/** * Awesomeness for 3rd party support * * Filter; determine_current_user * Other Filter: check_authentication * * This creates a hook in the determine_current_user filter that can check for a valid access_token * and user services like WP JSON API and WP REST API. * @param [type] $user_id User ID to * * @author Mauro Constantinescu Modified slightly but still a contribution to the project. */ public function _wo_authenicate_bypass($user_id) { if ($user_id && $user_id > 0) { return (int) $user_id; } /** Extra code but if the user is already logged in, there is no need to re query the DB */ $o = get_option('wo_options'); if ($o['enabled'] == 0) { return (int) $user_id; } require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); $server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb()); $request = OAuth2\Request::createFromGlobals(); if ($server->verifyResourceRequest($request)) { $token = $server->getAccessTokenData($request); if (isset($token['user_id']) && $token['user_id'] > 0) { return (int) $token['user_id']; // If the token key is there but the ID is either 0 or empty // we will assume it is a valid client access token and will need to investigate the // request further. } elseif (isset($token['user_id']) && $token['user_id'] === 0) { } } }
public function __construct() { global $CONFIG; OAuth2\Autoloader::register(); $storage = new OAuth2\Storage\Pdo(array('dsn' => "mysql:dbname=" . $CONFIG->dbname . ";host=" . $CONFIG->dbhost, 'username' => $CONFIG->dbuser, 'password' => $CONFIG->dbpass)); $server = new OAuth2\Server($storage, array('access_lifetime' => 3600 * 24 * 7, 'enforce_state' => false)); $uc_storage = new PleioboxOAuth2UserCredentialsStorage(); $server->addGrantType(new OAuth2\GrantType\UserCredentials($uc_storage)); $server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, array('always_issue_new_refresh_token' => true, 'refresh_token_lifetime' => 3600 * 24 * 30 * 6))); $this->server = $server; }
function __construct() { $dsn = 'mysql:dbname=' . DB_NAME . ';host=' . DB_HOST . ''; $username = DB_USER; $password = DB_PASS; OAuth2\Autoloader::register(); $this->storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password)); $this->server = new OAuth2\Server($this->storage); $this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($this->storage)); $this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->storage)); $this->server->addGrantType(new OAuth2\GrantType\RefreshToken($this->storage)); }
/** * Default constructor * Initializing of OAuth2 server * @author Benjamin BALET <*****@*****.**> */ public function __construct() { parent::__construct(); require_once APPPATH . 'third_party/OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); $dsn = 'mysql:dbname=' . $this->db->database . ';host=' . $this->db->hostname; $username = $this->db->username; $password = $this->db->password; $storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password)); $this->server = new OAuth2\Server($storage); $this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); $this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); }
function __construct($config = array()) { require_once __DIR__ . '/../config/database.php'; //database config require_once __DIR__ . '/../third_party/Oauth2/src/OAuth2/Autoloader.php'; //oauth library $config = $db['oauth']; OAuth2\Autoloader::register(); $this->storage = new OAuth2\Storage\Pdo(array('dsn' => $config["dsn"], 'username' => $config["username"], 'password' => $config["password"])); $this->server = new OAuth2\Server($this->storage, array('allow_implicit' => true)); $this->request = OAuth2\Request::createFromGlobals(); $this->response = new OAuth2\Response(); }
/** * Create authentication server * @param array $config */ function __construct($config) { if (!class_exists('OAuth2\\Autoloader')) { require_once APP_VENDOR . DS . 'bshaffer/oauth2-server-php/src/OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); } if (empty($config)) { die('OAuth2 Storage settings is not defined'); } $this->storage = new OAuth2\Storage\Pdo(array('dsn' => $config['dsn'], 'username' => $config['username'], 'password' => $config['password'])); $this->server = new OAuth2\Server($this->storage, array('allow_implicit' => TRUE)); $this->request = OAuth2\Request::createFromGlobals(); $this->response = new OAuth2\Response(); }
