Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-19 16:35:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add client_name to oauth2 storage

Browse source
This commit is contained in:
zotlabs 2019-08-04 17:30:07 -07:00
parent 9ed24ff6d4
commit 79fbccdce7
11 changed files with 97 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
Zotlabs/Identity/OAuth2Storage.php
View file

@ -137,4 +137,35 @@ class OAuth2Storage extends \OAuth2\Storage\Pdo {
return true;
}
public function setClientDetails($client_id, $client_secret = null, $redirect_uri = null, $grant_types = null, $scope = null, $user_id = null, $client_name = null)
{
// if it exists, update it.
if ($this->getClientDetails($client_id)) {
$stmt = $this->db->prepare($sql = sprintf('UPDATE %s SET client_secret=:client_secret, redirect_uri=:redirect_uri, grant_types=:grant_types, scope=:scope, user_id=:user_id, client_name=:client_name where client_id=:client_id', $this->config['client_table']));
} else {
$stmt = $this->db->prepare(sprintf('INSERT INTO %s (client_id, client_secret, redirect_uri, grant_types, scope, user_id, client_name) VALUES (:client_id, :client_secret, :redirect_uri, :grant_types, :scope, :user_id, :client_name)', $this->config['client_table']));
}
return $stmt->execute(compact('client_id', 'client_secret', 'redirect_uri', 'grant_types', 'scope', 'user_id', 'client_name'));
}
public function checkRestrictedGrantType($client_id, $grant_type)
{
$details = $this->getClientDetails($client_id);
if ($details['grant_types']) {
$grant_types = explode(' ', $details['grant_types']);
return in_array($grant_type, (array) $grant_types);
}
// if grant_types are not defined, then none are restricted
return true;
}
}

12
Zotlabs/Module/Authorize.php
View file

@ -50,13 +50,21 @@ class Authorize extends \Zotlabs\Web\Controller {
// TODO: The automatic client registration protocol below should adhere more
// closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
// at https://tools.ietf.org/html/rfc7591
// If no client_id was provided, generate a new one.
if (x($_POST, 'client_name')) {
$client_name = $_POST['client_name'];
} else {
$client_name = $_POST['client_name'] = EMPTY_STR;
}
// If no client_id was provided, generate a new one.
if (x($_POST, 'client_id')) {
$client_id = $_POST['client_id'];
} else {
$client_id = $_POST['client_id'] = random_string(16);
}
// If no redirect_uri was provided, generate a fake one.
if (x($_POST, 'redirect_uri')) {
$redirect_uri = $_POST['redirect_uri'];
@ -76,7 +84,7 @@ class Authorize extends \Zotlabs\Web\Controller {
// Until "Dynamic Client Registration" is pursued - allow new clients to assign their own secret in the REQUEST
$client_secret = (isset($_REQUEST['client_secret'])) ? $_REQUEST['client_secret'] : random_string(16);
// Client apps are registered per channel
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', $_REQUEST['scope'], $user_id);
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, $_REQUEST['grant_types'], $_REQUEST['scope'], $user_id, $client_name);
}
if (!$client = $storage->getClientDetails($client_id)) {
// There was an error registering the client.

20
Zotlabs/Module/Settings/Oauth2.php
View file

@ -34,20 +34,22 @@ class Oauth2 {
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
$name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
$clid = ((x($_POST,'clid')) ? escape_tags(trim($_POST['clid'])) : '');
$secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
$redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
$grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
$scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
$ok = true;
if($name == '' || $secret == '') {
if($clid == '' || $secret == '') {
$ok = false;
notice( t('Name and Secret are required') . EOL);
notice( t('ID and Secret are required') . EOL);
}
if($ok) {
if ($_POST['submit']==t("Update")){
$r = q("UPDATE oauth_clients SET
client_name = '%s',
client_id = '%s',
client_secret = '%s',
redirect_uri = '%s',
@ -56,17 +58,19 @@ class Oauth2 {
user_id = %d
WHERE client_id='%s' and user_id = %s",
dbesc($name),
dbesc($clid),
dbesc($secret),
dbesc($redirect),
dbesc($grant),
dbesc($scope),
intval(local_channel()),
dbesc($name),
intval(local_channel()));
dbesc($clid),
intval(local_channel()));
} else {
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
VALUES ('%s','%s','%s','%s','%s',%d)",
$r = q("INSERT INTO oauth_clients (client_name, client_id, client_secret, redirect_uri, grant_types, scope, user_id)
VALUES ('%s','%s','%s','%s','%s','%s',%d)",
dbesc($name),
dbesc($clid),
dbesc($secret),
dbesc($redirect),
dbesc($grant),
@ -95,6 +99,7 @@ class Oauth2 {
'$submit' => t('Submit'),
'$cancel' => t('Cancel'),
'$name' => array('name', t('Name'), '', t('Name of application')),
'$clid' => array('clid', t('Consumer ID'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
'$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
'$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
'$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application specifically requires this')),
@ -122,7 +127,8 @@ class Oauth2 {
'$title' => t('Add application'),
'$submit' => t('Update'),
'$cancel' => t('Cancel'),
'$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
'$name' => array('name', t('Name'), $app['client_name'], t('Name of application')),
'$clid' => array('clid', t('Consumer ID'), $app['client_id'], t('Automatically generated - change if desired. Max length 20')),
'$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
'$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')),

