public function completeFlow($inputParams = null)
{
// Get the required params
$clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser());
if (is_null($clientId)) {
throw new Exception\InvalidRequestException('client_id');
}
$clientSecret = $this->server->getRequest()->request->get('client_secret', $this->server->getRequest()->getPassword());
if (is_null($clientSecret)) {
throw new Exception\InvalidRequestException('client_secret');
}
// Validate client ID and client secret
$client = $this->server->getClientStorage()->get($clientId, $clientSecret, null, $this->getIdentifier());
if ($client instanceof ClientEntity === false) {
$this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest()));
throw new Exception\InvalidClientException();
}
$userId = call_user_func($this->getVerifyCredentialsCallback());
if ($userId === false) {
$this->server->getEventEmitter()->emit(new Event\UserAuthenticationFailedEvent($this->server->getRequest()));
throw new Exception\InvalidCredentialsException();
}
// Validate any scopes that are in the request
$scopeParam = $this->server->getRequest()->request->get('scope', '');
$scopes = $this->validateScopes($scopeParam, $client);
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner('user', $userId);
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
foreach ($scopes as $scope) {
$session->associateScope($scope);
}
foreach ($session->getScopes() as $scope) {
$accessToken->associateScope($scope);
}
$this->server->getTokenType()->setSession($session);
$this->server->getTokenType()->setParam('access_token', $accessToken->getId());
$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshTokenEntity($this->server);
$refreshToken->setId(SecureKey::generate());
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId());
}
// Save everything
$session->save();
$accessToken->setSession($session);
$accessToken->save();
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken->setAccessToken($accessToken);
$refreshToken->save();
}
return $this->server->getTokenType()->generateResponse();
}
/**
* Complete the password grant.
*
* @return array
*
* @throws
*/
public function completeFlow()
{
$client = $this->getClient();
$userId = $this->getUserId($this->server->getRequest(), $this->getVerifyCredentialsCallback());
if ($userId === false) {
$this->server->getEventEmitter()->emit(new UserAuthenticationFailedEvent($this->server->getRequest()));
throw new InvalidCredentialsException();
}
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner('user', $userId);
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
$this->server->getTokenType()->setSession($session);
$this->server->getTokenType()->setParam('access_token', $accessToken->getId());
$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
// Save everything
$session->save();
$accessToken->setSession($session);
$accessToken->save();
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshTokenEntity($this->server);
$refreshToken->setId(SecureKey::generate());
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId());
$refreshToken->setAccessToken($accessToken);
$refreshToken->save();
}
return $this->server->getTokenType()->generateResponse();
}
/**
* @param Session $session
*
* @return SessionEntity
*/
protected function createEntity(Session $session)
{
$entity = new SessionEntity($this->server);
$entity->setId($session->getKey());
$entity->setOwner($session->ownerType, $session->ownerId);
return $entity;
}
/**
* @inheritdoc
*/
public function getByAccessToken(AccessTokenEntity $entity)
{
$entity = new SessionEntity($this->server);
$entity->setId('test');
$entity->setOwner('test', 'test');
return $entity;
}
/**
* @inheritdoc
*/
public function getBySession(SessionEntity $entity)
{
$client = Client::findBySessionId($entity->getId());
if ($client === null) {
throw new ClientNotFound();
}
return $this->createEntity($client);
}
/**
* Get the client associated with a session
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
* @return null|\League\OAuth2\Server\Entity\ClientEntity
*/
public function getBySession(SessionEntity $session)
{
