mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 23:35:12 +00:00
remove external composer packages
This commit is contained in:
parent
5a368a86cd
commit
92d749a2ea
4741 changed files with 1 additions and 970590 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -76,7 +76,7 @@ composer.phar
|
||||||
!composer.lock
|
!composer.lock
|
||||||
# vendor/ is managed by composer, no need to include in our repository
|
# vendor/ is managed by composer, no need to include in our repository
|
||||||
# requires new deployment and needs discussion first
|
# requires new deployment and needs discussion first
|
||||||
#vendor/
|
vendor/
|
||||||
# Exclude at least some vendor test files, examples, etc. so far
|
# Exclude at least some vendor test files, examples, etc. so far
|
||||||
vendor/**/tests/
|
vendor/**/tests/
|
||||||
vendor/**/Test/
|
vendor/**/Test/
|
||||||
|
|
7
vendor/autoload.php
vendored
7
vendor/autoload.php
vendored
|
@ -1,7 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
// autoload.php @generated by Composer
|
|
||||||
|
|
||||||
require_once __DIR__ . '/composer/autoload_real.php';
|
|
||||||
|
|
||||||
return ComposerAutoloaderInit7b34d7e50a62201ec5d5e526a5b8b35d::getLoader();
|
|
1
vendor/bin/generate_vcards
vendored
1
vendor/bin/generate_vcards
vendored
|
@ -1 +0,0 @@
|
||||||
../sabre/vobject/bin/generate_vcards
|
|
1
vendor/bin/html-to-markdown
vendored
1
vendor/bin/html-to-markdown
vendored
|
@ -1 +0,0 @@
|
||||||
../league/html-to-markdown/bin/html-to-markdown
|
|
1
vendor/bin/naturalselection
vendored
1
vendor/bin/naturalselection
vendored
|
@ -1 +0,0 @@
|
||||||
../sabre/dav/bin/naturalselection
|
|
1
vendor/bin/sabredav
vendored
1
vendor/bin/sabredav
vendored
|
@ -1 +0,0 @@
|
||||||
../sabre/dav/bin/sabredav
|
|
1
vendor/bin/vobject
vendored
1
vendor/bin/vobject
vendored
|
@ -1 +0,0 @@
|
||||||
../sabre/vobject/bin/vobject
|
|
1
vendor/bin/yaml-lint
vendored
1
vendor/bin/yaml-lint
vendored
|
@ -1 +0,0 @@
|
||||||
../symfony/yaml/Resources/bin/yaml-lint
|
|
|
@ -1 +0,0 @@
|
||||||
github: [blueimp]
|
|
|
@ -1,80 +0,0 @@
|
||||||
name: Test
|
|
||||||
|
|
||||||
on: [push, pull_request]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
lint:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
strategy:
|
|
||||||
matrix:
|
|
||||||
node-version: [14, 16]
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
- uses: actions/setup-node@v2
|
|
||||||
with:
|
|
||||||
node-version: ${{ matrix.node-version }}
|
|
||||||
- run: npm install
|
|
||||||
- run: npm run lint
|
|
||||||
|
|
||||||
mocha:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
- name: chmod
|
|
||||||
run: chmod -R 777 server/php/files
|
|
||||||
- name: docker-compose build
|
|
||||||
run: docker-compose build example mocha
|
|
||||||
- name: mocha
|
|
||||||
run: docker-compose run --rm mocha
|
|
||||||
- name: docker-compose logs
|
|
||||||
if: always()
|
|
||||||
run: docker-compose logs example
|
|
||||||
- name: docker-compose down
|
|
||||||
if: always()
|
|
||||||
run: docker-compose down -v
|
|
||||||
|
|
||||||
wdio-chrome:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
- name: chmod
|
|
||||||
run: chmod -R 777 server/php/files wdio/reports
|
|
||||||
- name: docker-compose build
|
|
||||||
run: docker-compose build example
|
|
||||||
- name: wdio chrome
|
|
||||||
run: docker-compose run --rm wdio
|
|
||||||
- name: docker-compose logs
|
|
||||||
if: always()
|
|
||||||
run: docker-compose logs example
|
|
||||||
- name: docker-compose down
|
|
||||||
if: always()
|
|
||||||
run: docker-compose down -v
|
|
||||||
- name: Upload reports
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: reports
|
|
||||||
path: wdio/reports
|
|
||||||
|
|
||||||
wdio-firefox:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
- name: chmod
|
|
||||||
run: chmod -R 777 server/php/files wdio/reports
|
|
||||||
- name: docker-compose build
|
|
||||||
run: docker-compose build example
|
|
||||||
- name: wdio firefox
|
|
||||||
run: docker-compose run --rm wdio conf/firefox.js
|
|
||||||
- name: docker-compose logs
|
|
||||||
if: always()
|
|
||||||
run: docker-compose logs example
|
|
||||||
- name: docker-compose down
|
|
||||||
if: always()
|
|
||||||
run: docker-compose down -v
|
|
||||||
- name: Upload reports
|
|
||||||
if: always()
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: reports
|
|
||||||
path: wdio/reports
|
|
3
vendor/blueimp/jquery-file-upload/.gitignore
vendored
3
vendor/blueimp/jquery-file-upload/.gitignore
vendored
|
@ -1,3 +0,0 @@
|
||||||
*.pyc
|
|
||||||
.env
|
|
||||||
node_modules
|
|
20
vendor/blueimp/jquery-file-upload/LICENSE.txt
vendored
20
vendor/blueimp/jquery-file-upload/LICENSE.txt
vendored
|
@ -1,20 +0,0 @@
|
||||||
MIT License
|
|
||||||
|
|
||||||
Copyright © 2010 Sebastian Tschan, https://blueimp.net
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
|
||||||
this software and associated documentation files (the "Software"), to deal in
|
|
||||||
the Software without restriction, including without limitation the rights to
|
|
||||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
|
||||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
|
||||||
subject to the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be included in all
|
|
||||||
copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
|
||||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
|
||||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
|
||||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
||||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
224
vendor/blueimp/jquery-file-upload/README.md
vendored
224
vendor/blueimp/jquery-file-upload/README.md
vendored
|
@ -1,224 +0,0 @@
|
||||||
# jQuery File Upload
|
|
||||||
|
|
||||||
## Contents
|
|
||||||
|
|
||||||
- [Description](#description)
|
|
||||||
- [Demo](#demo)
|
|
||||||
- [Features](#features)
|
|
||||||
- [Security](#security)
|
|
||||||
- [Setup](#setup)
|
|
||||||
- [Requirements](#requirements)
|
|
||||||
- [Mandatory requirements](#mandatory-requirements)
|
|
||||||
- [Optional requirements](#optional-requirements)
|
|
||||||
- [Cross-domain requirements](#cross-domain-requirements)
|
|
||||||
- [Browsers](#browsers)
|
|
||||||
- [Desktop browsers](#desktop-browsers)
|
|
||||||
- [Mobile browsers](#mobile-browsers)
|
|
||||||
- [Extended browser support information](#extended-browser-support-information)
|
|
||||||
- [Testing](#testing)
|
|
||||||
- [Support](#support)
|
|
||||||
- [License](#license)
|
|
||||||
|
|
||||||
## Description
|
|
||||||
|
|
||||||
> File Upload widget with multiple file selection, drag&drop support, progress
|
|
||||||
> bars, validation and preview images, audio and video for jQuery.
|
|
||||||
> Supports cross-domain, chunked and resumable file uploads and client-side
|
|
||||||
> image resizing.
|
|
||||||
> Works with any server-side platform (PHP, Python, Ruby on Rails, Java,
|
|
||||||
> Node.js, Go etc.) that supports standard HTML form file uploads.
|
|
||||||
|
|
||||||
## Demo
|
|
||||||
|
|
||||||
[Demo File Upload](https://blueimp.github.io/jQuery-File-Upload/)
|
|
||||||
|
|
||||||
## Features
|
|
||||||
|
|
||||||
- **Multiple file upload:**
|
|
||||||
Allows to select multiple files at once and upload them simultaneously.
|
|
||||||
- **Drag & Drop support:**
|
|
||||||
Allows to upload files by dragging them from your desktop or file manager and
|
|
||||||
dropping them on your browser window.
|
|
||||||
- **Upload progress bar:**
|
|
||||||
Shows a progress bar indicating the upload progress for individual files and
|
|
||||||
for all uploads combined.
|
|
||||||
- **Cancelable uploads:**
|
|
||||||
Individual file uploads can be canceled to stop the upload progress.
|
|
||||||
- **Resumable uploads:**
|
|
||||||
Aborted uploads can be resumed with browsers supporting the Blob API.
|
|
||||||
- **Chunked uploads:**
|
|
||||||
Large files can be uploaded in smaller chunks with browsers supporting the
|
|
||||||
Blob API.
|
|
||||||
- **Client-side image resizing:**
|
|
||||||
Images can be automatically resized on client-side with browsers supporting
|
|
||||||
the required JS APIs.
|
|
||||||
- **Preview images, audio and video:**
|
|
||||||
A preview of image, audio and video files can be displayed before uploading
|
|
||||||
with browsers supporting the required APIs.
|
|
||||||
- **No browser plugins (e.g. Adobe Flash) required:**
|
|
||||||
The implementation is based on open standards like HTML5 and JavaScript and
|
|
||||||
requires no additional browser plugins.
|
|
||||||
- **Graceful fallback for legacy browsers:**
|
|
||||||
Uploads files via XMLHttpRequests if supported and uses iframes as fallback
|
|
||||||
for legacy browsers.
|
|
||||||
- **HTML file upload form fallback:**
|
|
||||||
Allows progressive enhancement by using a standard HTML file upload form as
|
|
||||||
widget element.
|
|
||||||
- **Cross-site file uploads:**
|
|
||||||
Supports uploading files to a different domain with cross-site XMLHttpRequests
|
|
||||||
or iframe redirects.
|
|
||||||
- **Multiple plugin instances:**
|
|
||||||
Allows to use multiple plugin instances on the same webpage.
|
|
||||||
- **Customizable and extensible:**
|
|
||||||
Provides an API to set individual options and define callback methods for
|
|
||||||
various upload events.
|
|
||||||
- **Multipart and file contents stream uploads:**
|
|
||||||
Files can be uploaded as standard "multipart/form-data" or file contents
|
|
||||||
stream (HTTP PUT file upload).
|
|
||||||
- **Compatible with any server-side application platform:**
|
|
||||||
Works with any server-side platform (PHP, Python, Ruby on Rails, Java,
|
|
||||||
Node.js, Go etc.) that supports standard HTML form file uploads.
|
|
||||||
|
|
||||||
## Security
|
|
||||||
|
|
||||||
⚠️ Please read the [VULNERABILITIES](VULNERABILITIES.md) document for a list of
|
|
||||||
fixed vulnerabilities
|
|
||||||
|
|
||||||
Please also read the [SECURITY](SECURITY.md) document for instructions on how to
|
|
||||||
securely configure your Web server for file uploads.
