makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/16008] Clean up phpBB OAuth system

Browse source 
PHPBB3-16008
This commit is contained in:
mrgoldy 2019-05-05 18:26:43 +02:00 committed by Marc Alexander
parent 78ce646c69
commit 0b39e4e854
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
13 changed files with 1103 additions and 882 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
phpBB/config/default/container/services_auth.yml
View file

@ -1,9 +1,9 @@
services: services:
# ----- Auth management ----- # ----- Auth management -----
auth: auth:
class: phpbb\auth\auth class: phpbb\auth\auth
# ----- Auth providers ----- # ----- Auth providers -----
auth.provider_collection: auth.provider_collection:
class: phpbb\auth\provider_collection class: phpbb\auth\provider_collection
arguments: arguments:
@ -52,24 +52,25 @@ services:
auth.provider.oauth: auth.provider.oauth:
class: phpbb\auth\provider\oauth\oauth class: phpbb\auth\provider\oauth\oauth
arguments: arguments:
- '@dbal.conn'
- '@config' - '@config'
- '@service_container'
- '@dbal.conn'
- '@dispatcher'
- '@language'
- '@passwords.manager' - '@passwords.manager'
- '@request' - '@request'
- '@auth.provider.oauth.service_collection'
- '@user' - '@user'
- '%tables.auth_provider_oauth_token_storage%' - '%tables.auth_provider_oauth_token_storage%'
- '%tables.auth_provider_oauth_states%' - '%tables.auth_provider_oauth_states%'
- '%tables.auth_provider_oauth_account_assoc%' - '%tables.auth_provider_oauth_account_assoc%'
- '@auth.provider.oauth.service_collection'
- '%tables.users%' - '%tables.users%'
- '@service_container'
- '@dispatcher'
- '%core.root_path%' - '%core.root_path%'
- '%core.php_ext%' - '%core.php_ext%'
tags: tags:
- { name: auth.provider } - { name: auth.provider }
# ----- OAuth services providers ----- # ----- OAuth services providers -----
auth.provider.oauth.service_collection: auth.provider.oauth.service_collection:
class: phpbb\di\service_collection class: phpbb\di\service_collection
arguments: arguments:

1
phpBB/language/en/common.php
View file

@ -94,6 +94,7 @@ $lang = array_merge($lang, array(
'AUTH_PROVIDER_OAUTH_ERROR_ALREADY_LINKED' => 'This external service is already associated with another board account.', 'AUTH_PROVIDER_OAUTH_ERROR_ALREADY_LINKED' => 'This external service is already associated with another board account.',
'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.', 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.',
'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.', 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.',
'AUTH_PROVIDER_OAUTH_ERROR_REQUEST' => 'Something went wrong when processing your OAuth request.',
'AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED' => 'OAuth service not created', 'AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED' => 'OAuth service not created',
'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly', 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly',
'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook', 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook',

2
phpBB/phpbb/auth/provider/base.php
View file

@ -16,7 +16,7 @@ namespace phpbb\auth\provider;
/** /**
* Base authentication provider class that all other providers should implement * Base authentication provider class that all other providers should implement
*/ */
abstract class base implements \phpbb\auth\provider\provider_interface abstract class base implements provider_interface
{ {
/** /**
* {@inheritdoc} * {@inheritdoc}

996
phpBB/phpbb/auth/provider/oauth/oauth.php
View file

File diff suppressed because it is too large Load diff

68
phpBB/phpbb/auth/provider/oauth/service/base.php
View file

@ -1,51 +1,59 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* Base OAuth abstract class that all OAuth services should implement * Base OAuth abstract class that all OAuth services should implement
*/ */
abstract class base implements \phpbb\auth\provider\oauth\service\service_interface abstract class base implements service_interface
{ {
/** /**
* External OAuth service provider * External OAuth service provider
* *
* @var \OAuth\Common\Service\ServiceInterface * @var \OAuth\Common\Service\ServiceInterface
*/ */
protected $service_provider; protected $service_provider;
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_external_service_provider()
{
return $this->service_provider;
}
/**
* {@inheritdoc}
*/
public function get_auth_scope() public function get_auth_scope()
{ {
return array(); return [];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_external_service_class()
{
return '';
}
/**
* {@inheritdoc}
*/
public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider) public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider)
{ {
$this->service_provider = $service_provider; $this->service_provider = $service_provider;
} }
/**
* {@inheritdoc}
*/
public function get_external_service_provider()
{
return $this->service_provider;
}
} }

