public function fetchWithClientCredentials(tubepress_spi_http_oauth2_Oauth2ProviderInterface $provider) { $tokenUrl = $provider->getTokenEndpoint(); $clientId = $this->_persistenceHelper->getClientId($provider); $clientSecret = $this->_persistenceHelper->getClientSecret($provider); $request = $this->_httpClient->createRequest('POST', $tokenUrl, array('body' => array('grant_type' => 'client_credentials'))); $provider->onAccessTokenRequest($request, $clientId, $clientSecret); return $this->_fetchAndBuildToken($request, $provider); }
public function testGetTokenUseFirst() { $mockProvider = $this->mock(tubepress_spi_http_oauth2_Oauth2ProviderInterface::_); $mockProvider->shouldReceive('getName')->once()->andReturn('name'); $this->_mockContext->shouldReceive('get')->once()->with(tubepress_api_options_Names::OAUTH2_TOKEN)->andReturn(null); $this->_mockContext->shouldReceive('get')->once()->with(tubepress_api_options_Names::OAUTH2_TOKENS)->andReturn(json_encode(array('name' => array('slug1' => array('access_token' => 'slug1token', 'refresh_token' => 'slug1refresh', 'expiry_unix' => '3333', 'extra' => array('foo' => 'bar')), 'slug2' => array('access_token' => 'slug2token', 'refresh_token' => 'slug2refresh', 'expiry_unix' => '777', 'extra' => array('fooz' => 'baz')))))); $actual = $this->_sut->getStoredToken($mockProvider); $this->assertInstanceOf('tubepress_api_http_oauth_v2_TokenInterface', $actual); }
/** * {@inheritdoc} */ protected function getTemplateVariables() { $clientId = $this->_persistenceHelper->getClientId($this->_provider); $clientSecret = $this->_persistenceHelper->getClientSecret($this->_provider); $tokens = $this->getOptionPersistence()->fetch(tubepress_api_options_Names::OAUTH2_TOKENS); $decodedTokens = json_decode($tokens, true); $providerName = $this->_provider->getName(); if (!isset($decodedTokens[$providerName]) || !is_array($decodedTokens[$providerName])) { $slugs = array(); } else { $slugs = array_keys($decodedTokens[$providerName]); } return array('clientId' => $clientId, 'clientSecret' => $clientSecret, 'provider' => $this->_provider, 'oauth2StartUrl' => $this->_oauth2Environment->getAuthorizationInitiationUrl($this->_provider), 'slugs' => $slugs); }
/** * {@inheritdoc} */ protected function getProviderByName($providerName) { $provider = parent::getProviderByName($providerName); $clientId = $this->_persistenceHelper->getClientId($provider); if (!$clientId) { throw new RuntimeException(sprintf('No saved client ID for %s', $provider->getDisplayName())); } $clientSecret = $this->_persistenceHelper->getClientSecret($provider); if ($provider->isClientSecretUsed() && !$clientSecret) { throw new RuntimeException(sprintf('%s does not have a client secret', $provider->getDisplayName())); } return $provider; }
public function onHttpRequest(tubepress_api_event_EventInterface $event) { /** * @var tubepress_api_http_message_RequestInterface */ $request = $event->getSubject(); $providers = $this->getAllProviders(); $requestConfig = $request->getConfig(); if (!array_key_exists('tubepress-remote-api-call', $requestConfig)) { return; } if ($requestConfig['tubepress-remote-api-call'] !== true) { return; } if ($this->_shouldLog) { $this->_logDebug(sprintf('OAuth2 signing listener invoked for <code>%s</code> to <code>%s</code> with <code>%d</code> registered OAuth2 provider(s)', $request->getMethod(), $request->getUrl(), count($providers))); } foreach ($providers as $provider) { if ($this->_shouldLog) { $this->_logDebug(sprintf('Seeing if %s wants to authorize <code>%s</code> to <code>%s</code>', $provider->getDisplayName(), $request->getMethod(), $request->getUrl())); } if (!$provider->wantsToAuthorizeRequest($request)) { if ($this->_shouldLog) { $this->_logDebug(sprintf('%s declined to authorize <code>%s</code> to <code>%s</code>', $provider->getDisplayName(), $request->getMethod(), $request->getUrl())); } continue; } if ($this->_shouldLog) { $this->_logDebug(sprintf('%s wants to authorize <code>%s</code> to <code>%s</code>', $provider->getDisplayName(), $request->getMethod(), $request->getUrl())); } $token = $this->_persistenceHelper->getStoredToken($provider); if (!$token) { if ($this->_shouldLog) { $this->_logDebug(sprintf('No saved token for %s to use, or user requested no signing.', $provider->getDisplayName())); } break; } if ($token->isExpired()) { if ($this->_shouldLog) { $this->_logDebug('Existing token has expired.'); } if (!$token->getRefreshToken()) { if ($this->_shouldLog) { $this->_logDebug(sprintf('Token for %s has expired and no refresh token available.', $provider->getDisplayName())); } break; } if ($this->_shouldLog) { $this->_logDebug(sprintf('Token for %s has expired. We will try to refresh it.', $provider->getDisplayName())); } $oldToken = $token; $newToken = $this->_accessTokenFetcher->fetchWithRefreshToken($provider, $token); if (!$newToken) { if ($this->_shouldLog) { $this->_logDebug(sprintf('Unable to refresh token for %s. Boo.', $provider->getDisplayName())); } break; } if ($this->_shouldLog) { $this->_logDebug(sprintf('Successfully refreshed token for %s. Yay.', $provider->getDisplayName())); } $token = $newToken; $this->_persistenceHelper->updateToken($oldToken, $newToken); } $clientId = $this->_persistenceHelper->getClientId($provider); $clientSecret = $this->_persistenceHelper->getClientSecret($provider); if ($token && $clientId) { $provider->authorizeRequest($request, $token, $clientId, $clientSecret); break; } } }
/** * {@inheritdoc} */ protected function getTemplateVariables() { $clientId = $this->_persistenceHelper->getClientId($this->_provider); return array('id' => $this->getId(), 'value' => $clientId); }