public function create(RecordInterface $record) { if ($record->hasFields('status', 'name', 'email', 'url', 'title', 'description')) { $record->consumerKey = Security::generateToken(); $record->consumerSecret = Security::generateToken(); $date = new DateTime('NOW', $this->registry['core.default_timezone']); $record->date = $date->format(DateTime::SQL); $this->table->insert($record->getData()); $record->id = $this->sql->getLastInsertId(); $this->notify(RecordAbstract::INSERT, $record); return $record; } else { throw new Exception('Missing field in record'); } }
public function onPost() { try { $email = $this->post->email('string', array(new Filter\Length(3, 64), new Filter\Email())); $captcha = $this->post->captcha('string'); // check captcha if anonymous $captchaProvider = Captcha::factory($this->config['amun_captcha']); if (!$captchaProvider->verify($captcha)) { throw new Exception('Invalid captcha'); } if (!$this->validate->hasError()) { $handler = $this->getHandler('AmunService\\User\\Account'); $account = $handler->getOneByIdentity(sha1($this->config['amun_salt'] . $email), array('id', 'name', 'status', 'email'), Sql::FETCH_OBJECT); if ($account instanceof Account\Record) { if (!in_array($account->status, array(Account\Record::NORMAL, Account\Record::ADMINISTRATOR))) { throw new Exception('Account has an invalid status'); } if (!empty($account->email)) { $token = Security::generateToken(); $link = $this->page->getUrl() . '/login/resetPw?token=' . $token; $date = new DateTime('NOW', $this->registry['core.default_timezone']); // update status $account->setStatus(Account\Record::RECOVER); $account->setToken($token); $handler->update($account); // send mail $values = array('account.name' => $account->name, 'host.name' => $this->base->getHost(), 'recover.ip' => $_SERVER['REMOTE_ADDR'], 'recover.link' => $this->page->getUrl() . '/resetPw?token=' . $token, 'recover.date' => $date->format($this->registry['core.format_date'])); $mail = new Mail($this->registry); $mail->send('LOGIN_RECOVER', $account->email, $values); $this->template->assign('success', true); } else { throw new Exception('No public email address is set for this account'); } } else { throw new Exception('Account does not exist'); } } else { throw new Exception($this->validate->getLastError()); } } catch (\Exception $e) { $this->template->assign('error', $e->getMessage()); } }
public function create(RecordInterface $record) { if ($record->hasFields('url', 'type')) { $record->globalId = $this->base->getUUID('vcshook:' . uniqid()); $record->userId = $this->user->getId(); $record->secret = Security::generateToken(40); // check whether project exists $type = TypeAbstract::factory($record->type); if (!$type->hasProject($record->url)) { throw new Exception('Project doesnt exist'); } $date = new DateTime('NOW', $this->registry['core.default_timezone']); $record->date = $date->format(DateTime::SQL); $this->table->insert($record->getData()); $record->id = $this->sql->getLastInsertId(); $this->notify(RecordAbstract::INSERT, $record); return $record; } else { throw new Exception('Missing field in record'); } }
public function testRequest() { // discover endpoints $yadis = new Yadis($this->http); $xrds = $yadis->discover(new Url($this->config['psx_url'])); // get oauth request uri $requestUri = null; foreach ($xrds->getService() as $service) { if (in_array('http://oauth.net/core/1.0/endpoint/request', $service->getType())) { $requestUri = $service->getUri(); break; } } $this->assertEquals(true, !empty($requestUri), 'Could not find http://oauth.net/core/1.0/endpoint/request in xrds'); // get request token $response = $this->oauth->requestToken(new Url($requestUri), $this->consumerKey, $this->consumerSecret); $this->assertEquals(true, strlen($response->getToken()) > 4, $this->http->getResponse()); $this->assertEquals(true, strlen($response->getTokenSecret()) > 4, $this->http->getResponse()); $token = $response->getToken(); $tokenSecret = $response->getTokenSecret(); // since we can not login and approve the request we do this manually in // the table $verifier = Security::generateToken(32); $con = new Condition(array('token', '=', $token)); $this->sql->update($this->registry['table.oauth_request'], array('userId' => 