34
Zotlabs/Update/_1234.php Normal file
View file

@ -0,0 +1,34 @@
<?php
namespace Zotlabs\Update;
class _1234 {
function run() {
q("START TRANSACTION");
$r = q("ALTER TABLE oauth_clients ADD client_name VARCHAR(80) ");
if($r) {
q("COMMIT");
return UPDATE_SUCCESS;
}
q("ROLLBACK");
return UPDATE_FAILED;
}
function verify() {
$columns = db_columns('oauth_clients');
if(in_array('client_name',$columns)) {
return true;
}
return false;
}
}

2
boot.php
View file

@ -48,7 +48,7 @@ require_once('include/items.php');
define ( 'STD_VERSION', '3.5' );
define ( 'ZOT_REVISION', '6.0' );
define ( 'DB_UPDATE_VERSION', 1233 );
define ( 'DB_UPDATE_VERSION', 1234 );
define ( 'PLATFORM_NAME', 'zap' );
define ( 'PLATFORM_ARCHITECTURE', 'zap' );

4
include/api.php
View file

@ -203,8 +203,8 @@ require_once('include/api_zot.php');
$grant_types = trim($_REQUEST['grant_types']);
$scope = trim($_REQUEST['scope']);
$icon = trim($_REQUEST['logo_uri']);
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
VALUES ( '%s', '%s', '%s', '%s', '%s', '%s' ) ",
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id, client_name)
VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
dbesc($key),
dbesc($secret),
dbesc($redirect),

2
include/text.php
View file

@ -2122,6 +2122,7 @@ function trim_and_unpunify($s) {
*/
function xchan_query(&$items, $abook = true, $effective_uid = 0) {
$arr = array();
if($items && count($items)) {
if($effective_uid) {
@ -2155,6 +2156,7 @@ function xchan_query(&$items, $abook = true, $effective_uid = 0) {
else
$chans = array_merge($xchans,$chans);
}
if($items && count($items) && $chans && count($chans)) {
for($x = 0; $x < count($items); $x ++) {
$items[$x]['owner'] = find_xchan_in_array($items[$x]['owner_xchan'],$chans);

1
install/schema_mysql.sql
View file

@ -1591,6 +1591,7 @@ CREATE TABLE if not exists oauth_clients (
grant_types VARCHAR(80),
scope VARCHAR(4000),
user_id int(10) unsigned NOT NULL DEFAULT 0,
client_name VARCHAR(80),
PRIMARY KEY (client_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

1
install/schema_postgres.sql
View file

@ -1620,6 +1620,7 @@ CREATE TABLE oauth_clients (
grant_types VARCHAR(80),
scope VARCHAR(4000),
user_id bigint NOT NULL DEFAULT '0',
client_name VARCHAR(80),
PRIMARY KEY (client_id)
);

2
view/tpl/settings_oauth2.tpl
View file

@ -18,7 +18,7 @@
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
<input type='hidden' name='name' value='{{$app.client_id}}'>
<div class='oauthapp'>
{{if $app.client_id}}<h4>{{$app.client_id}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
{{if $app.client_name}}<h4>{{$app.client_name}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
{{if $app.my}}
{{if $app.oauth_token}}
<div class="settings-submit-wrapper" ><button class="settings-submit" type="submit" name="remove" value="{{$app.oauth_token}}">{{$remove}}</button></div>

1
view/tpl/settings_oauth2_edit.tpl
View file

@ -6,6 +6,7 @@
<form method="POST">
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
{{include file="field_input.tpl" field=$name}}
{{include file="field_input.tpl" field=$clid}}
{{include file="field_input.tpl" field=$secret}}
{{include file="field_input.tpl" field=$redirect}}
{{include file="field_input.tpl" field=$grant}}