/** * Callback for creating the plugin header. * * @param unknown $args */ function ibm_sbtk_header($args = array()) { $settings = new SBTSettings(); $store = SBTCredentialStore::getInstance(); $endpoints = $settings->getEndpoints(); if ($endpoints == null || empty($endpoints)) { return; } foreach ($endpoints as $endpoint) { if (($settings->getAuthenticationMethod($endpoint['name']) == 'oauth1' || $settings->getAuthenticationMethod($endpoint['name']) == 'oauth2') && $store->getOAuthAccessToken($endpoint['name']) == null && (!isset($_COOKIE['IBMSBTKOAuthLogin']) || $_COOKIE['IBMSBTKOAuthLogin'] != 'yes')) { $deploy_url = $settings->getSDKDeployURL($endpoint['name']); $authentication_method = $settings->getAuthenticationMethod($endpoint['name']); $js_library = $settings->getJSLibrary($endpoint['name']); $url = $settings->getURL($endpoint['name']); $name = $settings->getName($endpoint['name']); $api_version = $settings->getAPIVersion($endpoint['name']); $type = $settings->getServerType($endpoint['name']); $allow_client_access = $settings->allowClientAccess($endpoint['name']); $endpoints = $settings->getEndpoints(); // Load the header view require BASE_PATH . '/views/includes/header.php'; return; } } $plugin = new SBTPlugin($endpoints[0]['name']); $plugin->createHeader(); }
public function makeRequest($method, $service, $header = array(), $body = null, $options = array()) { $settings = new SBTSettings(); $store = SBTCredentialStore::getInstance(); $server = $settings->getURL($this->endpointName); if ($settings->getAuthenticationMethod($this->endpointName) == "basic") { $endpoint = new SBTBasicAuthEndpoint(); } else { if ($settings->getAuthenticationMethod($this->endpointName) == "oauth2") { $endpoint = new SBTOAuth2Endpoint(); } else { if ($settings->getAuthenticationMethod($this->endpointName) == "oauth1") { $endpoint = new SBTOAuth1Endpoint(); } } } // Make request $response = $endpoint->makeRequest($settings->getURL($this->endpointName), $service, $method, $options, $body, $header, $this->endpointName); $this->document = $response->getBody(TRUE); $this->_parseXML(); return $this->document; }
/** * Tests whether settings are saved correctly by simulating post * requests using mock data. */ function test_endpoint_save_settings() { // Load mock data require 'mock_data.php'; if (!class_exists('SBTEndpointUpdate')) { require BASE_PATH . '/controllers/SBTEndpointUpdate.php'; } // Fake post request - populate it with mock data $_POST['endpoint_name'] = $config['wp_endpoint_2_name']; $_POST['endpoint_url'] = $config['wp_endpoint_2_url']; $_POST['consumer_key'] = $config['wp_endpoint_2_consumer_key']; $_POST['consumer_secret'] = $config['wp_endpoint_2_consumer_secret']; $_POST['authorization_url'] = $config['wp_endpoint_2_authorization_url']; $_POST['access_token_url'] = $config['wp_endpoint_2_access_token_url']; $_POST['request_token_url'] = $config['wp_endpoint_2_request_token_url']; $_POST['authentication_method'] = $config['wp_endpoint_2_authentication_method']; $_POST['basic_auth_username'] = $config['wp_endpoint_2_basic_auth_username']; $_POST['basic_auth_password'] = $config['wp_endpoint_2_basic_auth_password']; $_POST['basic_auth_method'] = $config['wp_endpoint_2_basic_auth_method']; $_POST['sdk_deploy_url'] = $config['sdk_deploy_url']; $_POST['delete_endpoint'] = 'no'; $_POST['libraries_list'] = $config['js_library']; // Update the endpoint $update = new SBTEndpointUpdate(); // Load settings if (!class_exists('SBTSettings')) { require BASE_PATH . '/core/models/SBTSettings.php'; } $settings = new SBTSettings(); // Check that settings have been saved $this->assertEquals($config['wp_endpoint_2_name'], $settings->getName()); $this->assertEquals($config['wp_endpoint_2_url'], $settings->getURL()); $this->assertEquals($config['wp_endpoint_2_consumer_key'], $settings->getConsumerKey()); $this->assertEquals($config['wp_endpoint_2_consumer_secret'], $settings->getConsumerSecret()); $this->assertEquals($config['wp_endpoint_2_authorization_url'], $settings->getAuthorizationURL()); $this->assertEquals($config['wp_endpoint_2_access_token_url'], $settings->getAccessTokenURL()); $this->assertEquals($config['wp_endpoint_2_request_token_url'], $settings->getRequestTokenURL()); $this->assertEquals($config['wp_endpoint_2_authentication_method'], $settings->getAuthenticationMethod()); $this->assertEquals($config['wp_endpoint_2_basic_auth_username'], $settings->getBasicAuthUsername()); $this->assertEquals($config['wp_endpoint_2_basic_auth_password'], $settings->getBasicAuthPassword()); $this->assertEquals($config['wp_endpoint_2_basic_auth_method'], $settings->getBasicAuthMethod()); $this->assertEquals($config['sdk_deploy_url'], $settings->getSDKDeployURL()); $this->assertEquals($config['js_library'], $settings->getJSLibrary()); // Now delete the endpoint $_POST['delete_endpoint'] = 'yes'; // Perform update $update = new SBTEndpointUpdate(); // Make sure that the endpoint has been deleted $settings = new SBTSettings(); $this->assertNotEquals($config['wp_endpoint_2_name'], $settings->getName()); }
function test_js_libraries() { // Load mock data require 'mock_data.php'; // Load settings if (!class_exists('SBTSettings')) { require BASE_PATH . '/core/models/SBTSettings.php'; } $settings = new SBTSettings(); $libs = $config['js_libraries']; foreach ($libs as $lib) { $viewData['deploy_url'] = $settings->getSDKDeployURL(); $viewData['authentication_method'] = $settings->getAuthenticationMethod(); $viewData['js_library'] = $lib; $viewData['url'] = $settings->getURL(); $viewData['name'] = $settings->getName(); $file = '../views/includes/header.php'; @(include $file); } }
/** * Routes requests. * * @param string server The URL of the server to which to re-direct the request to. Uses SBTSettings if none given. */ public function route($server = null) { $this->loadModel('SBTSettings'); $this->loadModel('SBTCredentialStore'); $proxyHelper = new SBTProxyHelper(); $store = SBTCredentialStore::getInstance(); $settings = new SBTSettings(); $endpointName = $proxyHelper->determineEndpoint(); if (!isset($_REQUEST["_redirectUrl"])) { // Request to check if the user is authenticated if (isset($_REQUEST["isAuthenticated"])) { $_REQUEST["_redirectUrl"] = '/files/basic/api/myuserlibrary/feed'; //used to be /connections/files/basic/api/myuserlibrary/feed $_SERVER['REQUEST_METHOD'] = 'GET'; } else { if (isset($_REQUEST["basicAuthLogout"])) { // Logout request $store->deleteBasicAuthCredentials($endpointName); } } if (isset($_REQUEST["OAuthLogout"])) { $store->deleteOAuthCredentials($endpointName); $timestamp = time(); unset($_COOKIE['IBMSBTKOAuthLogin']); setcookie('IBMSBTKOAuthLogin', "", $timestamp - 604800); return; } else { return; } if (isset($_REQUEST["basicAuthLogout"])) { return; } } // Handle any file operations // If file operations exist, then control flow // will be interrupted and route() will be called // again if ($this->fileOperations()) { return; } $url = $_REQUEST["_redirectUrl"]; $url = str_replace("/connections/", "", $url); if (isset($_REQUEST['basicAuthRequest']) && $_REQUEST['basicAuthRequest'] == 'true') { $store->storeBasicAuthUsername($_POST['username'], $endpointName); $store->storeBasicAuthPassword($_POST['password'], $endpointName); $result = array('status' => 200, 'result' => true); print_r(json_encode($result)); return; } $method = $_SERVER['REQUEST_METHOD']; $options = $proxyHelper->getOptions(); $response = null; $body = file_get_contents('php://input'); $endpoint = null; if ($server == null) { $server = $settings->getURL($endpointName); } $method = $_SERVER['REQUEST_METHOD']; $forwardHeader = $proxyHelper->getHeader($method); if ($settings->getAuthenticationMethod($endpointName) == "basic") { $endpoint = new SBTBasicAuthEndpoint(); } else { if ($settings->getAuthenticationMethod($endpointName) == "oauth2") { $endpoint = new SBTOAuth2Endpoint(); } else { if ($settings->getAuthenticationMethod($endpointName) == "oauth1") { $endpoint = new SBTOAuth1Endpoint(); } } } $url = $proxyHelper->cleanURL($url, $server); // Make request $response = $endpoint->makeRequest($server, $url, $method, $options, $body, $forwardHeader, $endpointName); // Print response $proxyHelper->outputResponse($response, $url); }
