/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token
* and user services like WP JSON API and WP REST API.
* @param [type] $user_id User ID to
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
// If the token key is there but the ID is either 0 or empty
// we will assume it is a valid client access token and will need to investigate the
// request further.
} elseif (isset($token['user_id']) && $token['user_id'] === 0) {
}
}
}
public function __construct()
{
global $CONFIG;
OAuth2\Autoloader::register();
$storage = new OAuth2\Storage\Pdo(array('dsn' => "mysql:dbname=" . $CONFIG->dbname . ";host=" . $CONFIG->dbhost, 'username' => $CONFIG->dbuser, 'password' => $CONFIG->dbpass));
$server = new OAuth2\Server($storage, array('access_lifetime' => 3600 * 24 * 7, 'enforce_state' => false));
$uc_storage = new PleioboxOAuth2UserCredentialsStorage();
$server->addGrantType(new OAuth2\GrantType\UserCredentials($uc_storage));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, array('always_issue_new_refresh_token' => true, 'refresh_token_lifetime' => 3600 * 24 * 30 * 6)));
$this->server = $server;
}
function __construct()
{
$dsn = 'mysql:dbname=' . DB_NAME . ';host=' . DB_HOST . '';
$username = DB_USER;
$password = DB_PASS;
OAuth2\Autoloader::register();
$this->storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$this->server = new OAuth2\Server($this->storage);
$this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($this->storage));
$this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->storage));
$this->server->addGrantType(new OAuth2\GrantType\RefreshToken($this->storage));
}
/**
* Default constructor
* Initializing of OAuth2 server
* @author Benjamin BALET <*****@*****.**>
*/
public function __construct()
{
parent::__construct();
require_once APPPATH . 'third_party/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$dsn = 'mysql:dbname=' . $this->db->database . ';host=' . $this->db->hostname;
$username = $this->db->username;
$password = $this->db->password;
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
$this->server = new OAuth2\Server($storage);
$this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
$this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
}
function __construct($config = array())
{
require_once __DIR__ . '/../config/database.php';
//database config
require_once __DIR__ . '/../third_party/Oauth2/src/OAuth2/Autoloader.php';
//oauth library
$config = $db['oauth'];
OAuth2\Autoloader::register();
$this->storage = new OAuth2\Storage\Pdo(array('dsn' => $config["dsn"], 'username' => $config["username"], 'password' => $config["password"]));
$this->server = new OAuth2\Server($this->storage, array('allow_implicit' => true));
$this->request = OAuth2\Request::createFromGlobals();
$this->response = new OAuth2\Response();
}
/**
* Create authentication server
* @param array $config
*/
function __construct($config)
{
if (!class_exists('OAuth2\\Autoloader')) {
require_once APP_VENDOR . DS . 'bshaffer/oauth2-server-php/src/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
}
if (empty($config)) {
die('OAuth2 Storage settings is not defined');
}
$this->storage = new OAuth2\Storage\Pdo(array('dsn' => $config['dsn'], 'username' => $config['username'], 'password' => $config['password']));
$this->server = new OAuth2\Server($this->storage, array('allow_implicit' => TRUE));
$this->request = OAuth2\Request::createFromGlobals();
$this->response = new OAuth2\Response();
}
public function __construct()
{
parent::__construct();
$this->load->helper('url');
$this->load->library('session');
OAuth2\Autoloader::register();
$this->load->database();
$config = array('dsn' => $this->db->dsn, 'username' => $this->db->username, 'password' => $this->db->password);
$this->_storage = new OAuth2\Storage\Pdo($config);
$grant_types = array('user_credentials' => new UserCredentials($this->_storage), 'refresh_token' => new RefreshToken($this->_storage, array('always_issue_new_refresh_token' => TRUE)));
$this->_server = new Server($this->_storage, array('enforce_state' => FALSE, 'allow_implicit' => TRUE, 'issuer' => $this->input->server('HTTP_HOST')), $grant_types);
$this->_request = Request::createFromGlobals();
$this->_response = new Response();
}
public function __construct(modX &$modx, array $options = array())
{
$this->modx =& $modx;
$this->namespace = $this->getOption('namespace', $options, 'oauth2server');
$corePath = $this->getOption('core_path', $options, $this->modx->getOption('core_path', null, MODX_CORE_PATH) . 'components/oauth2server/');
$assetsPath = $this->getOption('assets_path', $options, $this->modx->getOption('assets_path', null, MODX_ASSETS_PATH) . 'components/oauth2server/');
$assetsUrl = $this->getOption('assets_url', $options, $this->modx->getOption('assets_url', null, MODX_ASSETS_URL) . 'components/oauth2server/');
$dbPrefix = $this->getOption('table_prefix', $options, $this->modx->getOption('table_prefix', null, 'modx_'));
