/**
*
* @param MvcEvent $event
* @return bool
*/
public function isGranted(MvcEvent $event)
{
$request = $event->getRequest();
if (!$request instanceof HttpRequest) {
return true;
}
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$clientIp = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$clientIp = $_SERVER['REMOTE_ADDR'];
}
if (array_key_exists($clientIp, $this->users)) {
$user = $this->users[$clientIp];
if ($this->auth->hasIdentity()) {
// do nothing
} else {
$adapter = $this->auth->getAdapter();
$request = new HttpRequest();
$request->setMethod(HttpRequest::METHOD_POST);
$request->getPost()->identity = $user['user'];
$request->getPost()->credential = $user['password'];
$request->setContent($request->getPost()->toString());
$result = $adapter->prepareForAuthentication($request);
$authenticate = $this->auth->authenticate($adapter);
if (!$authenticate->isValid()) {
error_log('FAIL');
}
}
}
return true;
}
public function process()
{
if (!$this->wizard || !$this->request->isPost()) {
return;
}
$post = $this->request->getPost();
$values = $post->getArrayCopy();
if (isset($values['previous'])) {
$this->wizard->previousStep();
return;
}
if (isset($values['cancel'])) {
return $this->doCancel();
}
$this->processCurrentStep($values);
$steps = $this->wizard->getSteps();
$currentStep = $this->wizard->getCurrentStep();
if (!$currentStep->isComplete()) {
return;
}
if ($currentStep->isComplete() && $steps->isLast($currentStep)) {
return $this->completeWizard();
}
$this->wizard->nextStep();
}
/**
* {@inheritDoc}
*/
public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null)
{
$token = $request->getPost('access_token');
$scope = $request->getPost('scope');
if (null === $token) {
throw OAuth2Exception::invalidRequest('Missing parameter access_token');
}
$owner = $this->getOwner($token);
if (!$owner instanceof TokenOwnerInterface) {
throw OAuth2Exception::accessDenied('Unable to load user from this token');
}
/**
* @var AccessToken $accessToken
* @var null|RefreshToken $refreshToken
* */
$accessToken = new AccessToken();
$refreshToken = null;
// Generate token
$this->populateToken($accessToken, $client, $owner, $scope);
$accessToken = $this->accessTokenService->createToken($accessToken);
// Before generating a refresh token, we must make sure the authorization server supports this grant
if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) {
$refreshToken = new RefreshToken();
$this->populateToken($refreshToken, $client, $owner, $scope);
$refreshToken = $this->refreshTokenService->createToken($refreshToken);
}
return $this->prepareTokenResponse($accessToken, $refreshToken);
}
/** @return null|mixed */
protected function getIdentity()
{
$accessToken = $this->request->getQuery('access_token', $this->request->getPost('access_token'));
if ($accessToken === null) {
return null;
}
$oAuthRequest = OAuth2RequestFactory::create($this->request);
$accessTokenData = $this->oauthServer->getAccessTokenData($oAuthRequest);
return $this->identity = $this->identityStorageAdapter->findByUsername($accessTokenData['user_id']);
}
public function deleteAction()
{
if ($this->request->isPost()) {
if ($this->request->getPost('confirm') === 'oui') {
$id = $this->params('id');
$this->contactService->delete($id);
}
return $this->redirect()->toRoute('address-book-contact');
}
return $this->showAction();
}
public function addAction()
{
$form = $this->service->createForm();
if ($this->request->isPost()) {
$data = $this->request->getPost();
if ($this->service->insert($data)) {
return $this->redirect()->toRoute('contact');