public function __construct() { parent::__construct(); $this->load->helper('url'); $this->load->library('session'); OAuth2\Autoloader::register(); $this->load->database(); $config = array('dsn' => $this->db->dsn, 'username' => $this->db->username, 'password' => $this->db->password); $this->_storage = new OAuth2\Storage\Pdo($config); $grant_types = array('user_credentials' => new UserCredentials($this->_storage), 'refresh_token' => new RefreshToken($this->_storage, array('always_issue_new_refresh_token' => TRUE))); $this->_server = new Server($this->_storage, array('enforce_state' => FALSE, 'allow_implicit' => TRUE, 'issuer' => $this->input->server('HTTP_HOST')), $grant_types); $this->_request = Request::createFromGlobals(); $this->_response = new Response(); }
public function __construct(modX &$modx, array $options = array()) { $this->modx =& $modx; $this->namespace = $this->getOption('namespace', $options, 'oauth2server'); $corePath = $this->getOption('core_path', $options, $this->modx->getOption('core_path', null, MODX_CORE_PATH) . 'components/oauth2server/'); $assetsPath = $this->getOption('assets_path', $options, $this->modx->getOption('assets_path', null, MODX_ASSETS_PATH) . 'components/oauth2server/'); $assetsUrl = $this->getOption('assets_url', $options, $this->modx->getOption('assets_url', null, MODX_ASSETS_URL) . 'components/oauth2server/'); $dbPrefix = $this->getOption('table_prefix', $options, $this->modx->getOption('table_prefix', null, 'modx_')); /* load config defaults */ $this->options = array_merge(array('namespace' => $this->namespace, 'corePath' => $corePath, 'modelPath' => $corePath . 'model/', 'oauth2Path' => $corePath . 'model/OAuth2/', 'chunksPath' => $corePath . 'elements/chunks/', 'snippetsPath' => $corePath . 'elements/snippets/', 'templatesPath' => $corePath . 'templates/', 'assetsPath' => $assetsPath, 'assetsUrl' => $assetsUrl, 'jsUrl' => $assetsUrl . 'js/', 'cssUrl' => $assetsUrl . 'css/', 'connectorUrl' => $assetsUrl . 'connector.php', 'server' => array('use_jwt_access_tokens' => false, 'store_encrypted_token_string' => true, 'use_openid_connect' => false, 'id_lifetime' => 3600, 'access_lifetime' => 7776000, 'www_realm' => 'Service', 'token_param_name' => 'access_token', 'token_bearer_header_name' => 'Bearer', 'enforce_state' => false, 'require_exact_redirect_uri' => false, 'allow_implicit' => false, 'allow_credentials_in_request_body' => true, 'allow_public_clients' => true, 'always_issue_new_refresh_token' => true, 'unset_refresh_token_after_use' => false, 'refresh_token_lifetime' => 15552000)), $options); /* load table names for OAuth2 PDO driver */ $this->tablenames = array('client_table' => $dbPrefix . 'oauth2server_clients', 'access_token_table' => $dbPrefix . 'oauth2server_access_tokens', 'refresh_token_table' => $dbPrefix . 'oauth2server_refresh_tokens', 'code_table' => $dbPrefix . 'oauth2server_authorization_codes', 'jwt_table' => $dbPrefix . 'oauth2server_jwt', 'scope_table' => $dbPrefix . 'oauth2server_scopes'); $this->modx->addPackage('oauth2server', $this->options['modelPath'], $this->modx->config['table_prefix']); $this->modx->lexicon->load('oauth2server:default'); // Load OAuth2 require_once $this->options['oauth2Path'] . 'Autoloader.php'; OAuth2\Autoloader::register(); }
/** * Awesomeness for 3rd party support * * Filter; determine_current_user * Other Filter: check_authentication * * This creates a hook in the determine_current_user filter that can check for a valid access_token and * user services like WP JSON API and WP REST API. * @param [type] $o [description] * @return [type] [description] * * @author Mauro Constantinescu Modified slightly but still a contribution to the project. */ public function _wo_authenicate_bypass($user_id) { if ($user_id && $user_id > 0) { return (int) $user_id; } /** Extra code but if the user is already logged in, there is no need to re query the DB */ $o = get_option('wo_options'); if ($o['enabled'] == 0) { return (int) $user_id; } require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); $server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb()); $request = OAuth2\Request::createFromGlobals(); if ($server->verifyResourceRequest($request)) { $token = $server->getAccessTokenData($request); if (isset($token['user_id']) && $token['user_id'] > 0) { return (int) $token['user_id']; } } }
