$oauth2_message = $memento_service->getCurrentAuthorizationRequest(); if ($oauth2_message == null || !$oauth2_message->isValid()) { throw new InvalidAuthorizationRequestException(); } }); Route::filter("ssl", function () { if (!Request::secure() && ServerConfigurationService::getConfigValue("SSL.Enable")) { $openid_memento_service = ServiceLocator::getInstance()->getService(OpenIdServiceCatalog::MementoService); $openid_memento_service->saveCurrentRequest(); $oauth2_memento_service = ServiceLocator::getInstance()->getService(OAuth2ServiceCatalog::MementoService); $oauth2_memento_service->saveCurrentAuthorizationRequest(); return Redirect::secure(Request::getRequestUri()); } }); Route::filter("oauth2.enabled", function () { if (!ServerConfigurationService::getConfigValue("OAuth2.Enable")) { return View::make('404'); } }); Route::filter('user.owns.client.policy', function ($route, $request) { try { $authentication_service = ServiceLocator::getInstance()->getService(UtilsServiceCatalog::AuthenticationService); $client_service = ServiceLocator::getInstance()->getService(OAuth2ServiceCatalog::ClientService); $client_id = $route->getParameter('id'); $client = $client_service->getClientByIdentifier($client_id); $user = $authentication_service->getCurrentUser(); if (is_null($client) || intval($client->getUserId()) !== intval($user->getId())) { throw new Exception('invalid client id for current user'); } } catch (Exception $ex) { Log::error($ex);
public function isUriAllowed($uri) { if (!filter_var($uri, FILTER_VALIDATE_URL)) { return false; } $parts = @parse_url($uri); if ($parts == false) { return false; } if ($parts['scheme'] !== 'https' && ServerConfigurationService::getConfigValue("SSL.Enable")) { return false; } //normalize uri $normalized_uri = $parts['scheme'] . '://' . strtolower($parts['host']); if (isset($parts['path'])) { $normalized_uri .= strtolower($parts['path']); } // normalize url and remove trailing / $normalized_uri = rtrim($normalized_uri, '/'); $client_authorized_uri = ClientAuthorizedUri::where('client_id', '=', $this->id)->where('uri', '=', $normalized_uri)->first(); return !is_null($client_authorized_uri); }
public function addClientAllowedUri($id, $uri) { $res = false; $this->tx_service->transaction(function () use($id, $uri, &$res) { $client = Client::find($id); if (is_null($client)) { throw new AbsentClientException(sprintf("client id %s does not exists!", $id)); } if (!filter_var($uri, FILTER_VALIDATE_URL)) { return false; } $parts = @parse_url($uri); if (!$parts) { throw new InvalidAllowedClientUriException(sprintf('uri : %s', $uri)); } if ($parts['scheme'] !== 'https' && ServerConfigurationService::getConfigValue("SSL.Enable")) { throw new InvalidAllowedClientUriException(sprintf('uri : %s', $uri)); } //normalize uri $normalized_uri = $parts['scheme'] . '://' . strtolower($parts['host']); if (isset($parts['path'])) { $normalized_uri .= strtolower($parts['path']); } // normalize url and remove trailing / $normalized_uri = rtrim($normalized_uri, '/'); $client_uri = ClientAuthorizedUri::where('uri', '=', $normalized_uri)->where('client_id', '=', $id)->first(); if (!is_null($client_uri)) { throw new AllowedClientUriAlreadyExistsException(sprintf('uri : %s', $normalized_uri)); } $client_authorized_uri = new ClientAuthorizedUri(); $client_authorized_uri->client_id = $id; $client_authorized_uri->uri = $uri; $res = $client_authorized_uri->Save(); }); return $res; }