Verzeichnisstruktur phpBB-3.1.0
- Veröffentlicht
- 27.10.2014
So funktioniert es
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
token_storage.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 namespace phpbb\auth\provider\oauth;
015
016
017 use OAuth\OAuth1\Token\StdOAuth1Token;
018 use OAuth\Common\Token\TokenInterface;
019 use OAuth\Common\Storage\TokenStorageInterface;
020 use OAuth\Common\Storage\Exception\TokenNotFoundException;
021
022 /**
023 * OAuth storage wrapper for phpbb's cache
024 */
025 class token_storage implements TokenStorageInterface
026 {
027 /**
028 * Cache driver.
029 *
030 * @var \phpbb\db\driver\driver_interface
031 */
032 protected $db;
033
034 /**
035 * phpBB user
036 *
037 * @var \phpbb\user
038 */
039 protected $user;
040
041 /**
042 * OAuth token table
043 *
044 * @var string
045 */
046 protected $auth_provider_oauth_table;
047
048 /**
049 * @var object|TokenInterface
050 */
051 protected $cachedToken;
052
053 /**
054 * Creates token storage for phpBB.
055 *
056 * @param \phpbb\db\driver\driver_interface $db
057 * @param \phpbb\user $user
058 * @param string $auth_provider_oauth_table
059 */
060 public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $auth_provider_oauth_table)
061 {
062 $this->db = $db;
063 $this->user = $user;
064 $this->auth_provider_oauth_table = $auth_provider_oauth_table;
065 }
066
067 /**
068 * {@inheritdoc}
069 */
070 public function retrieveAccessToken($service)
071 {
072 $service = $this->get_service_name_for_db($service);
073
074 if ($this->cachedToken instanceof TokenInterface)
075 {
076 return $this->cachedToken;
077 }
078
079 $data = array(
080 'user_id' => (int) $this->user->data['user_id'],
081 'provider' => $service,
082 );
083
084 if ((int) $this->user->data['user_id'] === ANONYMOUS)
085 {
086 $data['session_id'] = $this->user->data['session_id'];
087 }
088
089 return $this->_retrieve_access_token($data);
090 }
091
092 /**
093 * {@inheritdoc}
094 */
095 public function storeAccessToken($service, TokenInterface $token)
096 {
097 $service = $this->get_service_name_for_db($service);
098
099 $this->cachedToken = $token;
100
101 $data = array(
102 'user_id' => (int) $this->user->data['user_id'],
103 'provider' => $service,
104 'oauth_token' => $this->json_encode_token($token),
105 'session_id' => $this->user->data['session_id'],
106 );
107
108 $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . '
109 ' . $this->db->sql_build_array('INSERT', $data);
110 $this->db->sql_query($sql);
111 }
112
113 /**
114 * {@inheritdoc}
115 */
116 public function hasAccessToken($service)
117 {
118 $service = $this->get_service_name_for_db($service);
119
120 if ($this->cachedToken) {
121 return true;
122 }
123
124 $data = array(
125 'user_id' => (int) $this->user->data['user_id'],
126 'provider' => $service,
127 );
128
129 if ((int) $this->user->data['user_id'] === ANONYMOUS)
130 {
131 $data['session_id'] = $this->user->data['session_id'];
132 }
133
134 return $this->_has_acess_token($data);
135 }
136
137 /**
138 * {@inheritdoc}
139 */
140 public function clearToken($service)
141 {
142 $service = $this->get_service_name_for_db($service);
143
144 $this->cachedToken = null;
145
146 $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
147 WHERE user_id = ' . (int) $this->user->data['user_id'] . "
148 AND provider = '" . $this->db->sql_escape($service) . "'";
149
150 if ((int) $this->user->data['user_id'] === ANONYMOUS)
151 {
152 $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
153 }
154
155 $this->db->sql_query($sql);
156 }
157
158 /**
159 * {@inheritdoc}
160 */
161 public function clearAllTokens()
162 {
163 $this->cachedToken = null;
164
165 $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
166 WHERE user_id = ' . (int) $this->user->data['user_id'];
167
168 if ((int) $this->user->data['user_id'] === ANONYMOUS)
169 {
170 $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
171 }
172
173 $this->db->sql_query($sql);
174 }
175
176 /**
177 * Updates the user_id field in the database assosciated with the token
178 *
179 * @param int $user_id
180 */
181 public function set_user_id($user_id)
182 {
183 if (!$this->cachedToken)
184 {
185 return;
186 }
187
188 $sql = 'UPDATE ' . $this->auth_provider_oauth_table . '
189 SET ' . $this->db->sql_build_array('UPDATE', array(
190 'user_id' => (int) $user_id
191 )) . '
192 WHERE user_id = ' . (int) $this->user->data['user_id'] . "
193 AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
194 $this->db->sql_query($sql);
195 }
196
197 /**
198 * Checks to see if an access token exists solely by the session_id of the user