/** * Returns an OAuth2 access token to the client * * @param array $post Post data * * @return mixed */ function getToken($post) { $old_server_method = $_SERVER['REQUEST_METHOD']; if (!empty($_SERVER['CONTENT_TYPE'])) { $old_content_type = $_SERVER['CONTENT_TYPE']; } $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'; $_POST = $post; OAuth2\Autoloader::register(); $oauth_config = array('user_table' => 'users'); $val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD); $storage = new OAuth2\Storage\Pdo($val_array, $oauth_config); $server = new OAuth2\Server($storage); if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') { $val_array = array('password' => $_POST['password']); $users = array($_POST['username'] => $val_array); $user_credentials = array('user_credentials' => $users); $storage = new OAuth2\Storage\Memory($user_credentials); $server->addGrantType(new OAuth2\GrantType\UserCredentials($storage)); } elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') { $always_issue_new_refresh_token = array('always_issue_new_refresh_token' => true); $server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $always_issue_new_refresh_token)); } elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'authorization_code') { $server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); } else { $val_array = array('client_secret' => OAUTH_CLIENT_SECRET); $clients = array(OAUTH_CLIENTID => $val_array); $credentials = array('client_credentials' => $clients); $storage = new OAuth2\Storage\Memory($credentials); $server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); } $response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return'); $_SERVER['REQUEST_METHOD'] = $old_server_method; if (!empty($old_content_type)) { $_SERVER['CONTENT_TYPE'] = $old_content_type; } return json_decode($response, true); }
/** * Method to instantiate the file-based api call. * * @param mixed $options Optional custom options to load. JRegistry or array format * * @since 1.2 */ public function __construct($options = null) { parent::__construct($options); // Get the global JAuthentication object. jimport('joomla.user.authentication'); // Register OAuth2 classes require_once dirname(__FILE__) . '/Autoloader.php'; OAuth2\Autoloader::register(); // OAuth2 Server config from plugin $this->serverConfig = array('use_jwt_access_tokens' => (bool) RBootstrap::getConfig('oauth2_use_jwt_access_tokens', false), 'store_encrypted_token_string' => (bool) RBootstrap::getConfig('oauth2_store_encrypted_token_string', true), 'use_openid_connect' => (bool) RBootstrap::getConfig('oauth2_use_openid_connect', false), 'id_lifetime' => RBootstrap::getConfig('oauth2_id_lifetime', 3600), 'access_lifetime' => RBootstrap::getConfig('oauth2_access_lifetime', 3600), 'www_realm' => 'Service', 'token_param_name' => RBootstrap::getConfig('oauth2_token_param_name', 'access_token'), 'token_bearer_header_name' => RBootstrap::getConfig('oauth2_token_bearer_header_name', 'Bearer'), 'enforce_state' => (bool) RBootstrap::getConfig('oauth2_enforce_state', true), 'require_exact_redirect_uri' => (bool) RBootstrap::getConfig('oauth2_require_exact_redirect_uri', true), 'allow_implicit' => (bool) RBootstrap::getConfig('oauth2_allow_implicit', false), 'allow_credentials_in_request_body' => (bool) RBootstrap::getConfig('oauth2_allow_credentials_in_request_body', true), 'allow_public_clients' => (bool) RBootstrap::getConfig('oauth2_allow_public_clients', true), 'always_issue_new_refresh_token' => (bool) RBootstrap::getConfig('oauth2_always_issue_new_refresh_token', false)); // Set database names to Redcore DB tables $prefix = JFactory::getDbo()->getPrefix(); $databaseConfig = array('client_table' => $prefix . 'redcore_oauth_clients', 'access_token_table' => $prefix . 'redcore_oauth_access_tokens', 'refresh_token_table' => $prefix . 'redcore_oauth_refresh_tokens', 'code_table' => $prefix . 'redcore_oauth_authorization_codes', 'user_table' => $prefix . 'redcore_oauth_users', 'jwt_table' => $prefix . 'redcore_oauth_jwt', 'jti_table' => $prefix . 'redcore_oauth_jti', 'scope_table' => $prefix . 'redcore_oauth_scopes', 'public_key_table' => $prefix . 