107
phpBB/phpbb/auth/provider/oauth/service/bitly.php
View file

@ -1,94 +1,107 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* Bitly OAuth service * Bitly OAuth service
*/ */
class bitly extends \phpbb\auth\provider\oauth\service\base class bitly extends base
{ {
/** /** @var \phpbb\config\config */
* phpBB config
*
* @var \phpbb\config\config
*/
protected $config; protected $config;
/** /** @var \phpbb\request\request_interface */
* phpBB request
*
* @var \phpbb\request\request_interface
*/
protected $request; protected $request;
/** /**
* Constructor * Constructor.
* *
* @param \phpbb\config\config $config * @param \phpbb\config\config $config Config object
* @param \phpbb\request\request_interface $request * @param \phpbb\request\request_interface $request Request object
*/ */
public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request)
{ {
$this->config = $config; $this->config = $config;
$this->request = $request; $this->request = $request;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_service_credentials() public function get_service_credentials()
{ {
return array( return [
'key' => $this->config['auth_oauth_bitly_key'], 'key' => $this->config['auth_oauth_bitly_key'],
'secret' => $this->config['auth_oauth_bitly_secret'], 'secret' => $this->config['auth_oauth_bitly_secret'],
); ];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_auth_login() public function perform_auth_login()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly))
{ {
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// This was a callback request from bitly, get the token try
$this->service_provider->requestAccessToken($this->request->variable('code', '')); {
// This was a callback request, get the token
$this->service_provider->requestAccessToken($this->request->variable('code', ''));
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Send a request with it try
$result = json_decode($this->service_provider->request('user/info'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('user/info'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier returned from bitly // Return the unique identifier returned from bitly
return $result['data']['login']; return $result['data']['login'];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_token_auth() public function perform_token_auth()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly))
{ {
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// Send a request with it try
$result = json_decode($this->service_provider->request('user/info'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('user/info'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier returned from bitly // Return the unique identifier
return $result['data']['login']; return $result['data']['login'];
} }
} }

99
phpBB/phpbb/auth/provider/oauth/service/facebook.php
View file

@ -1,63 +1,55 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* Facebook OAuth service * Facebook OAuth service
*/ */
class facebook extends base class facebook extends base
{ {
/** /** @var \phpbb\config\config */
* phpBB config
*
* @var \phpbb\config\config
*/
protected $config; protected $config;
/** /** @var \phpbb\request\request_interface */
* phpBB request
*
* @var \phpbb\request\request_interface
*/
protected $request; protected $request;
/** /**
* Constructor * Constructor.
* *
* @param \phpbb\config\config $config * @param \phpbb\config\config $config Config object
* @param \phpbb\request\request_interface $request * @param \phpbb\request\request_interface $request Request object
*/ */
public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request)
{ {
$this->config = $config; $this->config = $config;
$this->request = $request; $this->request = $request;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_service_credentials() public function get_service_credentials()
{ {
return array( return [
'key' => $this->config['auth_oauth_facebook_key'], 'key' => $this->config['auth_oauth_facebook_key'],
'secret' => $this->config['auth_oauth_facebook_secret'], 'secret' => $this->config['auth_oauth_facebook_secret'],
); ];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_auth_login() public function perform_auth_login()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook))
@ -65,19 +57,33 @@ class facebook extends base
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// This was a callback request, get the token try
$this->service_provider->requestAccessToken($this->request->variable('code', '')); {
// This was a callback request, get the token
$this->service_provider->requestAccessToken($this->request->variable('code', ''));
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Send a request with it try
$result = json_decode($this->service_provider->request('/me'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('/me'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier // Return the unique identifier
return $result['id']; return $result['id'];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_token_auth() public function perform_token_auth()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook))
@ -85,8 +91,15 @@ class facebook extends base
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// Send a request with it try
$result = json_decode($this->service_provider->request('/me'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('/me'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier // Return the unique identifier
return $result['id']; return $result['id'];

