diff --git a/phpBB/includes/auth/oauth/token_storage.php b/phpBB/includes/auth/oauth/token_storage.php index b658333900..4bf52e2ced 100644 --- a/phpBB/includes/auth/oauth/token_storage.php +++ b/phpBB/includes/auth/oauth/token_storage.php @@ -15,8 +15,11 @@ if (!defined('IN_PHPBB')) exit; } -use OAuth\Common\Storage\TokenStorageInterface; + use OAuth\Common\Token\TokenInterface; +use OAuth\Common\Storage\TokenStorageInterface; +use OAuth\Common\Storage\Exception\StorageException; +use OAuth\Common\Storage\Exception\TokenNotFoundException; /** * OAuth storage wrapper for phpbb's cache @@ -32,6 +35,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface */ protected $db; + /** + * phpBB user + * + * @var phpbb_user + */ + protected $user; + /** * Name of the OAuth provider * @@ -48,10 +58,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface * Creates token storage for phpBB. * * @param phpbb_db_driver $db + * @param phpbb_user $user + * @param string $service_name */ - public function __construct(phpbb_db_driver $db, $service_name) + public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name) { $this->db = $db; + $this->user = $user; $this->service_name = $service_name; } @@ -64,9 +77,31 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface return $this->token; } - // TODO: check to see if the token is cached + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); - throw new TokenNotFoundException('Token not stored'); + if (!$row) + { + throw new TokenNotFoundException('Token not stored'); + } + + $token = unserialize($row['oauth_token']); + + // Ensure that the token was serialized/unserialized correctly + if (!($token instanceof TokenInterface)) + { + $this->clearToken(); + throw new TokenNotFoundException('Token not stored correctly'); + } + + $this->cachedToken = $token; + return $token; } /** @@ -75,7 +110,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function storeAccessToken(TokenInterface $token) { $this->cachedToken = $token; - // TODO: actually store the token + + $sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + 'oauth_token' => serialize($token), + )); + $this->db->sql_query($sql); } /** @@ -84,11 +125,24 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function hasAccessToken() { if( $this->cachedToken ) { - return true; - } + return true; + } - // TODO: check cache for token - return false; + $sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH . + $db->sql_build_array('SELECT', array( + 'user_id' => $this->user->data['user_id'], + 'oauth_provider' => $this->service_name, + )); + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + if (!$row) + { + return false; + } + + return true; } /** @@ -97,6 +151,9 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface public function clearToken() { $this->cachedToken = null; - // TODO: clear cache of the token + + $sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] . + ' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider); + $this->db->sql_query($sql); } }