[feature/oauth] Have token storage use DB

PHPBB3-11673

phpBB/includes/auth/oauth/token_storage.php

@@ -15,8 +15,11 @@ if (!defined('IN_PHPBB'))
 	exit;
 }
 
-use OAuth\Common\Storage\TokenStorageInterface;
+
 use OAuth\Common\Token\TokenInterface;
+use OAuth\Common\Storage\TokenStorageInterface;
+use OAuth\Common\Storage\Exception\StorageException;
+use OAuth\Common\Storage\Exception\TokenNotFoundException;
 
 /**
 * OAuth storage wrapper for phpbb's cache
@@ -32,6 +35,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 	*/
 	protected $db;
 
+	/**
+	* phpBB user
+	*
+	* @var phpbb_user
+	*/
+	protected $user;
+
 	/**
 	* Name of the OAuth provider
 	*
@@ -48,10 +58,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 	* Creates token storage for phpBB.
 	*
 	* @param phpbb_db_driver	$db
+	* @param phpbb_user			$user
+	* @param string				$service_name
 	*/
-	public function __construct(phpbb_db_driver $db, $service_name)
+	public function __construct(phpbb_db_driver $db, phpbb_user $user, $service_name)
 	{
 		$this->db = $db;
+		$this->user = $user;
 		$this->service_name = $service_name;
 	}
 
@@ -64,9 +77,31 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 			return $this->token;
 		}
 
-		// TODO: check to see if the token is cached
+		$sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH .
+			$db->sql_build_array('SELECT', array(
+				'user_id'			=> $this->user->data['user_id'],
+				'oauth_provider'	=> $this->service_name,
+			));
+		$result = $this->db->sql_query($sql);
+		$row = $this->db->sql_fetchrow($result);
+		$this->db->sql_freeresult($result);
 
-		throw new TokenNotFoundException('Token not stored');
+		if (!$row)
+		{
+			throw new TokenNotFoundException('Token not stored');
+		}
+
+		$token = unserialize($row['oauth_token']);
+
+		// Ensure that the token was serialized/unserialized correctly
+		if (!($token instanceof TokenInterface))
+		{
+			$this->clearToken();
+			throw new TokenNotFoundException('Token not stored correctly');
+		}
+
+		$this->cachedToken = $token;
+		return $token;
 	}
 
 	/**
@@ -75,7 +110,13 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 	public function storeAccessToken(TokenInterface $token)
 	{
 		$this->cachedToken = $token;
-		// TODO: actually store the token
+
+		$sql = 'INSERT INTO ' . AUTH_PROVIDER_OAUTH . ' ' . $this->db->sql_build_array('INSERT', array(
+			'user_id'			=> $this->user->data['user_id'],
+			'oauth_provider'	=> $this->service_name,
+			'oauth_token'		=> serialize($token),
+		));
+		$this->db->sql_query($sql);
 	}
 
 	/**
@@ -84,11 +125,24 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 	public function hasAccessToken()
 	{
 		if( $this->cachedToken ) {
-            return true;
+			return true;
-        }
+		}
 
-        // TODO: check cache for token
+		$sql = 'SELECT oauth_token FROM ' . AUTH_PROVIDER_OAUTH .
-        return false;
+			$db->sql_build_array('SELECT', array(
+				'user_id'			=> $this->user->data['user_id'],
+				'oauth_provider'	=> $this->service_name,
+			));
+		$result = $this->db->sql_query($sql);
+		$row = $this->db->sql_fetchrow($result);
+		$this->db->sql_freeresult($result);
+
+		if (!$row)
+		{
+			return false;
+		}
+
+		return true;
 	}
 
 	/**
@@ -97,6 +151,9 @@ class phpbb_auth_oauth_token_storage implements TokenStorageInterface
 	public function clearToken()
 	{
 		$this->cachedToken = null;
-		// TODO: clear cache of the token
+
+		$sql = 'DELETE FROM ' . AUTH_PROVIDER_OAUTH . 'WHERE user_id = ' . $this->user->data['user_id'] .
+			' AND oauth_provider = ' . $this->db->sql_escape($this->oauth_provider);
+		$this->db->sql_query($sql);
 	}
 }