function diy_compile($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
$params = loadParameters();
$srcfile = OAuth2\Request::createFromGlobals()->request["srcfile"];
$srclib = OAuth2\Request::createFromGlobals()->request["srclib"];
$device = OAuth2\Request::createFromGlobals()->request["device"];
$comp = OAuth2\Request::createFromGlobals()->request["comp"];
$filename = OAuth2\Request::createFromGlobals()->request["filename"];
$writedevice = OAuth2\Request::createFromGlobals()->request["writedevice"];
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$diy_error["post"]["device"] = $device;
$post["srcfile"] = $srcfile;
//organisation oauth_devices
$post["device"] = $device;
//organisation oauth_devices
$post["comp"] = $comp;
//organisation oauth_devices
$post["filename"] = $filename;
//organisation oauth_devices
$post["writedevice"] = $writedevice;
//organisation oauth_devices
$gump = new GUMP();
$gump->validation_rules(array('device' => 'required|alpha_numeric', 'filename' => 'required|alpha_numeric', 'comp' => 'required|alpha_numeric', 'writedevice' => 'required|alpha_numeric'));
$gump->filter_rules(array('device' => 'trim|sanitize_string', 'filename' => 'trim|sanitize_string', 'comp' => 'trim|sanitize_string', 'writedevice' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
try {
$sourceWriteDir = __DIR__ . '/../../../data/sketches/' . $client_id . '/' . $device . '/' . $filename;
if (file_exists($sourceWriteDir)) {
throw new \Exception('Filename ' . $filename . ' for user ' . $client_id . ' and device ' . $device . ' already exists');
}
$stmt2 = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device');
$stmt2->execute(array('device' => trim($device)));
$row2 = $stmt2->fetch(PDO::FETCH_ASSOC);
if ($row2["organisation"]) {
$org = trim($row2["organisation"]);
}
if ($row2["mode"]) {
$mode = trim($row2["mode"]);
}
if ($row2["status"]) {
$status = trim($row2["status"]);
}
if ($row2["client_id"]) {
$devclient_id = trim($row2["client_id"]);
}
$orgscopeadmin = "no";
$orgscopedevel = "no";
if ($mode == "devel" && $status == "org") {
$userscopes = explode(' ', trim($userscope));
$adminscope = $org . "_admin";
$develscope = $org . "_admin";
// o user aniki sto scope
for ($i = 0; $i <= count($userscopes); $i++) {
if (trim($userscopes[$i]) == $adminscope) {
$orgscopeadmin = "yes";
}
if (trim($userscopes[$i]) == $develscope) {
$orgscopedevel = "yes";
}
}
// einai o owner
if ($devclient_id == $client_id) {
$orgscopeadmin = "yes";
}
}
// einmai o owner
if ($mode == "devel" && $status == "private" && $devclient_id == $client_id) {
$orgscopeadmin = "yes";
}
$result["result"]["sketch1"] = $orgscopeadmin;
if ($orgscopeadmin == "yes" || $orgscopedevel == "yes") {
try {
$stmt2 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :device');
$stmt2->execute(array('device' => trim($device)));
$row2 = $stmt2->fetch(PDO::FETCH_ASSOC);
if ($row2["apiport"]) {
// *************************************** compiler *********************************
// srcfile echeis se base64 ton kodika
// compiler echeis ton compiler pou thelei o user mechri stigmis echoume gcc, ino
// filename to filename pou edosse o user
// o poros compilesketch
// afou kanei compile
// epistrefei
// error ta lathi h noerrors
// binfile to hex file
$compilerserver = diyConfig::read("compiler.host");
$compilerserver .= ":" . diyConfig::read("compiler.port");
$data1 = 'filename=' . $filename;
$data1 .= '&compiler=' . $comp;
$data1 .= '&srcfile=' . $srcfile;
$fixedFiles = array();
foreach ($srclib as $curName => $curFile) {
$fixedFiles[] = 'srclib[' . $curName . ']=' . $curFile;
}
$data1 .= '&' . implode('&', $fixedFiles);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "{$compilerserver}/api/compilesketch");
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data1);
curl_setopt($ch, CURLOPT_POST, 1);
$or = curl_exec($ch);
if (!$or) {
$or = curl_error($ch);
}
$result["compiler"] = $or;
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
$result["status"] = "200";
$r = json_decode($or, true);
if (!$r) {
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: CompilationError";
$result["compiler"] = $or;
$result["status"] = "500";
return $result;
}
if ($r['status'] != 200) {
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: CompilationError";
$result["status"] = "500";
return $result;
}
unset($result["compiler"]);
// No need to transfer this to the user
//$srcfilebase64encode = base64_encode($srcfile);
$apiport = trim($row2["apiport"]);
// *************************************** compiler *********************************
if ($r['status'] == 200 && $writedevice == "yes") {
$apiport = trim($row2["apiport"]);
$binfile = $r['hex'];
$data1 = 'file=base64';
$data1 .= '&binfile=' . $binfile;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://127.0.0.1:{$apiport}/api/writesketch");
curl_setopt($ch, CURLOPT_TIMEOUT, 90);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data1);
curl_setopt($ch, CURLOPT_POST, 1);
$r = curl_exec($ch);
$result["sketch"] = $r;
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
$result["status"] = "200";
//$result["result"]= $r;
}
// If we are here with no exceptions then everything went well. Lets save the sketch.
$ziptmp = tempnam(sys_get_temp_dir(), 'diytmpzip') . '.tgz';
file_put_contents($ziptmp, base64_decode($r['zip']));
$p = new PharData($ziptmp);
$p->decompress();
// creates /path/to/my.tar
$ziptmpextracted = str_replace('.tgz', '.tar', $ziptmp);
$phar = new PharData($ziptmpextracted);
$writeDir = __DIR__ . '/../../../data/sketches/' . $client_id . '/' . $filename;
$phar->extractTo($sourceWriteDir);
}
} catch (Exception $e) {
$diy_error["db"] = $e->getCode();
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
} catch (Exception $e) {
$diy_error["db"] = $e->getCode();
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
function diy_deverror($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
try {
$date = date('Y-m-d H:i:s');
$error = OAuth2\Request::createFromGlobals()->request["deverror"];
$action = OAuth2\Request::createFromGlobals()->request["action"];
$stmt = $storage->prepare('INSERT INTO error_clients (client_id, error, date, action) VALUES (:client_id, :error, :date, :action)');
$stmt->execute(array('client_id' => $client_id, 'error' => $error, 'date' => $date, 'action' => $action));
//result_messages===============================================================
$result["result"] = "ok";
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
return $result;
}
/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token
* and user services like WP JSON API and WP REST API.
