/** * Tests whether settings are saved correctly by simulating post * requests using mock data. */ function test_endpoint_save_settings() { // Load mock data require 'mock_data.php'; if (!class_exists('SBTEndpointUpdate')) { require BASE_PATH . '/controllers/SBTEndpointUpdate.php'; } // Fake post request - populate it with mock data $_POST['endpoint_name'] = $config['wp_endpoint_2_name']; $_POST['endpoint_url'] = $config['wp_endpoint_2_url']; $_POST['consumer_key'] = $config['wp_endpoint_2_consumer_key']; $_POST['consumer_secret'] = $config['wp_endpoint_2_consumer_secret']; $_POST['authorization_url'] = $config['wp_endpoint_2_authorization_url']; $_POST['access_token_url'] = $config['wp_endpoint_2_access_token_url']; $_POST['request_token_url'] = $config['wp_endpoint_2_request_token_url']; $_POST['authentication_method'] = $config['wp_endpoint_2_authentication_method']; $_POST['basic_auth_username'] = $config['wp_endpoint_2_basic_auth_username']; $_POST['basic_auth_password'] = $config['wp_endpoint_2_basic_auth_password']; $_POST['basic_auth_method'] = $config['wp_endpoint_2_basic_auth_method']; $_POST['sdk_deploy_url'] = $config['sdk_deploy_url']; $_POST['delete_endpoint'] = 'no'; $_POST['libraries_list'] = $config['js_library']; // Update the endpoint $update = new SBTEndpointUpdate(); // Load settings if (!class_exists('SBTSettings')) { require BASE_PATH . '/core/models/SBTSettings.php'; } $settings = new SBTSettings(); // Check that settings have been saved $this->assertEquals($config['wp_endpoint_2_name'], $settings->getName()); $this->assertEquals($config['wp_endpoint_2_url'], $settings->getURL()); $this->assertEquals($config['wp_endpoint_2_consumer_key'], $settings->getConsumerKey()); $this->assertEquals($config['wp_endpoint_2_consumer_secret'], $settings->getConsumerSecret()); $this->assertEquals($config['wp_endpoint_2_authorization_url'], $settings->getAuthorizationURL()); $this->assertEquals($config['wp_endpoint_2_access_token_url'], $settings->getAccessTokenURL()); $this->assertEquals($config['wp_endpoint_2_request_token_url'], $settings->getRequestTokenURL()); $this->assertEquals($config['wp_endpoint_2_authentication_method'], $settings->getAuthenticationMethod()); $this->assertEquals($config['wp_endpoint_2_basic_auth_username'], $settings->getBasicAuthUsername()); $this->assertEquals($config['wp_endpoint_2_basic_auth_password'], $settings->getBasicAuthPassword()); $this->assertEquals($config['wp_endpoint_2_basic_auth_method'], $settings->getBasicAuthMethod()); $this->assertEquals($config['sdk_deploy_url'], $settings->getSDKDeployURL()); $this->assertEquals($config['js_library'], $settings->getJSLibrary()); // Now delete the endpoint $_POST['delete_endpoint'] = 'yes'; // Perform update $update = new SBTEndpointUpdate(); // Make sure that the endpoint has been deleted $settings = new SBTSettings(); $this->assertNotEquals($config['wp_endpoint_2_name'], $settings->getName()); }
/** * The callback function for authenticating the user and then storing the token in the CredentialStore (no content * is being requested). */ public function authenticationCallback() { if (!isset($_GET['code'])) { return; } $store = SBTCredentialStore::getInstance(); $settings = new SBTSettings(); $endpointName = "connections"; if (isset($_GET['endpointName'])) { $endpointName = $_GET['endpointName']; } $parameters = array('callback_uri' => $settings->getOAuth2CallbackURL($endpointName), 'code' => $_GET['code'], 'grant_type' => 'authorization_code', 'client_id' => $settings->getClientId($endpointName), 'client_secret' => $settings->getClientSecret($endpointName)); $tokenURL = $settings->getAccessTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&'); $client = new Client($tokenURL); $client->setDefaultOption('verify', false); $headers = null; $body = null; $options = array(); $response = null; try { $request = $client->createRequest('GET', $tokenURL, $headers, $body, $options); if ($settings->forceSSLTrust($endpointName)) { $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false); $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false); } $response = $request->send(); foreach ($response->getHeaderLines() as $h) { if (strpos($h, "Content-Type") === 0) { header($h, TRUE); } } header(':', true, $response->getStatusCode()); header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode()); parse_str($response->getBody(TRUE), $info); if (!isset($info['access_token'])) { die('Missing access token. Something went wrong - make sure that your client ID and client secret are correct and try again.'); } $accessToken = $store->getOAuthAccessToken($endpointName); if ($accessToken == null || $accessToken == "") { $store->storeOAuthAccessToken($info['access_token'], $endpointName); } header("Location: " . $settings->getOAuthOrigin($endpointName)); } catch (Guzzle\Http\Exception\BadResponseException $e) { $response = $e->getResponse(); print_r($response->getBody(TRUE)); } }
/** * Gets the access token. */ private function _getAccessToken($endpointName = "connections") { $settings = new SBTSettings(); $store = SBTCredentialStore::getInstance(); $random = mt_rand(0, 999999); $nonce = sha1($random); $parameters = array('oauth_nonce' => $nonce, 'oauth_version' => '1.0', 'oauth_token' => $store->getRequestToken($endpointName), 'oauth_timestamp' => time(), 'oauth_signature' => $settings->getConsumerSecret($endpointName) . '&' . $store->getRequestTokenSecret($endpointName), 'oauth_signature_method' => 'PLAINTEXT', 'oauth_verifier' => $store->getVerifierToken($endpointName), 'oauth_consumer_key' => $settings->getConsumerKey($endpointName)); $serviceURL = $settings->getAccessTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&'); $client = new Client($serviceURL); $client->setDefaultOption('verify', false); $headers = null; $body = null; $options = array(); $response = null; try { $request = $client->createRequest('GET', $serviceURL, $headers, $body, $options); if ($settings->forceSSLTrust($endpointName)) { $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false); $request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false); } $response = $request->send(); } catch (Guzzle\Http\Exception\BadResponseException $e) { $response = $e->getResponse(); $store->deleteOAuthCredentials($endpointName); print_r($response->getBody(TRUE)); header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode()); die("Your tokens expired. Make sure you are logged out of SmartCloud, clear your cache and cookies and try again."); } parse_str($response->getBody(TRUE), $info); if (isset($info['oauth_token'])) { $store->storeOAuthAccessToken($info['oauth_token'], $endpointName); } if (isset($info['oauth_token_secret'])) { $store->storeTokenSecret($info["oauth_token_secret"], $endpointName); } }
$plugin = null; // See if the user is loading a plugin if (!empty($_REQUEST['plugin'])) { $plugin = $_REQUEST['plugin']; } // Load plugin dependencies if ($plugin != null) { switch ($plugin) { case "guzzle": // Load dependencies for Guzzle require_once "controllers/endpoint/SBTOAuth1Endpoint.php"; // Load properties require_once 'models/SBTSettings.php'; $settings = new SBTSettings(); // Init the OAuth options $options = array('consumer_key' => $settings->getConsumerKey(), 'consumer_secret' => $settings->getConsumerSecret(), 'server_uri' => $settings->getURL(), 'request_token_uri' => $settings->getRequestTokenURL(), 'authorize_uri' => $settings->getAuthorizationURL(), 'access_token_uri' => $settings->getAccessTokenURL()); // Instantiate controller object $obj = new $class($options); // Call method on you controller object call_user_func_array(array($obj, $method), array()); break; } } else { // Make sure that the classpath isn't blacklisted $blacklisted = false; foreach ($blacklist as $blacklistedItem) { if (startsWith($classpath, $blacklistedItem)) { $blacklisted = true; break; } }