107
phpBB/phpbb/auth/provider/oauth/service/google.php
View file

@ -1,74 +1,66 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* Google OAuth service * Google OAuth service
*/ */
class google extends base class google extends base
{ {
/** /** @var \phpbb\config\config */
* phpBB config
*
* @var \phpbb\config\config
*/
protected $config; protected $config;
/** /** @var \phpbb\request\request_interface */
* phpBB request
*
* @var \phpbb\request\request_interface
*/
protected $request; protected $request;
/** /**
* Constructor * Constructor.
* *
* @param \phpbb\config\config $config * @param \phpbb\config\config $config Config object
* @param \phpbb\request\request_interface $request * @param \phpbb\request\request_interface $request Request object
*/ */
public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request)
{ {
$this->config = $config; $this->config = $config;
$this->request = $request; $this->request = $request;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_auth_scope() public function get_auth_scope()
{ {
return array( return [
'userinfo_email', 'userinfo_email',
'userinfo_profile', 'userinfo_profile',
); ];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_service_credentials() public function get_service_credentials()
{ {
return array( return [
'key' => $this->config['auth_oauth_google_key'], 'key' => $this->config['auth_oauth_google_key'],
'secret' => $this->config['auth_oauth_google_secret'], 'secret' => $this->config['auth_oauth_google_secret'],
); ];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_auth_login() public function perform_auth_login()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google))
@ -76,19 +68,33 @@ class google extends base
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// This was a callback request, get the token try
$this->service_provider->requestAccessToken($this->request->variable('code', '')); {
// This was a callback request, get the token
$this->service_provider->requestAccessToken($this->request->variable('code', ''));
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Send a request with it try
$result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier // Return the unique identifier
return $result['id']; return $result['id'];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_token_auth() public function perform_token_auth()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google)) if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google))
@ -96,8 +102,15 @@ class google extends base
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// Send a request with it try
$result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true); {
// Send a request with it
$result = (array) json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Return the unique identifier // Return the unique identifier
return $result['id']; return $result['id'];

114
phpBB/phpbb/auth/provider/oauth/service/service_interface.php
View file

@ -1,73 +1,87 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* OAuth service interface * OAuth service interface
*/ */
interface service_interface interface service_interface
{ {
/** /**
* Returns an array of the scopes necessary for auth * Returns an array of the scopes necessary for auth
* *
* @return array An array of the required scopes * @return array An array of the required scopes
*/ */
public function get_auth_scope(); public function get_auth_scope();
/** /**
* Returns the external library service provider once it has been set * Returns an array containing the service credentials belonging to requested
* * service.
* @param \OAuth\Common\Service\ServiceInterface|null *
*/ * @return array An array containing the 'key' and the 'secret' of the
public function get_external_service_provider(); * service in the form:
* array(
/** * 'key' => string
* Returns an array containing the service credentials belonging to requested * 'secret' => string
* service. * )
* */
* @return array An array containing the 'key' and the 'secret' of the
* service in the form:
* array(
* 'key' => string
* 'secret' => string
* )
*/
public function get_service_credentials(); public function get_service_credentials();
/** /**
* Returns the results of the authentication in json format * Returns the results of the authentication in json format
* *
* @throws \phpbb\auth\provider\oauth\service\exception * @throws \phpbb\auth\provider\oauth\service\exception
* @return string The unique identifier returned by the service provider * @return string The unique identifier returned by the service provider
* that is used to authenticate the user with phpBB. * that is used to authenticate the user with phpBB.
*/ */
public function perform_auth_login(); public function perform_auth_login();
/** /**
* Returns the results of the authentication in json format * Returns the results of the authentication in json format
* Use this function when the user already has an access token * Use this function when the user already has an access token
* *
* @throws \phpbb\auth\provider\oauth\service\exception * @throws \phpbb\auth\provider\oauth\service\exception
* @return string The unique identifier returned by the service provider * @return string The unique identifier returned by the service provider
* that is used to authenticate the user with phpBB. * that is used to authenticate the user with phpBB.
*/ */
public function perform_token_auth(); public function perform_token_auth();
/** /**
* Sets the external library service provider * Returns the class of external library service provider that has to be used.
* *
* @param \OAuth\Common\Service\ServiceInterface $service_provider * @return string If the string is a class, it will register the provided string as a class,
*/ * which later will be generated as the OAuth external service provider.
* If the string is not a class, it will use this string,
* trying to generate a service for the version 2 and 1 respectively:
* \OAuth\OAuth2\Service\<string>
* If the string is empty, it will default to OAuth's standard service classes,
* trying to generate a service for the version 2 and 1 respectively:
* \OAuth\OAuth2\Service\Facebook
*/
public function get_external_service_class();
/**
* Sets the external library service provider
*
* @param \OAuth\Common\Service\ServiceInterface $service_provider
*/
public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider); public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider);
/**
* Returns the external library service provider once it has been set
*
* @param \OAuth\Common\Service\ServiceInterface|null
*/
public function get_external_service_provider();
} }

