function check_or_create_json_dir(\PickleWeb\Application $app) { if (is_dir($app->config('json_path')) === false) { mkdir($app->config('json_path'), 0777, true); mkdir($app->config('json_path') . 'users/github', 0777, true); mkdir($app->config('json_path') . 'extensions', 0777, true); } }
/** * @param Application $app * * @return string token */ public function handleAuth(Application $app) { $code = $app->request()->get('code'); $state = $app->request()->get('state'); $key = sprintf('google.oauth2state.%s', session_id()); $sessionState = $this->redisClient->get($key); if (is_null($code)) { // If we don't have an authorization code then get one $url = $this->oauth2Provider->getAuthorizationUrl(); $this->redisClient->setex($key, 300, $this->oauth2Provider->state); $app->redirect($url); } elseif (empty($state) || isset($sessionState) && $state !== $sessionState) { // Check given state against previously stored one to mitigate CSRF attack $this->redisClient->del($key); throw new \RuntimeException('Invalid state'); } // clean session $this->redisClient->del($key); // Try to get an access token (using the authorization code grant) return $this->oauth2Provider->getAccessToken('authorization_code', ['code' => $code])->accessToken; }
/** * @return */ public function update() { $extensionRepository = $this->app->container->get('extension.repository'); $vendorDir = $this->app->config('json_path') . '/' . $this->extension->getVendor(); if (!is_dir($vendorDir)) { mkdir($vendorDir); } $jsonPackage = $this->extension->serialize(); $repositoryName = $this->extension->getPackageName(); $this->sha = hash('sha256', $jsonPackage); $jsonPathSha = $vendorDir . '/' . $repositoryName . '$' . $this->sha . '.json'; file_put_contents($jsonPathSha, $jsonPackage); $linkPath = $vendorDir . '/' . $repositoryName . '.json'; if (file_exists($linkPath)) { $targetPath = readlink($linkPath); unlink($linkPath); } symlink($jsonPathSha, $vendorDir . '/' . $repositoryName . '.json'); $shaProviders = $this->updateProviders(); $this->updateRootPackageJson($shaProviders); }
/** * @param Application $app * * @return string token */ public function handleAuth(Application $app) { $oauthToken = $app->request()->get('oauth_token'); $oauthVerifier = $app->request()->get('oauth_verifier'); $key = sprintf('bitbucket.oauthCredential.%s', session_id()); $temporaryCredential = $this->redisClient->get($key); if (!empty($temporaryCredential)) { $temporaryCredential = unserialize($temporaryCredential); } if (empty($temporaryCredential)) { // If we don't have an authorization code then get one $temporaryCredential = $this->oauthProvider->getTemporaryCredentials(); $this->redisClient->setex($key, 300, serialize($temporaryCredential)); $app->redirect($this->oauthProvider->getAuthorizationUrl($temporaryCredential)); } elseif (empty($oauthVerifier) || empty($oauthToken)) { // Check callback $this->redisClient->del($key); throw new \RuntimeException('Invalid state'); } // clean session $this->redisClient->del($key); $tokenCredentials = $this->oauthProvider->getTokenCredentials($temporaryCredential, $oauthToken, $oauthVerifier); return $tokenCredentials->getIdentifier() . '@' . $tokenCredentials->getSecret(); }
/** * @param Predis\Client $redis */ public function getApiKey(\PickleWeb\Application $app) { $redis = $app->container->get('redis.client'); $key = $redis->hget('extension_apikey', $this->getName()); if (!$key) { $key = bin2hex(openssl_random_pseudo_bytes(32)); $key .= $app->config('apiSecret'); $key = hash('sha256', $key); $res = $redis->hset('extension_apikey', $this->getName(), $key); } return $key; }