mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 16:35:19 +00:00
add client_name to oauth2 storage
This commit is contained in:
parent
9ed24ff6d4
commit
79fbccdce7
11 changed files with 97 additions and 13 deletions
|
@ -137,4 +137,35 @@ class OAuth2Storage extends \OAuth2\Storage\Pdo {
|
|||
return true;
|
||||
}
|
||||
|
||||
public function setClientDetails($client_id, $client_secret = null, $redirect_uri = null, $grant_types = null, $scope = null, $user_id = null, $client_name = null)
|
||||
{
|
||||
// if it exists, update it.
|
||||
if ($this->getClientDetails($client_id)) {
|
||||
$stmt = $this->db->prepare($sql = sprintf('UPDATE %s SET client_secret=:client_secret, redirect_uri=:redirect_uri, grant_types=:grant_types, scope=:scope, user_id=:user_id, client_name=:client_name where client_id=:client_id', $this->config['client_table']));
|
||||
} else {
|
||||
$stmt = $this->db->prepare(sprintf('INSERT INTO %s (client_id, client_secret, redirect_uri, grant_types, scope, user_id, client_name) VALUES (:client_id, :client_secret, :redirect_uri, :grant_types, :scope, :user_id, :client_name)', $this->config['client_table']));
|
||||
}
|
||||
|
||||
return $stmt->execute(compact('client_id', 'client_secret', 'redirect_uri', 'grant_types', 'scope', 'user_id', 'client_name'));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
public function checkRestrictedGrantType($client_id, $grant_type)
|
||||
{
|
||||
$details = $this->getClientDetails($client_id);
|
||||
if ($details['grant_types']) {
|
||||
$grant_types = explode(' ', $details['grant_types']);
|
||||
return in_array($grant_type, (array) $grant_types);
|
||||
}
|
||||
|
||||
// if grant_types are not defined, then none are restricted
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -50,13 +50,21 @@ class Authorize extends \Zotlabs\Web\Controller {
|
|||
// TODO: The automatic client registration protocol below should adhere more
|
||||
// closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
|
||||
// at https://tools.ietf.org/html/rfc7591
|
||||
|
||||
|
||||
// If no client_id was provided, generate a new one.
|
||||
if (x($_POST, 'client_name')) {
|
||||
$client_name = $_POST['client_name'];
|
||||
} else {
|
||||
$client_name = $_POST['client_name'] = EMPTY_STR;
|
||||
}
|
||||
|
||||
// If no client_id was provided, generate a new one.
|
||||
if (x($_POST, 'client_id')) {
|
||||
$client_id = $_POST['client_id'];
|
||||
} else {
|
||||
$client_id = $_POST['client_id'] = random_string(16);
|
||||
}
|
||||
|
||||
// If no redirect_uri was provided, generate a fake one.
|
||||
if (x($_POST, 'redirect_uri')) {
|
||||
$redirect_uri = $_POST['redirect_uri'];
|
||||
|
@ -76,7 +84,7 @@ class Authorize extends \Zotlabs\Web\Controller {
|
|||
// Until "Dynamic Client Registration" is pursued - allow new clients to assign their own secret in the REQUEST
|
||||
$client_secret = (isset($_REQUEST['client_secret'])) ? $_REQUEST['client_secret'] : random_string(16);
|
||||
// Client apps are registered per channel
|
||||
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', $_REQUEST['scope'], $user_id);
|
||||
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, $_REQUEST['grant_types'], $_REQUEST['scope'], $user_id, $client_name);
|
||||
}
|
||||
if (!$client = $storage->getClientDetails($client_id)) {
|
||||
// There was an error registering the client.
|
||||
|
|
|
@ -34,20 +34,22 @@ class Oauth2 {
|
|||
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
|
||||
|
||||
$name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
|
||||
$clid = ((x($_POST,'clid')) ? escape_tags(trim($_POST['clid'])) : '');
|
||||
$secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
|
||||
$redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
|
||||
$grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
|
||||
$scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
|
||||
|
||||
$ok = true;
|
||||
if($name == '' || $secret == '') {
|
||||
if($clid == '' || $secret == '') {
|
||||
$ok = false;
|
||||
notice( t('Name and Secret are required') . EOL);
|
||||
notice( t('ID and Secret are required') . EOL);
|
||||
}
|
||||
|
||||
if($ok) {
|
||||
if ($_POST['submit']==t("Update")){
|
||||
$r = q("UPDATE oauth_clients SET
|
||||
client_name = '%s',
|
||||
client_id = '%s',
|
||||
client_secret = '%s',
|
||||
redirect_uri = '%s',
|
||||
|
@ -56,17 +58,19 @@ class Oauth2 {
|
|||
user_id = %d
|
||||
WHERE client_id='%s' and user_id = %s",
|
||||
dbesc($name),
|
||||
dbesc($clid),
|
||||
dbesc($secret),
|
||||
dbesc($redirect),
|
||||
dbesc($grant),
|
||||
dbesc($scope),
|
||||
intval(local_channel()),
|
||||
dbesc($name),
|
||||
intval(local_channel()));
|
||||
dbesc($clid),
|
||||
intval(local_channel()));
|
||||
} else {
|
||||
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
|
||||
VALUES ('%s','%s','%s','%s','%s',%d)",
|
||||
$r = q("INSERT INTO oauth_clients (client_name, client_id, client_secret, redirect_uri, grant_types, scope, user_id)
|
||||
VALUES ('%s','%s','%s','%s','%s','%s',%d)",