113
phpBB/phpbb/auth/provider/oauth/service/twitter.php
View file

@ -1,102 +1,111 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth\service; namespace phpbb\auth\provider\oauth\service;
/** /**
* Twitter OAuth service * Twitter OAuth service
*/ */
class twitter extends \phpbb\auth\provider\oauth\service\base class twitter extends base
{ {
/** /** @var \phpbb\config\config */
* phpBB config
*
* @var \phpbb\config\config
*/
protected $config; protected $config;
/** /** @var \phpbb\request\request_interface */
* phpBB request
*
* @var \phpbb\request\request_interface
*/
protected $request; protected $request;
/** /**
* Constructor * Constructor.
* *
* @param \phpbb\config\config $config * @param \phpbb\config\config $config Config object
* @param \phpbb\request\request_interface $request * @param \phpbb\request\request_interface $request Request object
*/ */
public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request) public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request)
{ {
$this->config = $config; $this->config = $config;
$this->request = $request; $this->request = $request;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function get_service_credentials() public function get_service_credentials()
{ {
return array( return [
'key' => $this->config['auth_oauth_twitter_key'], 'key' => $this->config['auth_oauth_twitter_key'],
'secret' => $this->config['auth_oauth_twitter_secret'], 'secret' => $this->config['auth_oauth_twitter_secret'],
); ];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_auth_login() public function perform_auth_login()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth1\Service\Twitter)) if (!($this->service_provider instanceof \OAuth\OAuth1\Service\Twitter))
{ {
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
$storage = $this->service_provider->getStorage(); $storage = $this->service_provider->getStorage();
$token = $storage->retrieveAccessToken('Twitter');
$tokensecret = $token->getRequestTokenSecret();
// This was a callback request from twitter, get the token try
$this->service_provider->requestAccessToken( {
$this->request->variable('oauth_token', ''), /** @var \OAuth\OAuth1\Token\TokenInterface $token */
$this->request->variable('oauth_verifier', ''), $token = $storage->retrieveAccessToken('Twitter');
$tokensecret }
); catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
$secret = $token->getRequestTokenSecret();
try
{
// This was a callback request, get the token
$this->service_provider->requestAccessToken(
$this->request->variable('oauth_token', ''),
$this->request->variable('oauth_verifier', ''),
$secret
);
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Send a request with it // Send a request with it
$result = json_decode($this->service_provider->request('account/verify_credentials.json'), true); $result = (array) json_decode($this->service_provider->request('account/verify_credentials.json'), true);
// Return the unique identifier returned from twitter // Return the unique identifier
return $result['id']; return $result['id'];
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function perform_token_auth() public function perform_token_auth()
{ {
if (!($this->service_provider instanceof \OAuth\OAuth1\Service\Twitter)) if (!($this->service_provider instanceof \OAuth\OAuth1\Service\Twitter))
{ {
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE'); throw new exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
} }
// Send a request with it // Send a request with it
$result = json_decode($this->service_provider->request('account/verify_credentials.json'), true); $result = (array) json_decode($this->service_provider->request('account/verify_credentials.json'), true);
// Return the unique identifier returned from twitter // Return the unique identifier
return $result['id']; return $result['id'];
} }
} }