|
|
||||||
|
|
||||||
## Setup
|
|
||||||
|
|
||||||
jQuery File Upload can be installed via [NPM](https://www.npmjs.com/):
|
|
||||||
|
|
||||||
```sh
|
|
||||||
npm install blueimp-file-upload
|
|
||||||
```
|
|
||||||
|
|
||||||
This allows you to include [jquery.fileupload.js](js/jquery.fileupload.js) and
|
|
||||||
its extensions via `node_modules`, e.g:
|
|
||||||
|
|
||||||
```html
|
|
||||||
<script src="node_modules/blueimp-file-upload/js/jquery.fileupload.js"></script>
|
|
||||||
```
|
|
||||||
|
|
||||||
The widget can then be initialized on a file upload form the following way:
|
|
||||||
|
|
||||||
```js
|
|
||||||
$('#fileupload').fileupload();
|
|
||||||
```
|
|
||||||
|
|
||||||
For further information, please refer to the following guides:
|
|
||||||
|
|
||||||
- [Main documentation page](https://github.com/blueimp/jQuery-File-Upload/wiki)
|
|
||||||
- [List of all available Options](https://github.com/blueimp/jQuery-File-Upload/wiki/Options)
|
|
||||||
- [The plugin API](https://github.com/blueimp/jQuery-File-Upload/wiki/API)
|
|
||||||
- [How to setup the plugin on your website](https://github.com/blueimp/jQuery-File-Upload/wiki/Setup)
|
|
||||||
- [How to use only the basic plugin.](https://github.com/blueimp/jQuery-File-Upload/wiki/Basic-plugin)
|
|
||||||
|
|
||||||
## Requirements
|
|
||||||
|
|
||||||
### Mandatory requirements
|
|
||||||
|
|
||||||
- [jQuery](https://jquery.com/) v1.7+
|
|
||||||
- [jQuery UI widget factory](https://api.jqueryui.com/jQuery.widget/) v1.9+
|
|
||||||
(included): Required for the basic File Upload plugin, but very lightweight
|
|
||||||
without any other dependencies from the jQuery UI suite.
|
|
||||||
- [jQuery Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js)
|
|
||||||
(included): Required for
|
|
||||||
[browsers without XHR file upload support](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support).
|
|
||||||
|
|
||||||
### Optional requirements
|
|
||||||
|
|
||||||
- [JavaScript Templates engine](https://github.com/blueimp/JavaScript-Templates)
|
|
||||||
v3+: Used to render the selected and uploaded files.
|
|
||||||
- [JavaScript Load Image library](https://github.com/blueimp/JavaScript-Load-Image)
|
|
||||||
v2+: Required for the image previews and resizing functionality.
|
|
||||||
- [JavaScript Canvas to Blob polyfill](https://github.com/blueimp/JavaScript-Canvas-to-Blob)
|
|
||||||
v3+:Required for the resizing functionality.
|
|
||||||
- [blueimp Gallery](https://github.com/blueimp/Gallery) v2+: Used to display the
|
|
||||||
uploaded images in a lightbox.
|
|
||||||
- [Bootstrap](https://getbootstrap.com/) v3+: Used for the demo design.
|
|
||||||
- [Glyphicons](https://glyphicons.com/) Icon set used by Bootstrap.
|
|
||||||
|
|
||||||
### Cross-domain requirements
|
|
||||||
|
|
||||||
[Cross-domain File Uploads](https://github.com/blueimp/jQuery-File-Upload/wiki/Cross-domain-uploads)
|
|
||||||
using the
|
|
||||||
[Iframe Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/jquery.iframe-transport.js)
|
|
||||||
require a redirect back to the origin server to retrieve the upload results. The
|
|
||||||
[example implementation](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/main.js)
|
|
||||||
makes use of
|
|
||||||
[result.html](https://github.com/blueimp/jQuery-File-Upload/blob/master/cors/result.html)
|
|
||||||
as a static redirect page for the origin server.
|
|
||||||
|
|
||||||
The repository also includes the
|
|
||||||
[jQuery XDomainRequest Transport plugin](https://github.com/blueimp/jQuery-File-Upload/blob/master/js/cors/jquery.xdr-transport.js),
|
|
||||||
which enables limited cross-domain AJAX requests in Microsoft Internet Explorer
|
|
||||||
8 and 9 (IE 10 supports cross-domain XHR requests).
|
|
||||||
The XDomainRequest object allows GET and POST requests only and doesn't support
|
|
||||||
file uploads. It is used on the
|
|
||||||
[Demo](https://blueimp.github.io/jQuery-File-Upload/) to delete uploaded files
|
|
||||||
from the cross-domain demo file upload service.
|
|
||||||
|
|
||||||
## Browsers
|
|
||||||
|
|
||||||
### Desktop browsers
|
|
||||||
|
|
||||||
The File Upload plugin is regularly tested with the latest browser versions and
|
|
||||||
supports the following minimal versions:
|
|
||||||
|
|
||||||
- Google Chrome
|
|
||||||
- Apple Safari 4.0+
|
|
||||||
- Mozilla Firefox 3.0+
|
|
||||||
- Opera 11.0+
|
|
||||||
- Microsoft Internet Explorer 6.0+
|
|
||||||
|
|
||||||
### Mobile browsers
|
|
||||||
|
|
||||||
The File Upload plugin has been tested with and supports the following mobile
|
|
||||||
browsers:
|
|
||||||
|
|
||||||
- Apple Safari on iOS 6.0+
|
|
||||||
- Google Chrome on iOS 6.0+
|
|
||||||
- Google Chrome on Android 4.0+
|
|
||||||
- Default Browser on Android 2.3+
|
|
||||||
- Opera Mobile 12.0+
|
|
||||||
|
|
||||||
### Extended browser support information
|
|
||||||
|
|
||||||
For a detailed overview of the features supported by each browser version and
|
|
||||||
known operating system / browser bugs, please have a look at the
|
|
||||||
[Extended browser support information](https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support).
|
|
||||||
|
|
||||||
## Testing
|
|
||||||
|
|
||||||
The project comes with three sets of tests:
|
|
||||||
|
|
||||||
1. Code linting using [ESLint](https://eslint.org/).
|
|
||||||
2. Unit tests using [Mocha](https://mochajs.org/).
|
|
||||||
3. End-to-end tests using [blueimp/wdio](https://github.com/blueimp/wdio).
|
|
||||||
|
|
||||||
To run the tests, follow these steps:
|
|
||||||
|
|
||||||
1. Start [Docker](https://docs.docker.com/).
|
|
||||||
2. Install development dependencies:
|
|
||||||
```sh
|
|
||||||
npm install
|
|
||||||
```
|
|
||||||
3. Run the tests:
|
|
||||||
```sh
|
|
||||||
npm test
|
|
||||||
```
|
|
||||||
|
|
||||||
## Support
|
|
||||||
|
|
||||||
This project is actively maintained, but there is no official support channel.
|
|
||||||
If you have a question that another developer might help you with, please post
|
|
||||||
to
|
|
||||||
[Stack Overflow](https://stackoverflow.com/questions/tagged/blueimp+jquery+file-upload)
|
|
||||||
and tag your question with `blueimp jquery file upload`.
|
|
||||||
|
|
||||||
## License
|
|
||||||
|
|
||||||
Released under the [MIT license](https://opensource.org/licenses/MIT).
|
|
227
vendor/blueimp/jquery-file-upload/SECURITY.md
vendored
227
vendor/blueimp/jquery-file-upload/SECURITY.md
vendored
|
@ -1,227 +0,0 @@
|
||||||
# File Upload Security
|
|
||||||
|
|
||||||
## Contents
|
|
||||||
|
|
||||||
- [Introduction](#introduction)
|
|
||||||
- [Purpose of this project](#purpose-of-this-project)
|
|
||||||
- [Mitigations against file upload risks](#mitigations-against-file-upload-risks)
|
|
||||||
- [Prevent code execution on the server](#prevent-code-execution-on-the-server)
|
|
||||||
- [Prevent code execution in the browser](#prevent-code-execution-in-the-browser)
|
|
||||||
- [Prevent distribution of malware](#prevent-distribution-of-malware)
|
|
||||||
- [Secure file upload serving configurations](#secure-file-upload-serving-configurations)
|
|
||||||
- [Apache config](#apache-config)
|
|
||||||
- [NGINX config](#nginx-config)
|
|
||||||
- [Secure image processing configurations](#secure-image-processing-configurations)
|
|
||||||
- [ImageMagick config](#imagemagick-config)
|
|
||||||
|
|
||||||
## Introduction
|
|
||||||
|
|
||||||
For an in-depth understanding of the potential security risks of providing file
|
|
||||||
uploads and possible mitigations, please refer to the
|
|
||||||
[OWASP - Unrestricted File Upload](https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload)
|
|
||||||
documentation.
|
|
||||||
|
|
||||||
To securely setup the project to serve uploaded files, please refer to the
|
|
||||||
sample
|
|
||||||
[Secure file upload serving configurations](#secure-file-upload-serving-configurations).
|
|
||||||
|
|
||||||
To mitigate potential vulnerabilities in image processing libraries, please
|
|
||||||
refer to the
|
|
||||||
[Secure image processing configurations](#secure-image-processing-configurations).
|
|
||||||
|
|
||||||
By default, all sample upload handlers allow only upload of image files, which
|
|
||||||
mitigates some attack vectors, but should not be relied on as the only
|
|
||||||
protection.
|
|
||||||
|
|
||||||
Please also have a look at the
|
|
||||||
[list of fixed vulnerabilities](VULNERABILITIES.md) in jQuery File Upload, which
|
|
||||||
relates mostly to the sample server-side upload handlers and how they have been
|
|
||||||
configured.
|
|
||||||
|
|
||||||
## Purpose of this project
|
|
||||||
|
|
||||||
Please note that this project is not a complete file management product, but
|
|
||||||
foremost a client-side file upload library for [jQuery](https://jquery.com/).
|
|
||||||
The server-side sample upload handlers are just examples to demonstrate the
|
|
||||||
client-side file upload functionality.
|
|
||||||
|
|
||||||
To make this very clear, there is **no user authentication** by default:
|
|
||||||
|
|
||||||
- **everyone can upload files**
|
|
||||||
- **everyone can delete uploaded files**
|
|
||||||
|
|
||||||
In some cases this can be acceptable, but for most projects you will want to
|
|
||||||
extend the sample upload handlers to integrate user authentication, or implement
|
|
||||||
your own.
|
|
||||||
|
|
||||||
It is also up to you to configure your web server to securely serve the uploaded
|
|
||||||
files, e.g. using the
|
|
||||||
[sample server configurations](#secure-file-upload-serving-configurations).
|
|
||||||
|
|
||||||
## Mitigations against file upload risks
|
|
||||||
|
|
||||||
### Prevent code execution on the server
|
|
||||||
|
|
||||||
To prevent execution of scripts or binaries on server-side, the upload directory
|
|
||||||
must be configured to not execute files in the upload directory (e.g.
|
|
||||||
`server/php/files` as the default for the PHP upload handler) and only treat
|
|
||||||
uploaded files as static content.
|
|
||||||
|
|
||||||
The recommended way to do this is to configure the upload directory path to
|
|
||||||
point outside of the web application root.
|
|
||||||
Then the web server can be configured to serve files from the upload directory
|
|
||||||
with their default static files handler only.
|
|
||||||
|
|
||||||
Limiting file uploads to a whitelist of safe file types (e.g. image files) also
|
|
||||||
mitigates this issue, but should not be the only protection.
|
|
||||||
|
|
||||||
### Prevent code execution in the browser
|
|
||||||
|
|
||||||
To prevent execution of scripts on client-side, the following headers must be
|
|
||||||
sent when delivering generic uploaded files to the client:
|
|
||||||
|
|
||||||
```
|
|
||||||
Content-Type: application/octet-stream
|
|
||||||
X-Content-Type-Options: nosniff
|
|
||||||
```
|
|
||||||
|
|
||||||
The `Content-Type: application/octet-stream` header instructs browsers to
|
|
||||||
display a download dialog instead of parsing it and possibly executing script
|
|
||||||
content e.g. in HTML files.
|
|
||||||
|
|
||||||
The `X-Content-Type-Options: nosniff` header prevents browsers to try to detect
|
|
||||||
the file mime type despite the given content-type header.
|
|
||||||
|
|
||||||
For known safe files, the content-type header can be adjusted using a
|
|
||||||
**whitelist**, e.g. sending `Content-Type: image/png` for PNG files.
|
|
||||||
|
|
||||||
### Prevent distribution of malware
|
|
||||||
|
|
||||||
To prevent attackers from uploading and distributing malware (e.g. computer
|
|
||||||
viruses), it is recommended to limit file uploads only to a whitelist of safe
|
|
||||||
file types.
