[feature/oauth] Start work on linking an oauth account

Updates token storage to allow retrieval only by session_id PHPBB3-11673
2025-07-28 04:48:54 +00:00 · 2013-07-29 14:27:12 -04:00 · 2013-07-29 14:27:12 -04:00 · 9eb4d55e82
commit 9eb4d55e82
parent 600c29e6ec
2 changed files with 130 additions and 29 deletions
--- a/phpBB/phpbb/auth/provider/oauth/oauth.php
+++ b/phpBB/phpbb/auth/provider/oauth/oauth.php
@ -355,4 +355,40 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base
 		return null;
 	}
 	/**
 	* {@inheritdoc}
 	*/
 	public function link_account(array $link_data)
 	{
 		// We must have an oauth_service listed, check for it two ways
 		if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service'])
 		{
 			if (!$link_data['oauth_service'] && $this->request->is_set('oauth_service'))
 			{
 				$link_data['oauth_service'] = $this->request->variable('oauth_service', '');
 			}
 			if (!$link_data['oauth_service'])
 			{
 				return 'LOGIN_LINK_MISSING_DATA';
 			}
 		}
 		$service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']);
 		if (!array_key_exists($service_name, $this->service_providers))
 		{
 			return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST';
 		}
 		$storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table);
 		// Check for an access token, they should have one
 		if (!$storage->has_access_token_by_sesion())
 		{
 			return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN';
 		}
 		$token = $storage->retrieve_access_token_by_session();
 	}
 }
--- a/phpBB/phpbb/auth/provider/oauth/token_storage.php
+++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php
@ -96,30 +96,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
 			$data['session_id']	= $this->user->data['session_id'];
 		}
-		$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
+		return $this->_retrieve_access_token($data);
 			WHERE ' . $this->db->sql_build_array('SELECT', $data);
 		$result = $this->db->sql_query($sql);
 		$row = $this->db->sql_fetchrow($result);
 		$this->db->sql_freeresult($result);
 		if (!$row)
 		{
 			// TODO: translate
 			throw new TokenNotFoundException('Token not stored');
 		}
 		$token = unserialize($row['oauth_token']);
 		// Ensure that the token was serialized/unserialized correctly
 		if (!($token instanceof TokenInterface))
 		{
 			$this->clearToken();
 			// TODO: translate
 			throw new TokenNotFoundException('Token not stored correctly');
 		}
 		$this->cachedToken = $token;
 		return $token;
 	}
 	/**
@ -164,11 +141,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
 			$data['session_id']	= $this->user->data['session_id'];
 		}
-		$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
+		$row = $this->_has_acess_token($data);
 			WHERE ' . $this->db->sql_build_array('SELECT', $data);
 		$result = $this->db->sql_query($sql);
 		$row = $this->db->sql_fetchrow($result);
 		$this->db->sql_freeresult($result);
 		if (!$row)
 		{
@ -217,4 +190,96 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
 					AND session_id = \'' . $this->user->data['session_id'] . '\'';
 		$this->db->sql_query($sql);
 	}
 	/**
 	* Checks to see if an access token exists solely by the session_id of the user
 	*
 	* @return	bool	true if they have token, false if they don't
 	*/
 	public function has_access_token_by_session()
 	{
 		if( $this->cachedToken ) {
 			return true;
 		}
 		$data = array(
 			'session_id'	=> $this->user->data['session_id'],
 			'provider'		=> $this->service_name,
 		);
 		$row = $this->_has_acess_token($data);
 		if (!$row)
 		{
 			return false;
 		}
 		return true;
 	}
 	/**
 	* A helper function that performs the query for has access token functions
 	*
 	* @param	array	$data
 	* @return	mixed
 	*/
 	protected function _has_acess_token($data)
 	{
 		$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
 			WHERE ' . $this->db->sql_build_array('SELECT', $data);
 		$result = $this->db->sql_query($sql);
 		$row = $this->db->sql_fetchrow($result);
 		$this->db->sql_freeresult($result);
 		return $row;
 	}
 	public function retrieve_access_token_by_session()
 	{
 		if( $this->cachedToken instanceOf TokenInterface ) {
 			return $this->cachedToken;
 		}
 		$data = array(
 			'session_id'	=> $this->user->data['session_id'],
 			'provider'	=> $this->service_name,
 		);
 		return $this->_retrieve_access_token($data);
 	}
 	/**
 	* A helper function that performs the query for retrieve access token functions
 	* Also checks if the token is a valid token
 	*
 	* @param	array	$data
 	* @return	mixed
 	*/
 	protected function _retrieve_access_token($data)
 	{
 		$sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '
 			WHERE ' . $this->db->sql_build_array('SELECT', $data);
 		$result = $this->db->sql_query($sql);
 		$row = $this->db->sql_fetchrow($result);
 		$this->db->sql_freeresult($result);
 		if (!$row)
 		{
 			// TODO: translate
 			throw new TokenNotFoundException('Token not stored');
 		}
 		$token = unserialize($row['oauth_token']);
 		// Ensure that the token was serialized/unserialized correctly
 		if (!($token instanceof TokenInterface))
 		{
 			$this->clearToken();
 			// TODO: translate
 			throw new TokenNotFoundException('Token not stored correctly');
 		}
 		$this->cachedToken = $token;
 		return $token;
 	}
 }