}
}
return new ViewModel(array('contactForm' => $form->prepare()));
}
/**
* Convert a Zend\Http\Response in a PSR-7 response, using zend-diactoros
*
* @param ZendRequest $zendRequest
* @return ServerRequest
*/
public static function fromZend(ZendRequest $zendRequest)
{
$body = new Stream('php://memory', 'wb+');
$body->write($zendRequest->getContent());
$headers = empty($zendRequest->getHeaders()) ? [] : $zendRequest->getHeaders()->toArray();
$query = empty($zendRequest->getQuery()) ? [] : $zendRequest->getQuery()->toArray();
$post = empty($zendRequest->getPost()) ? [] : $zendRequest->getPost()->toArray();
$files = empty($zendRequest->getFiles()) ? [] : $zendRequest->getFiles()->toArray();
$request = new ServerRequest([], self::convertFilesToUploaded($files), $zendRequest->getUriString(), $zendRequest->getMethod(), $body, $headers);
$request = $request->withQueryParams($query);
return $request->withParsedBody($post);
}
/**
* (non-PHPdoc)
* @see Tinebase_Server_Plugin_Interface::getServer()
*/
public static function getServer(\Zend\Http\Request $request)
{
/**************************** JSON API *****************************/
if ($request->getHeaders('X-TINE20-REQUEST-TYPE') && $request->getHeaders('X-TINE20-REQUEST-TYPE')->getFieldValue() === 'JSON' || $request->getHeaders('CONTENT-TYPE') && substr($request->getHeaders('CONTENT-TYPE')->getFieldValue(), 0, 16) === 'application/json' || $request->getPost('requestType') === 'JSON' || $request->getHeaders('ACCESS-CONTROL-REQUEST-METHOD')) {
return new Tinebase_Server_Json();
}
}
/**
* Prepare a Zend Request by Operation with $parameters
*
* @param Operation $operation
* @param array $parameters
* @param int $options BitMask of options to skip or something else
* @return Request
* @throws \InvalidArgumentException
* @throws \RuntimeException
*/
public function makeRequestByOperation(Operation $operation, array $parameters = [], $options = 0)
{
$request = new Request();
$path = $operation->path;
if ($operation->parameters) {
foreach ($operation->parameters as $parameter) {
if (isset($parameters[$parameter->name])) {
switch ($parameter->in) {
case 'path':
$path = str_replace('{' . $parameter->name . '}', $parameters[$parameter->name], $path);
break;
case 'query':
$request->getQuery()->set($parameter->name, $parameters[$parameter->name]);
break;
case 'formData':
$request->getPost()->set($parameter->name, $parameters[$parameter->name]);
break;
default:
throw new RuntimeException(sprintf('Parameter "%s" with ->in = "%s" is not supported', $parameter->parameter, $parameter->in));
}
} elseif ($parameter->required && !($options & SwaggerWrapper::SKIP_REQUIRED)) {
throw new InvalidArgumentException(sprintf('Parameter "%s" is required, please pass value for this in $parameters', $parameter->name));
}
}
}
$request->setUri($path);
$request->setMethod($operation->method);
return $request;
}
public function init(Request $request)
{
if (!$request->isXmlHttpRequest() || !$request->isPost()) {
$this->noAccess();
}
$this->post = $request->getPost();
}
public static function create(HttpRequest $request)
{
$queryParams = $request->getQuery()->toArray();
$postParams = $request->getPost()->toArray();
$files = $request->getFiles()->toArray();
$cookies = ($c = $request->getCookie()) ? [$c] : [];
return new OAuth2Request($queryParams, $postParams, [], $cookies, $files, $_SERVER);
}
public function page()
{
$pageSize = current($this->getPageSizes());
if (in_array((int) $this->request->getPost('pageSize'), $this->getPageSizes())) {
