public static function create(HttpRequest $request)
{
$queryParams = $request->getQuery()->toArray();
$postParams = $request->getPost()->toArray();
$files = $request->getFiles()->toArray();
$cookies = ($c = $request->getCookie()) ? [$c] : [];
return new OAuth2Request($queryParams, $postParams, [], $cookies, $files, $_SERVER);
}
/**
* Convert a Zend\Http\Response in a PSR-7 response, using zend-diactoros
*
* @param ZendRequest $zendRequest
* @return ServerRequest
*/
public static function fromZend(ZendRequest $zendRequest)
{
$body = new Stream('php://memory', 'wb+');
$body->write($zendRequest->getContent());
$headers = empty($zendRequest->getHeaders()) ? [] : $zendRequest->getHeaders()->toArray();
$query = empty($zendRequest->getQuery()) ? [] : $zendRequest->getQuery()->toArray();
$post = empty($zendRequest->getPost()) ? [] : $zendRequest->getPost()->toArray();
$files = empty($zendRequest->getFiles()) ? [] : $zendRequest->getFiles()->toArray();
$request = new ServerRequest([], self::convertFilesToUploaded($files), $zendRequest->getUriString(), $zendRequest->getMethod(), $body, $headers);
$request = $request->withQueryParams($query);
$cookie = $zendRequest->getCookie();
if (false !== $cookie) {
$request = $request->withCookieParams($cookie->getArrayCopy());
}
return $request->withParsedBody($post);
}
/**
* @param Request $request
* @param Response|null $response
* @return SerieTokenInterface|null
*/
public function read(Request $request, Response $response = null)
{
$cookie = $request->getCookie();
if (!isset($cookie[self::COOKIE_NAME])) {
return null;
}
$parts = explode(':', $cookie[self::COOKIE_NAME]);
if (!is_array($parts) || count($parts) !== 3) {
if ($response) {
$this->writeNull($response);
}
return null;
}
$serieTokenEntityClass = $this->getModuleOptions()->getSerieTokenEntityClass();
$serieToken = new $serieTokenEntityClass();
$serieToken->setUserId($parts[0]);
$serieToken->setSerie($parts[1]);
$serieToken->setToken($parts[2]);
return $serieToken;
}
protected function hasIndicator()
{
$cookie = $this->request->getCookie();
if (!is_object($cookie)) {
return false;
}
if ($cookie->offsetExists($this->cookieName) && $cookie->offsetGet($this->cookieName)) {
return true;
}
$cookies = $this->response->getCookie();
if (!is_array($cookies)) {
return false;
}
foreach ($cookies as $cookie) {
if ($cookie->getName() === $this->cookieName && $cookie->getValue() === true) {
return true;
}
}
return false;
}
/**
* Attempt to authenticate the current request.
*
* @param Request $request
* @param Response $response
* @param MvcAuthEvent $mvcAuthEvent
* @return false|Identity\IdentityInterface False on failure, IdentityInterface
* otherwise
*/
public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent)
{
$oauth2request = new OAuth2Request($request->getQuery()->toArray(), $request->getPost()->toArray(), [], $request->getCookie() ? $request->getCookie()->getArrayCopy() : [], $request->getFiles() ? $request->getFiles()->toArray() : [], method_exists($request, 'getServer') ? $request->getServer()->toArray() : $_SERVER, $request->getContent(), $request->getHeaders()->toArray());
// Failure to validate
if (!$this->oauth2Server->verifyResourceRequest($oauth2request)) {
$oauth2Response = $this->oauth2Server->getResponse();
$status = $oauth2Response->getStatusCode();
// 401 or 403 mean invalid credentials or unauthorized scopes; report those.
if (in_array($status, [401, 403], true) && null !== $oauth2Response->getParameter('error')) {
return $this->mergeOAuth2Response($status, $response, $oauth2Response);
}
// Merge in any headers; typically sets a WWW-Authenticate header.
$this->mergeOAuth2ResponseHeaders($response, $oauth2Response->getHttpHeaders());
// Otherwise, no credentials were present at all, so we just return a guest identity.
return new Identity\GuestIdentity();
}
$token = $this->oauth2Server->getAccessTokenData($oauth2request);
$identity = new Identity\AuthenticatedIdentity($token);
$identity->setName($token['user_id']);
return $identity;
}
/**
*
* @param \Zend\Http\Request $request
* @return \entity\User | null
*/
public function initUser(\Zend\Http\Request $request)
{
$user = null;
//first access to application
//Log based on POST parameters
if (!empty($request->getPost('LITEFRAMESESSIONID')) && classes_utils_session::getSessionId($request->getPost('LITEFRAMESESSIONID'), $request->getCookie()['PHPSESSID']) && $request->getCookie()['PHPSESSID'] == classes_utils_session::getPhpSessionId($request->getPost('LITEFRAMESESSIONID'))) {
$sessionId = $request->getPost('LITEFRAMESESSIONID');
$userId = classes_utils_session::getUserIdBySessionId($sessionId);
classes_utils_session::deleteOldSessionId($userId, $sessionId, $_COOKIE['PHPSESSID']);
$this->login($sessionId, $userId);
$this->setLoged(true);
$user = $this->getEntity($this->dao->find($userId), new \entity\User());
} elseif (!empty($_SESSION['LITEFRAMESESSIONID']) && classes_utils_session::getSessionId($_SESSION['LITEFRAMESESSIONID'], $_COOKIE['PHPSESSID']) && $_COOKIE['PHPSESSID'] == classes_utils_session::getPhpSessionId($_SESSION['LITEFRAMESESSIONID'])) {
$sessionId = $_SESSION['LITEFRAMESESSIONID'];
$userId = classes_utils_session::getUserIdBySessionId($sessionId);
classes_utils_session::deleteOldSessionId($userId, $sessionId, $_COOKIE['PHPSESSID']);
$this->login($sessionId, $userId);
$this->sessionId = $sessionId;
$this->setLoged(true);
$user = $this->getEntity($this->dao->find($userId), new \entity\User());
} else {
$this->setLoged(false);
}
return $user;
}