* @param [type] $user_id User ID to
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
// If the token key is there but the ID is either 0 or empty
// we will assume it is a valid client access token and will need to investigate the
// request further.
} elseif (isset($token['user_id']) && $token['user_id'] === 0) {
}
}
}
function actionAuth()
{
$oRequest = OAuth2\Request::createFromGlobals();
$oResponse = new OAuth2\Response();
// validate the authorize request
if (!$this->_oServer->validateAuthorizeRequest($oRequest, $oResponse)) {
require_once BX_DIRECTORY_PATH_INC . 'design.inc.php';
$o = json_decode($oResponse->getResponseBody());
$this->_oTemplate->getPage(false, MsgBox($o->error_description));
}
if (!isLogged()) {
require_once BX_DIRECTORY_PATH_INC . 'design.inc.php';
$sForceRelocate = BX_DOL_URL_ROOT . $this->_oConfig->getBaseUri() . 'auth/?client_id=' . bx_get('client_id') . '&response_type=' . bx_get('response_type') . '&state=' . bx_get('state') . '&redirect_uri=' . bx_get('redirect_uri');
bx_login_form(false, false, $sForceRelocate);
return;
}
$aProfiles = BxDolAccount::getInstance()->getProfiles();
if (!($iProfileId = $this->_oDb->getSavedProfile($aProfiles)) && empty($_POST)) {
$oPage = BxDolPage::getObjectInstanceByURI('oauth-authorization');
$this->_oTemplate->getPage(false, $oPage->getCode());
return;
}
if (!$iProfileId) {
$iProfileId = bx_get('profile_id');
}
$this->_oServer->handleAuthorizeRequest($oRequest, $oResponse, (bool) $iProfileId, $iProfileId);
$oResponse->send();
}
/**
* @Get("/auth")
*/
public function authAction()
{
$storage = new OAuth2\Storage\Mongo(DI::getDefault()->getMongo());
$server = new \OAuth2\Server($storage);
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
}
/**
* Create an OAuth2 Request Object
*
*/
public function createRequest()
{
$request = OAuth2\Request::createFromGlobals();
if (!$request instanceof OAuth2\Request) {
$this->modx->log(modX::LOG_LEVEL_ERROR, '[OAuth2Server] could not create a valid request object!');
return null;
}
return $request;
}
function __construct($config = array())
{
require_once __DIR__ . '/../config/database.php';
//database config
require_once __DIR__ . '/../third_party/Oauth2/src/OAuth2/Autoloader.php';
//oauth library
$config = $db['oauth'];
OAuth2\Autoloader::register();
$this->storage = new OAuth2\Storage\Pdo(array('dsn' => $config["dsn"], 'username' => $config["username"], 'password' => $config["password"]));
$this->server = new OAuth2\Server($this->storage, array('allow_implicit' => true));
$this->request = OAuth2\Request::createFromGlobals();
$this->response = new OAuth2\Response();
}
/**
* Returns an OAuth2 access token to the client
*
* PHP version 5
*
* @category PHP
* @package Restyaboard
* @subpackage Core
* @author Restya <*****@*****.**>
* @copyright 2014 Restya
* @license http://restya.com/ Restya Licence
* @link http://restya.com/
*/
function getToken($post)
{
$old_server_method = $_SERVER['REQUEST_METHOD'];
$old_content_type = $_SERVER['CONTENT_TYPE'];
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$_POST = $post;
require_once 'server.php';
$response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return');
$_SERVER['REQUEST_METHOD'] = $old_server_method;
$_SERVER['CONTENT_TYPE'] = $old_content_type;
return json_decode($response, true);
}
/**
* @param Route $route
* @throws \Slim\Exception\Stop
*/
private function checkAuth(Route $route)
{
$request = OAuth2\Request::createFromGlobals();
$scopeRequired = [];
if ($route->isSecure()) {
$scopeRequired = 'admin';
}
if (!$this->oauth->verifyResourceRequest($request, NULL, $scopeRequired)) {
$response = $this->oauth->getResponse();
$this->app->response()->status($response->getStatusCode());
$response->send();
$this->app->stop();
}
}
function diy_wssaddsession($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$session = OAuth2\Request::createFromGlobals()->request["session"];
$wss_user = OAuth2\Request::createFromGlobals()->request["wss_user"];
//$device = OAuth2\Request::createFromGlobals()->request["device"];
try {
$stmt1 = $storage->prepare('SELECT * FROM oauth_https_wss WHERE client_id = :client_id');
$stmt1->execute(array('client_id' => trim($client_id)));
$row = $stmt1->fetch(\PDO::FETCH_ASSOC);
if ($row) {
try {
$stmt3 = $storage->prepare('UPDATE oauth_https_wss set client_id = :client_id, wss_user = :wss_user, session = :session WHERE client_id = :client_id');
$stmt3->execute(array('client_id' => $client_id, 'wss_user' => $wss_user, 'session' => $session));
} catch (Exception $e) {
echo "error 3" . $e->getMessage();
}
} else {
try {
$stmt2 = $storage->prepare('INSERT INTO oauth_https_wss (client_id, wss_user, session) VALUES (:client_id, :wss_user, :session)');
$stmt2->execute(array('client_id' => trim($client_id), 'wss_user' => $wss_user, 'session' => $session));
} catch (Exception $e) {
echo "error 2" . $e->getCode();
}
}
//result_messages===============================================================
$result["result"]["session"] = $session;
$result["result"]["client_id"] = $client_id;
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
return $result;
}
function pleiobox_is_authorized()
{
// only enable for development purposes as this occurs in a XSS vulnerability in production.
// if (elgg_is_logged_in()) {
// return true;
// }
$oauth = new PleioboxOAuth2();
$server = $oauth->getServer();
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
http_response_code(403);
return false;
}
$token = $server->getAccessTokenData(OAuth2\Request::createFromGlobals());
$user = get_user($token['user_id']);
if ($user) {
login($user);
return true;
}
return false;
}
function actionAuth()
{
$oRequest = OAuth2\Request::createFromGlobals();
$oResponse = new OAuth2\Response();
// validate the authorize request
if (!$this->_oServer->validateAuthorizeRequest($oRequest, $oResponse)) {
$o = json_decode($oResponse->getResponseBody());
$this->_oTemplate->pageError($o->error_description);
}
if (!isLogged()) {
$_REQUEST['relocate'] = BX_DOL_URL_ROOT . $this->_oConfig->getBaseUri() . 'auth/?client_id=' . bx_get('client_id') . '&response_type=' . bx_get('response_type') . '&state=' . bx_get('state') . '&redirect_uri=' . bx_get('redirect_uri');
login_form('', 0, false, 'disable_external_auth no_join_text');
return;
}
if (empty($_POST)) {
$this->_oTemplate->pageAuth($this->_oDb->getClientTitle(bx_get('client_id')));
}
$this->_oServer->handleAuthorizeRequest($oRequest, $oResponse, (bool) bx_get('confirm'), getLoggedId());
$oResponse->send();
}
/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token and
* user services like WP JSON API and WP REST API.