346
phpBB/phpbb/auth/provider/oauth/token_storage.php
View file

@ -1,15 +1,15 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
* *
* @copyright (c) phpBB Limited <https://www.phpbb.com> * @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0) * @license GNU General Public License, version 2 (GPL-2.0)
* *
* For full copyright and license information, please see * For full copyright and license information, please see
* the docs/CREDITS.txt file. * the docs/CREDITS.txt file.
* *
*/ */
namespace phpbb\auth\provider\oauth; namespace phpbb\auth\provider\oauth;
@ -20,67 +20,48 @@ use OAuth\Common\Storage\Exception\TokenNotFoundException;
use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException; use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException;
/** /**
* OAuth storage wrapper for phpbb's cache * OAuth storage wrapper for phpBB3's cache
*/ */
class token_storage implements TokenStorageInterface class token_storage implements TokenStorageInterface
{ {
/** /** @var \phpbb\db\driver\driver_interface */
* Cache driver.
*
* @var \phpbb\db\driver\driver_interface
*/
protected $db; protected $db;
/** /** @var \phpbb\user */
* phpBB user
*
* @var \phpbb\user
*/
protected $user; protected $user;
/** /** @var string OAuth table: token storage */
* OAuth token table
*
* @var string
*/
protected $oauth_token_table; protected $oauth_token_table;
/** /** @var string OAuth table: state */
* OAuth state table
*
* @var string
*/
protected $oauth_state_table; protected $oauth_state_table;
/** /** @var TokenInterface OAuth token */
* @var object|TokenInterface
*/
protected $cachedToken; protected $cachedToken;
/** /** @var string OAuth state */
* @var string
*/
protected $cachedState; protected $cachedState;
/** /**
* Creates token storage for phpBB. * Constructor.
* *
* @param \phpbb\db\driver\driver_interface $db * @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\user $user * @param \phpbb\user $user User object
* @param string $oauth_token_table * @param string $oauth_token_table OAuth table: token storage
* @param string $oauth_state_table * @param string $oauth_state_table OAuth table: state
*/ */
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table) public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, $oauth_token_table, $oauth_state_table)
{ {
$this->db = $db; $this->db = $db;
$this->user = $user; $this->user = $user;
$this->oauth_token_table = $oauth_token_table; $this->oauth_token_table = $oauth_token_table;
$this->oauth_state_table = $oauth_state_table; $this->oauth_state_table = $oauth_state_table;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function retrieveAccessToken($service) public function retrieveAccessToken($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -90,10 +71,10 @@ class token_storage implements TokenStorageInterface
return $this->cachedToken; return $this->cachedToken;
} }
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); ];
if ((int) $this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
@ -104,33 +85,38 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function storeAccessToken($service, TokenInterface $token) public function storeAccessToken($service, TokenInterface $token)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
$this->cachedToken = $token; $this->cachedToken = $token;
$data = array( $data = [
'oauth_token' => $this->json_encode_token($token), 'oauth_token' => $this->json_encode_token($token),
); ];
$sql = 'UPDATE ' . $this->oauth_token_table . ' $sql = 'UPDATE ' . $this->oauth_token_table . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . ' SET ' . $this->db->sql_build_array('UPDATE', $data) . '
WHERE user_id = ' . (int) $this->user->data['user_id'] . ' WHERE user_id = ' . (int) $this->user->data['user_id'] . "
' . ((int) $this->user->data['user_id'] === ANONYMOUS ? "AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'" : '') . " AND provider = '" . $this->db->sql_escape($service) . "'";
AND provider = '" . $this->db->sql_escape($service) . "'";
if ((int) $this->user->data['user_id'] === ANONYMOUS)
{
$sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
}
$this->db->sql_query($sql); $this->db->sql_query($sql);
if (!$this->db->sql_affectedrows()) if (!$this->db->sql_affectedrows())
{ {
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
'oauth_token' => $this->json_encode_token($token), 'oauth_token' => $this->json_encode_token($token),
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
); ];
$sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data); $sql = 'INSERT INTO ' . $this->oauth_token_table . $this->db->sql_build_array('INSERT', $data);
@ -141,8 +127,8 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function hasAccessToken($service) public function hasAccessToken($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -152,22 +138,22 @@ class token_storage implements TokenStorageInterface
return true; return true;
} }
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); ];
if ((int) $this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
$data['session_id'] = $this->user->data['session_id']; $data['session_id'] = $this->user->data['session_id'];
} }
return $this->_has_acess_token($data); return $this->_has_access_token($data);
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function clearToken($service) public function clearToken($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -189,13 +175,13 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function clearAllTokens() public function clearAllTokens()
{ {
$this->cachedToken = null; $this->cachedToken = null;
$sql = 'DELETE FROM ' . $this->oauth_token_table . ' $sql = 'DELETE FROM ' . $this->oauth_token_table . '
WHERE user_id = ' . (int) $this->user->data['user_id']; WHERE user_id = ' . (int) $this->user->data['user_id'];
if ((int) $this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
@ -209,31 +195,30 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function storeAuthorizationState($service, $state) public function storeAuthorizationState($service, $state)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
$this->cachedState = $state; $this->cachedState = $state;
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
'oauth_state' => $state, 'oauth_state' => $state,
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
); ];
$sql = 'INSERT INTO ' . $this->oauth_state_table . ' $sql = 'INSERT INTO ' . $this->oauth_state_table . ' ' . $this->db->sql_build_array('INSERT', $data);