|
||||
dbesc($name),
|
||||
dbesc($clid),
|
||||
dbesc($secret),
|
||||
dbesc($redirect),
|
||||
dbesc($grant),
|
||||
|
@ -95,6 +99,7 @@ class Oauth2 {
|
|||
'$submit' => t('Submit'),
|
||||
'$cancel' => t('Cancel'),
|
||||
'$name' => array('name', t('Name'), '', t('Name of application')),
|
||||
'$clid' => array('clid', t('Consumer ID'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
|
||||
'$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
|
||||
'$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
|
||||
'$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application specifically requires this')),
|
||||
|
@ -122,7 +127,8 @@ class Oauth2 {
|
|||
'$title' => t('Add application'),
|
||||
'$submit' => t('Update'),
|
||||
'$cancel' => t('Cancel'),
|
||||
'$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
|
||||
'$name' => array('name', t('Name'), $app['client_name'], t('Name of application')),
|
||||
'$clid' => array('clid', t('Consumer ID'), $app['client_id'], t('Automatically generated - change if desired. Max length 20')),
|
||||
'$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
|
||||
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
|
||||
'$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')),
|
||||
|
|
34
Zotlabs/Update/_1234.php
Normal file
34
Zotlabs/Update/_1234.php
Normal file
|
@ -0,0 +1,34 @@
|
|||
<?php
|
||||
|
||||
namespace Zotlabs\Update;
|
||||
|
||||
class _1234 {
|
||||
|
||||
function run() {
|
||||
|
||||
q("START TRANSACTION");
|
||||
|
||||
$r = q("ALTER TABLE oauth_clients ADD client_name VARCHAR(80) ");
|
||||
|
||||
if($r) {
|
||||
q("COMMIT");
|
||||
return UPDATE_SUCCESS;
|
||||
}
|
||||
|
||||
q("ROLLBACK");
|
||||
return UPDATE_FAILED;
|
||||
|
||||
}
|
||||
|
||||
function verify() {
|
||||
|
||||
$columns = db_columns('oauth_clients');
|
||||
|
||||
if(in_array('client_name',$columns)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
2
boot.php
2
boot.php
|
@ -48,7 +48,7 @@ require_once('include/items.php');
|
|||
define ( 'STD_VERSION', '3.5' );
|
||||
define ( 'ZOT_REVISION', '6.0' );
|
||||
|
||||
define ( 'DB_UPDATE_VERSION', 1233 );
|
||||
define ( 'DB_UPDATE_VERSION', 1234 );
|
||||
|
||||
define ( 'PLATFORM_NAME', 'zap' );
|
||||
define ( 'PLATFORM_ARCHITECTURE', 'zap' );
|
||||
|
|
|
@ -203,8 +203,8 @@ require_once('include/api_zot.php');
|
|||
$grant_types = trim($_REQUEST['grant_types']);
|
||||
$scope = trim($_REQUEST['scope']);
|
||||
$icon = trim($_REQUEST['logo_uri']);
|
||||
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
|
||||
VALUES ( '%s', '%s', '%s', '%s', '%s', '%s' ) ",
|
||||
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id, client_name)
|
||||
VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
|
||||
dbesc($key),
|
||||
dbesc($secret),
|
||||
dbesc($redirect),
|
||||
|
|
|
@ -2122,6 +2122,7 @@ function trim_and_unpunify($s) {
|
|||
*/
|
||||
function xchan_query(&$items, $abook = true, $effective_uid = 0) {
|
||||
$arr = array();
|
||||
|
||||
if($items && count($items)) {
|
||||
|
||||
if($effective_uid) {
|
||||
|
@ -2155,6 +2156,7 @@ function xchan_query(&$items, $abook = true, $effective_uid = 0) {
|
|||
else
|
||||
$chans = array_merge($xchans,$chans);
|
||||
}
|
||||
|
||||
if($items && count($items) && $chans && count($chans)) {
|
||||
for($x = 0; $x < count($items); $x ++) {
|
||||
$items[$x]['owner'] = find_xchan_in_array($items[$x]['owner_xchan'],$chans);
|
||||
|
|
|
@ -1591,6 +1591,7 @@ CREATE TABLE if not exists oauth_clients (
|
|||
grant_types VARCHAR(80),
|
||||
scope VARCHAR(4000),
|
||||
user_id int(10) unsigned NOT NULL DEFAULT 0,
|
||||
client_name VARCHAR(80),
|
||||
PRIMARY KEY (client_id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
|
||||
|
||||
|
|
|
@ -1620,6 +1620,7 @@ CREATE TABLE oauth_clients (
|
|||
grant_types VARCHAR(80),
|
||||
scope VARCHAR(4000),
|
||||
user_id bigint NOT NULL DEFAULT '0',
|
||||
client_name VARCHAR(80),
|
||||
PRIMARY KEY (client_id)
|
||||
);
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||
<input type='hidden' name='name' value='{{$app.client_id}}'>
|
||||
<div class='oauthapp'>
|
||||
{{if $app.client_id}}<h4>{{$app.client_id}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
|
||||
{{if $app.client_name}}<h4>{{$app.client_name}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
|
||||
{{if $app.my}}
|
||||
{{if $app.oauth_token}}
|
||||
<div class="settings-submit-wrapper" ><button class="settings-submit" type="submit" name="remove" value="{{$app.oauth_token}}">{{$remove}}</button></div>
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
<form method="POST">
|
||||
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||
{{include file="field_input.tpl" field=$name}}
|
||||
{{include file="field_input.tpl" field=$clid}}
|
||||
{{include file="field_input.tpl" field=$secret}}
|
||||
{{include file="field_input.tpl" field=$redirect}}
|
||||
{{include file="field_input.tpl" field=$grant}}
|
||||
|
|
Loading…
Reference in a new issue