* @param [type] $o [description]
* @return [type] [description]
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
}
}
}
/**
* Returns an OAuth2 access token to the client
*
* @param array $post Post data
*
* @return mixed
*/
function getToken($post)
{
$old_server_method = $_SERVER['REQUEST_METHOD'];
if (!empty($_SERVER['CONTENT_TYPE'])) {
$old_content_type = $_SERVER['CONTENT_TYPE'];
}
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$_POST = $post;
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') {
$val_array = array('password' => $_POST['password']);
$users = array($_POST['username'] => $val_array);
$user_credentials = array('user_credentials' => $users);
$storage = new OAuth2\Storage\Memory($user_credentials);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') {
$always_issue_new_refresh_token = array('always_issue_new_refresh_token' => true);
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $always_issue_new_refresh_token));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'authorization_code') {
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
} else {
$val_array = array('client_secret' => OAUTH_CLIENT_SECRET);
$clients = array(OAUTH_CLIENTID => $val_array);
$credentials = array('client_credentials' => $clients);
$storage = new OAuth2\Storage\Memory($credentials);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
}
$response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return');
$_SERVER['REQUEST_METHOD'] = $old_server_method;
if (!empty($old_content_type)) {
$_SERVER['CONTENT_TYPE'] = $old_content_type;
}
return json_decode($response, true);
}
function diy_removedevice($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$userscope = $up->scope;
$device = OAuth2\Request::createFromGlobals()->query["device"];
$diy_error["post"]["device"] = $device;
$post["device"] = $device;
// to client_id tou device oauth_devices oauth_clients oauth_public_keys
//$result["result"]["up"] = $up;
$gump = new GUMP();
$gump->validation_rules(array('device' => 'required|alpha_numeric'));
$gump->filter_rules(array('device' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
$dev = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device');
$dev->execute(array('device' => trim($device)));
$rowdev = $dev->fetch(PDO::FETCH_ASSOC);
if ($rowdev) {
$org = $rowdev["organisation"];
} else {
$result["result"]["error"] = ExceptionMessages::DeviceNotExist . " , " . ExceptionCodes::DeviceNotExist;
}
//check if org name exists
$orgexists = "no";
$stmtorg = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org');
$stmtorg->execute(array('org' => trim($org)));
$roworg = $stmtorg->fetch(PDO::FETCH_ASSOC);
if ($roworg) {
$orgexists = "yes";
//$result["result"]["error"] = ExceptionMessages::OrgExist." , ". ExceptionCodes::OrgExist;
$orgadmin = "no";
$orgowner = "no";
$userscopes = explode(' ', trim($userscope));
$orgscope = $org . "_admin";
for ($i = 0; $i <= count($userscopes); $i++) {
if (trim($userscopes[$i]) == $orgscope) {
$orgadmin = "yes";
}
}
if ($orgadmin == "no") {
//check if org name exists and client_id
$stmtorg1 = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org and client_id = :client_id');
$stmtorg1->execute(array('org' => trim($org), 'client_id' => $client_id));
$roworg1 = $stmtorg1->fetch(PDO::FETCH_ASSOC);
if (!$roworg1) {
$result["result"]["error"] = ExceptionMessages::OrgOwner . " , " . ExceptionCodes::OrgOwner;
} else {
$orgowner = "yes";
}
}
} else {
$result["result"]["error"] = ExceptionMessages::OrgNotExist . " , " . ExceptionCodes::OrgNotExist;
}
//check if device name exists
$orgdeviceexists = "no";
$stmt = $storage->prepare('SELECT client_id FROM oauth_clients WHERE client_id = :device');
$stmt->execute(array('device' => trim($device)));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row) {
//$result["result"]["error"] = ExceptionMessages::DeviceExist." , ". ExceptionCodes::DeviceExist;
$orgdeviceexists = "yes";
} else {
$result["result"]["error"] = ExceptionMessages::DeviceNotExist . " , " . ExceptionCodes::DeviceNotExist;
$orgdeviceexists = "no";
}
if ($orgexists == "yes" && ($orgowner == "yes" || $orgadmin == "yes") && $orgdeviceexists == "yes") {
//}else{
try {
// oauth_public_keys table
$encryption_algorithm = "RS256";
$stmt5 = $storage->prepare('DELETE from oauth_public_keys where client_id = :client_id');
$stmt5->execute(array('client_id' => $device));
$stmt1 = $storage->prepare('SELECT * from oauth_clients where client_id = :client_id');
$stmt1->execute(array('client_id' => $device));
$row1 = $stmt1->fetch(PDO::FETCH_ASSOC);
if ($row1) {
$dataport = $row1["dataport"];
$apiport = $row1["apiport"];
// oauth_users table
$user_id = $row1["user_id"];
$stmt = $storage->prepare('DELETE from oauth_users where user_id = :user_id');
$stmt->execute(array('user_id' => $user_id));
// oauth_ports table
$stmt2 = $storage->prepare('DELETE from oauth_ports where port = :port');
$stmt2->execute(array('port' => $dataport));
$stmt2 = $storage->prepare('DELETE from oauth_ports where port = :port');
$stmt2->execute(array('port' => $apiport));
// oauth_clients table
$stmt1 = $storage->prepare('DELETE from oauth_clients where client_id = :client_id');
$stmt1->execute(array('client_id' => $device));
// oauth_devices table
$stmt11 = $storage->prepare('DELETE from oauth_devices where device = :device');
$stmt11->execute(array('device' => $device));
}
//result_messages===============================================================
$result["result"]["result"] = $post;
$result["result"]["session"] = $session;
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
<?php /** * Returns an OAuth2 access token to the client * * PHP version 5 * * @category PHP * @package Restyaboard * @subpackage Core * @author Restya <*****@*****.**> * @copyright 2014 Restya * @license http://www.restya.com/ Restya Licence * @link http://www.restya.com */ require_once 'server.php'; $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
header("Content-Type: text/html; charset=utf-8");
//api/get/diy_getinfoconfig.php
// get info for client (device)