' . $this->db->sql_build_array('INSERT', $data);
$this->db->sql_query($sql); $this->db->sql_query($sql);
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function hasAuthorizationState($service) public function hasAuthorizationState($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -243,10 +228,10 @@ class token_storage implements TokenStorageInterface
return true; return true;
} }
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); ];
if ((int) $this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
@ -257,8 +242,8 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function retrieveAuthorizationState($service) public function retrieveAuthorizationState($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -268,10 +253,10 @@ class token_storage implements TokenStorageInterface
return $this->cachedState; return $this->cachedState;
} }
$data = array( $data = [
'user_id' => (int) $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); ];
if ((int) $this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
@ -282,8 +267,8 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function clearAuthorizationState($service) public function clearAuthorizationState($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -305,8 +290,8 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function clearAllAuthorizationStates() public function clearAllAuthorizationStates()
{ {
$this->cachedState = null; $this->cachedState = null;
@ -325,10 +310,11 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* Updates the user_id field in the database assosciated with the token * Updates the user_id field in the database associated with the token.
* *
* @param int $user_id * @param int $user_id The user identifier
*/ * @return void
*/
public function set_user_id($user_id) public function set_user_id($user_id)
{ {
if (!$this->cachedToken) if (!$this->cachedToken)
@ -336,21 +322,24 @@ class token_storage implements TokenStorageInterface
return; return;
} }
$data = [
'user_id' => (int) $user_id,
];
$sql = 'UPDATE ' . $this->oauth_token_table . ' $sql = 'UPDATE ' . $this->oauth_token_table . '
SET ' . $this->db->sql_build_array('UPDATE', array( SET ' . $this->db->sql_build_array('UPDATE', $data) . '
'user_id' => (int) $user_id WHERE user_id = ' . (int) $this->user->data['user_id'] . "
)) . ' AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
WHERE user_id = ' . (int) $this->user->data['user_id'] . "
AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
$this->db->sql_query($sql); $this->db->sql_query($sql);
} }
/** /**
* Checks to see if an access token exists solely by the session_id of the user * Checks to see if an access token exists solely by the session_id of the user.
* *
* @param string $service The name of the OAuth service * @param string $service The OAuth service name
* @return bool true if they have token, false if they don't * @return bool true if the user's access token exists,
*/ * false if the user's access token does not exist
*/
public function has_access_token_by_session($service) public function has_access_token_by_session($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -360,20 +349,21 @@ class token_storage implements TokenStorageInterface
return true; return true;
} }
$data = array( $data = [
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
'provider' => $service, 'provider' => $service,
); ];
return $this->_has_acess_token($data); return $this->_has_access_token($data);
} }
/** /**
* Checks to see if a state exists solely by the session_id of the user * Checks to see if a state exists solely by the session_id of the user.
* *
* @param string $service The name of the OAuth service * @param string $service The OAuth service name
* @return bool true if they have state, false if they don't * @return bool true if the user's state exists,
*/ * false if the user's state does not exist
*/
public function has_state_by_session($service) public function has_state_by_session($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -383,25 +373,34 @@ class token_storage implements TokenStorageInterface
return true; return true;
} }
$data = array( $data = [
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
'provider' => $service, 'provider' => $service,
); ];
return (bool) $this->get_state_row($data); return (bool) $this->get_state_row($data);
} }
/** /**
* A helper function that performs the query for has access token functions * A helper function that performs the query for has access token functions.
* *
* @param array $data * @param array $data The SQL WHERE data
* @return bool * @return bool true if the user's access token exists,
*/ * false if the user's access token does not exist
protected function _has_acess_token($data) */
protected function _has_access_token($data)
{ {
return (bool) $this->get_access_token_row($data); return (bool) $this->get_access_token_row($data);
} }
/**
* A helper function that performs the query for retrieving access token functions by session.
* Also checks if the token is a valid token.
*
* @param string $service The OAuth service provider name
* @return TokenInterface
* @throws TokenNotFoundException
*/
public function retrieve_access_token_by_session($service) public function retrieve_access_token_by_session($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -411,14 +410,21 @@ class token_storage implements TokenStorageInterface
return $this->cachedToken; return $this->cachedToken;
} }
$data = array( $data = [
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
'provider' => $service, 'provider' => $service,
); ];
return $this->_retrieve_access_token($data); return $this->_retrieve_access_token($data);
} }
/**
* A helper function that performs the query for retrieving state functions by session.
*
* @param string $service The OAuth service provider name
* @return string The OAuth state
* @throws AuthorizationStateNotFoundException
*/
public function retrieve_state_by_session($service) public function retrieve_state_by_session($service)
{ {
$service = $this->get_service_name_for_db($service); $service = $this->get_service_name_for_db($service);
@ -428,22 +434,22 @@ class token_storage implements TokenStorageInterface
return $this->cachedState; return $this->cachedState;
} }
$data = array( $data = [
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
'provider' => $service, 'provider' => $service,
); ];