/** * Creates the header for the SBTK plugin. */ public function createHeader() { $this->loadModel('SBTSettings'); $settings = new SBTSettings(); $viewData['deploy_url'] = $settings->getSDKDeployURL($this->endpointName); $viewData['authentication_method'] = $settings->getAuthenticationMethod($this->endpointName); $viewData['js_library'] = $settings->getJSLibrary($this->endpointName); $viewData['url'] = $settings->getURL($this->endpointName); $viewData['name'] = $settings->getName($this->endpointName); $viewData['api_version'] = $settings->getAPIVersion($this->endpointName); $viewData['type'] = $settings->getServerType($this->endpointName); $viewData['allow_client_access'] = $settings->allowClientAccess($this->endpointName); $viewData['endpoints'] = $settings->getEndpoints(); // Load the header view return $this->loadView('includes/header', $viewData); }
/** * Initiates the OAuth dance. * * @param SBTSettings $settings */ private function _startOAuthDance($settings) { global $USER; if (isset($USER->id) && $USER->id !== null) { setcookie('ibm-sbt-uid', $USER->id, time() + 604800); } // Check the authentication method (different dance depending on whether we are // using OAuth 1.0 or OAuth 2.0) $authMethod = $settings->getAuthenticationMethod($this->config->endpoint); if ($authMethod == 'oauth1') { // Check if we have an access token. If not, re-direct user to authentication page $this->loadModel('SBTCredentialStore'); $store = SBTCredentialStore::getInstance(); $token = $store->getRequestToken($this->config->endpoint); if ($token == null) { if (file_exists(BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php')) { include BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php'; } // Create endpoint $oauth = new SBTOAuth1Endpoint(); // Send request to authenticate user (auth token is automatically being stored when callback method = authenticationCallback) // find out the domain: $domain = $_SERVER['HTTP_HOST']; // find out the path to the current file: $path = $_SERVER['SCRIPT_NAME']; // find out the QueryString: $queryString = $_SERVER['QUERY_STRING']; // put it all together: $protocol = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://"; $url = $protocol . $domain . $path . "?" . $queryString; $body = null; if (strpos(BASE_LOCATION, 'core') !== FALSE) { $body = $oauth->request($url, BASE_LOCATION . '/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $this->config->endpoint); } else { $body = $oauth->request($url, BASE_LOCATION . '/core/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $this->config->endpoint); } var_dump($body); } } else { if ($authMethod == 'oauth2') { // Check if we have an access token. If not, re-direct user to authentication page $this->loadModel('SBTCredentialStore'); $store = SBTCredentialStore::getInstance(); $token = $store->getOAuthAccessToken($this->config->endpoint); if ($token == null) { $parameters = array('response_type' => 'code', 'client_id' => $settings->getClientId($this->config->endpoint), 'callback_uri' => $settings->getOAuth2CallbackURL($this->config->endpoint)); $authURL = $settings->getAuthorizationURL($this->config->endpoint) . '?' . http_build_query($parameters, null, '&'); // If headers have already been sent, then we need to use a JavaScript re-direct if (!headers_sent()) { header("Location: " . $authURL); } else { echo '<script type="text/javascript" language="javascript">window.location = "' . $authURL . '";</script>'; } } } } }