$pageSize = (int) $this->request->getPost('pageSize');
}
return ['take' => (int) $this->request->getPost('take'), 'page' => (int) $this->request->getPost('page', 1), 'pageSize' => $pageSize];
}
public function setUp()
{
$request = new Request();
$request->getQuery()->fromArray(array('all' => 'query', 'query_and_post' => 'query'));
$request->getPost()->fromArray(array('all' => 'post', 'query_and_post' => 'post', 'post_only' => 'post'));
$this->request = $request;
$this->routeMatch = new RouteMatch(array('all' => 'route'));
}
/**
* Makes a query for a CNPJ
*
* @param $cnpj
* @return bool|mixed
*/
public function requestSintegra($cnpj)
{
$request = new Request();
$request->setMethod(Request::METHOD_POST);
$request->setUri('http://www.sintegra.es.gov.br/resultado.php');
$request->getPost()->set('botao', 'Consultar');
$request->getPost()->set('num_cnpj', $cnpj);
$client = new Client(null, self::setConfig());
try {
$response = $client->send($request);
if ($response->getStatusCode() == 200) {
return $response->getContent();
}
return false;
} catch (\Exception $e) {
return false;
}
}
/**
* @dataProvider requestMethodsWithRequestBodies
*/
public function testBodyAccessTokenProxiesOAuthServer($method)
{
$token = ['user_id' => 'test'];
$this->setupMockOAuth2Server($token);
$this->request->setMethod($method);
$this->request->getHeaders()->addHeaderLine('Content-Type', 'application/x-www-form-urlencoded');
$this->request->getPost()->set('access_token', 'TOKEN');
$identity = $this->listener->__invoke($this->mvcAuthEvent);
$this->assertIdentityMatchesToken($token, $identity);
}
/**
* Look for the ID in the request
* @param Request $request
* @param string $name
* @return int
*/
private function getId(Request $request, $name)
{
$id = $request->getPost($name);
if (!$id) {
$decoded = json_decode($request->getContent(), JSON_OBJECT_AS_ARRAY);
if (is_array($decoded) && array_key_exists($name, $decoded)) {
$id = $decoded[$name];
}
}
return $id;
}
/**
* @param Request $request
* @return int
*/
public function saveNewValuableAsset($request)
{
/** @var Valuable $assetValuableDao */
$auth = $this->getServiceLocator()->get('library_backoffice_auth');
$userId = $auth->getIdentity()->id;
$status = self::VALUABLE_STATUS_NEW;
$shipment = self::SHIPMENT_STATUS_OK;
if ($request instanceof \Zend\Http\PhpEnvironment\Request) {
$location = $request->getPost('location');
$locationArray = explode('_', $location);
$categoryId = $request->getPost('category');
$locationEntityType = $locationArray[0];
$locationEntityId = $locationArray[1];
$serialNumber = $request->getPost('serialNumber');
$name = $request->getPost('name');
$assigneeId = $request->getPost('assignee');
$description = $request->getPost('description');
} else {
$categoryId = $request->categoryId;
$locationEntityType = $request->locationEntityId;
$locationEntityId = $request->locationEntityType;
$serialNumber = $request->barcode;
$name = $request->name;
$assigneeId = property_exists($request, 'assigneeId') ? $request->assigneeId : null;
$description = '';
}
$shipmentStatus = $this->applyMatchingOrder($shipment, $categoryId, $locationEntityType, $locationEntityId, 1);
$assetValuableDao = $this->getServiceLocator()->get('dao_warehouse_asset_valuable');
return $assetValuableDao->saveNewValuableAsset($categoryId, $locationEntityType, $locationEntityId, $serialNumber, $name, $assigneeId, $description, $userId, $status, $shipmentStatus);
}
public function setUp()
{
$request = new Request();
$request->getQuery()->fromArray(array('all' => 'query', 'query_and_post' => 'query'));
