public function create($token, $expireTime, $accessToken)
{
$accessToken = AccessToken::where('token', '=', $accessToken)->first();
$refreshToken = new RefreshToken();
$refreshToken->token = $token;
$refreshToken->access_token_id = $accessToken->id;
$refreshToken->expire_time = DB::raw('FROM_UNIXTIME(' . $expireTime . ')');
$refreshToken->save();
}
public function getByAccessToken(AccessTokenEntity $accessToken)
{
$accessToken = AccessToken::where('token', '=', $accessToken->getId())->first();
if ($accessToken) {
$_session = $accessToken->session;
$session = new SessionEntity($this->server);
$session->setId($_session->id);
$session->setOwner($_session->owner_type, $_session->owner_id);
return $session;
}
}
/**
* Triggers the given list of tasks
* on each access token if task
* is supported on access tokens
*/
public function foreachAccessToken($tasks)
{
$accessTokens = AccessToken::get();
$this->outputStr("Analyzing " . sizeof($accessTokens) . " access tokens...");
$n_deleted = 0;
foreach ($accessTokens as $accessToken) {
if (in_array('delete_AT_if_expired', $tasks)) {
if ($this->deleteAccessTokenIfExpired($accessToken)) {
$n_deleted++;
}
}
}
if (in_array('delete_AT_if_expired', $tasks) && $n_deleted > 0) {
$this->outputStr(" deleted " . $n_deleted . " perempted access tokens.");
}
$this->outputStr("\n\n");
}
public static function grantScopesToAccessToken($token, $scopes)
{
$accessToken = AccessToken::where('token', '=', $token)->first();
if (!$accessToken) {
return false;
}
$current_scopes = $accessToken->scopes;
$hasScope = function ($scope) use($current_scopes) {
foreach ($current_scopes as $_scope) {
if ($_scope->identifier == $scope) {
return $_scope;
}
}
return false;
};
if ($accessToken) {
foreach ($scopes as $_scope) {
if (!$hasScope($_scope)) {
$scope = Scope::where('identifier', '=', $_scope)->first();
if ($scope) {
$accessToken->scopes()->attach($scope);
$session = $accessToken->session;
$session->scopes()->attach($scope);
}
}
}
}
}
public function delete(AccessTokenEntity $token)
{
AccessToken::where('token', '=', $token->getId())->delete();
}
use API\OAuthServer\OAuthHelper;
/**
* Callback from a OAuth2 supported external service which handles
* - creation of a GLPi Plugins account from an external service account
* - association of an external service account to an existing GLPi Plugins account
* - authentification is external account is already known to be linked to
* a GLPi Plugins account
*/
$user_associate_external_account = Tool::makeEndpoint(function ($service) use($app, $resourceServer) {
$oAuth = new OAuthClient($service);
$token = $oAuth->getAccessToken($app->request->get('code'));
$data = [];
if (isset($_COOKIE['access_token'])) {
$alreadyAuthed = true;
// this is OUR access token, not the provider's one
$accessToken = AccessToken::where('token', '=', $_COOKIE['access_token'])->first();
setcookie('access_token', '', 1, '/');
if (!$accessToken) {
Tool::endWithJson(["error" => "You provided a wrong access_token via cookie"]);
} else {
$user_id = $accessToken->session->user->id;
}
} else {
$alreadyAuthed = false;
}
$external_account_infos = $oAuth->getInfos($token);
if ($alreadyAuthed) {
$user = User::where('id', '=', $user_id)->first();
if (!$user) {
Tool::log('warning: session has unexisting user_id ' . $user_id);
Tool::endWithJson(["error" => "Service error"], 400);
