Пример #1
0
    protected function generate(Credentials $credentials, $scope)
    {
        $sql = 'SELECT id,
				       userId
			      FROM fusio_app
			     WHERE appKey = :app_key
			       AND appSecret = :app_secret
			       AND status = :status';
        $app = $this->connection->fetchAssoc($sql, array('app_key' => $credentials->getClientId(), 'app_secret' => $credentials->getClientSecret(), 'status' => App::STATUS_ACTIVE));
        if (!empty($app)) {
            // validate scopes
            $scopes = $this->getValidScopes($app['id'], $scope);
            if (empty($scopes)) {
                throw new ServerErrorException('No valid scope given');
            }
            // generate access token
            $expires = new \DateTime();
            $expires->add(new \DateInterval('PT6H'));
            $now = new \DateTime();
            $accessToken = TokenGenerator::generateToken();
            $this->connection->insert('fusio_app_token', ['appId' => $app['id'], 'userId' => $app['userId'], 'status' => AppToken::STATUS_ACTIVE, 'token' => $accessToken, 'scope' => implode(',', $scopes), 'ip' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1', 'expire' => $expires->format($this->connection->getDatabasePlatform()->getDateTimeFormatString()), 'date' => $now->format($this->connection->getDatabasePlatform()->getDateTimeFormatString())]);
            $token = new AccessToken();
            $token->setAccessToken($accessToken);
            $token->setTokenType('bearer');
            $token->setExpiresIn($expires->getTimestamp());
            $token->setScope(implode(',', $scopes));
            return $token;
        } else {
            throw new ServerErrorException('Unknown user');
        }
    }
Пример #2
0
    protected function generate(Credentials $credentials, $scope)
    {
        $sql = 'SELECT id,
				       name,
				       password
			      FROM fusio_user
			     WHERE name = :name
			       AND status = :status';
        $user = $this->connection->fetchAssoc($sql, array('name' => $credentials->getClientId(), 'status' => User::STATUS_ADMINISTRATOR));
        if (!empty($user)) {
            if (password_verify($credentials->getClientSecret(), $user['password'])) {
                $scopes = ['backend'];
                // generate access token
                $expires = new \DateTime();
                $expires->add(new \DateInterval('PT1H'));
                $now = new \DateTime();
                $accessToken = hash('sha256', uniqid());
                $this->connection->insert('fusio_app_token', ['appId' => App::BACKEND, 'userId' => $user['id'], 'status' => AppToken::STATUS_ACTIVE, 'token' => $accessToken, 'scope' => implode(',', $scopes), 'ip' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1', 'expire' => $expires->format($this->connection->getDatabasePlatform()->getDateTimeFormatString()), 'date' => $now->format($this->connection->getDatabasePlatform()->getDateTimeFormatString())]);
                $token = new AccessToken();
                $token->setAccessToken($accessToken);
                $token->setTokenType('bearer');
                $token->setExpiresIn($expires->getTimestamp());
                $token->setScope(implode(',', $scopes));
                return $token;
            } else {
                throw new ServerErrorException('Invalid password');
            }
        } else {
            throw new ServerErrorException('Unknown user');
        }
    }
Пример #3
0
 public function generateAccessToken($appId, $userId, array $scopes, $ip, DateInterval $expire)
 {
     if (empty($scopes)) {
         throw new StatusCode\BadRequestException('No scopes provided');
     }
     $expires = new \DateTime();
     $expires->add($expire);
     $now = new \DateTime();
     // generate access token
     $accessToken = TokenGenerator::generateToken();
     $this->appTokenTable->create(['appId' => $appId, 'userId' => $userId, 'status' => Table\App\Token::STATUS_ACTIVE, 'token' => $accessToken, 'scope' => implode(',', $scopes), 'ip' => $ip, 'expire' => $expires, 'date' => $now]);
     $token = new AccessToken();
     $token->setAccessToken($accessToken);
     $token->setTokenType('bearer');
     $token->setExpiresIn($expires->getTimestamp());
     $token->setScope(implode(',', $scopes));
     return $token;
 }