return $this->_retrieve_state($data); return $this->_retrieve_state($data);
} }
/** /**
* A helper function that performs the query for retrieve access token functions * A helper function that performs the query for retrieve access token functions.
* Also checks if the token is a valid token * Also checks if the token is a valid token.
* *
* @param array $data * @param array $data The SQL WHERE data
* @return mixed * @return TokenInterface
* @throws \OAuth\Common\Storage\Exception\TokenNotFoundException * @throws TokenNotFoundException
*/ */
protected function _retrieve_access_token($data) protected function _retrieve_access_token($data)
{ {
$row = $this->get_access_token_row($data); $row = $this->get_access_token_row($data);
@ -459,19 +465,21 @@ class token_storage implements TokenStorageInterface
if (!($token instanceof TokenInterface)) if (!($token instanceof TokenInterface))
{ {
$this->clearToken($data['provider']); $this->clearToken($data['provider']);
throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');
} }
$this->cachedToken = $token; $this->cachedToken = $token;
return $token; return $token;
} }
/** /**
* A helper function that performs the query for retrieve state functions * A helper function that performs the query for retrieve state functions.
* *
* @param array $data * @param array $data The SQL WHERE data
* @return mixed * @return string The OAuth state
* @throws \OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException * @throws AuthorizationStateNotFoundException
*/ */
protected function _retrieve_state($data) protected function _retrieve_state($data)
{ {
@ -483,18 +491,21 @@ class token_storage implements TokenStorageInterface
} }
$this->cachedState = $row['oauth_state']; $this->cachedState = $row['oauth_state'];
return $this->cachedState; return $this->cachedState;
} }
/** /**
* A helper function that performs the query for retrieving an access token * A helper function that performs the query for retrieving an access token.
* *
* @param array $data * @param array $data The SQL WHERE data
* @return mixed * @return array|false array with the OAuth token row,
*/ * false if the token does not exist
*/
protected function get_access_token_row($data) protected function get_access_token_row($data)
{ {
$sql = 'SELECT oauth_token FROM ' . $this->oauth_token_table . ' $sql = 'SELECT oauth_token
FROM ' . $this->oauth_token_table . '
WHERE ' . $this->db->sql_build_array('SELECT', $data); WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql); $result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result); $row = $this->db->sql_fetchrow($result);
@ -504,14 +515,16 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* A helper function that performs the query for retrieving a state * A helper function that performs the query for retrieving a state.
* *
* @param array $data * @param array $data The SQL WHERE data
* @return mixed * @return array|false array with the OAuth state row,
* false if the state does not exist
*/ */
protected function get_state_row($data) protected function get_state_row($data)
{ {
$sql = 'SELECT oauth_state FROM ' . $this->oauth_state_table . ' $sql = 'SELECT oauth_state
FROM ' . $this->oauth_state_table . '
WHERE ' . $this->db->sql_build_array('SELECT', $data); WHERE ' . $this->db->sql_build_array('SELECT', $data);
$result = $this->db->sql_query($sql); $result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result); $row = $this->db->sql_fetchrow($result);
@ -520,16 +533,22 @@ class token_storage implements TokenStorageInterface
return $row; return $row;
} }
/**
* A helper function that JSON encodes a TokenInterface's data.
*
* @param TokenInterface $token
* @return string The json encoded TokenInterface's data
*/
public function json_encode_token(TokenInterface $token) public function json_encode_token(TokenInterface $token)
{ {
$members = array( $members = [
'accessToken' => $token->getAccessToken(), 'accessToken' => $token->getAccessToken(),
'endOfLife' => $token->getEndOfLife(), 'endOfLife' => $token->getEndOfLife(),
'extraParams' => $token->getExtraParams(), 'extraParams' => $token->getExtraParams(),
'refreshToken' => $token->getRefreshToken(), 'refreshToken' => $token->getRefreshToken(),
'token_class' => get_class($token), 'token_class' => get_class($token),
); ];
// Handle additional data needed for OAuth1 tokens // Handle additional data needed for OAuth1 tokens
if ($token instanceof StdOAuth1Token) if ($token instanceof StdOAuth1Token)
@ -542,6 +561,13 @@ class token_storage implements TokenStorageInterface
return json_encode($members); return json_encode($members);
} }
/**
* A helper function that JSON decodes a data string and creates a TokenInterface.
*
* @param string $json The json encoded TokenInterface's data
* @return TokenInterface
* @throws TokenNotFoundException
*/
public function json_decode_token($json) public function json_decode_token($json)
{ {
$token_data = json_decode($json, true); $token_data = json_decode($json, true);
@ -557,7 +583,10 @@ class token_storage implements TokenStorageInterface
$endOfLife = $token_data['endOfLife']; $endOfLife = $token_data['endOfLife'];
$extra_params = $token_data['extraParams']; $extra_params = $token_data['extraParams'];
// Create the token /**
* Create the token
* @var TokenInterface $token
*/
$token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params); $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);
$token->setEndOfLife($endOfLife); $token->setEndOfLife($endOfLife);
@ -573,20 +602,19 @@ class token_storage implements TokenStorageInterface
} }
/** /**
* Returns the name of the service as it must be stored in the database. * Returns the service name as it must be stored in the database.
* *
* @param string $service The name of the OAuth service * @param string $provider The OAuth provider name
* @return string The name of the OAuth service as it needs to be stored * @return string The OAuth service name
* in the database. */
*/ protected function get_service_name_for_db($provider)
protected function get_service_name_for_db($service)
{ {
// Enforce the naming convention for oauth services // Enforce the naming convention for oauth services
if (strpos($service, 'auth.provider.oauth.service.') !== 0) if (strpos($provider, 'auth.provider.oauth.service.') !== 0)
{ {
$service = 'auth.provider.oauth.service.' . strtolower($service); $provider = 'auth.provider.oauth.service.' . strtolower($provider);
} }
return $service; return $provider;
} }
} }