/* load config defaults */
$this->options = array_merge(array('namespace' => $this->namespace, 'corePath' => $corePath, 'modelPath' => $corePath . 'model/', 'oauth2Path' => $corePath . 'model/OAuth2/', 'chunksPath' => $corePath . 'elements/chunks/', 'snippetsPath' => $corePath . 'elements/snippets/', 'templatesPath' => $corePath . 'templates/', 'assetsPath' => $assetsPath, 'assetsUrl' => $assetsUrl, 'jsUrl' => $assetsUrl . 'js/', 'cssUrl' => $assetsUrl . 'css/', 'connectorUrl' => $assetsUrl . 'connector.php', 'server' => array('use_jwt_access_tokens' => false, 'store_encrypted_token_string' => true, 'use_openid_connect' => false, 'id_lifetime' => 3600, 'access_lifetime' => 7776000, 'www_realm' => 'Service', 'token_param_name' => 'access_token', 'token_bearer_header_name' => 'Bearer', 'enforce_state' => false, 'require_exact_redirect_uri' => false, 'allow_implicit' => false, 'allow_credentials_in_request_body' => true, 'allow_public_clients' => true, 'always_issue_new_refresh_token' => true, 'unset_refresh_token_after_use' => false, 'refresh_token_lifetime' => 15552000)), $options);
/* load table names for OAuth2 PDO driver */
$this->tablenames = array('client_table' => $dbPrefix . 'oauth2server_clients', 'access_token_table' => $dbPrefix . 'oauth2server_access_tokens', 'refresh_token_table' => $dbPrefix . 'oauth2server_refresh_tokens', 'code_table' => $dbPrefix . 'oauth2server_authorization_codes', 'jwt_table' => $dbPrefix . 'oauth2server_jwt', 'scope_table' => $dbPrefix . 'oauth2server_scopes');
$this->modx->addPackage('oauth2server', $this->options['modelPath'], $this->modx->config['table_prefix']);
$this->modx->lexicon->load('oauth2server:default');
// Load OAuth2
require_once $this->options['oauth2Path'] . 'Autoloader.php';
OAuth2\Autoloader::register();
}
/**
* Awesomeness for 3rd party support
*
* Filter; determine_current_user
* Other Filter: check_authentication
*
* This creates a hook in the determine_current_user filter that can check for a valid access_token and
* user services like WP JSON API and WP REST API.
* @param [type] $o [description]
* @return [type] [description]
*
* @author Mauro Constantinescu Modified slightly but still a contribution to the project.
*/
public function _wo_authenicate_bypass($user_id)
{
if ($user_id && $user_id > 0) {
return (int) $user_id;
}
/** Extra code but if the user is already logged in, there is no need to re query the DB */
$o = get_option('wo_options');
if ($o['enabled'] == 0) {
return (int) $user_id;
}
require_once dirname(WPOAUTH_FILE) . '/library/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
$server = new OAuth2\Server(new OAuth2\Storage\Wordpressdb());
$request = OAuth2\Request::createFromGlobals();
if ($server->verifyResourceRequest($request)) {
$token = $server->getAccessTokenData($request);
if (isset($token['user_id']) && $token['user_id'] > 0) {
return (int) $token['user_id'];
}
}
}
/**
* Returns an OAuth2 access token to the client
*
* @param array $post Post data
*
* @return mixed
*/
function getToken($post)
{
$old_server_method = $_SERVER['REQUEST_METHOD'];
if (!empty($_SERVER['CONTENT_TYPE'])) {
$old_content_type = $_SERVER['CONTENT_TYPE'];
}
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$_POST = $post;
OAuth2\Autoloader::register();
$oauth_config = array('user_table' => 'users');
$val_array = array('dsn' => 'pgsql:host=' . R_DB_HOST . ';dbname=' . R_DB_NAME . ';port=' . R_DB_PORT, 'username' => R_DB_USER, 'password' => R_DB_PASSWORD);
$storage = new OAuth2\Storage\Pdo($val_array, $oauth_config);
$server = new OAuth2\Server($storage);
if (isset($_POST['grant_type']) && $_POST['grant_type'] == 'password') {
$val_array = array('password' => $_POST['password']);
$users = array($_POST['username'] => $val_array);
$user_credentials = array('user_credentials' => $users);
$storage = new OAuth2\Storage\Memory($user_credentials);
$server->addGrantType(new OAuth2\GrantType\UserCredentials($storage));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'refresh_token') {
$always_issue_new_refresh_token = array('always_issue_new_refresh_token' => true);
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $always_issue_new_refresh_token));
} elseif (isset($_POST['grant_type']) && $_POST['grant_type'] == 'authorization_code') {
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
} else {
$val_array = array('client_secret' => OAUTH_CLIENT_SECRET);
$clients = array(OAUTH_CLIENTID => $val_array);
$credentials = array('client_credentials' => $clients);
$storage = new OAuth2\Storage\Memory($credentials);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
}
$response = $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send('return');
$_SERVER['REQUEST_METHOD'] = $old_server_method;
if (!empty($old_content_type)) {
$_SERVER['CONTENT_TYPE'] = $old_content_type;
}
return json_decode($response, true);
}
/**
* Method to instantiate the file-based api call.