$result = $this->getConnection()->table('oauth_clients')->select('oauth_clients.id as id', 'oauth_clients.secret as secret', 'oauth_clients.name as name')->join('oauth_sessions', 'oauth_sessions.client_id', '=', 'oauth_clients.id')->where('oauth_sessions.id', '=', $session->getId())->first();
if (is_null($result)) {
return null;
}
return $this->hydrateEntity($result);
}
public function getByAccessToken(AccessTokenEntity $accessToken)
{
if ($accessToken->getId() !== 'foo') {
return null;
}
$session = new SessionEntity($this->server);
$session->setId('foo');
return $session;
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $sessionEntity)
{
/** @var Session $session */
$session = $this->dm->getRepository(Session::class)->find($sessionEntity->getId());
if ($session && $session->getClientId() === $this->clientId) {
return (new ClientEntity($this->server))->hydrate(['id' => $this->clientId]);
}
return null;
}
/**
* Get the client associated with a session
*
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
*
* @return \League\OAuth2\Server\Entity\ClientEntity | null
*/
public function getBySession(SessionEntity $session)
{
if ($session->getId() !== 'foo') {
return null;
}
$client = new ClientEntity($this->server);
$client->hydrate(['id' => 'foo']);
return $client;
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$result = M('oauth_clients')->field('oauth_clients.id, oauth_clients.name')->join('LEFT JOIN oauth_sessions ON oauth_clients.id = oauth_sessions.client_id')->where(array('oauth_sessions.id' => $session->getId()))->select();
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result[0]['id'], 'name' => $result[0]['name']]);
return $client;
}
return;
}
/**
* Get the client associated with a session
*
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
*
* @return \League\OAuth2\Server\Entity\ClientEntity
*/
public function getBySession(SessionEntity $session)
{
$client = null;
$clientStorageQueryBuilder = new Query();
$clientBySessionResult = $clientStorageQueryBuilder->select("{{%oauth_clients}}.id, {{%oauth_clients}}.name")->from("{{%oauth_clients}}")->innerJoin("{{%oauth_sessions}}", "{{%oauth_clients}}.id={{%oauth_sessions}}.client_id")->where(["{{%oauth_sessions}}.id" => $session->getId()])->one();
if (count($clientBySessionResult) === 1) {
$client = (new ClientEntity($this->server))->hydrate(['id' => $clientBySessionResult[0]['id'], 'name' => $clientBySessionResult[0]['name']]);
}
return $client;
}
/**
* Get the complete client data associated with a session
*
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
*
* @return \League\OAuth2\Server\Entity\ClientEntity | null
*/
public function getCompleteBySession(SessionEntity $session)
{
$result = app('db')->table('oauth_client')->select(['oauth_client.id', 'oauth_client.secret', 'oauth_client.name', 'oauth_client_redirect_uri.redirect_uri', 'oauth_client.request_limit', 'oauth_client.current_total_request', 'oauth_client.request_limit_until', 'oauth_client.last_request_at'])->join('oauth_session', 'oauth_client.id', '=', 'oauth_session.client_id')->join('oauth_client_redirect_uri', 'oauth_client.id', '=', 'oauth_client_redirect_uri.client_id')->where('oauth_session.id', $session->getId())->first();
if (is_object($result)) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result->id, 'secret' => $result->secret, 'name' => $result->name, 'redirectUri' => $result->redirect_uri, 'requestLimit' => $result->request_limit, 'currentTotalRequest' => $result->current_total_request, 'requestLimitUntil' => $result->request_limit_until, 'lastRequestAt' => $result->last_request_at]);
return $client;
}
return;
}
/**
* {@inheritdoc}
*
* @param \League\OAuth2\Server\Entity\SessionEntity $session Session entity
* @return \League\OAuth2\Server\Entity\ClientEntity
*/
public function getBySession(SessionEntity $session)
{
$this->loadModel('OAuthServer.Sessions');
$result = $this->Sessions->find()->contain(['Clients'])->where(['Sessions.id' => $session->getId()])->first();
if ($result) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result->client->id, 'name' => $result->client->name]);
return $client;
}