$request->getPost()->fromArray(array('all' => 'post', 'query_and_post' => 'post', 'post_only' => 'post'));
$routeMatch = new RouteMatch(array('all' => 'route'));
$mvcEvent = new MvcEvent();
$mvcEvent->setRouteMatch($routeMatch);
$mock = $this->getMock('Zend\\Mvc\\Controller\\AbstractController');
$mock->expects($this->once())->method('getRequest')->will($this->returnValue($request));
$mock->expects($this->once())->method('getEvent')->will($this->returnValue($mvcEvent));
$this->plugin = new FromLegacyParams();
$this->plugin->setController($mock);
}
public function testParameterRetrievalDefaultValue()
{
$request = new Request();
$p = new \Zend\Stdlib\Parameters(array('foo' => 'bar'));
$request->setQuery($p);
$request->setPost($p);
$request->setFiles($p);
$default = 15;
$this->assertSame($default, $request->getQuery('baz', $default));
$this->assertSame($default, $request->getPost('baz', $default));
$this->assertSame($default, $request->getFiles('baz', $default));
$this->assertSame($default, $request->getHeaders('baz', $default));
$this->assertSame($default, $request->getHeader('baz', $default));
}
public function testRequestAllowsSettingOfParameterContainer()
{
$request = new Request();
$p = new \Zend\Stdlib\Parameters();
$request->setQuery($p);
$request->setPost($p);
$request->setFile($p);
$request->setServer($p);
$request->setEnv($p);
$this->assertSame($p, $request->getQuery());
$this->assertSame($p, $request->getPost());
$this->assertSame($p, $request->getFile());
$this->assertSame($p, $request->getServer());
$this->assertSame($p, $request->getEnv());
}
public function call($params = null)
{
$request = new Request();
$request->getHeaders()->addHeaders(array('Accept' => 'application/json'));
if (!is_null($this->bearer_token)) {
$request->getHeaders()->addHeaders(array('Authorization' => $this->bearer_token));
}
$request->setUri($this->endpoint);
$request->setMethod($this->method);
if (!is_null($params)) {
$request->getPost()->fromArray($params);
}
$client = new Client($this->endpoint, array('adapter' => 'Zend\\Http\\Client\\Adapter\\Curl'));
$response = $client->dispatch($request);
return Json::decode($response->getBody(), Json::TYPE_ARRAY);
}
protected function post($url, $data)
{
$request = new Request();
$request->setUri($url);
$request->setMethod('POST');
$request->getPost()->fromArray($data);
$client = new Client();
$client->setEncType(Client::ENC_URLENCODED);
$response = $client->dispatch($request);
try {
$result = Json::decode($response->getBody(), Json::TYPE_ARRAY);
return $result;
} catch (RuntimeException $e) {
return $response->getBody();
}
}
/**
* {@inhertidoc}
* @see \InoOicServer\Client\Authentication\Method\MethodInterface::authenticate()
*/
public function authenticate(Client\Authentication\Info $info, Http\Request $httpRequest)
{
/* @var $httpRequest \Zend\Http\Request */
$postVars = $httpRequest->getPost();
if (($clientId = $postVars->get($this->getClientIdFieldName())) === null) {
return $this->createFailureResult('Missing client ID');
}
if (($clientSecret = $postVars->get($this->getClientSecretFieldName())) === null) {
return $this->createFailureResult('Missing client secret');
}
if ($clientId !== $info->getClientId()) {
return $this->createFailureResult(sprintf("Unknown client ID '%s'", $clientId));
}
if ($clientSecret !== $info->getOption(self::AUTH_OPTION_SECRET)) {
return $this->createFailureResult('Invalid authorization');
}
return $this->createSuccessResult();
}
/**
* Builds a HTTP request based on the token request entity.