|
|
||||||
|
|
||||||
Please note that the detection of file types in the sample file upload handlers
|
|
||||||
is based on the file extension and not the actual file content. This makes it
|
|
||||||
still possible for attackers to upload malware by giving their files an image
|
|
||||||
file extension, but should prevent automatic execution on client computers when
|
|
||||||
opening those files.
|
|
||||||
|
|
||||||
It does not protect at all from exploiting vulnerabilities in image display
|
|
||||||
programs, nor from users renaming file extensions to inadvertently execute the
|
|
||||||
contained malicious code.
|
|
||||||
|
|
||||||
## Secure file upload serving configurations
|
|
||||||
|
|
||||||
The following configurations serve uploaded files as static files with the
|
|
||||||
proper headers as
|
|
||||||
[mitigation against file upload risks](#mitigations-against-file-upload-risks).
|
|
||||||
Please do not simply copy&paste these configurations, but make sure you
|
|
||||||
understand what they are doing and that you have implemented them correctly.
|
|
||||||
|
|
||||||
> Always test your own setup and make sure that it is secure!
|
|
||||||
|
|
||||||
e.g. try uploading PHP scripts (as "example.php", "example.php.png" and
|
|
||||||
"example.png") to see if they get executed by your web server, e.g. the content
|
|
||||||
of the following sample:
|
|
||||||
|
|
||||||
```php
|
|
||||||
GIF89ad <?php echo mime_content_type(__FILE__); phpinfo();
|
|
||||||
```
|
|
||||||
|
|
||||||
### Apache config
|
|
||||||
|
|
||||||
Add the following directive to the Apache config (e.g.
|
|
||||||
/etc/apache2/apache2.conf), replacing the directory path with the absolute path
|
|
||||||
to the upload directory:
|
|
||||||
|
|
||||||
```ApacheConf
|
|
||||||
<Directory "/path/to/project/server/php/files">
|
|
||||||
# Some of the directives require the Apache Headers module. If it is not
|
|
||||||
# already enabled, please execute the following command and reload Apache:
|
|
||||||
# sudo a2enmod headers
|
|
||||||
#
|
|
||||||
# Please note that the order of directives across configuration files matters,
|
|
||||||
# see also:
|
|
||||||
# https://httpd.apache.org/docs/current/sections.html#merging
|
|
||||||
|
|
||||||
# The following directive matches all files and forces them to be handled as
|
|
||||||
# static content, which prevents the server from parsing and executing files
|
|
||||||
# that are associated with a dynamic runtime, e.g. PHP files.
|
|
||||||
# It also forces their Content-Type header to "application/octet-stream" and
|
|
||||||
# adds a "Content-Disposition: attachment" header to force a download dialog,
|
|
||||||
# which prevents browsers from interpreting files in the context of the
|
|
||||||
# web server, e.g. HTML files containing JavaScript.
|
|
||||||
# Lastly it also prevents browsers from MIME-sniffing the Content-Type,
|
|
||||||
# preventing them from interpreting a file as a different Content-Type than
|
|
||||||
# the one sent by the webserver.
|
|
||||||
<FilesMatch ".*">
|
|
||||||
SetHandler default-handler
|
|
||||||
ForceType application/octet-stream
|
|
||||||
Header set Content-Disposition attachment
|
|
||||||
Header set X-Content-Type-Options nosniff
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
# The following directive matches known image files and unsets the forced
|
|
||||||
# Content-Type so they can be served with their original mime type.
|
|
||||||
# It also unsets the Content-Disposition header to allow displaying them
|
|
||||||
# inline in the browser.
|
|
||||||
<FilesMatch ".+\.(?i:(gif|jpe?g|png))$">
|
|
||||||
ForceType none
|
|
||||||
Header unset Content-Disposition
|
|
||||||
</FilesMatch>
|
|
||||||
</Directory>
|
|
||||||
```
|
|
||||||
|
|
||||||
### NGINX config
|
|
||||||
|
|
||||||
Add the following directive to the NGINX config, replacing the directory path
|
|
||||||
with the absolute path to the upload directory:
|
|
||||||
|
|
||||||
```Nginx
|
|
||||||
location ^~ /path/to/project/server/php/files {
|
|
||||||
root html;
|
|
||||||
default_type application/octet-stream;
|
|
||||||
types {
|
|
||||||
image/gif gif;
|
|
||||||
image/jpeg jpg;
|
|
||||||
image/png png;
|
|
||||||
}
|
|
||||||
add_header X-Content-Type-Options 'nosniff';
|
|
||||||
if ($request_filename ~ /(((?!\.(jpg)|(png)|(gif)$)[^/])+$)) {
|
|
||||||
add_header Content-Disposition 'attachment; filename="$1"';
|
|
||||||
# Add X-Content-Type-Options again, as using add_header in a new context
|
|
||||||
# dismisses all previous add_header calls:
|
|
||||||
add_header X-Content-Type-Options 'nosniff';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Secure image processing configurations
|
|
||||||
|
|
||||||
The following configuration mitigates
|
|
||||||
[potential image processing vulnerabilities with ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php-imagemagick)
|
|
||||||
by limiting the attack vectors to a small subset of image types
|
|
||||||
(`GIF/JPEG/PNG`).
|
|
||||||
|
|
||||||
Please also consider using alternative, safer image processing libraries like
|
|
||||||
[libvips](https://github.com/libvips/libvips) or
|
|
||||||
[imageflow](https://github.com/imazen/imageflow).
|
|
||||||
|
|
||||||
## ImageMagick config
|
|
||||||
|
|
||||||
It is recommended to disable all non-required ImageMagick coders via
|
|
||||||
[policy.xml](https://wiki.debian.org/imagemagick/security).
|
|
||||||
To do so, locate the ImageMagick `policy.xml` configuration file and add the
|
|
||||||
following policies:
|
|
||||||
|
|
||||||
```xml
|
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!-- ... -->
|
|
||||||
<policymap>
|
|
||||||
<!-- ... -->
|
|
||||||
<policy domain="delegate" rights="none" pattern="*" />
|
|
||||||
<policy domain="coder" rights="none" pattern="*" />
|
|
||||||
<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,JPG,PNG}" />
|
|
||||||
</policymap>
|
|
||||||
```
|
|
118
vendor/blueimp/jquery-file-upload/VULNERABILITIES.md
vendored
118
vendor/blueimp/jquery-file-upload/VULNERABILITIES.md
vendored
|
@ -1,118 +0,0 @@
|
||||||
# List of fixed vulnerabilities
|
|
||||||
|
|
||||||
## Contents
|
|
||||||
|
|
||||||
- [Potential vulnerabilities with PHP+ImageMagick](#potential-vulnerabilities-with-phpimagemagick)
|
|
||||||
- [Remote code execution vulnerability in the PHP component](#remote-code-execution-vulnerability-in-the-php-component)
|
|
||||||
- [Open redirect vulnerability in the GAE components](#open-redirect-vulnerability-in-the-gae-components)
|
|
||||||
- [Cross-site scripting vulnerability in the Iframe Transport](#cross-site-scripting-vulnerability-in-the-iframe-transport)
|
|
||||||
|
|
||||||
## Potential vulnerabilities with PHP+ImageMagick
|
|
||||||
|
|
||||||
> Mitigated: 2018-10-25 (GMT)
|
|
||||||
|
|
||||||
The sample [PHP upload handler](server/php/UploadHandler.php) before
|
|
||||||
[v9.25.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.25.1)
|
|
||||||
did not validate file signatures before invoking
|
|
||||||
[ImageMagick](https://www.imagemagick.org/) (via
|
|
||||||
[Imagick](https://php.net/manual/en/book.imagick.php)).
|
|
||||||
Verifying those
|
|
||||||
[magic bytes](https://en.wikipedia.org/wiki/List_of_file_signatures) mitigates
|
|
||||||
potential vulnerabilities when handling input files other than `GIF/JPEG/PNG`.
|
|
||||||
|
|
||||||
Please also configure ImageMagick to only enable the coders required for
|
|
||||||
`GIF/JPEG/PNG` processing, e.g. with the sample
|
|
||||||
[ImageMagick config](SECURITY.md#imagemagick-config).
|
|
||||||
|
|
||||||
**Further information:**
|
|
||||||
|
|
||||||
- Commit containing the mitigation:
|
|
||||||
[fe44d34](https://github.com/blueimp/jQuery-File-Upload/commit/fe44d34be43be32c6b8d507932f318dababb25dd)
|
|
||||||
- [ImageTragick](https://imagetragick.com/)
|
|
||||||
- [CERT Vulnerability Note VU#332928](https://www.kb.cert.org/vuls/id/332928)
|
|
||||||
- [ImageMagick CVE entries](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=imagemagick)
|
|
||||||
|
|
||||||
## Remote code execution vulnerability in the PHP component
|
|
||||||
|
|
||||||
> Fixed: 2018-10-23 (GMT)
|
|
||||||
|
|
||||||
The sample [PHP upload handler](server/php/UploadHandler.php) before
|
|
||||||
[v9.24.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/v9.24.1)
|
|
||||||
allowed to upload all file types by default.
|
|
||||||
This opens up a remote code execution vulnerability, unless the server is
|
|
||||||
configured to not execute (PHP) files in the upload directory
|
|
||||||
(`server/php/files`).
|
|
||||||
|
|
||||||
The provided [.htaccess](server/php/files/.htaccess) file includes instructions
|
|
||||||
for Apache to disable script execution, however
|
|
||||||
[.htaccess support](https://httpd.apache.org/docs/current/howto/htaccess.html)
|
|
||||||
is disabled by default since Apache `v2.3.9` via
|
|
||||||
[AllowOverride Directive](https://httpd.apache.org/docs/current/mod/core.html#allowoverride).
|
|
||||||
|
|
||||||
**You are affected if you:**
|
|
||||||
|
|
||||||
1. A) Uploaded jQuery File Upload < `v9.24.1` on a Webserver that executes files
|
|
||||||
with `.php` as part of the file extension (e.g. "example.php.png"), e.g.
|
|
||||||
Apache with `mod_php` enabled and the following directive (_not a recommended
|
|
||||||
configuration_):
|
|
||||||
```ApacheConf
|
|
||||||
AddHandler php5-script .php
|
|
||||||
```
|
|
||||||
B) Uploaded jQuery File Upload < `v9.22.1` on a Webserver that executes files
|
|
||||||
with the file extension `.php`, e.g. Apache with `mod_php` enabled and the
|
|
||||||
following directive:
|
|
||||||
```ApacheConf
|
|
||||||
<FilesMatch \.php$>
|
|
||||||
SetHandler application/x-httpd-php
|
|
||||||
</FilesMatch>
|
|
||||||
```
|
|
||||||
2. Did not actively configure your Webserver to not execute files in the upload
|
|
||||||
directory (`server/php/files`).
|
|
||||||
3. Are running Apache `v2.3.9+` with the default `AllowOverride` Directive set
|
|
||||||
to `None` or another Webserver with no `.htaccess` support.
|
|
||||||
|
|
||||||
**How to fix it:**
|
|
||||||
|
|
||||||
1. Upgrade to the latest version of jQuery File Upload.
|
|
||||||
2. Configure your Webserver to not execute files in the upload directory, e.g.
|
|
||||||
with the [sample Apache configuration](SECURITY.md#apache-config)
|
|
||||||
|
|
||||||
**Further information:**
|
|
||||||
|
|
||||||
- Commits containing the security fix:
|
|
||||||
[aeb47e5](https://github.com/blueimp/jQuery-File-Upload/commit/aeb47e51c67df8a504b7726595576c1c66b5dc2f),
|
|
||||||
[ad4aefd](https://github.com/blueimp/jQuery-File-Upload/commit/ad4aefd96e4056deab6fea2690f0d8cf56bb2d7d)
|
|
||||||
- [Full disclosure post on Hacker News](https://news.ycombinator.com/item?id=18267309).