4
phpBB/phpbb/auth/provider/provider_interface.php
View file

@ -53,7 +53,7 @@ interface provider_interface
* Autologin function * Autologin function
* *
* @return array|null containing the user row, empty if no auto login * @return array|null containing the user row, empty if no auto login
* should take place, or null if not impletmented. * should take place, or null if not implemented.
*/ */
public function autologin(); public function autologin();
@ -68,7 +68,7 @@ interface provider_interface
/** /**
* This function updates the template with variables related to the acp * This function updates the template with variables related to the acp
* options with whatever configuraton values are passed to it as an array. * options with whatever configuration values are passed to it as an array.
* It then returns the name of the acp file related to this authentication * It then returns the name of the acp file related to this authentication
* provider. * provider.
* *

13
tests/functions/user_delete_test.php
View file

@ -61,20 +61,21 @@ class phpbb_functions_user_delete_test extends phpbb_database_test_case
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers)); $passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
$oauth_provider = new \phpbb\auth\provider\oauth\oauth( $oauth_provider = new \phpbb\auth\provider\oauth\oauth(
$db,
$config, $config,
$phpbb_container,
$db,
$phpbb_dispatcher,
$lang,
$passwords_manager, $passwords_manager,
$request, $request,
$oauth_provider_collection,
$user, $user,
'phpbb_oauth_tokens', 'phpbb_oauth_tokens',
'phpbb_oauth_states', 'phpbb_oauth_states',
'phpbb_oauth_accounts', 'phpbb_oauth_accounts',
$oauth_provider_collection,
'phpbb_users', 'phpbb_users',
$phpbb_container, $phpbb_root_path,
$phpbb_dispatcher, $phpEx
$this->phpbb_root_path,
$this->php_ext
); );
$provider_collection->offsetSet('auth.provider.oauth', $oauth_provider); $provider_collection->offsetSet('auth.provider.oauth', $oauth_provider);