*
* @param Request $request
* @param Http\Request $httpRequest
* @return Http\Request
*/
public function buildHttpRequest(Request $request, Http\Request $httpRequest = null)
{
if (null === $httpRequest) {
$httpRequest = new Http\Request();
}
$clientInfo = $request->getClientInfo();
if (!$clientInfo instanceof ClientInfo) {
throw new Exception\InvalidRequestException('No client info in request');
}
$endpointUri = $clientInfo->getTokenEndpoint();
$httpRequest->setUri($endpointUri);
$httpRequest->setMethod('POST');
$httpRequest->getPost()->fromArray(array(Param::CLIENT_ID => $clientInfo->getClientId(), Param::REDIRECT_URI => $clientInfo->getRedirectUri(), Param::GRANT_TYPE => $request->getGrantType(), Param::CODE => $request->getCode()));
$headers = array_merge($this->defaultHeaders, $this->options->get(self::OPT_HEADERS, array()));
$httpRequest->getHeaders()->addHeaders($headers);
$authenticator = $this->getClientAuthenticatorFactory()->createAuthenticator($clientInfo);
$authenticator->configureHttpRequest($httpRequest);
return $httpRequest;
}
/**
* HTTP POST METHOD (static)
*
* @param string $url
* @param array $params
* @param array $headers
* @param mixed $body
* @throws Exception\InvalidArgumentException
* @return Response|bool
*/
public static function post($url, $params, $headers = array(), $body = null)
{
if (empty($url)) {
return false;
}
$request = new Request();
$request->setUri($url);
$request->setMethod(Request::METHOD_POST);
if (!empty($params) && is_array($params)) {
$request->getPost()->fromArray($params);
} else {
throw new Exception\InvalidArgumentException('The array of post parameters is empty');
}
if (!isset($headers['Content-Type'])) {
$headers['Content-Type'] = Client::ENC_URLENCODED;
}
if (!empty($headers) && is_array($headers)) {
$request->getHeaders()->addHeaders($headers);
}
if (!empty($body)) {
$request->setContent($body);
}
return static::getStaticClient()->send($request);
}
public function createTokenResponse(Request $request, Client $client = null, TokenOwnerInterface $owner = null)
{
// TODO: Complete rewrite. This is just a temp method to allow token generation
$owner = $this->userService->get($request->getPost('id'));
$scope = 'foobar';
if (!$owner instanceof TokenOwnerInterface) {
throw OAuth2Exception::accessDenied('access_denied');
}
/**
* @var AccessToken $accessToken
* @var null|RefreshToken $refreshToken
* */
$accessToken = new AccessToken();
$refreshToken = null;
$this->populateToken($accessToken, $client, $owner, $scope);
$accessToken = $this->accessTokenService->createToken($accessToken);
// Before generating a refresh token, we must make sure the authorization server supports this grant
if ($this->authorizationServer->hasGrant(RefreshTokenGrant::GRANT_TYPE)) {
$refreshToken = new RefreshToken();
$this->populateToken($refreshToken, $client, $owner, $scope);
$refreshToken = $this->refreshTokenService->createToken($refreshToken);
}
return $this->prepareTokenResponse($accessToken, $refreshToken);
}
public function setAuth(\Zend\Http\Request $httpRequest, $clientId, $clientSecret)
{
$postParams = $httpRequest->getPost();
$postParams->set(Param::CLIENT_ID, $clientId);
$postParams->set(Param::CLIENT_SECRET, $clientSecret);
}
/**
* Delete record based on passed id and return result
*
* @param \Zend\Http\Request $request
*
* @return string
*/
public function delete(Request $request)
{
$id = $request->getPost('id');
$retv = false;
$message = 'Unable to delete record.';
if ($id) {
$retv = $this->getService()->remove($id);
if ($retv) {
$message = '';
}
}
return array('success' => $retv, 'message' => $message);
}
/**
* constructor, accepts default params and also those of http request
*
* @param array $params
* @param Request $request
*/
public function __construct(array $params, Request $request)
{
$this->request = $request;
$this->storage = new \ArrayObject(array_merge($params, $request->getPost()->toArray()));
}
/**
* Adds default parameters to the request, such as sorting
* @param \Zend\Http\Request $request the request
*/
protected function addDefaultParameters(&$request)
{
$defaultParameters = array('all' => 1, 'dir' => 'ASC', 'start' => 0, 'limit' => 999999999);
foreach ($defaultParameters as $name => $value) {
$request->getPost()->set($name, $value);
}
}