|
|
||||||
- [CVE-2018-9206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9206)
|
|
||||||
- [OWASP - Unrestricted File Upload](https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload)
|
|
||||||
|
|
||||||
## Open redirect vulnerability in the GAE components
|
|
||||||
|
|
||||||
> Fixed: 2015-06-12 (GMT)
|
|
||||||
|
|
||||||
The sample Google App Engine upload handlers before
|
|
||||||
v[9.10.1](https://github.com/blueimp/jQuery-File-Upload/releases/tag/9.10.1)
|
|
||||||
accepted any URL as redirect target, making it possible to use the Webserver's
|
|
||||||
domain for phishing attacks.
|
|
||||||
|
|
||||||
**Further information:**
|
|
||||||
|
|
||||||
- Commit containing the security fix:
|
|
||||||
[f74d2a8](https://github.com/blueimp/jQuery-File-Upload/commit/f74d2a8c3e3b1e8e336678d2899facd5bcdb589f)
|
|
||||||
- [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)
|
|
||||||
|
|
||||||
## Cross-site scripting vulnerability in the Iframe Transport
|
|
||||||
|
|
||||||
> Fixed: 2012-08-09 (GMT)
|
|
||||||
|
|
||||||
The [redirect page](cors/result.html) for the
|
|
||||||
[Iframe Transport](js/jquery.iframe-transport.js) before commit
|
|
||||||
[4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a)
|
|
||||||
(_fixed in all tagged releases_) allowed executing arbitrary JavaScript in the
|
|
||||||
context of the Webserver.
|
|
||||||
|
|
||||||
**Further information:**
|
|
||||||
|
|
||||||
- Commit containing the security fix:
|
|
||||||
[4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a)
|
|
||||||
- [OWASP - Cross-site Scripting (XSS)](https://owasp.org/www-community/attacks/xss/)
|
|
39
vendor/blueimp/jquery-file-upload/composer.json
vendored
39
vendor/blueimp/jquery-file-upload/composer.json
vendored
|
@ -1,39 +0,0 @@
|
||||||
{
|
|
||||||
"name": "blueimp/jquery-file-upload"
|
|
||||||
, "description": "File Upload widget for jQuery."
|
|
||||||
, "keywords": ["jquery",
|
|
||||||
"file",
|
|
||||||
"upload",
|
|
||||||
"widget",
|
|
||||||
"multiple",
|
|
||||||
"selection",
|
|
||||||
"drag",
|
|
||||||
"drop",
|
|
||||||
"progress",
|
|
||||||
"preview",
|
|
||||||
"cross-domain",
|
|
||||||
"cross-site",
|
|
||||||
"chunk",
|
|
||||||
"resume",
|
|
||||||
"gae",
|
|
||||||
"go",
|
|
||||||
"python",
|
|
||||||
"php",
|
|
||||||
"bootstrap"]
|
|
||||||
, "homepage": "https://github.com/blueimp/jQuery-File-Upload"
|
|
||||||
, "authors": [
|
|
||||||
{
|
|
||||||
"name": "Sebastian Tschan",
|
|
||||||
"homepage": "https://blueimp.net"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
, "support": {
|
|
||||||
"forum": "https://stackoverflow.com/questions/tagged/blueimp+jquery+file-upload"
|
|
||||||
}
|
|
||||||
, "license": "MIT"
|
|
||||||
, "autoload": {
|
|
||||||
"classmap": [
|
|
||||||
"server/php/UploadHandler.php"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,85 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<!--
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Plugin postMessage API
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2011, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
-->
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<meta charset="utf-8" />
|
|
||||||
<title>jQuery File Upload Plugin postMessage API</title>
|
|
||||||
<script
|
|
||||||
src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"
|
|
||||||
integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ"
|
|
||||||
crossorigin="anonymous"
|
|
||||||
></script>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<script>
|
|
||||||
'use strict';
|
|
||||||
var origin = /^https:\/\/example.org/,
|
|
||||||
target = new RegExp('^(http(s)?:)?\\/\\/' + location.host + '\\/');
|
|
||||||
$(window).on('message', function (e) {
|
|
||||||
e = e.originalEvent;
|
|
||||||
var s = e.data,
|
|
||||||
xhr = $.ajaxSettings.xhr(),
|
|
||||||
f;
|
|
||||||
if (!origin.test(e.origin)) {
|
|
||||||
throw new Error('Origin "' + e.origin + '" does not match ' + origin);
|
|
||||||
}
|
|
||||||
if (!target.test(e.data.url)) {
|
|
||||||
throw new Error(
|
|
||||||
'Target "' + e.data.url + '" does not match ' + target
|
|
||||||
);
|
|
||||||
}
|
|
||||||
$(xhr.upload).on('progress', function (ev) {
|
|
||||||
ev = ev.originalEvent;
|
|
||||||
e.source.postMessage(
|
|
||||||
{
|
|
||||||
id: s.id,
|
|
||||||
type: ev.type,
|
|
||||||
timeStamp: ev.timeStamp,
|
|
||||||
lengthComputable: ev.lengthComputable,
|
|
||||||
loaded: ev.loaded,
|
|
||||||
total: ev.total
|
|
||||||
},
|
|
||||||
e.origin
|
|
||||||
);
|
|
||||||
});
|
|
||||||
s.xhr = function () {
|
|
||||||
return xhr;
|
|
||||||
};
|
|
||||||
if (!(s.data instanceof Blob)) {
|
|
||||||
f = new FormData();
|
|
||||||
$.each(s.data, function (i, v) {
|
|
||||||
f.append(v.name, v.value);
|
|
||||||
});
|
|
||||||
s.data = f;
|
|
||||||
}
|
|
||||||
$.ajax(s).always(function (result, statusText, jqXHR) {
|
|
||||||
if (!jqXHR.done) {
|
|
||||||
jqXHR = result;
|
|
||||||
result = null;
|
|
||||||
}
|
|
||||||
e.source.postMessage(
|
|
||||||
{
|
|
||||||
id: s.id,
|
|
||||||
status: jqXHR.status,
|
|
||||||
statusText: statusText,
|
|
||||||
result: result,
|
|
||||||
headers: jqXHR.getAllResponseHeaders()
|
|
||||||
},
|
|
||||||
e.origin
|
|
||||||
);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -1,26 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<!--
|
|
||||||
/*
|
|
||||||
* jQuery Iframe Transport Plugin Redirect Page
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
-->
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<meta charset="utf-8" />
|
|
||||||
<title>jQuery Iframe Transport Plugin Redirect Page</title>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<script>
|
|
||||||
document.body.innerText = document.body.textContent = decodeURIComponent(
|
|
||||||
window.location.search.slice(1)
|
|
||||||
);
|
|
||||||
</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -1,22 +0,0 @@
|
||||||
@charset "UTF-8";
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Plugin NoScript CSS
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
.fileinput-button input {
|
|
||||||
position: static;
|
|
||||||
opacity: 1;
|
|
||||||
filter: none;
|
|
||||||
font-size: inherit !important;
|
|
||||||
direction: inherit;
|
|
||||||
}
|
|
||||||
.fileinput-button span {
|
|
||||||
display: none;
|
|
||||||
}
|
|
|
@ -1,17 +0,0 @@
|
||||||
@charset "UTF-8";
|
|
||||||
/*
|
|
||||||
* jQuery File Upload UI Plugin NoScript CSS
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2012, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
.fileinput-button i,
|
|
||||||
.fileupload-buttonbar .delete,
|
|
||||||
.fileupload-buttonbar .toggle {
|
|
||||||
display: none;
|
|
||||||
}
|
|
|
@ -1,68 +0,0 @@
|
||||||
@charset "UTF-8";
|
|
||||||
/*
|
|
||||||
* jQuery File Upload UI Plugin CSS
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
.progress-animated .progress-bar,
|
|
||||||
.progress-animated .bar {
|
|
||||||
background: url('../img/progressbar.gif') !important;
|
|
||||||
filter: none;
|
|
||||||
}
|
|
||||||
.fileupload-process {
|
|
||||||
float: right;
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
.fileupload-processing .fileupload-process,
|
|
||||||
.files .processing .preview {
|
|
||||||
display: block;
|
|
||||||
width: 32px;
|
|
||||||
height: 32px;
|
|
||||||
background: url('../img/loading.gif') center no-repeat;
|
|
||||||
background-size: contain;
|
|
||||||
}
|
|
||||||
.files audio,
|
|
||||||
.files video {
|
|
||||||
max-width: 300px;
|
|
||||||
}
|
|
||||||
.files .name {
|
|
||||||
word-wrap: break-word;
|
|
||||||
overflow-wrap: anywhere;
|
|
||||||
-webkit-hyphens: auto;
|
|
||||||
hyphens: auto;
|
|
||||||
}
|
|
||||||
.files button {
|
|
||||||
margin-bottom: 5px;
|
|
||||||
}
|
|
||||||
.toggle[type='checkbox'] {
|
|
||||||
transform: scale(2);
|
|
||||||
margin-left: 10px;
|
|
||||||
}
|
|
||||||
|
|
||||||
@media (max-width: 767px) {
|
|
||||||
.fileupload-buttonbar .btn {
|
|
||||||
margin-bottom: 5px;
|
|
||||||
}
|
|
||||||
.fileupload-buttonbar .delete,
|
|
||||||
.fileupload-buttonbar .toggle,
|
|
||||||
.files .toggle,
|
|
||||||
.files .btn span {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
.files audio,
|
|
||||||
.files video {
|
|
||||||
max-width: 80px;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@media (max-width: 480px) {
|
|
||||||
.files .image td:nth-child(2) {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,36 +0,0 @@
|
||||||
@charset "UTF-8";
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Plugin CSS
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
.fileinput-button {
|
|
||||||
position: relative;
|
|
||||||
overflow: hidden;
|
|
||||||
display: inline-block;
|
|
||||||
}
|
|
||||||
.fileinput-button input {
|
|
||||||
position: absolute;
|
|
||||||
top: 0;
|
|
||||||
right: 0;
|
|
||||||
margin: 0;
|
|
||||||
height: 100%;
|
|
||||||
opacity: 0;
|
|
||||||
filter: alpha(opacity=0);
|
|
||||||
font-size: 200px !important;
|
|
||||||
direction: ltr;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Fixes for IE < 8 */
|
|
||||||
@media screen\9 {
|
|
||||||
.fileinput-button input {
|
|
||||||
font-size: 150% !important;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,55 +0,0 @@
|
||||||
version: '3.7'
|
|
||||||
services:
|
|
||||||
example:
|
|
||||||
build: server/php
|
|
||||||
ports:
|
|
||||||
- 127.0.0.1:80:80
|
|
||||||
volumes:
|
|
||||||
- .:/var/www/html
|
|
||||||
mocha:
|
|
||||||
image: blueimp/mocha-chrome
|
|
||||||
command: http://example/test
|
|
||||||
environment:
|
|
||||||
- WAIT_FOR_HOSTS=example:80
|
|
||||||
depends_on:
|
|
||||||
- example
|
|
||||||
chromedriver:
|
|
||||||
image: blueimp/chromedriver
|
|
||||||
tmpfs: /tmp
|
|
||||||
environment:
|
|
||||||
- DISABLE_X11=false
|
|
||||||
- ENABLE_VNC=true
|
|
||||||
- EXPOSE_X11=true
|
|
||||||
volumes:
|
|
||||||
- ./wdio/assets:/home/webdriver/assets:ro
|
|
||||||
ports:
|
|
||||||
- 127.0.0.1:5900:5900
|
|
||||||
geckodriver:
|
|
||||||
image: blueimp/geckodriver
|
|
||||||
tmpfs: /tmp
|
|
||||||
shm_size: 2g
|
|
||||||
environment:
|
|
||||||
- DISABLE_X11=false
|
|
||||||
- ENABLE_VNC=true
|
|
||||||
- EXPOSE_X11=true
|
|
||||||
volumes:
|
|
||||||
- ./wdio/assets:/home/webdriver/assets:ro
|
|
||||||
ports:
|
|
||||||
- 127.0.0.1:5901:5900
|
|
||||||
wdio:
|
|
||||||
image: blueimp/wdio
|
|
||||||
read_only: true
|
|
||||||
tmpfs:
|
|
||||||
- /tmp
|
|
||||||
environment:
|
|
||||||
- WAIT_FOR_HOSTS=chromedriver:4444 geckodriver:4444 example:80
|
|
||||||
- WINDOWS_HOST
|
|
||||||
- MACOS_ASSETS_DIR=$PWD/wdio/assets/
|
|
||||||
- WINDOWS_ASSETS_DIR
|
|
||||||
volumes:
|
|
||||||
- ./wdio:/app:ro
|
|
||||||
- ./wdio/reports:/app/reports
|
|
||||||
depends_on:
|
|
||||||
- chromedriver
|
|
||||||
- geckodriver
|
|
||||||
- example
|
|
BIN
vendor/blueimp/jquery-file-upload/img/loading.gif
vendored
BIN
vendor/blueimp/jquery-file-upload/img/loading.gif
vendored
Binary file not shown.