/** * Outputs the content of the widget. * * @param array $args * @param array $instance */ public function widget($args, $instance) { $settings = new SBTSettings(); $store = SBTCredentialStore::getInstance(); if (isset($instance['ibm-sbtk-endpoint'])) { $this->endpoint = $instance['ibm-sbtk-endpoint']; } else { $this->endpoint = "connections"; } if (!$this->_isUserLoggedIn()) { // Add && $settings->requireSignOn($this->endpoint) to enable both anon and non-anon access echo '<div class="widget-area" style="width: 100%;"><aside class="widget widget_recent_entries"><h3 class="widget-title">' . $this->widget_name . '</h3>'; echo '' . $GLOBALS[LANG]['must_login'] . '</aside></div>'; return; } // If tokens exist, make sure that they are valid. Otherwise clear the store and force the // user to re-log if (($settings->getAuthenticationMethod($this->endpoint) == 'oauth1' || $settings->getAuthenticationMethod($this->endpoint) == 'oauth2') && $store->getOAuthAccessToken($this->endpoint) != null) { $endpoint = null; if ($settings->getAuthenticationMethod($this->endpoint) == "oauth2") { $endpoint = new SBTOAuth2Endpoint(); } else { if ($settings->getAuthenticationMethod($this->endpoint) == "oauth1") { $endpoint = new SBTOAuth1Endpoint(); } } $service = '/files/basic/api/myuserlibrary/feed'; $response = $endpoint->makeRequest($settings->getURL($this->endpoint), $service, 'GET', array(), null, null, $this->endpoint); if ($response->getStatusCode() == 401) { $store->deleteOAuthCredentials($this->endpoint); setcookie('IBMSBTKOAuthLogin', "", $timestamp - 604800); require BASE_PATH . '/core/views/oauth-login-display.php'; } } else { $endpoint = new SBTBasicAuthEndpoint(); $service = '/files/basic/api/myuserlibrary/feed'; $response = $endpoint->makeRequest($settings->getURL($this->endpoint), $service, 'GET', array(), null, null, $this->endpoint); if ($response->getStatusCode() == 401) { // Delete old credentials. $store->deleteBasicAuthCredentials($this->endpoint); } } echo '<div name="ibm_sbtk_widget" class="widget-area" style="width:100%"><aside class="widget widget_recent_entries">'; echo '<h3 class="widget-title">' . $this->widget_name . '</h3>'; if (($settings->getAuthenticationMethod($this->endpoint) == 'oauth1' || $settings->getAuthenticationMethod($this->endpoint) == 'oauth2') && $store->getOAuthAccessToken($this->endpoint) == null && (!isset($_COOKIE['IBMSBTKOAuthLogin']) || $_COOKIE['IBMSBTKOAuthLogin'] != 'yes') && !$this->_isUserLoggedIn()) { require BASE_PATH . '/core/views/oauth-login-display.php'; echo '</aside></div>'; return; } $plugin = new SBTPlugin($this->endpoint); if ($settings->getAuthenticationMethod($this->endpoint) == 'basic' && $store->getBasicAuthUsername($this->endpoint) != null && $store->getBasicAuthPassword($this->endpoint) != null || $settings->getAuthenticationMethod($this->endpoint) == 'oauth1' && $store->getRequestToken($this->endpoint) != null || $settings->getAuthenticationMethod($this->endpoint) == 'basic' && $settings->getBasicAuthMethod($this->endpoint) == 'global' || $settings->getAuthenticationMethod($this->endpoint) == 'oauth2' && $store->getOAuthAccessToken($this->endpoint) != null) { require $this->widget_location; } if ($settings->getAuthenticationMethod($this->endpoint) == 'basic' && $settings->getBasicAuthMethod($this->endpoint) == 'prompt' && $store->getBasicAuthPassword($this->endpoint) == null) { require_once BASE_PATH . '/views/basic-auth-login-display.php'; } else { if ($settings->getAuthenticationMethod($this->endpoint) == 'oauth1' || $settings->getAuthenticationMethod($this->endpoint) == 'oauth2') { // require_once BASE_PATH . '/views/oauth-logout-display.php'; TODO: Uncomment when OAuth logout has been fixed } } echo '</aside></div>'; }