*
* @param mixed $options Optional custom options to load. JRegistry or array format
*
* @since 1.2
*/
public function __construct($options = null)
{
parent::__construct($options);
// Get the global JAuthentication object.
jimport('joomla.user.authentication');
// Register OAuth2 classes
require_once dirname(__FILE__) . '/Autoloader.php';
OAuth2\Autoloader::register();
// OAuth2 Server config from plugin
$this->serverConfig = array('use_jwt_access_tokens' => (bool) RBootstrap::getConfig('oauth2_use_jwt_access_tokens', false), 'store_encrypted_token_string' => (bool) RBootstrap::getConfig('oauth2_store_encrypted_token_string', true), 'use_openid_connect' => (bool) RBootstrap::getConfig('oauth2_use_openid_connect', false), 'id_lifetime' => RBootstrap::getConfig('oauth2_id_lifetime', 3600), 'access_lifetime' => RBootstrap::getConfig('oauth2_access_lifetime', 3600), 'www_realm' => 'Service', 'token_param_name' => RBootstrap::getConfig('oauth2_token_param_name', 'access_token'), 'token_bearer_header_name' => RBootstrap::getConfig('oauth2_token_bearer_header_name', 'Bearer'), 'enforce_state' => (bool) RBootstrap::getConfig('oauth2_enforce_state', true), 'require_exact_redirect_uri' => (bool) RBootstrap::getConfig('oauth2_require_exact_redirect_uri', true), 'allow_implicit' => (bool) RBootstrap::getConfig('oauth2_allow_implicit', false), 'allow_credentials_in_request_body' => (bool) RBootstrap::getConfig('oauth2_allow_credentials_in_request_body', true), 'allow_public_clients' => (bool) RBootstrap::getConfig('oauth2_allow_public_clients', true), 'always_issue_new_refresh_token' => (bool) RBootstrap::getConfig('oauth2_always_issue_new_refresh_token', false));
// Set database names to Redcore DB tables
$prefix = JFactory::getDbo()->getPrefix();
$databaseConfig = array('client_table' => $prefix . 'redcore_oauth_clients', 'access_token_table' => $prefix . 'redcore_oauth_access_tokens', 'refresh_token_table' => $prefix . 'redcore_oauth_refresh_tokens', 'code_table' => $prefix . 'redcore_oauth_authorization_codes', 'user_table' => $prefix . 'redcore_oauth_users', 'jwt_table' => $prefix . 'redcore_oauth_jwt', 'jti_table' => $prefix . 'redcore_oauth_jti', 'scope_table' => $prefix . 'redcore_oauth_scopes', 'public_key_table' => $prefix . 'redcore_oauth_public_keys');
$conf = JFactory::getConfig();
$dsn = 'mysql:dbname=' . $conf->get('db') . ';host=' . $conf->get('host');
$username = $conf->get('user');
$password = $conf->get('password');
$storage = new OAuth2\Storage\Pdoredcore(array('dsn' => $dsn, 'username' => $username, 'password' => $password), $databaseConfig);
$this->server = new OAuth2\Server($storage, $this->serverConfig);
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage, $this->serverConfig));
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage, $this->serverConfig));
// Add the "User Credentials" grant type (this is modified to suit Joomla authorization)
$this->server->addGrantType(new OAuth2\GrantType\UserCredentials($storage, $this->serverConfig));
// Add the "Refresh Token" grant type (this is great for extending expiration time on tokens)
$this->server->addGrantType(new OAuth2\GrantType\RefreshToken($storage, $this->serverConfig));
/*
* @todo Implement JwtBearer Grant type with public_key
// Typically, the URI of the oauth server
$audience = rtrim(JUri::base(), '/');
// Add the "Refresh Token" grant type (this is great for extending expiration time on tokens)
$this->server->addGrantType(new OAuth2\GrantType\JwtBearer($storage, $audience));
*/
// Init Environment