'redcore_oauth_public_keys'); $conf = JFactory::getConfig(); $dsn = 'mysql:dbname=' . $conf->get('db') . ';host=' . $conf->get('host'); $username = $conf->get('user'); $password = $conf->get('password'); $storage = new OAuth2\Storage\Pdoredcore(array('dsn' => $dsn, 'username' => $username, 'password' => $password), $databaseConfig); $this->server = new OAuth2\Server($storage, $this->serverConfig); // Add the "Authorization Code" grant type (this is where the oauth magic happens) $this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage, $this->serverConfig)); // Add the "Client Credentials" grant type (it is the simplest of the grant types) $this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage, $this->serverConfig)); // Add the "User Credentials" grant type (this is modified to suit Joomla authorization) $this->server->addGrantType(new OAuth2\GrantType\UserCredentials($storage, $this->serverConfig)); // Add the "Refresh Token" grant type (this is great for extending expiration time on tokens) $this->server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $this->serverConfig)); /* * @todo Implement JwtBearer Grant type with public_key // Typically, the URI of the oauth server $audience = rtrim(JUri::base(), '/'); // Add the "Refresh Token" grant type (this is great for extending expiration time on tokens) $this->server->addGrantType(new OAuth2\GrantType\JwtBearer($storage, $audience)); */ // Init Environment $this->setApiOperation(); }
<?php /** * Copyright (c) BoonEx Pty Limited - http://www.boonex.com/ * CC-BY License - http://creativecommons.org/licenses/by/3.0/ */ bx_import('BxDolModule'); bx_import('BxDolPaginate'); bx_import('BxDolAlerts'); require_once BX_DIRECTORY_PATH_PLUGINS . 'OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); class BxOAuthModule extends BxDolModule { protected $_oStorage; protected $_oServer; protected $_oAPI; function BxOAuthModule(&$aModule) { parent::BxDolModule($aModule); $aConfig = array('client_table' => 'bx_oauth_clients', 'access_token_table' => 'bx_oauth_access_tokens', 'refresh_token_table' => 'bx_oauth_refresh_tokens', 'code_table' => 'bx_oauth_authorization_codes', 'user_table' => 'Profiles', 'jwt_table' => '', 'jti_table' => '', 'scope_table' => 'bx_oauth_scopes', 'public_key_table' => ''); $this->_oStorage = new OAuth2\Storage\Pdo(array('dsn' => $this->_buildDSN(), 'username' => $GLOBALS['db']['user'], 'password' => $GLOBALS['db']['passwd'], 'options' => array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'")), $aConfig); $this->_oServer = new OAuth2\Server($this->_oStorage, array('require_exact_redirect_uri' => false)); // Add the "Client Credentials" grant type (it is the simplest of the grant types) $this->_oServer->addGrantType(new OAuth2\GrantType\ClientCredentials($this->_oStorage)); // Add the "Authorization Code" grant type (this is where the oauth magic happens) $this->_oServer->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->_oStorage)); } protected function _buildDSN() { $sDSN = 'mysql:'; if (!empty($GLOBALS['db']['host'])) {
<?php require_once dirname(__FILE__) . '/../src/OAuth2/Autoloader.php'; OAuth2\Autoloader::register(); // register test classes OAuth2\Autoloader::register(dirname(__FILE__) . '/lib'); // register vendors if possible if (file_exists(__DIR__ . '/../vendor/autoload.php')) { require_once __DIR__ . '/../vendor/autoload.php'; } // remove the dynamoDB database that was created for this build OAuth2\Storage\Bootstrap::getInstance()->cleanupTravisDynamoDb();
function token() { $credentials = $this->__get_credentials(); OAuth2\Autoloader::register(); $server = new OAuth2\Server(); }
/** * 初始化OAuth Server * @return [type] [description] */ private function initServer() { require_once FILE . "/component/OAuth2/Autoloader.php"; OAuth2\Autoloader::register(); $cfg_db = cfg_db::$default; $dsn = "mysql:dbname=" . $cfg_db['db'] . ";host=" . $cfg_db['host']; $this->storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $cfg_db['user'], 'password' => $cfg_db['password'])); $this->server = new OAuth2\Server($this->storage); $this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($this->storage)); $this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->storage)); $this->server->addGrantType(new OAuth2\GrantType\RefreshToken($this->storage, array('always_issue_new_refresh_token' => true))); }
/** * Service entry point. * * @param int $mode The runtimeEnvironment of this service instance (can be either server or client) * * @author Benjamin Carl <*****@*****.**> * @return object instance of this class * @access public */ public function __tearup($mode = self::MODE_SERVER, $container = self::CONTAINER_PDO, array $config = []) { if ($mode === self::MODE_SERVER) { // register the autoloader OAuth2\Autoloader::register(); // create storage container for persistence $storage = new OAuth2\Storage\Pdo($config); // create OAuth2 Server instance $realObject = new OAuth2\Server($storage); } else { // here we would create a client instance } self::setRealObject($realObject); }