Before Width: | Height: | Size: 3.8 KiB |
Binary file not shown.
Before Width: | Height: | Size: 3.2 KiB |
357
vendor/blueimp/jquery-file-upload/index.html
vendored
357
vendor/blueimp/jquery-file-upload/index.html
vendored
|
@ -1,357 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<!--
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Demo
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
-->
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<!-- Force latest IE rendering engine or ChromeFrame if installed -->
|
|
||||||
<!--[if IE]>
|
|
||||||
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
|
|
||||||
<![endif]-->
|
|
||||||
<meta charset="utf-8" />
|
|
||||||
<title>jQuery File Upload Demo</title>
|
|
||||||
<meta
|
|
||||||
name="description"
|
|
||||||
content="File Upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads and client-side image resizing. Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads."
|
|
||||||
/>
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
||||||
<!-- Bootstrap styles -->
|
|
||||||
<link
|
|
||||||
rel="stylesheet"
|
|
||||||
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"
|
|
||||||
integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u"
|
|
||||||
crossorigin="anonymous"
|
|
||||||
/>
|
|
||||||
<!-- Generic page styles -->
|
|
||||||
<style>
|
|
||||||
#navigation {
|
|
||||||
margin: 10px 0;
|
|
||||||
}
|
|
||||||
@media (max-width: 767px) {
|
|
||||||
#title,
|
|
||||||
#description {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
<!-- blueimp Gallery styles -->
|
|
||||||
<link
|
|
||||||
rel="stylesheet"
|
|
||||||
href="https://blueimp.github.io/Gallery/css/blueimp-gallery.min.css"
|
|
||||||
/>
|
|
||||||
<!-- CSS to style the file input field as button and adjust the Bootstrap progress bars -->
|
|
||||||
<link rel="stylesheet" href="css/jquery.fileupload.css" />
|
|
||||||
<link rel="stylesheet" href="css/jquery.fileupload-ui.css" />
|
|
||||||
<!-- CSS adjustments for browsers with JavaScript disabled -->
|
|
||||||
<noscript
|
|
||||||
><link rel="stylesheet" href="css/jquery.fileupload-noscript.css"
|
|
||||||
/></noscript>
|
|
||||||
<noscript
|
|
||||||
><link rel="stylesheet" href="css/jquery.fileupload-ui-noscript.css"
|
|
||||||
/></noscript>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<div class="container">
|
|
||||||
<ul class="nav nav-tabs" id="navigation">
|
|
||||||
<li>
|
|
||||||
<a href="https://github.com/blueimp/jQuery-File-Upload">Project</a>
|
|
||||||
</li>
|
|
||||||
<li class="active">
|
|
||||||
<a href="#">Demo</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href="https://github.com/blueimp/jQuery-File-Upload/wiki">Wiki</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href="https://blueimp.net">Author</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
<h1 id="title">jQuery File Upload Demo</h1>
|
|
||||||
<blockquote id="description">
|
|
||||||
<p>
|
|
||||||
File Upload widget with multiple file selection, drag&drop
|
|
||||||
support, progress bars, validation and preview images, audio and video
|
|
||||||
for jQuery.<br />
|
|
||||||
Supports cross-domain, chunked and resumable file uploads and
|
|
||||||
client-side image resizing.<br />
|
|
||||||
Works with any server-side platform (PHP, Python, Ruby on Rails, Java,
|
|
||||||
Node.js, Go etc.) that supports standard HTML form file uploads.
|
|
||||||
</p>
|
|
||||||
</blockquote>
|
|
||||||
<!-- The file upload form used as target for the file upload widget -->
|
|
||||||
<form
|
|
||||||
id="fileupload"
|
|
||||||
action="https://jquery-file-upload.appspot.com/"
|
|
||||||
method="POST"
|
|
||||||
enctype="multipart/form-data"
|
|
||||||
>
|
|
||||||
<!-- Redirect browsers with JavaScript disabled to the origin page -->
|
|
||||||
<noscript
|
|
||||||
><input
|
|
||||||
type="hidden"
|
|
||||||
name="redirect"
|
|
||||||
value="https://blueimp.github.io/jQuery-File-Upload/"
|
|
||||||
/></noscript>
|
|
||||||
<!-- The fileupload-buttonbar contains buttons to add/delete files and start/cancel the upload -->
|
|
||||||
<div class="row fileupload-buttonbar">
|
|
||||||
<div class="col-lg-7">
|
|
||||||
<!-- The fileinput-button span is used to style the file input field as button -->
|
|
||||||
<span class="btn btn-success fileinput-button">
|
|
||||||
<i class="glyphicon glyphicon-plus"></i>
|
|
||||||
<span>Add files...</span>
|
|
||||||
<input type="file" name="files[]" multiple />
|
|
||||||
</span>
|
|
||||||
<button type="submit" class="btn btn-primary start">
|
|
||||||
<i class="glyphicon glyphicon-upload"></i>
|
|
||||||
<span>Start upload</span>
|
|
||||||
</button>
|
|
||||||
<button type="reset" class="btn btn-warning cancel">
|
|
||||||
<i class="glyphicon glyphicon-ban-circle"></i>
|
|
||||||
<span>Cancel upload</span>
|
|
||||||
</button>
|
|
||||||
<button type="button" class="btn btn-danger delete">
|
|
||||||
<i class="glyphicon glyphicon-trash"></i>
|
|
||||||
<span>Delete selected</span>
|
|
||||||
</button>
|
|
||||||
<input type="checkbox" class="toggle" />
|
|
||||||
<!-- The global file processing state -->
|
|
||||||
<span class="fileupload-process"></span>
|
|
||||||
</div>
|
|
||||||
<!-- The global progress state -->
|
|
||||||
<div class="col-lg-5 fileupload-progress fade">
|
|
||||||
<!-- The global progress bar -->
|
|
||||||
<div
|
|
||||||
class="progress progress-striped active"
|
|
||||||
role="progressbar"
|
|
||||||
aria-valuemin="0"
|
|
||||||
aria-valuemax="100"
|
|
||||||
>
|
|
||||||
<div
|
|
||||||
class="progress-bar progress-bar-success"
|
|
||||||
style="width: 0%;"
|
|
||||||
></div>
|
|
||||||
</div>
|
|
||||||
<!-- The extended global progress state -->
|
|
||||||
<div class="progress-extended"> </div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<!-- The table listing the files available for upload/download -->
|
|
||||||
<table role="presentation" class="table table-striped">
|
|
||||||
<tbody class="files"></tbody>
|
|
||||||
</table>
|
|
||||||
</form>
|
|
||||||
<div class="panel panel-default">
|
|
||||||
<div class="panel-heading">
|
|
||||||
<h3 class="panel-title">Demo Notes</h3>
|
|
||||||
</div>
|
|
||||||
<div class="panel-body">
|
|
||||||
<ul>
|
|
||||||
<li>
|
|
||||||
The maximum file size for uploads in this demo is
|
|
||||||
<strong>999 KB</strong> (default file size is unlimited).
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
Only image files (<strong>JPG, GIF, PNG</strong>) are allowed in
|
|
||||||
this demo (by default there is no file type restriction).
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
Uploaded files will be deleted automatically after
|
|
||||||
<strong>5 minutes or less</strong> (demo files are stored in
|
|
||||||
memory).
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
You can <strong>drag & drop</strong> files from your desktop
|
|
||||||
on this webpage (see
|
|
||||||
<a
|
|
||||||
href="https://github.com/blueimp/jQuery-File-Upload/wiki/Browser-support"
|
|
||||||
>Browser support</a
|
|
||||||
>).
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
Please refer to the
|
|
||||||
<a href="https://github.com/blueimp/jQuery-File-Upload"
|
|
||||||
>project website</a
|
|
||||||
>
|
|
||||||
and
|
|
||||||
<a href="https://github.com/blueimp/jQuery-File-Upload/wiki"
|
|
||||||
>documentation</a
|
|
||||||
>
|
|
||||||
for more information.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
Built with the
|
|
||||||
<a href="https://getbootstrap.com/">Bootstrap</a> CSS framework
|
|
||||||
and Icons from <a href="https://glyphicons.com/">Glyphicons</a>.