1, 'status' => Oauth\Record::APPROVED, 'verifier' => $verifier), $con); // get oauth access uri $accessUri = null; foreach ($xrds->getService() as $service) { if (in_array('http://oauth.net/core/1.0/endpoint/access', $service->getType())) { $accessUri = $service->getUri(); break; } } $this->assertEquals(true, !empty($accessUri), 'Could not find http://oauth.net/core/1.0/endpoint/access in xrds'); // get access token $response = $this->oauth->accessToken(new Url($accessUri), $this->consumerKey, $this->consumerSecret, $token, $tokenSecret, $verifier); $this->assertEquals(true, strlen($response->getToken()) > 4, $this->http->getResponse()); $this->assertEquals(true, strlen($response->getTokenSecret()) > 4, $this->http->getResponse()); }
private function handleOauthExt() { $consumerKey = isset($this->oauth['consumer']) ? $this->oauth['consumer'] : null; $row = $this->getHandler('AmunService\\Openid')->getOneByConsumerKey($consumerKey); if (!empty($row)) { $token = Security::generateToken(40); $verifier = Security::generateToken(32); $date = new DateTime('NOW', $this->registry['core.default_timezone']); $this->getSql()->insert($this->registry['table.oauth_request'], array('apiId' => $row['id'], 'userId' => $this->user->getId(), 'status' => Oauth\Record::APPROVED, 'ip' => $_SERVER['REMOTE_ADDR'], 'nonce' => Security::generateToken(16), 'callback' => 'oob', 'token' => $token, 'tokenSecret' => '', 'verifier' => $verifier, 'timestamp' => time(), 'expire' => 'PT30M', 'date' => $date->format(DateTime::SQL))); // insert access $this->getSql()->replace($this->registry['table.oauth_access'], array('apiId' => $row['id'], 'userId' => $this->user->getId(), 'allowed' => 1, 'date' => $date->format(DateTime::SQL))); // return params $params = array(); $params['openid.ns.oauth'] = Extension\Oauth::NS; $params['openid.oauth.request_token'] = $token; $params['openid.oauth.verifier'] = $verifier; return $params; } else { throw new Exception('Invalid consumer'); } }
protected function getResponse(Provider\Consumer $consumer, Provider\Request $request) { if ($this->nonce == $request->getNonce()) { throw new Exception('Nonce hasnt changed'); } if ($this->verifier != $request->getVerifier()) { throw new Exception('Invalid verifier'); } // the access token can be used six month $expire = 'P6M'; // generate a new access token $token = Security::generateToken(); $tokenSecret = Security::generateToken(); $date = new DateTime('NOW', $this->registry['core.default_timezone']); $con = new Condition(array('id', '=', $this->requestId)); $this->sql->update($this->registry['table.oauth_request'], array('status' => Oauth\Record::ACCESS, 'token' => $token, 'tokenSecret' => $tokenSecret, 'expire' => $expire, 'date' => $date->format(DateTime::SQL)), $con); $response = new Provider\Response(); $response->setToken($token); $response->setTokenSecret($tokenSecret); return $response; }
private function allowAccess($token, $callback, $insertAccess = true) { // insert or update access if ($insertAccess) { $now = new DateTime('NOW', $this->registry['core.default_timezone']); $this->getSql()->replace($this->registry['table.oauth_access'], array('apiId' => $this->apiId, 'userId' => $this->user->getId(), 'allowed' => 1, 'date' => $now->format(DateTime::SQL))); $accessId = $this->getSql()->getLastInsertId(); // insert rights $this->insertAppRights($accessId); } // approve token $verifier = Security::generateToken(32); $con = new Condition(array('token', '=', $token)); $this->getSql()->update($this->registry['table.oauth_request'], array('userId' => $this->user->getId(), 'status' => Oauth\Record::APPROVED, 'verifier' => $verifier), $con); // redirect if callback available if ($callback != 'oob') { $url = new Url($callback); $url->addParam('oauth_token', $token); $url->addParam('oauth_verifier', $verifier); header('Location: ' . strval($url)); exit; } else { $this->template->assign('verifier', $verifier); } }