// the device request config info for device settings not the owner
// this is for devices configuration and sync
$app->get('/devinfo', function () use($authenticateForRole, $diy_storage) {
global $app;
$params = loadParameters();
$server = $authenticateForRole();
$dbstorage = $diy_storage();
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
echo 'Unable to verify access token: ' . "\n";
$server->getResponse()->send();
die;
} else {
$crypto_token = OAuth2\Request::createFromGlobals()->query["access_token"];
$separator = '.';
list($header, $payload, $signature) = explode($separator, $crypto_token);
//echo base64_decode($payload);
$params["payload"] = $payload;
$params["storage"] = $dbstorage;
$result = diy_getinfoconfig($params["payload"], $params["storage"], $params["test"]);
PrepareResponse();
$app->response()->setBody(toGreek(json_encode($result)));
}
});
function diy_getinfoconfig($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
function diy_diyexec($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
$params = loadParameters();
$device = OAuth2\Request::createFromGlobals()->request["device"];
$exec = OAuth2\Request::createFromGlobals()->request["exec"];
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$diy_error["post"]["device"] = $device;
$post["device"] = $device;
//organisation oauth_devices
$post["exec"] = $exec;
//organisation oauth_devices
$gump = new GUMP();
$gump->validation_rules(array('device' => 'required|alpha_numeric', 'exec' => 'required|alpha_numeric'));
$gump->filter_rules(array('device' => 'trim|sanitize_string', 'exec' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
try {
$stmt2 = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device');
$stmt2->execute(array('device' => trim($device)));
$row2 = $stmt2->fetch(PDO::FETCH_ASSOC);
if ($row2["organisation"]) {
$org = trim($row2["organisation"]);
}
if ($row2["mode"]) {
$mode = trim($row2["mode"]);
}
if ($row2["status"]) {
$status = trim($row2["status"]);
}
if ($row2["client_id"]) {
$devclient_id = trim($row2["client_id"]);
}
$orgscopeadmin = "no";
$orgscopedevel = "no";
if ($status == "org") {
$userscopes = explode(' ', trim($userscope));
$adminscope = $org . "_admin";
$develscope = $org . "_admin";
// o user aniki sto scope
for ($i = 0; $i <= count($userscopes); $i++) {
if (trim($userscopes[$i]) == $adminscope) {
$orgscopeadmin = "yes";
}
if (trim($userscopes[$i]) == $develscope) {
$orgscopedevel = "yes";
}
}
// einai o owner
if ($devclient_id == $client_id) {
$orgscopeadmin = "yes";
}
}
// einmai o owner
if ($status == "private" && $devclient_id == $client_id) {
$orgscopeadmin = "yes";
}
if ($orgscopeadmin == "yes" || $orgscopedevel == "yes") {
try {
$stmt2 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :device');
$stmt2->execute(array('device' => trim($device)));
$row2 = $stmt2->fetch(PDO::FETCH_ASSOC);
if ($row2["apiport"]) {
$stmt3 = $storage->prepare('SELECT * FROM oauth_diyexec WHERE exec = :exec');
$stmt3->execute(array('exec' => trim($exec)));
$row3 = $stmt3->fetch(PDO::FETCH_ASSOC);
if ($row3["exec"]) {
$apiport = trim($row2["apiport"]);
$diyexec = trim($row3["diyexec"]);
$diyexecurl = base64_encode($diyexec);
$data1 = 'exec=' . $diyexecurl;
//$result["result1"]= $diyexec;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://127.0.0.1:{$apiport}/api/diyexec");
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data1);
curl_setopt($ch, CURLOPT_POST, 1);
$r = curl_exec($ch);
var_dump($r);
$result["DEV"] = $r;
}
}
} catch (Exception $e) {
$diy_error["db"] = $e->getCode();
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
} catch (Exception $e) {
$diy_error["db"] = $e->getCode();
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
$server->getResponse()->send();
die;
}
$api = new \Aums\API('username', 'password');
$info = $api->login();
echo json_encode(['success' => true, 'data' => ['roll_no' => $info['roll_no'], 'first_name' => $info['first_name'], 'last_name' => $info['last_name'], 'email' => $info['email'], 'image_filename' => $info['image_filename']]]);
});
$app->post('/oauth/resource/extra', function () use($server) {
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
$scopeRequired = 'extras';
if (!$server->verifyResourceRequest($request, $response, $scopeRequired)) {
$server->getResponse()->send();
die;
}
$api = new \Aums\API('username', 'password');
$info = $api->login();
echo json_encode(['success' => true, 'data' => ['roll_no' => $info['roll_no'], 'first_name' => $info['first_name'], 'last_name' => $info['last_name'], 'email' => $info['email'], 'degree_program' => $info['degree_program'], 'branch' => $info['branch'], 'semester' => $info['semester'], 'image_filename' => $info['image_filename']]]);
});
$app->post('/oauth/resource/picture/:filename', function ($filename) use($app, $server) {
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
$scopeRequired = 'profile_pic';
if (!$server->verifyResourceRequest($request, $response, $scopeRequired)) {
$server->getResponse()->send();
die;
}
$app->response->headers->set('Content-Type', 'image/jpg');
echo file_get_contents(__DIR__ . '/../storage/images/' . $filename);
});
$app->run();
function diy_addorg($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$org = OAuth2\Request::createFromGlobals()->request["org"];
$org_desc = OAuth2\Request::createFromGlobals()->request["org_desc"];
$diy_error["post"]["org"] = $org;
$diy_error["post"]["org_desc"] = $org_desc;
$post["org"] = $org;
//organisation oauth_devices
$post["org_desc"] = $org_desc;
//mia perigrafi oti thelei o christis oauth_devices
$gump = new GUMP();
$gump->validation_rules(array('org' => 'required|alpha_numeric', 'org_desc' => 'required|max_len,100'));
$gump->filter_rules(array('org' => 'trim|sanitize_string', 'org_desc' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
//check if device name exists
$stmt = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org');
$stmt->execute(array('org' => trim($org)));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row) {
$result["result"]["error"] = ExceptionMessages::OrgExist . " , " . ExceptionCodes::OrgExist;
