/**
* Vefiry incoming token
* @param OAuthProvider $provider
*/
public function tokenHandler($provider)
{
$GLOBALS['log']->debug("OAUTH: tokenHandler, token={$provider->token}, verify={$provider->verifier}");
$token = OAuthToken::load($provider->token);
if (empty($token)) {
return Zend_Oauth_Provider::TOKEN_REJECTED;
}
if ($token->consumer != $this->consumer->id) {
return Zend_Oauth_Provider::TOKEN_REJECTED;
}
$GLOBALS['log']->debug("OAUTH: tokenHandler, found token=" . var_export($token->id, true));
if ($token->tstate == OAuthToken::REQUEST) {
if (!empty($token->verify) && $provider->verifier == $token->verify) {
$provider->token_secret = $token->secret;
$this->token = $token;
return Zend_Oauth_Provider::OK;
} else {
return Zend_Oauth_Provider::TOKEN_USED;
}
}
if ($token->tstate == OAuthToken::ACCESS) {
$provider->token_secret = $token->secret;
$this->token = $token;
return Zend_Oauth_Provider::OK;
}
return Zend_Oauth_Provider::TOKEN_REJECTED;
}
public function display()
{
if (!SugarOAuthServer::enabled()) {
sugar_die($GLOBALS['mod_strings']['LBL_OAUTH_DISABLED']);
}
global $current_user;
if (!isset($_REQUEST['token']) && isset($_REQUEST['oauth_token'])) {
$_REQUEST['token'] = $_REQUEST['oauth_token'];
}
$sugar_smarty = new Sugar_Smarty();
$sugar_smarty->assign('APP', $GLOBALS['app_strings']);
$sugar_smarty->assign('MOD', $GLOBALS['mod_strings']);
$sugar_smarty->assign('token', $_REQUEST['token']);
$sugar_smarty->assign('sid', session_id());
$token = OAuthToken::load($_REQUEST['token']);
if (empty($token) || empty($token->consumer) || $token->tstate != OAuthToken::REQUEST || empty($token->consumer_obj)) {
sugar_die('Invalid token');
}
if (empty($_REQUEST['confirm'])) {
$sugar_smarty->assign('consumer', sprintf($GLOBALS['mod_strings']['LBL_OAUTH_CONSUMERREQ'], $token->consumer_obj->name));
// SM: roles disabled for now
// $roles = array('' => '');
// $allroles = ACLRole::getAllRoles();
// foreach($allroles as $role) {
// $roles[$role->id] = $role->name;
// }
// $sugar_smarty->assign('roles', $roles);
$hash = md5(rand());
$_SESSION['oauth_hash'] = $hash;
$sugar_smarty->assign('hash', $hash);
echo $sugar_smarty->fetch('modules/OAuthTokens/tpl/authorize.tpl');
} else {
if ($_REQUEST['sid'] != session_id() || $_SESSION['oauth_hash'] != $_REQUEST['hash']) {
sugar_die('Invalid request');
}
$verify = $token->authorize(array("user" => $current_user->id));
if (!empty($token->callback_url)) {
$redirect_url = $token->callback_url;
if (strchr($redirect_url, "?") !== false) {
$redirect_url .= '&';
} else {
$redirect_url .= '?';
}
$redirect_url .= "oauth_verifier=" . $verify . '&oauth_token=' . $_REQUEST['token'];
SugarApplication::redirect($redirect_url);
}
$sugar_smarty->assign('VERIFY', $verify);
$sugar_smarty->assign('token', '');
echo $sugar_smarty->fetch('modules/OAuthTokens/tpl/authorized.tpl');
}
}
/**
* Get OAuth token for SNIP user
* @return OAuthToken
*/
protected function getSnipToken()
{
if (empty($this->token)) {
$user = $this->getSnipUser();
if (!empty($user->authenticate_id)) {
$this->token = OAuthToken::load($user->authenticate_id);
}
if (empty($this->token)) {
$this->token = $this->createSnipToken($user);
}
}
return $this->token;
}
public function testOauthServiceAccess()
{
global $current_user;
$request_token_info = $this->oauth->getRequestToken($this->url . "?method=oauth_request_token");
$token = $request_token_info['oauth_token'];
$secret = $request_token_info['oauth_token_secret'];
$c_token = OAuthToken::load($token);
$verify = $c_token->authorize(array("user" => $current_user->id));
$this->oauth->setToken($token, $secret);
$access_token_info = $this->oauth->getAccessToken($this->url . "?method=oauth_access_token&oauth_verifier={$verify}");
$token = $access_token_info['oauth_token'];
$secret = $access_token_info['oauth_token_secret'];
$this->oauth->setToken($token, $secret);
$res = $this->oauth->fetch($this->url . "?method=oauth_access&input_type=JSON&response_type=JSON");
$this->assertTrue($res);
$session = json_decode($this->oauth->getLastResponse(), true);
$this->assertNotEmpty($session["id"]);
// test fetch through OAuth
$res = $this->oauth->fetch($this->url . "?method=get_user_id&input_type=JSON&response_type=JSON");
$this->assertTrue($res);
$id = json_decode($this->oauth->getLastResponse(), true);
$this->assertEquals($current_user->id, $id);
// test fetch through session initiated by OAuth
$id2 = $this->_makeRESTCall('get_user_id', array("session" => $session["id"]));
$this->assertEquals($current_user->id, $id2);
}
public function mark_deleted($id)
{
$oauthToken = new OAuthToken();
//execute the method
$oauthToken->mark_deleted($id);
//verify that record can not be loaded anymore
$token = OAuthToken::load($id);
$this->assertEquals(null, $token->id);
}
