function establish(ConnectionConfiguration $connConfig)
 {
     $restConnection = new RestApiClient($this->buildEndpoint($connConfig), $connConfig->getSessionId());
     $restConnection->setCompressionEnabled(WorkbenchConfig::get()->value("enableGzip"));
     $restConnection->setUserAgent(getWorkbenchUserAgent());
     $restConnection->setExternalLogReference($_SESSION['restDebugLog']);
     //TODO: maybe replace w/ its own log?? //TODO: move into ctx
     $restConnection->setLoggingEnabled(WorkbenchConfig::get()->value("debug") == true);
     $restConnection->setProxySettings(getProxySettings());
     $restConnection->setIncludeSessionCookie(WorkbenchConfig::get()->value("includeSessionCookie"));
     return $restConnection;
 }
Exemplo n.º 2
0
 private function oauthProcessLogin($code, $hostName, $apiVersion, $startUrl)
 {
     if (!$this->oauthEnabled) {
         throw new Exception("OAuth not enabled");
     }
     // we set this again below to the real value returned,
     // but in case it fails prior, need to set for logout iframe hack
     if (isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) {
         $_SESSION['oauth']['serverUrlPrefix'] = "https://" . parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
     }
     $oauthConfigs = WorkbenchConfig::get()->value("oauthConfigs");
     $tokenUrl = "https://" . $hostName . "/services/oauth2/token";
     if (!isset($oauthConfigs[$hostName]['key']) || !isset($oauthConfigs[$hostName]['secret'])) {
         throw new Exception("Misconfigured OAuth Host");
     }
     $params = "code=" . $code . "&grant_type=authorization_code" . "&client_id=" . $oauthConfigs[$hostName]['key'] . "&client_secret=" . $oauthConfigs[$hostName]['secret'] . "&redirect_uri=" . urlencode($this->oauthBuildRedirectUrl());
     $curl = curl_init($tokenUrl);
     curl_setopt($curl, CURLOPT_HEADER, false);
     curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($curl, CURLOPT_POST, true);
     curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
     curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
     curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
     //TODO: use ca-bundle instead
     $proxySettings = getProxySettings();
     if ($proxySettings != null) {
         curl_setopt($curl, CURLOPT_PROXY, $proxySettings["proxy_host"]);
         curl_setopt($curl, CURLOPT_PROXYPORT, $proxySettings["proxy_port"]);
         curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxySettings["proxy_username"] . ":" . $proxySettings["proxy_password"]);
     }
     try {
         $json_response = curl_exec($curl);
         if (curl_error($curl) != null) {
             // not printing exception because it could contain the secret
             throw new Exception("Unknown OAuth Error");
         }
         $status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
         $response = json_decode($json_response, true);
         curl_close($curl);
     } catch (Exception $e) {
         throw new WorkbenchAuthenticationException("OAuth authentication failed connect to: " . $tokenUrl);
     }
     if (isset($response["error"]) && isset($response["error_description"])) {
         throw new WorkbenchAuthenticationException($response["error"] . ": " . $response["error_description"]);
     } else {
         if ($status != 200) {
             throw new WorkbenchAuthenticationException("Unknown OAuth Error. Status Code: {$status}");
         }
     }
     $accessToken = $response['access_token'];
     $serverUrlPrefix = $response['instance_url'];
     $_SESSION['oauth']['serverUrlPrefix'] = $serverUrlPrefix;
     if (empty($accessToken)) {
         throw new Exception("OAuth response missing access token");
     }
     if (empty($serverUrlPrefix)) {
         throw new Exception("OAuth response missing instance name");
     }
     $_POST['termsAccepted'] = 1;
     // re-apply terms acceptance on oauth redirect
     $this->processLogin(null, null, $serverUrlPrefix . "/services/Soap/u/" . $apiVersion, $accessToken, $startUrl);
 }
Exemplo n.º 3
0
function initCurlProxySettings(&$ch)
{
    $options = getProxySettings();
    if (isset($options['host']) && strlen($options['host'])) {
        curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, TRUE);
        curl_setopt($ch, CURLOPT_PROXY, sprintf("%s%s", $options['host'], isset($options['port']) && $options['port'] ? ':' . $options['port'] : ''));
        //  print(sprintf("%s%s",$options['host'],(isset($options['port'])&&($options['port'])) ? ':'.$options['port'] : '').'<br><hr>');
        if (isset($options['user']) && strlen($options['user'])) {
            curl_setopt($ch, CURLOPT_PROXYUSERPWD, sprintf("%s:%s", $options['user'], $options['password']));
            //	print(sprintf("%s:%s",$options['user'],$options['password']).'<br><hr>');
        }
    }
    curl_setopt($ch, CURLOPT_USERAGENT, 'WebAsyst CURL 1.0');
}
Exemplo n.º 4
0
<?php

require_once "context/WorkbenchContext.php";
require_once "util/PhpReverseProxy.php";
require_once "session.php";
if (!WorkbenchContext::isEstablished()) {
    httpError("401 Unauthorized", "CometD Proxy only available if Workbench Context has been established.");
    exit;
}
// dereference session-based vars so we can close the session before entering the proxy
// this will allow concurrent long requests on the same session to work better
$host = WorkbenchContext::get()->getHost();
$apiVersion = WorkbenchContext::get()->getApiVersion();
$forceSSL = WorkbenchContext::get()->isSecure();
$sessionId = WorkbenchContext::get()->getSessionId();
session_write_close();
$proxy = new PhpReverseProxy();
$proxy->headers[] = "Authorization: OAuth {$sessionId}";
$proxy->host = $host;
$proxy->forceSSL = $forceSSL;
$proxy->forward_path = "/cometd/{$apiVersion}";
$proxy->cookie_whitelist = array("sfdc-stream", "BAYEUX_BROWSER");
$proxy->proxy_settings = getProxySettings();
$proxy->is_forward_path_static = true;
$proxy->connect();
$proxy->output();