} else {
try {
// oauth_organisation table
$stmt2 = $storage->prepare('INSERT INTO oauth_organisations (organisation, client_id, desc) VALUES (:org, :client_id, :desc)');
$stmt2->execute(array('client_id' => $client_id, 'org' => $org, 'desc' => $org_desc));
// scopes gia devices
$scope = $org;
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_dev";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_dpri";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_org";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_dpub";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
// scopes gia users
$scope = $org . "_view";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_devel";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$scope = $org . "_admin";
$is_default = 0;
$stmt3 = $storage->prepare('INSERT INTO oauth_scopes (scope, is_default) VALUES (:scope, :is_default)');
$stmt3->execute(array('scope' => $scope, 'is_default' => $is_default));
$stmt6 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :client_id');
$stmt6->execute(array('client_id' => trim($client_id)));
$row6 = $stmt6->fetch(PDO::FETCH_ASSOC);
if ($row6) {
$scope6 = $row6["scope"];
$scope6 .= " " . $org . "_admin";
$scope6 .= " " . $org . "_view";
$stmt5 = $storage->prepare('UPDATE oauth_clients set scope = :scope6 where client_id = :client_id');
$stmt5->execute(array('scope6' => $scope6, 'client_id' => $client_id));
}
//result_messages===============================================================
$result["result"]["result"] = $post;
$result["result"]["session"] = $session;
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
/**
* Authentication for resources
* http://bshaffer.github.io/oauth2-server-php-docs/controllers/resource/
*
* @param string $format Data format
*/
function authentication_resource($format)
{
if (!$this->server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$response = $this->server->getResponse();
$response->setParameters(array('message' => 'Requires authentication'));
$response->send($format);
exit;
}
}
<?php
/**
*
* @author: XuYi
* @date: 2015-07-23
* @version: $Id$
*/
// include our OAuth2 Server object
require_once __DIR__ . '/server.php';
// Handle a request to a resource and authenticate the access token
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$server->getResponse()->send();
die;
}
echo json_encode(array('success' => true, 'message' => 'You accessed my APIs!'));
public function doUserInfo()
{
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
if (!$this->server->verifyResourceRequest($request)) {
return $this->server->getResponse();
} else {
$api_response = array('friends' => array('john', 'matt', 'jane'));
echo json_encode($api_response);
// $token = $this->server->getAccessTokenData($request);
// var_dump($token);
// echo json_encode(array("userid"=>"123"));
// echo "User ID associated with this token is {$token['user_id']}";
}
}
function diy_adddevice($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$userscope = $up->scope;
$org = OAuth2\Request::createFromGlobals()->request["org"];
$device = OAuth2\Request::createFromGlobals()->request["device"];
$client_secret = OAuth2\Request::createFromGlobals()->request["passwd"];
$device_desc = OAuth2\Request::createFromGlobals()->request["device_desc"];
$diy_error["post"]["org"] = $org;
$diy_error["post"]["device"] = $device;
$diy_error["post"]["client_secret"] = $client_secret;
$diy_error["post"]["device_desc"] = $device_desc;
$post["org"] = $org;
//organisation oauth_devices
$post["device"] = $device;
// to client_id tou device oauth_devices oauth_clients oauth_public_keys
$post["client_secret"] = $client_secret;
//mia perigrafi oti thelei o christis oauth_devices
$post["device_desc"] = $device_desc;
//mia perigrafi oti thelei o christis oauth_devices
//$result["result"]["up"] = $up;
$gump = new GUMP();
$gump->validation_rules(array('org' => 'required|alpha_numeric', 'device' => 'required|alpha_numeric', 'client_secret' => 'required|max_len,100|min_len,6', 'device_desc' => 'required|max_len,100'));
$gump->filter_rules(array('org' => 'trim|sanitize_string', 'device' => 'trim|sanitize_string', 'client_secret' => 'trim', 'device_desc' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
//check if org name exists
$orgexists = "no";
$stmtorg = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org');
$stmtorg->execute(array('org' => trim($org)));
$roworg = $stmtorg->fetch(PDO::FETCH_ASSOC);
if ($roworg) {
$orgexists = "yes";
//$result["result"]["error"] = ExceptionMessages::OrgExist." , ". ExceptionCodes::OrgExist;
$orgadmin = "no";
$orgowner = "no";
$userscopes = explode(' ', trim($userscope));
$orgscope = $org . "_admin";
for ($i = 0; $i <= count($userscopes); $i++) {
if (trim($userscopes[$i]) == $orgscope) {
$orgadmin = "yes";
}
}
if ($orgadmin == "no") {
//check if org name exists and client_id
$stmtorg1 = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org and client_id = :client_id');
$stmtorg1->execute(array('org' => trim($org), 'client_id' => $client_id));
$roworg1 = $stmtorg1->fetch(PDO::FETCH_ASSOC);
if (!$roworg1) {
$result["result"]["error"] = ExceptionMessages::OrgOwner . " , " . ExceptionCodes::OrgOwner;
} else {
$orgowner = "yes";
}
}
} else {
$result["result"]["error"] = ExceptionMessages::OrgNotExist . " , " . ExceptionCodes::OrgNotExist;
}
//check if device name exists
$orgdeviceexists = "no";
$stmt = $storage->prepare('SELECT client_id FROM oauth_clients WHERE client_id = :device');
$stmt->execute(array('device' => trim($device)));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row) {
$result["result"]["error"] = ExceptionMessages::DeviceExist . " , " . ExceptionCodes::DeviceExist;
$orgdeviceexists = "yes";
}
if ($orgexists == "yes" && ($orgowner == "yes" || $orgadmin == "yes") && $orgdeviceexists == "no") {
//}else{
try {
$tempfile = tempnam('tmp/', '');
if (file_exists($tempfile)) {
unlink($tempfile);
}
mkdir($tempfile);
if (is_dir($tempfile)) {
exec("openssl genrsa -out {$tempfile}/{$client_id}-privkey.pem 2048");