$this->setApiOperation();
}
<?php
/**
* Copyright (c) BoonEx Pty Limited - http://www.boonex.com/
* CC-BY License - http://creativecommons.org/licenses/by/3.0/
*/
bx_import('BxDolModule');
bx_import('BxDolPaginate');
bx_import('BxDolAlerts');
require_once BX_DIRECTORY_PATH_PLUGINS . 'OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
class BxOAuthModule extends BxDolModule
{
protected $_oStorage;
protected $_oServer;
protected $_oAPI;
function BxOAuthModule(&$aModule)
{
parent::BxDolModule($aModule);
$aConfig = array('client_table' => 'bx_oauth_clients', 'access_token_table' => 'bx_oauth_access_tokens', 'refresh_token_table' => 'bx_oauth_refresh_tokens', 'code_table' => 'bx_oauth_authorization_codes', 'user_table' => 'Profiles', 'jwt_table' => '', 'jti_table' => '', 'scope_table' => 'bx_oauth_scopes', 'public_key_table' => '');
$this->_oStorage = new OAuth2\Storage\Pdo(array('dsn' => $this->_buildDSN(), 'username' => $GLOBALS['db']['user'], 'password' => $GLOBALS['db']['passwd'], 'options' => array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'")), $aConfig);
$this->_oServer = new OAuth2\Server($this->_oStorage, array('require_exact_redirect_uri' => false));
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$this->_oServer->addGrantType(new OAuth2\GrantType\ClientCredentials($this->_oStorage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$this->_oServer->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->_oStorage));
}
protected function _buildDSN()
{
$sDSN = 'mysql:';
if (!empty($GLOBALS['db']['host'])) {
<?php
require_once dirname(__FILE__) . '/../src/OAuth2/Autoloader.php';
OAuth2\Autoloader::register();
// register test classes
OAuth2\Autoloader::register(dirname(__FILE__) . '/lib');
// register vendors if possible
if (file_exists(__DIR__ . '/../vendor/autoload.php')) {
require_once __DIR__ . '/../vendor/autoload.php';
}
// remove the dynamoDB database that was created for this build
OAuth2\Storage\Bootstrap::getInstance()->cleanupTravisDynamoDb();
function token()
{
$credentials = $this->__get_credentials();
OAuth2\Autoloader::register();
$server = new OAuth2\Server();
}
/**
* 初始化OAuth Server
* @return [type] [description]
*/
private function initServer()
{
require_once FILE . "/component/OAuth2/Autoloader.php";
OAuth2\Autoloader::register();
$cfg_db = cfg_db::$default;
$dsn = "mysql:dbname=" . $cfg_db['db'] . ";host=" . $cfg_db['host'];
$this->storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $cfg_db['user'], 'password' => $cfg_db['password']));
$this->server = new OAuth2\Server($this->storage);
$this->server->addGrantType(new OAuth2\GrantType\ClientCredentials($this->storage));
$this->server->addGrantType(new OAuth2\GrantType\AuthorizationCode($this->storage));
$this->server->addGrantType(new OAuth2\GrantType\RefreshToken($this->storage, array('always_issue_new_refresh_token' => true)));
}
/**
* Service entry point.
*
* @param int $mode The runtimeEnvironment of this service instance (can be either server or client)
*
* @author Benjamin Carl <*****@*****.**>
* @return object instance of this class
* @access public
*/
public function __tearup($mode = self::MODE_SERVER, $container = self::CONTAINER_PDO, array $config = [])
{
if ($mode === self::MODE_SERVER) {
// register the autoloader
OAuth2\Autoloader::register();
// create storage container for persistence
$storage = new OAuth2\Storage\Pdo($config);
// create OAuth2 Server instance
$realObject = new OAuth2\Server($storage);
} else {
// here we would create a client instance
}
self::setRealObject($realObject);
}