public function create(RecordInterface $record) { if ($record->hasFields('groupId', 'status', 'identity', 'name', 'pw')) { // check whether identity exists $con = new Condition(); $con->add('identity', '=', $record->identity); if ($this->table->count($con) > 0) { throw new Exception('Identity already exists'); } // check whether name and hostid exists $con = new Condition(); $con->add('hostId', '=', !empty($record->hostId) ? $record->hostId : 0); $con->add('name', '=', $record->name); if ($this->table->count($con) > 0) { throw new Exception('Identity already exists'); } // default values if (!isset($record->countryId)) { $record->setCountryId(1); } if (!isset($record->timezone)) { $record->setTimezone('UTC'); } $date = new DateTime('NOW', $this->registry['core.default_timezone']); $record->token = Security::generateToken(); $record->ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1'; $record->lastSeen = $date->format(DateTime::SQL); $record->updated = $date->format(DateTime::SQL); $record->date = $date->format(DateTime::SQL); // set host id if we have an remote host discover the profile url if (empty($record->hostId)) { $record->hostId = 0; $record->profileUrl = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'profile/' . $record->name; } else { $record->status = Record::REMOTE; $record->profileUrl = $this->discoverProfileUrl($record->hostId, $record->name); } // set global id if (!isset($record->globalId)) { $profileUrl = new Url($record->profileUrl); $record->globalId = $this->base->getUUID('user:account:' . $profileUrl->getHost() . ':' . $record->name . ':' . uniqid()); } // set thumbnail if email available and thumbnail not set if (!isset($record->thumbnailUrl)) { $default = $this->config['psx_url'] . '/img/avatar/no_image.png'; if (!empty($record->email)) { $record->thumbnailUrl = 'http://www.gravatar.com/avatar/' . md5(strtolower(trim($record->email))) . '?d=' . urlencode($default) . '&s=48'; } else { $record->thumbnailUrl = $default; } } $this->table->insert($record->getData()); $record->id = $this->sql->getLastInsertId(); // insert relation to self $this->sql->insert($this->registry['table.user_friend'], array('status' => Friend\Record::NORMAL, 'userId' => $record->id, 'friendId' => $record->id, 'date' => $date->format(DateTime::SQL))); $this->notify(RecordAbstract::INSERT, $record); return $record; } else { throw new Exception('Missing field in record'); } }
protected function getResponse(Provider\Consumer $consumer, Provider\Request $request) { // we check how often this ip has requested an token ... because // of security reasons each consumer can have max 5 request tokens $maxCount = 5; $ip = $_SERVER['REMOTE_ADDR']; $con = new Condition(array('ip', '=', $ip), array('status', '=', Oauth\Record::TEMPORARY)); $count = $this->sql->count($this->registry['table.oauth_request'], $con); if ($count >= $maxCount) { $conDelete = new Condition(); $result = $this->sql->select($this->registry['table.oauth_request'], array('id', 'expire', 'date'), $con, Sql::SELECT_ALL); foreach ($result as $row) { $now = new DateTime('NOW', $this->registry['core.default_timezone']); $date = new DateTime($row['date'], $this->registry['core.default_timezone']); $date->add(new DateInterval($row['expire'])); if ($now > $date) { $conDelete->add('id', '=', $row['id'], 'OR'); } } if ($conDelete->hasCondition()) { $this->sql->delete($this->registry['table.oauth_request'], $conDelete); } throw new Exception('You can only have max. ' . $maxCount . ' active request tokens'); } // get nonce $nonce = $request->getNonce(); // assign callback $callback = $request->getCallback(); // generate tokens $token = Security::generateToken(); $tokenSecret = Security::generateToken(); // we save the timestamp in the request but because it comes from // the user we doesnt use them to check the expire date $timestamp = $request->getTimestamp(); // you have 30 minutes to authorize the request token and to exchange // them for an access token $expire = 'PT30M'; $date = new DateTime('NOW', $this->registry['core.default_timezone']); $this->sql->insert($this->registry['table.oauth_request'], array('apiId' => $this->apiId, 'status' => Oauth\Record::TEMPORARY, 'ip' => $ip, 'nonce' => $nonce, 'callback' => $callback, 'token' => $token, 'tokenSecret' => $tokenSecret, 'timestamp' => $timestamp, 'expire' => $expire, 'date' => $date->format(DateTime::SQL))); $response = new Provider\Response(); $response->setToken($token); $response->setTokenSecret($tokenSecret); return $response; }