exec("openssl rsa -in {$tempfile}/{$client_id}-privkey.pem -pubout -out {$tempfile}/{$client_id}-pubkey.pem");
$publicKey = file_get_contents("{$tempfile}/{$client_id}-pubkey.pem");
$privateKey = file_get_contents("{$tempfile}/{$client_id}-privkey.pem");
// oauth_public_keys table
$encryption_algorithm = "RS256";
$stmt5 = $storage->prepare('INSERT INTO oauth_public_keys (client_id, public_key, private_key, encryption_algorithm) VALUES (:client_id, :public_key, :private_key, :encryption_algorithm)');
$stmt5->execute(array('client_id' => $device, 'public_key' => $publicKey, 'private_key' => $privateKey, ':encryption_algorithm' => $encryption_algorithm));
unlink("{$tempfile}/{$client_id}-pubkey.pem");
unlink("{$tempfile}/{$client_id}-privkey.pem");
// na ftiaxo to key me tis portes na einai etoimo
// tha to kano messo cron
// o pinakas ta echei ola oauth_clients
}
// user_id for dev
$lastkey = $storage->query('SELECT user_id FROM oauth_users ORDER BY user_id DESC LIMIT 1');
foreach ($lastkey as $curRow) {
$lastkey = intval($curRow[0]);
}
$lastkey++;
// oauth_users table
$stmt = $storage->prepare('INSERT INTO oauth_users (user_id,email_verified) VALUES (:user_id,"1")');
$stmt->execute(array('user_id' => $lastkey));
$scope = $org . "_dev";
$scope .= ' ' . $org . "_dpri";
$apiport = $storage->query('SELECT apiport FROM oauth_clients ORDER BY apiport DESC LIMIT 1');
foreach ($apiport as $curRow) {
$apiport = intval($curRow[0]);
}
$dataport = $apiport + 1;
$apiport = $apiport + 2;
$apihost = diyConfig::read('api.host');
$sshhost = diyConfig::read('ssh.host');
$sshport = diyConfig::read('ssh.port');
// oauth_ports table
$stmt2 = $storage->prepare('INSERT INTO oauth_ports (port, client_id) VALUES (:port, :client_id)');
$stmt2->execute(array('client_id' => $device, 'port' => $dataport));
$stmt2 = $storage->prepare('INSERT INTO oauth_ports (port, client_id) VALUES (:port, :client_id)');
$stmt2->execute(array('client_id' => $device, 'port' => $apiport));
// oauth_clients table
$tty = "/dev/ttyACM0";
$baud = "115200";
$stmt1 = $storage->prepare('INSERT INTO oauth_clients (client_id, client_secret, user_id, scope, dataport, apiport, apihost, sshhost, sshport, tty, baud) VALUES (:client_id, :client_secret, :user_id, :scope, :dataport, :apiport, :apihost, :sshhost, :sshport, :tty, :baud)');
$stmt1->execute(array('user_id' => $lastkey, 'client_id' => $device, 'client_secret' => $client_secret, 'scope' => $scope, 'dataport' => $dataport, 'apiport' => $apiport, 'apihost' => $apihost, 'sshhost' => $sshhost, 'sshport' => $sshport, 'tty' => $tty, 'baud' => $baud));
// oauth_devices table
$public_key_active = "yes";
$status = "private";
$mode = "devel";
$stmt11 = $storage->prepare('INSERT INTO oauth_devices (device, device_desc, organisation, client_id, public_key_active, status, mode) VALUES (:device, :device_desc, :organisation, :client_id, :public_key_active, :status, :mode)');
$stmt11->execute(array('device' => $device, 'client_id' => $client_id, 'device_desc' => $device_desc, 'organisation' => $org, 'public_key_active' => $public_key_active, 'status' => $status, 'mode' => $mode));
$post["status"] = $status;
$post["mode"] = $mode;
//result_messages===============================================================
$result["result"]["result"] = $post;
$result["result"]["session"] = $session;
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
function diy_wssdeviceAccess($payload, $storage, $exceptions)
{
global $app;
$post["session"] = OAuth2\Request::createFromGlobals()->query["session"];
$post["wss_user"] = OAuth2\Request::createFromGlobals()->query["wss_user"];
$post["device"] = OAuth2\Request::createFromGlobals()->query["device"];
$gump = new GUMP();
$gump->validation_rules(array('wss_user' => 'required|alpha_numeric', 'device' => 'required|alpha_numeric', 'session' => 'required|alpha_numeric'));
$gump->filter_rules(array('wss_user' => 'trim|sanitize_string', 'device' => 'trim|sanitize_string', 'session' => 'trim|sanitize_string'));
//$result["gump2"] = $validated; // validation successful
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$result["result"]["view"] = 0;
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
try {
$stmt = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device');
$stmt->execute(array('device' => $post["device"]));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row["organisation"]) {
$organisation = trim($row["organisation"]);
//$organisation=$row["scope"];
// o user einai sto scope
try {
$stmt1 = $storage->prepare('SELECT * FROM oauth_https_wss WHERE wss_user = :wss_user and session = :session');
$stmt1->execute(array('wss_user' => trim($post["wss_user"]), 'session' => trim($post["session"])));
$row1 = $stmt1->fetch(PDO::FETCH_ASSOC);
if ($row1["client_id"]) {
$client_user = $row1["client_id"];
if ($row["status"] == "org") {
try {
$stmt2 = $storage->prepare('SELECT * FROM oauth_clients WHERE client_id = :client_user');
$stmt2->execute(array('client_user' => trim($client_user)));
$row2 = $stmt2->fetch(PDO::FETCH_ASSOC);
if ($row2["scope"]) {
$devview = $organisation . "_view";
if (strpos(trim($row2["scope"]), $devview) !== false) {
$result["result"]["view"] = 1;
} else {
$diy_error["errors"] = ExceptionMessages::ScopeNotFound . " , " . ExceptionCodes::ScopeNotFound;
}
}
} catch (Exception $e) {
echo "error " . $e->getCode();
$diy_error["db"] = $e->getCode();
}
} elseif ($row["status"] == "public") {
$result["result"]["view"] = 1;
} elseif ($row["status"] == "private" && $row["client_id"] == $client_user) {
$result["result"]["view"] = 1;
} elseif ($row["status"] == "private" && $row["client_id"] != $client_user) {
$result["result"]["view"] = 0;
}
} else {
$diy_error["errors"] = ExceptionMessages::UserNotFound . " , " . ExceptionCodes::UserNotFound;
//$result["errors"]["select"] = exceptions::MethodNotFound;
}
} catch (Exception $e) {
echo "error " . $e->getCode();
$diy_error["db"] = $e->getCode();
}
}
//result_messages===============================================================
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
echo "error " . $e->getCode();
$diy_error["db"] = $e->getCode();