199 *
200 * @param string $service The name of the OAuth service
201 * @return bool true if they have token, false if they don't
202 */
203 public function has_access_token_by_session($service)
204 {
205 $service = $this->get_service_name_for_db($service);
206
207 if ($this->cachedToken)
208 {
209 return true;
210 }
211
212 $data = array(
213 'session_id' => $this->user->data['session_id'],
214 'provider' => $service,
215 );
216
217 return $this->_has_acess_token($data);
218 }
219
220 /**
221 * A helper function that performs the query for has access token functions
222 *
223 * @param array $data
224 * @return bool
225 */
226 protected function _has_acess_token($data)
227 {
228 return (bool) $this->get_access_token_row($data);
229 }
230
231 public function retrieve_access_token_by_session($service)
232 {
233 $service = $this->get_service_name_for_db($service);
234
235 if ($this->cachedToken instanceof TokenInterface) {
236 return $this->cachedToken;
237 }
238
239 $data = array(
240 'session_id' => $this->user->data['session_id'],
241 'provider' => $service,
242 );
243
244 return $this->_retrieve_access_token($data);
245 }
246
247 /**
248 * A helper function that performs the query for retrieve access token functions
249 * Also checks if the token is a valid token
250 *
251 * @param array $data
252 * @return mixed
253 * @throws \OAuth\Common\Storage\Exception\TokenNotFoundException
254 */
255 protected function _retrieve_access_token($data)
256 {
257 $row = $this->get_access_token_row($data);
258
259 if (!$row)
260 {
261 throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED');
262 }
263
264 $token = $this->json_decode_token($row['oauth_token']);
265
266 // Ensure that the token was serialized/unserialized correctly
267 if (!($token instanceof TokenInterface))
268 {
269 $this->clearToken($data['provider']);
270 throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
271 }
272
273 $this->cachedToken = $token;
274 return $token;
275 }
276
277 /**
278 * A helper function that performs the query for retrieving an access token
279 *
280 * @param array $data
281 * @return mixed
282 */
283 protected function get_access_token_row($data)
284 {
285 $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
286 WHERE ' . $this->db->sql_build_array('SELECT', $data);
287 $result = $this->db->sql_query($sql);
288 $row = $this->db->sql_fetchrow($result);
289 $this->db->sql_freeresult($result);
290
291 return $row;
292 }
293
294 public function json_encode_token(TokenInterface $token)
295 {
296 $members = array(
297 'accessToken' => $token->getAccessToken(),
298 'endOfLife' => $token->getEndOfLife(),
299 'extraParams' => $token->getExtraParams(),
300 'refreshToken' => $token->getRefreshToken(),
301
302 'token_class' => get_class($token),
303 );
304
305 // Handle additional data needed for OAuth1 tokens
306 if ($token instanceof StdOAuth1Token)
307 {
308 $members['requestToken'] = $token->getRequestToken();
309 $members['requestTokenSecret'] = $token->getRequestTokenSecret();
310 $members['accessTokenSecret'] = $token->getAccessTokenSecret();
311 }
312
313 return json_encode($members);
314 }
315
316 public function json_decode_token($json)
317 {
318 $token_data = json_decode($json, true);
319
320 if ($token_data === null)
321 {
322 throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
323 }
324
325 $token_class = $token_data['token_class'];
326 $access_token = $token_data['accessToken'];
327 $refresh_token = $token_data['refreshToken'];
328 $endOfLife = $token_data['endOfLife'];
329 $extra_params = $token_data['extraParams'];
330
331 // Create the token
332 $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);
333 $token->setEndOfLife($endOfLife);
334
335 // Handle OAuth 1.0 specific elements
336 if ($token instanceof StdOAuth1Token)
337 {
338 $token->setRequestToken($token_data['requestToken']);
339 $token->setRequestTokenSecret($token_data['requestTokenSecret']);
340 $token->setAccessTokenSecret($token_data['accessTokenSecret']);
341 }
342
343 return $token;
344 }
345
346 /**
347 * Returns the name of the service as it must be stored in the database.
348 *
349 * @param string $service The name of the OAuth service
350 * @return string The name of the OAuth service as it needs to be stored
351 * in the database.
352 */
353 protected function get_service_name_for_db($service)
354 {
355 // Enforce the naming convention for oauth services
356 if (strpos($service, 'auth.provider.oauth.service.') !== 0)
357 {
358 $service = 'auth.provider.oauth.service.' . strtolower($service);
359 }
360
361 return $service;
362 }
363 }
364