'get_tokens' => false, 'show_menu' => false, 'edit_bar' => false));
});
$app->get('/redeem_token/{token_id}', function ($token_id) use($app) {
$token = Token::find($token_id);
$menu_item = $token->getMenuItem();
$bar_id = $menu_item[0];
$bar = Bar::find($bar_id);
$token->delete();
return $app['twig']->render("bar.html.twig", array('bar' => $bar, 'tokens' => $bar->getAllTokens(), 'items' => $bar->getAllItems(), 'get_tokens' => false, 'show_menu' => false, 'edit_bar' => false));
});
//Get call to link to a bar with what the token is valid for
$app->get('/view_token/{token_id}', function ($token_id) use($app) {
$token = Token::find($token_id);
$menu_item = $token->getMenuItem();
$bar_id = $menu_item[0];
$bar = Bar::find($bar_id);
$item_id = $menu_item[1];
$item = Item::find($item_id);
return $app['twig']->render("view_token.html.twig", array('bar' => $bar, 'item' => $item, 'token' => $token));
});
//Get Show Menu Items
$app->get("/show_menu_items/{id}", function ($id) use($app) {
$bar = Bar::find($id);
$items = $bar->getAllItems();
return $app['twig']->render("bar.html.twig", array('bar' => $bar, 'tokens' => $bar->getAllTokens(), 'items' => $bar->getAllItems(), 'get_tokens' => false, 'show_menu' => true, 'edit_bar' => false));
});
$app->patch("/edit_item/{bar_id}/{item_id}", function ($bar_id, $item_id) use($app) {
$item = Item::find($item_id);
/**
* Cancel a subscription
*
*/
function cancel($subscriber, $other)
{
if (!self::exists($subscriber, $other)) {
throw new Exception(_('Not subscribed!'));
}
// Don't allow deleting self subs
if ($subscriber->id == $other->id) {
throw new Exception(_('Couldn\'t delete self-subscription.'));
}
if (Event::handle('StartUnsubscribe', array($subscriber, $other))) {
$sub = Subscription::pkeyGet(array('subscriber' => $subscriber->id, 'subscribed' => $other->id));
// note we checked for existence above
assert(!empty($sub));
// @todo: move this block to EndSubscribe handler for
// OMB plugin when it exists.
if (!empty($sub->token)) {
$token = new Token();
$token->tok = $sub->token;
if ($token->find(true)) {
$result = $token->delete();
if (!$result) {
common_log_db_error($token, 'DELETE', __FILE__);
throw new Exception(_('Couldn\'t delete subscription OMB token.'));
}
} else {
common_log(LOG_ERR, "Couldn't find credentials with token {$token->tok}");
}
}
$result = $sub->delete();
if (!$result) {
common_log_db_error($sub, 'DELETE', __FILE__);
throw new Exception(_('Couldn\'t delete subscription.'));
}
self::blow('user:notices_with_friends:%d', $subscriber->id);
$subscriber->blowSubscriptionsCount();
$other->blowSubscribersCount();
Event::handle('EndUnsubscribe', array($subscriber, $other));
}
return;
}
/**
* Revoke specified access token
*
* Revokes the token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key the token to be revoked
* @param int $type type of token (0 = req, 1 = access)
*
* @access public
*
* @return void
*/
public function revoke_token($token_key, $type = 0)
{
$rt = new Token();
$rt->tok = $token_key;
$rt->type = $type;
$rt->state = 0;
if (!$rt->find(true)) {
throw new Exception('Tried to revoke unknown token');
}
if (!$rt->delete()) {
throw new Exception('Failed to delete revoked token');
}
}
/**
* Revoke specified access token
*
* Revokes the token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key the token to be revoked
* @param int $type type of token (0 = req, 1 = access)
*
* @access public
*
* @return void
*/
public function revoke_token($token_key, $type = 0)
{
$rt = new Token();
$rt->tok = $token_key;
$rt->type = $type;
$rt->state = 0;
if (!$rt->find(true)) {
// TRANS: Exception thrown when an attempt is made to revoke an unknown token.
throw new Exception(_('Tried to revoke unknown token.'));
}
if (!$rt->delete()) {
// TRANS: Exception thrown when an attempt is made to remove a revoked token.
throw new Exception(_('Failed to delete revoked token.'));
}
}
function getTokens()
{
$returned_tokens = $GLOBALS['DB']->query("SELECT * FROM tokens WHERE patron_id = {$this->getId()};");
$tokens = array();
foreach ($returned_tokens as $token) {
$token_id = $token['id'];
$new_token = Token::find($token_id);
array_push($tokens, $new_token);
}
return $tokens;
}
function new_access_token($token, $consumer)
{
common_debug('new_access_token("' . $token->key . '","' . $consumer->key . '")', __FILE__);
$rt = new Token();
$rt->consumer_key = $consumer->key;
$rt->tok = $token->key;
$rt->type = 0;
// request
if ($rt->find(true) && $rt->state == 1) {
// authorized
common_debug('request token found.', __FILE__);
$at = new Token();
$at->consumer_key = $consumer->key;
$at->tok = common_good_rand(16);
$at->secret = common_good_rand(16);
$at->type = 1;
// access
$at->created = DB_DataObject_Cast::dateTime();
if (!$at->insert()) {
$e = $at->_lastError;
common_debug('access token "' . $at->tok . '" not inserted: "' . $e->message . '"', __FILE__);
return null;
} else {
common_debug('access token "' . $at->tok . '" inserted', __FILE__);
// burn the old one
$orig_rt = clone $rt;
$rt->state = 2;
// used
if (!$rt->update($orig_rt)) {
return null;
}
common_debug('request token "' . $rt->tok . '" updated', __FILE__);
// Update subscription
// XXX: mixing levels here
$sub = Subscription::staticGet('token', $rt->tok);
if (!$sub) {
return null;
}
common_debug('subscription for request token found', __FILE__);
$orig_sub = clone $sub;
$sub->token = $at->tok;
$sub->secret = $at->secret;
if (!$sub->update($orig_sub)) {
return null;
} else {
common_debug('subscription updated to use access token', __FILE__);
return new OAuthToken($at->tok, $at->secret);
}
}
} else {
return null;
}
}
public function getDelete($id)
{
$token = Token::find($id);
$token->delete();
return Output::push(array('path' => 'token', 'messages' => array('success' => _('Token has been deleted'))));
}
function authorizeToken(&$req)
{
$consumer_key = $req->get_parameter('oauth_consumer_key');
$token_field = $req->get_parameter('oauth_token');
$rt = new Token();
$rt->consumer_key = $consumer_key;
$rt->tok = $token_field;
$rt->type = 0;
$rt->state = 0;
if ($rt->find(true)) {
$orig_rt = clone $rt;
$rt->state = 1;
# Authorized but not used
if ($rt->update($orig_rt)) {
return true;
}
}
return false;
}