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
function diy_movedevice($payload, $storage)
{
global $app;
$result["controller"] = __FUNCTION__;
$result["function"] = substr($app->request()->getPathInfo(), 1);
$result["method"] = $app->request()->getMethod();
$params = loadParameters();
$result->function = substr($app->request()->getPathInfo(), 1);
$result->method = $app->request()->getMethod();
//$params = loadParameters();
$up = json_decode(base64_decode($payload));
$client_id = $up->client_id;
$userscope = $up->scope;
$device = OAuth2\Request::createFromGlobals()->query["device"];
$orgto = OAuth2\Request::createFromGlobals()->query["orgto"];
$diy_error["post"]["device"] = $device;
$diy_error["post"]["orgto"] = $orgto;
$post["device"] = $device;
// to client_id tou device oauth_devices oauth_clients oauth_public_keys
$post["orgto"] = $orgto;
// to client_id tou device oauth_devices oauth_clients oauth_public_keys
//$result["result"]["up"] = $up;
$gump = new GUMP();
$gump->validation_rules(array('device' => 'required|alpha_numeric', 'orgto' => 'required|alpha_numeric'));
$gump->filter_rules(array('device' => 'trim|sanitize_string', 'orgto' => 'trim|sanitize_string'));
$validated = $gump->run($post);
if ($validated === false) {
$result["parse_errors"] = $gump->get_readable_errors(true);
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $gump->get_readable_errors(true);
} else {
$movedevice = "no";
$dev = $storage->prepare('SELECT * FROM oauth_devices WHERE device = :device');
$dev->execute(array('device' => trim($device)));
$rowdev = $dev->fetch(PDO::FETCH_ASSOC);
if ($rowdev) {
$org = $rowdev["organisation"];
} else {
$result["result"]["error"] = ExceptionMessages::DeviceNotExist . " , " . ExceptionCodes::DeviceNotExist;
}
function check($storage, $userscopes, $org, $client_id, $device)
{
//check if org name exists
$orgexists = "no";
$stmtorg = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org');
$stmtorg->execute(array('org' => trim($org)));
$roworg = $stmtorg->fetch(PDO::FETCH_ASSOC);
if ($roworg) {
$orgexists = "yes";
//$result["result"]["error"] = ExceptionMessages::OrgExist." , ". ExceptionCodes::OrgExist;
$orgadmin = "no";
$orgowner = "no";
$userscopes = explode(' ', trim($userscope));
$orgscope = $org . "_admin";
for ($i = 0; $i <= count($userscopes); $i++) {
if (trim($userscopes[$i]) == $orgscope) {
$orgadmin = "yes";
}
}
if ($orgadmin == "no") {
//check if org name exists and client_id
$stmtorg1 = $storage->prepare('SELECT * FROM oauth_organisations WHERE organisation = :org and client_id = :client_id');
$stmtorg1->execute(array('org' => trim($org), 'client_id' => $client_id));
$roworg1 = $stmtorg1->fetch(PDO::FETCH_ASSOC);
if (!$roworg1) {
$result["result"]["error"] = ExceptionMessages::OrgOwner . " , " . ExceptionCodes::OrgOwner;
} else {
$orgowner = "yes";
}
}
} else {
$result["result"]["error"] = ExceptionMessages::OrgNotExist . " , " . ExceptionCodes::OrgNotExist;
}
//check if device name exists
$orgdeviceexists = "no";
$stmt = $storage->prepare('SELECT client_id FROM oauth_clients WHERE client_id = :device');
$stmt->execute(array('device' => trim($device)));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row) {
//$result["result"]["error"] = ExceptionMessages::DeviceExist." , ". ExceptionCodes::DeviceExist;
$orgdeviceexists = "yes";
} else {
$result["result"]["error"] = ExceptionMessages::DeviceNotExist . " , " . ExceptionCodes::DeviceNotExist;
$orgdeviceexists = "no";
}
if ($orgexists == "yes" && ($orgowner == "yes" || $orgadmin == "yes") && $orgdeviceexists == "yes") {
$result["result"]["check"] = "ok";
return $result;
} else {
$result["result"]["check"] = "no";
return $result;
}
}
$diy_error["error"]["check"] = check($storage, $userscopes, $org, $client_id, $device);
// check if user owned the devices or have admin scope in orgfrom
$checkr = check($storage, $userscopes, $org, $client_id, $device);
if ($checkr["result"]["check"] == "ok") {
$diy_error["error"]["orgfrom"] = "ok";
// check if user owned the devices or have admin scope in orgto
$checkr1 = check($storage, $userscopes, $orgto, $client_id, $device);
if ($checkr1["result"]["check"] == "ok") {
$diy_error["error"]["orgto"] = "ok";
$movedevice = "yes";
}
}
//if( ($orgexists == "yes" && ($orgowner == "yes" || $orgadmin == "yes")) && $orgdeviceexists == "yes"){
if ($movedevice == "yes") {
//}else{
try {
$stmt1 = $storage->prepare('SELECT * from oauth_clients where client_id = :client_id');
$stmt1->execute(array('client_id' => $device));
$row1 = $stmt1->fetch(PDO::FETCH_ASSOC);
if ($row1) {
$scopedevt = $row1["scope"];
$orgt = $org . "_";
$orgtot = $orgto . "_";
$scopedev = str_replace($orgt, $orgtot, $scopedevt);
// oauth_clients table
$stmt1 = $storage->prepare('UPDATE oauth_clients set scope = :scopedev where client_id = :client_id');
$stmt1->execute(array('client_id' => $device, 'scopedev' => $scopedev));
// oauth_devices table
$stmt11 = $storage->prepare('UPDATE oauth_devices set organisation = :orgto where device = :device');
$stmt11->execute(array('device' => $device, 'orgto' => $orgto));
}
//result_messages===============================================================
$result["result"]["result"] = $post;
$result["result"]["session"] = $session;
$result["error"] = $error;
$result["status"] = "200";
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]: NoErrors";
} catch (Exception $e) {
$result["status"] = $e->getCode();
$result["message"] = "[" . $result["method"] . "][" . $result["function"] . "]:" . $e->getMessage();
}
}
}
if (diyConfig::read('debug') == 1) {
$result["debug"] = $diy_error;
}
return $result;
}
<?php
/**
* CLAROLINE
*
* @version 0.1
*
* @copyright (c) 2014 Quentin Devos
*
* @license http://www.gnu.org/copyleft/gpl.html (GPL) GENERAL PUBLIC LICENSE
*
* @package OAUTH
*
* @author Quentin Devos <*****@*****.**>
*
*/
require_once get_module_path('OAUTH') . '/lib/InitServer.php';
// Check that the provided Access Token is valid.
if ($server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
// Retrieve informations from the token and log in the corresponding user.