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<!-- The blueimp Gallery widget -->
|
|
||||||
<div
|
|
||||||
id="blueimp-gallery"
|
|
||||||
class="blueimp-gallery blueimp-gallery-controls"
|
|
||||||
aria-label="image gallery"
|
|
||||||
aria-modal="true"
|
|
||||||
role="dialog"
|
|
||||||
data-filter=":even"
|
|
||||||
>
|
|
||||||
<div class="slides" aria-live="polite"></div>
|
|
||||||
<h3 class="title"></h3>
|
|
||||||
<a
|
|
||||||
class="prev"
|
|
||||||
aria-controls="blueimp-gallery"
|
|
||||||
aria-label="previous slide"
|
|
||||||
aria-keyshortcuts="ArrowLeft"
|
|
||||||
></a>
|
|
||||||
<a
|
|
||||||
class="next"
|
|
||||||
aria-controls="blueimp-gallery"
|
|
||||||
aria-label="next slide"
|
|
||||||
aria-keyshortcuts="ArrowRight"
|
|
||||||
></a>
|
|
||||||
<a
|
|
||||||
class="close"
|
|
||||||
aria-controls="blueimp-gallery"
|
|
||||||
aria-label="close"
|
|
||||||
aria-keyshortcuts="Escape"
|
|
||||||
></a>
|
|
||||||
<a
|
|
||||||
class="play-pause"
|
|
||||||
aria-controls="blueimp-gallery"
|
|
||||||
aria-label="play slideshow"
|
|
||||||
aria-keyshortcuts="Space"
|
|
||||||
aria-pressed="false"
|
|
||||||
role="button"
|
|
||||||
></a>
|
|
||||||
<ol class="indicator"></ol>
|
|
||||||
</div>
|
|
||||||
<!-- The template to display files available for upload -->
|
|
||||||
<script id="template-upload" type="text/x-tmpl">
|
|
||||||
{% for (var i=0, file; file=o.files[i]; i++) { %}
|
|
||||||
<tr class="template-upload fade{%=o.options.loadImageFileTypes.test(file.type)?' image':''%}">
|
|
||||||
<td>
|
|
||||||
<span class="preview"></span>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
<p class="name">{%=file.name%}</p>
|
|
||||||
<strong class="error text-danger"></strong>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
<p class="size">Processing...</p>
|
|
||||||
<div class="progress progress-striped active" role="progressbar" aria-valuemin="0" aria-valuemax="100" aria-valuenow="0"><div class="progress-bar progress-bar-success" style="width:0%;"></div></div>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
{% if (!o.options.autoUpload && o.options.edit && o.options.loadImageFileTypes.test(file.type)) { %}
|
|
||||||
<button class="btn btn-success edit" data-index="{%=i%}" disabled>
|
|
||||||
<i class="glyphicon glyphicon-edit"></i>
|
|
||||||
<span>Edit</span>
|
|
||||||
</button>
|
|
||||||
{% } %}
|
|
||||||
{% if (!i && !o.options.autoUpload) { %}
|
|
||||||
<button class="btn btn-primary start" disabled>
|
|
||||||
<i class="glyphicon glyphicon-upload"></i>
|
|
||||||
<span>Start</span>
|
|
||||||
</button>
|
|
||||||
{% } %}
|
|
||||||
{% if (!i) { %}
|
|
||||||
<button class="btn btn-warning cancel">
|
|
||||||
<i class="glyphicon glyphicon-ban-circle"></i>
|
|
||||||
<span>Cancel</span>
|
|
||||||
</button>
|
|
||||||
{% } %}
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
{% } %}
|
|
||||||
</script>
|
|
||||||
<!-- The template to display files available for download -->
|
|
||||||
<script id="template-download" type="text/x-tmpl">
|
|
||||||
{% for (var i=0, file; file=o.files[i]; i++) { %}
|
|
||||||
<tr class="template-download fade{%=file.thumbnailUrl?' image':''%}">
|
|
||||||
<td>
|
|
||||||
<span class="preview">
|
|
||||||
{% if (file.thumbnailUrl) { %}
|
|
||||||
<a href="{%=file.url%}" title="{%=file.name%}" download="{%=file.name%}" data-gallery><img src="{%=file.thumbnailUrl%}"></a>
|
|
||||||
{% } %}
|
|
||||||
</span>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
<p class="name">
|
|
||||||
{% if (file.url) { %}
|
|
||||||
<a href="{%=file.url%}" title="{%=file.name%}" download="{%=file.name%}" {%=file.thumbnailUrl?'data-gallery':''%}>{%=file.name%}</a>
|
|
||||||
{% } else { %}
|
|
||||||
<span>{%=file.name%}</span>
|
|
||||||
{% } %}
|
|
||||||
</p>
|
|
||||||
{% if (file.error) { %}
|
|
||||||
<div><span class="label label-danger">Error</span> {%=file.error%}</div>
|
|
||||||
{% } %}
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
<span class="size">{%=o.formatFileSize(file.size)%}</span>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
{% if (file.deleteUrl) { %}
|
|
||||||
<button class="btn btn-danger delete" data-type="{%=file.deleteType%}" data-url="{%=file.deleteUrl%}"{% if (file.deleteWithCredentials) { %} data-xhr-fields='{"withCredentials":true}'{% } %}>
|
|
||||||
<i class="glyphicon glyphicon-trash"></i>
|
|
||||||
<span>Delete</span>
|
|
||||||
</button>
|
|
||||||
<input type="checkbox" name="delete" value="1" class="toggle">
|
|
||||||
{% } else { %}
|
|
||||||
<button class="btn btn-warning cancel">
|
|
||||||
<i class="glyphicon glyphicon-ban-circle"></i>
|
|
||||||
<span>Cancel</span>
|
|
||||||
</button>
|
|
||||||
{% } %}
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
{% } %}
|
|
||||||
</script>
|
|
||||||
<script
|
|
||||||
src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"
|
|
||||||
integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ"
|
|
||||||
crossorigin="anonymous"
|
|
||||||
></script>
|
|
||||||
<!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
|
|
||||||
<script src="js/vendor/jquery.ui.widget.js"></script>
|
|
||||||
<!-- The Templates plugin is included to render the upload/download listings -->
|
|
||||||
<script src="https://blueimp.github.io/JavaScript-Templates/js/tmpl.min.js"></script>
|
|
||||||
<!-- The Load Image plugin is included for the preview images and image resizing functionality -->
|
|
||||||
<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
|
|
||||||
<!-- The Canvas to Blob plugin is included for image resizing functionality -->
|
|
||||||
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
|
|
||||||
<!-- blueimp Gallery script -->
|
|
||||||
<script src="https://blueimp.github.io/Gallery/js/jquery.blueimp-gallery.min.js"></script>
|
|
||||||
<!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
|
|
||||||
<script src="js/jquery.iframe-transport.js"></script>
|
|
||||||
<!-- The basic File Upload plugin -->
|
|
||||||
<script src="js/jquery.fileupload.js"></script>
|
|
||||||
<!-- The File Upload processing plugin -->
|
|
||||||
<script src="js/jquery.fileupload-process.js"></script>
|
|
||||||
<!-- The File Upload image preview & resize plugin -->
|
|
||||||
<script src="js/jquery.fileupload-image.js"></script>
|
|
||||||
<!-- The File Upload audio preview plugin -->
|
|
||||||
<script src="js/jquery.fileupload-audio.js"></script>
|
|
||||||
<!-- The File Upload video preview plugin -->
|
|
||||||
<script src="js/jquery.fileupload-video.js"></script>
|
|
||||||
<!-- The File Upload validation plugin -->
|
|
||||||
<script src="js/jquery.fileupload-validate.js"></script>
|
|
||||||
<!-- The File Upload user interface plugin -->
|
|
||||||
<script src="js/jquery.fileupload-ui.js"></script>
|
|
||||||
<!-- The main application script -->
|
|
||||||
<script src="js/demo.js"></script>
|
|
||||||
<!-- The XDomainRequest Transport is included for cross-domain file deletion for IE 8 and IE 9 -->
|
|
||||||
<!--[if (gte IE 8)&(lt IE 10)]>
|
|
||||||
<script src="js/cors/jquery.xdr-transport.js"></script>
|
|
||||||
<![endif]-->
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -1,126 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery postMessage Transport Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2011, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(require('jquery'));
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
var counter = 0,
|
|
||||||
names = [
|
|
||||||
'accepts',
|
|
||||||
'cache',
|
|
||||||
'contents',
|
|
||||||
'contentType',
|
|
||||||
'crossDomain',
|
|
||||||
'data',
|
|
||||||
'dataType',
|
|
||||||
'headers',
|
|
||||||
'ifModified',
|
|
||||||
'mimeType',
|
|
||||||
'password',
|
|
||||||
'processData',
|
|
||||||
'timeout',
|
|
||||||
'traditional',
|
|
||||||
'type',
|
|
||||||
'url',
|
|
||||||
'username'
|
|
||||||
],
|
|
||||||
convert = function (p) {
|
|
||||||
return p;
|
|
||||||
};
|
|
||||||
|
|
||||||
$.ajaxSetup({
|
|
||||||
converters: {
|
|
||||||
'postmessage text': convert,
|
|
||||||
'postmessage json': convert,
|
|
||||||
'postmessage html': convert
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
$.ajaxTransport('postmessage', function (options) {
|
|
||||||
if (options.postMessage && window.postMessage) {
|
|
||||||
var iframe,
|
|
||||||
loc = $('<a></a>').prop('href', options.postMessage)[0],
|
|
||||||
target = loc.protocol + '//' + loc.host,
|
|
||||||
xhrUpload = options.xhr().upload;
|
|
||||||
// IE always includes the port for the host property of a link
|
|
||||||
// element, but not in the location.host or origin property for the
|
|
||||||
// default http port 80 and https port 443, so we strip it:
|
|
||||||
if (/^(http:\/\/.+:80)|(https:\/\/.+:443)$/.test(target)) {
|
|
||||||
target = target.replace(/:(80|443)$/, '');
|
|
||||||
}
|
|
||||||
return {
|
|
||||||
send: function (_, completeCallback) {
|
|
||||||
counter += 1;
|
|
||||||
var message = {
|
|
||||||
id: 'postmessage-transport-' + counter
|
|
||||||
},
|
|
||||||
eventName = 'message.' + message.id;
|
|
||||||
iframe = $(
|
|
||||||
'<iframe style="display:none;" src="' +
|
|
||||||
options.postMessage +
|
|
||||||
'" name="' +
|
|
||||||
message.id +
|
|
||||||
'"></iframe>'
|
|
||||||
)
|
|
||||||
.on('load', function () {
|
|
||||||
$.each(names, function (i, name) {
|
|
||||||
message[name] = options[name];
|
|
||||||
});
|
|
||||||
message.dataType = message.dataType.replace('postmessage ', '');
|
|
||||||
$(window).on(eventName, function (event) {
|
|
||||||
var e = event.originalEvent;
|
|
||||||
var data = e.data;
|
|
||||||
var ev;
|
|
||||||
if (e.origin === target && data.id === message.id) {
|
|
||||||
if (data.type === 'progress') {
|
|
||||||
ev = document.createEvent('Event');
|
|
||||||
ev.initEvent(data.type, false, true);
|
|
||||||
$.extend(ev, data);
|
|
||||||
xhrUpload.dispatchEvent(ev);
|
|
||||||
} else {
|
|
||||||
completeCallback(
|
|
||||||
data.status,
|
|
||||||
data.statusText,
|
|
||||||
{ postmessage: data.result },
|
|
||||||
data.headers
|
|
||||||
);
|
|
||||||
iframe.remove();
|
|
||||||
$(window).off(eventName);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
iframe[0].contentWindow.postMessage(message, target);
|
|
||||||
})
|
|
||||||
.appendTo(document.body);
|
|
||||||
},
|
|
||||||
abort: function () {
|
|
||||||
if (iframe) {
|
|
||||||
iframe.remove();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,97 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery XDomainRequest Transport Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2011, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*
|
|
||||||
* Based on Julian Aubourg's ajaxHooks xdr.js:
|
|
||||||
* https://github.com/jaubourg/ajaxHooks/
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require, XDomainRequest */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(require('jquery'));
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
'use strict';
|
|
||||||
if (window.XDomainRequest && !$.support.cors) {
|
|
||||||
$.ajaxTransport(function (s) {
|
|
||||||
if (s.crossDomain && s.async) {
|
|
||||||
if (s.timeout) {
|
|
||||||
s.xdrTimeout = s.timeout;
|
|
||||||
delete s.timeout;
|
|
||||||
}
|
|
||||||
var xdr;
|
|
||||||
return {
|
|
||||||
send: function (headers, completeCallback) {
|
|
||||||
var addParamChar = /\?/.test(s.url) ? '&' : '?';
|
|
||||||
/**
|
|
||||||
* Callback wrapper function
|
|
||||||
*
|
|
||||||
* @param {number} status HTTP status code
|
|
||||||
* @param {string} statusText HTTP status text
|
|
||||||
* @param {object} [responses] Content-type specific responses
|
|
||||||
* @param {string} [responseHeaders] Response headers string
|
|
||||||
*/
|
|
||||||
function callback(status, statusText, responses, responseHeaders) {
|
|
||||||
xdr.onload = xdr.onerror = xdr.ontimeout = $.noop;
|
|
||||||
xdr = null;
|
|
||||||
completeCallback(status, statusText, responses, responseHeaders);