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$result = $this->db->fetchAll("SELECT c.id, c.name FROM oauth_clients c JOIN oauth_sessions s ON c.id = s.client_id WHERE s.id = ?", Db::FETCH_ASSOC, [$session->getId()]);
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result[0]['id'], 'name' => $result[0]['name']]);
return $client;
}
return NULL;
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$result = Capsule::table('oauth_clients')->select(['oauth_clients.id', 'oauth_clients.name'])->join('oauth_sessions', 'oauth_clients.id', '=', 'oauth_sessions.client_id')->where('oauth_sessions.id', $session->getId())->get();
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result[0]['id'], 'name' => $result[0]['name']]);
return $client;
}
return;
}
public function getBySession(SessionEntity $session)
{
$sql = 'SELECT oauth_clients.id, oauth_clients.name' . ' FROM oauth_clients' . ' INNER JOIN oauth_sessions' . ' ON oauth_clients.id = oauth_sessions.client_id' . ' WHERE oauth_sessions.id = ?';
$results = $this->db->fetch($sql, [$session->getId()]);
if (count($results) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $results[0]['id'], 'name' => $results[0]['name']]);
return $client;
}
return null;
}
/**
* Get the client associated with a session
*
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
*
* @return \League\OAuth2\Server\Entity\ClientEntity | null
*/
public function getBySession(SessionEntity $session)
{
foreach ($this->getDbConnection()->fetchAll('SELECT oc.id, oc.name FROM oauth_client oc
INNER JOIN oauth_session os ON(oc.id = os.client_id)
WHERE os.id = :id', ['id' => $session->getId()]) as $row) {
if ($row) {
return (new ClientEntity($this->server))->hydrate(['id' => $row['id'], 'name' => $row['name']]);
}
}
return null;
}
public function getByAccessToken(AccessTokenEntity $accessToken)
{
$accessToken = AccessToken::where('token', '=', $accessToken->getId())->first();
if ($accessToken) {
$_session = $accessToken->session;
$session = new SessionEntity($this->server);
$session->setId($_session->id);
$session->setOwner($_session->owner_type, $_session->owner_id);
return $session;
}
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$query = $this->db->createQueryBuilder()->select('c.id', 'c.name')->from('oauth_clients', 'c')->leftJoin('c', 'oauth_sessions', 's', 'c.id = s.client_id')->where('s.id = :sessionId');
$query->createNamedParameter($session->getId(), \PDO::PARAM_STR, ':sessionId');
$stmt = $query->execute();
$result = $stmt->fetchAll();
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate(['id' => $result[0]['id'], 'name' => $result[0]['name']]);
return $client;
}
}
public function getByAuthCode(AuthCodeEntity $authCode)
{
// $result = Sessions::getOauthSessionByAuthCode($authCode->getId());
// if (!empty($result)) {
$session = new SessionEntity($this->server);
//?
$session->setId(1);
$session->setOwner('client', 'testclient');
return $session;
// }
// return;
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$key = RedisUtil::prefix($session->getId(), 'oauth_sessions');
if (isset($this->cache[$key])) {
$result = $this->cache[$key];
} else {
if (!($value = RedisCapsule::get($key))) {
return;
}
$result = $this->cache[$key] = RedisUtil::unserialize($value);
}
return $this->get($result['client_id']);
}
public function testPutAndGetSessionByAccessToken()
{
$server = m::mock(AbstractServer::class);
$server->shouldReceive('getEventEmitter->emit')->once();
$session = new SessionEntity($server);
$session->setOwner('owner', 1);
$session->setId('id');
$accessToken = new AccessTokenEntity($server);
$accessToken->setId('my_token');
$accessToken->setExpireTime(1);
$this->cache->putSessionByAccessToken($accessToken, $session);
$session = $this->cache->getSessionByAccessToken('my_token');
$this->assertSame(['id' => 'id', 'owner_type' => 'owner', 'owner_id' => 1], $session);
}
public function getBySession(SessionEntity $session)
{
$rawData = $this->redis->get("session:{$session->getId()}");
if ($rawData === null) {
return null;
}
$data = json_decode($rawData, true);
$rawData = $this->redis->get("client:{$data["client_id"]}");