$token = $server->getAccessTokenData(OAuth2\Request::createFromGlobals());
$GLOBALS['_uid'] = $token['user_id'];
$GLOBALS['uidReset'] = true;
$claro_loginRequested = true;
$claro_loginSucceeded = true;
} else {
$GLOBALS['_uid'] = null;
$claro_loginSucceeded = false;
$claro_loginRequested = false;
}
function CheckLogin()
{
$this->Logger->Write('Starting CheckLogin');
switch ($this->CallType) {
case "open":
//user openregister no need authorization
if ($this->Code == 'openregisteruser' && $this->Module == 'user') {
return true;
}
$db_host = $this->Config['db_host'];
$db_name = $this->Config['db_name'];
$dsn = "mysql:dbname={$db_name};host={$db_host}";
$username = $this->Config['db_user'];
$password = $this->Config['db_pass'];
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$server = new OAuth2\Server($storage);
$response = new OAuth2\Response();
$request = OAuth2\Request::createFromGlobals();
if (!$server->verifyResourceRequest($request, $response)) {
$response->send();
exit;
} else {
//get current login id
//$this->Logger->Write('Invoke Open API:'.$this->Module.",".$this->Code);
$access_token = $request->request['access_token'];
if ($access_token && $access_token != '') {
$sql = "select token.user_id,u.uname from oauth_access_tokens token left join user u on u.uid=token.user_id where token.access_token='{$access_token}'";
$row = $this->DataBaseHandler->FetchFirst($sql);
if ($row) {
//$this->Logger->Write('Get user id:'.$row['user_id'].' for access token:'.$access_token);
$access_uid = $row['user_id'];
$this->User['uid'] = $access_uid;
$this->User['uname'] = $row['uname'];
$this->IsLogin = 1;
}
} else {
$error = array();
$error["error"] = "error";
$error["error_description"] = "access token is incorrect.";
echo json_encode($error);
exit;
}
}
return $this->IsLogin;
break;
case "localsite":
session_start();
if ($_SESSION['ip_point']) {
$this->IPLocation = $_SESSION['ip_point'];
} else {
$this->IPLocation = $this->BaiduMap->GetPointByIP(getIP());
$_SESSION['ip_point'] = $this->IPLocation;
}
//var_dump($this->IPLocation);
$auth = $this->CookieHandler->GetVar('authstr');
$post_auth = $this->Post['cookie_auth'] ? $this->Post['cookie_auth'] : $this->Get['cookie_auth'];
$login = 0;
if ($post_auth != '' && (!$auth || $auth == '')) {
$pid = 0;
$pwd = '';
list($pid, $pwd) = explode('*', $post_auth);
$user = $this->UserLogic->GetUser($pid);
if ($pwd == $user['password']) {
$login = 1;
$this->User = $user;
}
return $login;
}
if ($auth && $auth != '') {
$dauth = authcode($auth, 'DECODE', $this->Config['auth_key']);
//$dauth=urldecode($auth);
$uid = 0;
$password = '';
list($uid, $password) = explode('\\~', $dauth);
$this->TemplateHandler->AssignValue('auth', $uid . '*' . $password);
//need to verify the user id and password are valid in cookie;
$u = array();
if ($_SESSION['uid'] && $_SESSION['uid'] > 0) {
$u['uid'] = $_SESSION['uid'];
}
if ($_SESSION['uemail'] && $_SESSION['uemail'] != "") {
$u['uemail'] = $_SESSION['uemail'];
}
if ($_SESSION['uname']) {
$u['uname'] = $_SESSION['uname'];
}
if ($_SESSION['face_url']) {
$u['face_url'] = $_SESSION['face_url'];
}
if ($_SESSION['face_url_p']) {
$u['face_url_p'] = $_SESSION['face_url_p'];
}
if (count($u) > 0 && $u['uid'] > 0) {
$this->User = $u;
$this->SessionUser = $u;
$login = 1;
} else {
$user = $this->UserLogic->GetUser($uid);
if ($password == $user['password']) {
$this->User = $user;
$this->SessionUser = $user;
$_SESSION['uid'] = $uid;
$_SESSION['uemail'] = $email;
$_SESSION['uname'] = $user['uname'];
$_SESSION['face_url'] = $user['face_url'];
$_SESSION['face_url_p'] = $user['face_url_p'];
$login = 1;
$this->UserLogic->UpdateLoginInfo($user['uid'], time());
}
}
$name = $user['uname'] == '' ? $user['uemail'] : $user['uname'];
}
$this->IsLogin = $login;
$this->TemplateHandler->AssignValue('login', $login);
$this->TemplateHandler->AssignValue('user', $this->User);
if ($_SESSION['open']) {
$this->TemplateHandler->AssignValue('open_login', true);
$this->Open_login = true;
} else {
$this->TemplateHandler->AssignValue('open_login', false);
$this->Open_login = false;
}
$this->TemplateHandler->AssignValue('sessionuser', $this->SessionUser);
$this->Logger->Write('Finished CheckLogin');
return $login;
break;
}
}
/**
* Get the list of employees attached to an entity
* @param int $id Identifier of the entity
* @param bool $children If TRUE, we include sub-entities, FALSE otherwise
* @author Benjamin BALET <*****@*****.**>
* @since 0.4.3
*/
public function getListOfEmployeesInEntity($id, $children)
{
if (!$this->server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$this->server->getResponse()->send();
} else {
$this->load->model('organization_model');
$children = filter_var($children, FILTER_VALIDATE_BOOLEAN);
$result = $this->organization_model->allEmployees($id, $children);
echo json_encode($result);
}
}
/**
* Create a leave request (fields are passed by POST parameters).
* This function doesn't send e-mails and it is used for imposed leaves
* Returns the new inserted id.
* @author Benjamin BALET <*****@*****.**>
*/
public function createleave()
{
if (!$this->server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$this->server->getResponse()->send();
} else {
$this->load->model('leaves_model');
$startdate = $this->input->post('startdate');
$enddate = $this->input->post('enddate');
$status = $this->input->post('status');
$employee = $this->input->post('employee');
$cause = $this->input->post('cause');
$startdatetype = $this->input->post('startdatetype');
$enddatetype = $this->input->post('enddatetype');
$duration = $this->input->post('duration');
$type = $this->input->post('type');
$debug1 = var_export($startdate, true);
$debug2 = var_export($enddate, true);
$debug3 = var_export($status, true);
$debug4 = var_export($employee, true);
$debug5 = var_export($cause, true);
$debug6 = var_export($startdatetype, true);
$debug7 = var_export($enddatetype, true);
$debug8 = var_export($duration, true);
$debug9 = var_export($type, true);
//Prevent misinterpretation of content
if ($cause == FALSE) {
$cause = NULL;
}
//Check mandatory fields
if ($startdate == FALSE || $enddate == FALSE || $status === FALSE || $employee === FALSE || $startdatetype == FALSE || $enddatetype == FALSE || $duration === FALSE || $type === FALSE) {
$this->output->set_header("HTTP/1.1 422 Unprocessable entity");
log_message('error', 'Mandatory fields are missing.');
} else {
$result = $this->leaves_model->add_leaves_api($startdate, $enddate, $status, $employee, $cause, $startdatetype, $enddatetype, $duration, $type);
echo json_encode($result);
}
}
}