|
|
||||||
}
|
|
||||||
xdr = new XDomainRequest();
|
|
||||||
// XDomainRequest only supports GET and POST:
|
|
||||||
if (s.type === 'DELETE') {
|
|
||||||
s.url = s.url + addParamChar + '_method=DELETE';
|
|
||||||
s.type = 'POST';
|
|
||||||
} else if (s.type === 'PUT') {
|
|
||||||
s.url = s.url + addParamChar + '_method=PUT';
|
|
||||||
s.type = 'POST';
|
|
||||||
} else if (s.type === 'PATCH') {
|
|
||||||
s.url = s.url + addParamChar + '_method=PATCH';
|
|
||||||
s.type = 'POST';
|
|
||||||
}
|
|
||||||
xdr.open(s.type, s.url);
|
|
||||||
xdr.onload = function () {
|
|
||||||
callback(
|
|
||||||
200,
|
|
||||||
'OK',
|
|
||||||
{ text: xdr.responseText },
|
|
||||||
'Content-Type: ' + xdr.contentType
|
|
||||||
);
|
|
||||||
};
|
|
||||||
xdr.onerror = function () {
|
|
||||||
callback(404, 'Not Found');
|
|
||||||
};
|
|
||||||
if (s.xdrTimeout) {
|
|
||||||
xdr.ontimeout = function () {
|
|
||||||
callback(0, 'timeout');
|
|
||||||
};
|
|
||||||
xdr.timeout = s.xdrTimeout;
|
|
||||||
}
|
|
||||||
xdr.send((s.hasContent && s.data) || null);
|
|
||||||
},
|
|
||||||
abort: function () {
|
|
||||||
if (xdr) {
|
|
||||||
xdr.onerror = $.noop();
|
|
||||||
xdr.abort();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
75
vendor/blueimp/jquery-file-upload/js/demo.js
vendored
75
vendor/blueimp/jquery-file-upload/js/demo.js
vendored
|
@ -1,75 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Demo
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global $ */
|
|
||||||
|
|
||||||
$(function () {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Initialize the jQuery File Upload widget:
|
|
||||||
$('#fileupload').fileupload({
|
|
||||||
// Uncomment the following to send cross-domain cookies:
|
|
||||||
//xhrFields: {withCredentials: true},
|
|
||||||
url: 'server/php/'
|
|
||||||
});
|
|
||||||
|
|
||||||
// Enable iframe cross-domain access via redirect option:
|
|
||||||
$('#fileupload').fileupload(
|
|
||||||
'option',
|
|
||||||
'redirect',
|
|
||||||
window.location.href.replace(/\/[^/]*$/, '/cors/result.html?%s')
|
|
||||||
);
|
|
||||||
|
|
||||||
if (window.location.hostname === 'blueimp.github.io') {
|
|
||||||
// Demo settings:
|
|
||||||
$('#fileupload').fileupload('option', {
|
|
||||||
url: '//jquery-file-upload.appspot.com/',
|
|
||||||
// Enable image resizing, except for Android and Opera,
|
|
||||||
// which actually support image resizing, but fail to
|
|
||||||
// send Blob objects via XHR requests:
|
|
||||||
disableImageResize: /Android(?!.*Chrome)|Opera/.test(
|
|
||||||
window.navigator.userAgent
|
|
||||||
),
|
|
||||||
maxFileSize: 999000,
|
|
||||||
acceptFileTypes: /(\.|\/)(gif|jpe?g|png)$/i
|
|
||||||
});
|
|
||||||
// Upload server status check for browsers with CORS support:
|
|
||||||
if ($.support.cors) {
|
|
||||||
$.ajax({
|
|
||||||
url: '//jquery-file-upload.appspot.com/',
|
|
||||||
type: 'HEAD'
|
|
||||||
}).fail(function () {
|
|
||||||
$('<div class="alert alert-danger"></div>')
|
|
||||||
.text('Upload server currently unavailable - ' + new Date())
|
|
||||||
.appendTo('#fileupload');
|
|
||||||
});
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// Load existing files:
|
|
||||||
$('#fileupload').addClass('fileupload-processing');
|
|
||||||
$.ajax({
|
|
||||||
// Uncomment the following to send cross-domain cookies:
|
|
||||||
//xhrFields: {withCredentials: true},
|
|
||||||
url: $('#fileupload').fileupload('option', 'url'),
|
|
||||||
dataType: 'json',
|
|
||||||
context: $('#fileupload')[0]
|
|
||||||
})
|
|
||||||
.always(function () {
|
|
||||||
$(this).removeClass('fileupload-processing');
|
|
||||||
})
|
|
||||||
.done(function (result) {
|
|
||||||
$(this)
|
|
||||||
.fileupload('option', 'done')
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
.call(this, $.Event('done'), { result: result });
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
|
@ -1,101 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Audio Preview Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery', 'load-image', './jquery.fileupload-process'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(
|
|
||||||
require('jquery'),
|
|
||||||
require('blueimp-load-image/js/load-image'),
|
|
||||||
require('./jquery.fileupload-process')
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery, window.loadImage);
|
|
||||||
}
|
|
||||||
})(function ($, loadImage) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Prepend to the default processQueue:
|
|
||||||
$.blueimp.fileupload.prototype.options.processQueue.unshift(
|
|
||||||
{
|
|
||||||
action: 'loadAudio',
|
|
||||||
// Use the action as prefix for the "@" options:
|
|
||||||
prefix: true,
|
|
||||||
fileTypes: '@',
|
|
||||||
maxFileSize: '@',
|
|
||||||
disabled: '@disableAudioPreview'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'setAudio',
|
|
||||||
name: '@audioPreviewName',
|
|
||||||
disabled: '@disableAudioPreview'
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
// The File Upload Audio Preview plugin extends the fileupload widget
|
|
||||||
// with audio preview functionality:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
// The regular expression for the types of audio files to load,
|
|
||||||
// matched against the file type:
|
|
||||||
loadAudioFileTypes: /^audio\/.*$/
|
|
||||||
},
|
|
||||||
|
|
||||||
_audioElement: document.createElement('audio'),
|
|
||||||
|
|
||||||
processActions: {
|
|
||||||
// Loads the audio file given via data.files and data.index
|
|
||||||
// as audio element if the browser supports playing it.
|
|
||||||
// Accepts the options fileTypes (regular expression)
|
|
||||||
// and maxFileSize (integer) to limit the files to load:
|
|
||||||
loadAudio: function (data, options) {
|
|
||||||
if (options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var file = data.files[data.index],
|
|
||||||
url,
|
|
||||||
audio;
|
|
||||||
if (
|
|
||||||
this._audioElement.canPlayType &&
|
|
||||||
this._audioElement.canPlayType(file.type) &&
|
|
||||||
($.type(options.maxFileSize) !== 'number' ||
|
|
||||||
file.size <= options.maxFileSize) &&
|
|
||||||
(!options.fileTypes || options.fileTypes.test(file.type))
|
|
||||||
) {
|
|
||||||
url = loadImage.createObjectURL(file);
|
|
||||||
if (url) {
|
|
||||||
audio = this._audioElement.cloneNode(false);
|
|
||||||
audio.src = url;
|
|
||||||
audio.controls = true;
|
|
||||||
data.audio = audio;
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Sets the audio element as a property of the file object:
|
|
||||||
setAudio: function (data, options) {
|
|
||||||
if (data.audio && !options.disabled) {
|
|
||||||
data.files[data.index][options.name || 'preview'] = data.audio;
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,347 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Image Preview & Resize Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define([
|
|
||||||
'jquery',
|
|
||||||
'load-image',
|
|
||||||
'load-image-meta',
|
|
||||||
'load-image-scale',
|
|
||||||
'load-image-exif',
|
|
||||||
'load-image-orientation',
|
|
||||||
'canvas-to-blob',
|
|
||||||
'./jquery.fileupload-process'
|
|
||||||
], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(
|
|
||||||
require('jquery'),
|
|
||||||
require('blueimp-load-image/js/load-image'),
|
|
||||||
require('blueimp-load-image/js/load-image-meta'),
|
|
||||||
require('blueimp-load-image/js/load-image-scale'),
|
|
||||||
require('blueimp-load-image/js/load-image-exif'),
|
|
||||||
require('blueimp-load-image/js/load-image-orientation'),
|
|
||||||
require('blueimp-canvas-to-blob'),
|
|
||||||
require('./jquery.fileupload-process')
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery, window.loadImage);
|
|
||||||
}
|
|
||||||
})(function ($, loadImage) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Prepend to the default processQueue:
|
|
||||||
$.blueimp.fileupload.prototype.options.processQueue.unshift(
|
|
||||||
{
|
|
||||||
action: 'loadImageMetaData',
|
|
||||||
maxMetaDataSize: '@',
|
|
||||||
disableImageHead: '@',
|
|
||||||
disableMetaDataParsers: '@',
|
|
||||||
disableExif: '@',
|
|
||||||
disableExifOffsets: '@',
|
|
||||||
includeExifTags: '@',
|
|
||||||
excludeExifTags: '@',
|
|
||||||
disableIptc: '@',
|
|
||||||
disableIptcOffsets: '@',
|
|
||||||
includeIptcTags: '@',
|
|
||||||
excludeIptcTags: '@',
|
|
||||||
disabled: '@disableImageMetaDataLoad'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'loadImage',
|
|
||||||
// Use the action as prefix for the "@" options:
|
|
||||||
prefix: true,
|
|
||||||
fileTypes: '@',
|
|
||||||
maxFileSize: '@',
|
|
||||||
noRevoke: '@',
|
|
||||||
disabled: '@disableImageLoad'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'resizeImage',
|
|
||||||
// Use "image" as prefix for the "@" options:
|
|
||||||
prefix: 'image',
|
|
||||||
maxWidth: '@',
|
|
||||||
maxHeight: '@',
|
|
||||||
minWidth: '@',
|
|
||||||
minHeight: '@',
|
|
||||||
crop: '@',
|
|
||||||
orientation: '@',
|
|
||||||
forceResize: '@',
|
|
||||||
disabled: '@disableImageResize',
|
|
||||||
imageSmoothingQuality: '@imageSmoothingQuality'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'saveImage',
|
|
||||||
quality: '@imageQuality',
|
|
||||||
type: '@imageType',
|
|
||||||
disabled: '@disableImageResize'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'saveImageMetaData',
|
|
||||||
disabled: '@disableImageMetaDataSave'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'resizeImage',
|
|
||||||
// Use "preview" as prefix for the "@" options:
|
|
||||||
prefix: 'preview',
|
|
||||||
maxWidth: '@',
|
|
||||||
maxHeight: '@',
|
|
||||||
minWidth: '@',
|
|
||||||
minHeight: '@',
|
|
||||||
crop: '@',
|
|
||||||
orientation: '@',
|
|
||||||
thumbnail: '@',
|
|
||||||
canvas: '@',
|
|
||||||
disabled: '@disableImagePreview'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'setImage',
|
|
||||||
name: '@imagePreviewName',
|
|
||||||
disabled: '@disableImagePreview'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'deleteImageReferences',
|
|
||||||
disabled: '@disableImageReferencesDeletion'
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
// The File Upload Resize plugin extends the fileupload widget
|
|
||||||
// with image resize functionality:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
// The regular expression for the types of images to load:
|
|
||||||
// matched against the file type:
|
|
||||||
loadImageFileTypes: /^image\/(gif|jpeg|png|svg\+xml)$/,
|
|
||||||
// The maximum file size of images to load:
|
|
||||||
loadImageMaxFileSize: 10000000, // 10MB
|
|
||||||
// The maximum width of resized images:
|
|
||||||
imageMaxWidth: 1920,
|
|
||||||
// The maximum height of resized images:
|
|
||||||
imageMaxHeight: 1080,
|
|
||||||
// Defines the image orientation (1-8) or takes the orientation
|
|
||||||
// value from Exif data if set to true:
|
|
||||||
imageOrientation: true,
|
|
||||||
// Define if resized images should be cropped or only scaled:
|
|
||||||
imageCrop: false,
|
|
||||||
// Disable the resize image functionality by default:
|
|
||||||
disableImageResize: true,
|
|
||||||
// The maximum width of the preview images:
|
|
||||||
previewMaxWidth: 80,
|
|
||||||
// The maximum height of the preview images:
|
|
||||||
previewMaxHeight: 80,
|
|
||||||
// Defines the preview orientation (1-8) or takes the orientation
|
|
||||||
// value from Exif data if set to true:
|
|
||||||
previewOrientation: true,
|
|
||||||
// Create the preview using the Exif data thumbnail:
|
|
||||||
previewThumbnail: true,
|
|
||||||
// Define if preview images should be cropped or only scaled:
|
|
||||||
previewCrop: false,
|
|
||||||
// Define if preview images should be resized as canvas elements:
|
|
||||||
previewCanvas: true
|
|
||||||
},
|
|
||||||
|
|
||||||
processActions: {
|
|
||||||
// Loads the image given via data.files and data.index
|
|
||||||
// as img element, if the browser supports the File API.