if ($rawData === null) {
return null;
}
$data = json_decode($rawData, true);
$entity = new ClientEntity($this->server);
$entity->hydrate(["id" => $data["client_id"], "name" => $data["name"]]);
return $entity;
}
/**
* Get the client associated with a session
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session
* @return null|\League\OAuth2\Server\Entity\ClientEntity
*/
public function getBySession(SessionEntity $session)
{
$allowedClientIds = $this->getConnection()->table('oauth_sessions')->where('id', $session->getId())->pluck('client_id');
$result = $this->getConnection()->table('oauth_clients')->whereIn('id', '=', $allowedClientIds)->first();
if (is_null($result)) {
return null;
}
return $this->hydrateEntity($result);
}
/**
* Complete the client credentials grant
*
* @return array
*
* @throws
*/
public function completeFlow()
{
$selfClient = app('selfClient');
// Get the required params
if (is_null($selfClient)) {
throw new Exception\InvalidClientException();
}
// Validate client ID and client secret
$client = $this->server->getClientStorage()->get($selfClient->id, $selfClient->secret, null, $this->getIdentifier());
if ($client instanceof ClientEntity === false) {
$this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest()));
throw new Exception\InvalidClientException();
}
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner('client', $client->getId());
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
foreach ($session->getScopes() as $scope) {
$accessToken->associateScope($scope);
}
// Save everything
$session->save();
$accessToken->setSession($session);
$accessToken->save();
$oauthClient = new GenericProvider(['clientId' => $selfClient->id, 'clientSecret' => $selfClient->secret, 'redirectUri' => null, 'urlAuthorize' => null, 'urlAccessToken' => null, 'urlResourceOwnerDetails' => null]);
$accessToken = new AccessToken(['access_token' => $accessToken->getId(), 'expires' => $accessToken->getExpireTime()]);
return function ($method, $url, $options = []) use($oauthClient, $accessToken) {
return $oauthClient->getAuthenticatedRequest($method, $url, $accessToken, $options);
};
}
public function associateScope(SessionEntity $session, ScopeEntity $scope)
{
$sql = 'INSERT INTO oauth_access_token_scopes' . ' (access_token_id, scope_id)' . ' VALUES' . ' (?, ?);';
$this->db->execute($sql, [$session->getId(), $scope->getId()]);
}
/**
* {@inheritdoc}
*/
public function associateScope(SessionEntity $session, ScopeEntity $scope)
{
$this->getConnection()->table('oauth_session_scopes')->insert(['session_id' => $session->getId(), 'scope' => $scope->getId()]);
}
/**
* Parse a new authorize request
*
* @param string $type The session owner's type
* @param string $typeId The session owner's ID
* @param array $authParams The authorize request $_GET parameters
*
* @return string An authorisation code
*/
public function newAuthorizeRequest($type, $typeId, $authParams = [])
{
// Create a new session
$session = new SessionEntity($this->server);
$session->setOwner($type, $typeId);
$session->associateClient($authParams['client']);
// Create a new auth code
$authCode = new AuthCodeEntity($this->server);
$authCode->setId(SecureKey::generate());
$authCode->setRedirectUri($authParams['redirect_uri']);
$authCode->setExpireTime(time() + $this->authTokenTTL);
foreach ($authParams['scopes'] as $scope) {
$authCode->associateScope($scope);
$session->associateScope($scope);
}
$session->save();
$authCode->setSession($session);
$authCode->save();
return $authCode->generateRedirectUri($authParams['state']);
}
public function associateScope(SessionEntity $session, ScopeEntity $scope)
{
$this->redis->lpush("session:scopes:{$session->getId()}", "{$scope->getId()}:{$scope->getDescription()}");
}
/**
* Associate a scope with a session
*
* @param SessionEntity $session
* @param ScopeEntity $scope
* @return void
*/
public function associateScope(SessionEntity $session, ScopeEntity $scope)
{
$this->db->table('oauth_session_scopes')->insert(['session_id' => $session->getId(), 'scope_id' => $scope->getId(), 'created_at' => Carbon::now(), 'updated_at' => Carbon::now()]);
}