|
|
||||||
// Accepts the options fileTypes (regular expression)
|
|
||||||
// and maxFileSize (integer) to limit the files to load:
|
|
||||||
loadImage: function (data, options) {
|
|
||||||
if (options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var that = this,
|
|
||||||
file = data.files[data.index],
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred();
|
|
||||||
if (
|
|
||||||
($.type(options.maxFileSize) === 'number' &&
|
|
||||||
file.size > options.maxFileSize) ||
|
|
||||||
(options.fileTypes && !options.fileTypes.test(file.type)) ||
|
|
||||||
!loadImage(
|
|
||||||
file,
|
|
||||||
function (img) {
|
|
||||||
if (img.src) {
|
|
||||||
data.img = img;
|
|
||||||
}
|
|
||||||
dfd.resolveWith(that, [data]);
|
|
||||||
},
|
|
||||||
options
|
|
||||||
)
|
|
||||||
) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
return dfd.promise();
|
|
||||||
},
|
|
||||||
|
|
||||||
// Resizes the image given as data.canvas or data.img
|
|
||||||
// and updates data.canvas or data.img with the resized image.
|
|
||||||
// Also stores the resized image as preview property.
|
|
||||||
// Accepts the options maxWidth, maxHeight, minWidth,
|
|
||||||
// minHeight, canvas and crop:
|
|
||||||
resizeImage: function (data, options) {
|
|
||||||
if (options.disabled || !(data.canvas || data.img)) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
// eslint-disable-next-line no-param-reassign
|
|
||||||
options = $.extend({ canvas: true }, options);
|
|
||||||
var that = this,
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred(),
|
|
||||||
img = (options.canvas && data.canvas) || data.img,
|
|
||||||
resolve = function (newImg) {
|
|
||||||
if (
|
|
||||||
newImg &&
|
|
||||||
(newImg.width !== img.width ||
|
|
||||||
newImg.height !== img.height ||
|
|
||||||
options.forceResize)
|
|
||||||
) {
|
|
||||||
data[newImg.getContext ? 'canvas' : 'img'] = newImg;
|
|
||||||
}
|
|
||||||
data.preview = newImg;
|
|
||||||
dfd.resolveWith(that, [data]);
|
|
||||||
},
|
|
||||||
thumbnail,
|
|
||||||
thumbnailBlob;
|
|
||||||
if (data.exif && options.thumbnail) {
|
|
||||||
thumbnail = data.exif.get('Thumbnail');
|
|
||||||
thumbnailBlob = thumbnail && thumbnail.get('Blob');
|
|
||||||
if (thumbnailBlob) {
|
|
||||||
options.orientation = data.exif.get('Orientation');
|
|
||||||
loadImage(thumbnailBlob, resolve, options);
|
|
||||||
return dfd.promise();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (data.orientation) {
|
|
||||||
// Prevent orienting the same image twice:
|
|
||||||
delete options.orientation;
|
|
||||||
} else {
|
|
||||||
data.orientation = options.orientation || loadImage.orientation;
|
|
||||||
}
|
|
||||||
if (img) {
|
|
||||||
resolve(loadImage.scale(img, options, data));
|
|
||||||
return dfd.promise();
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Saves the processed image given as data.canvas
|
|
||||||
// inplace at data.index of data.files:
|
|
||||||
saveImage: function (data, options) {
|
|
||||||
if (!data.canvas || options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var that = this,
|
|
||||||
file = data.files[data.index],
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred();
|
|
||||||
if (data.canvas.toBlob) {
|
|
||||||
data.canvas.toBlob(
|
|
||||||
function (blob) {
|
|
||||||
if (!blob.name) {
|
|
||||||
if (file.type === blob.type) {
|
|
||||||
blob.name = file.name;
|
|
||||||
} else if (file.name) {
|
|
||||||
blob.name = file.name.replace(
|
|
||||||
/\.\w+$/,
|
|
||||||
'.' + blob.type.substr(6)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Don't restore invalid meta data:
|
|
||||||
if (file.type !== blob.type) {
|
|
||||||
delete data.imageHead;
|
|
||||||
}
|
|
||||||
// Store the created blob at the position
|
|
||||||
// of the original file in the files list:
|
|
||||||
data.files[data.index] = blob;
|
|
||||||
dfd.resolveWith(that, [data]);
|
|
||||||
},
|
|
||||||
options.type || file.type,
|
|
||||||
options.quality
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
return dfd.promise();
|
|
||||||
},
|
|
||||||
|
|
||||||
loadImageMetaData: function (data, options) {
|
|
||||||
if (options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var that = this,
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred();
|
|
||||||
loadImage.parseMetaData(
|
|
||||||
data.files[data.index],
|
|
||||||
function (result) {
|
|
||||||
$.extend(data, result);
|
|
||||||
dfd.resolveWith(that, [data]);
|
|
||||||
},
|
|
||||||
options
|
|
||||||
);
|
|
||||||
return dfd.promise();
|
|
||||||
},
|
|
||||||
|
|
||||||
saveImageMetaData: function (data, options) {
|
|
||||||
if (
|
|
||||||
!(
|
|
||||||
data.imageHead &&
|
|
||||||
data.canvas &&
|
|
||||||
data.canvas.toBlob &&
|
|
||||||
!options.disabled
|
|
||||||
)
|
|
||||||
) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var that = this,
|
|
||||||
file = data.files[data.index],
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred();
|
|
||||||
if (data.orientation === true && data.exifOffsets) {
|
|
||||||
// Reset Exif Orientation data:
|
|
||||||
loadImage.writeExifData(data.imageHead, data, 'Orientation', 1);
|
|
||||||
}
|
|
||||||
loadImage.replaceHead(file, data.imageHead, function (blob) {
|
|
||||||
blob.name = file.name;
|
|
||||||
data.files[data.index] = blob;
|
|
||||||
dfd.resolveWith(that, [data]);
|
|
||||||
});
|
|
||||||
return dfd.promise();
|
|
||||||
},
|
|
||||||
|
|
||||||
// Sets the resized version of the image as a property of the
|
|
||||||
// file object, must be called after "saveImage":
|
|
||||||
setImage: function (data, options) {
|
|
||||||
if (data.preview && !options.disabled) {
|
|
||||||
data.files[data.index][options.name || 'preview'] = data.preview;
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
},
|
|
||||||
|
|
||||||
deleteImageReferences: function (data, options) {
|
|
||||||
if (!options.disabled) {
|
|
||||||
delete data.img;
|
|
||||||
delete data.canvas;
|
|
||||||
delete data.preview;
|
|
||||||
delete data.imageHead;
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,170 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Processing Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2012, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery', './jquery.fileupload'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(require('jquery'), require('./jquery.fileupload'));
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
var originalAdd = $.blueimp.fileupload.prototype.options.add;
|
|
||||||
|
|
||||||
// The File Upload Processing plugin extends the fileupload widget
|
|
||||||
// with file processing functionality:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
// The list of processing actions:
|
|
||||||
processQueue: [
|
|
||||||
/*
|
|
||||||
{
|
|
||||||
action: 'log',
|
|
||||||
type: 'debug'
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
],
|
|
||||||
add: function (e, data) {
|
|
||||||
var $this = $(this);
|
|
||||||
data.process(function () {
|
|
||||||
return $this.fileupload('process', data);
|
|
||||||
});
|
|
||||||
originalAdd.call(this, e, data);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
processActions: {
|
|
||||||
/*
|
|
||||||
log: function (data, options) {
|
|
||||||
console[options.type](
|
|
||||||
'Processing "' + data.files[data.index].name + '"'
|
|
||||||
);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
},
|
|
||||||
|
|
||||||
_processFile: function (data, originalData) {
|
|
||||||
var that = this,
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
dfd = $.Deferred().resolveWith(that, [data]),
|
|
||||||
chain = dfd.promise();
|
|
||||||
this._trigger('process', null, data);
|
|
||||||
$.each(data.processQueue, function (i, settings) {
|
|
||||||
var func = function (data) {
|
|
||||||
if (originalData.errorThrown) {
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
return $.Deferred().rejectWith(that, [originalData]).promise();
|
|
||||||
}
|
|
||||||
return that.processActions[settings.action].call(
|
|
||||||
that,
|
|
||||||
data,
|
|
||||||
settings
|
|
||||||
);
|
|
||||||
};
|
|
||||||
chain = chain[that._promisePipe](func, settings.always && func);
|
|
||||||
});
|
|
||||||
chain
|
|
||||||
.done(function () {
|
|
||||||
that._trigger('processdone', null, data);
|
|
||||||
that._trigger('processalways', null, data);
|
|
||||||
})
|
|
||||||
.fail(function () {
|
|
||||||
that._trigger('processfail', null, data);
|
|
||||||
that._trigger('processalways', null, data);
|
|
||||||
});
|
|
||||||
return chain;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Replaces the settings of each processQueue item that
|
|
||||||
// are strings starting with an "@", using the remaining
|
|
||||||
// substring as key for the option map,
|
|
||||||
// e.g. "@autoUpload" is replaced with options.autoUpload:
|
|
||||||
_transformProcessQueue: function (options) {
|
|
||||||
var processQueue = [];
|
|
||||||
$.each(options.processQueue, function () {
|
|
||||||
var settings = {},
|
|
||||||
action = this.action,
|
|
||||||
prefix = this.prefix === true ? action : this.prefix;
|
|
||||||
$.each(this, function (key, value) {
|
|
||||||
if ($.type(value) === 'string' && value.charAt(0) === '@') {
|
|
||||||
settings[key] =
|
|
||||||
options[
|
|
||||||
value.slice(1) ||
|
|
||||||
(prefix
|
|
||||||
? prefix + key.charAt(0).toUpperCase() + key.slice(1)
|
|
||||||
: key)
|
|
||||||
];
|
|
||||||
} else {
|
|
||||||
settings[key] = value;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
processQueue.push(settings);
|
|
||||||
});
|
|
||||||
options.processQueue = processQueue;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Returns the number of files currently in the processing queue:
|
|
||||||
processing: function () {
|
|
||||||
return this._processing;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Processes the files given as files property of the data parameter,
|
|
||||||
// returns a Promise object that allows to bind callbacks:
|
|
||||||
process: function (data) {
|
|
||||||
var that = this,
|
|
||||||
options = $.extend({}, this.options, data);
|
|
||||||
if (options.processQueue && options.processQueue.length) {
|
|
||||||
this._transformProcessQueue(options);
|
|
||||||
if (this._processing === 0) {
|
|
||||||
this._trigger('processstart');
|
|
||||||
}
|
|
||||||
$.each(data.files, function (index) {
|
|
||||||
var opts = index ? $.extend({}, options) : options,
|
|
||||||
func = function () {
|
|
||||||
if (data.errorThrown) {
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
return $.Deferred().rejectWith(that, [data]).promise();
|
|
||||||
}
|
|
||||||
return that._processFile(opts, data);
|
|
||||||
};
|
|
||||||
opts.index = index;
|
|
||||||
that._processing += 1;
|
|
||||||
that._processingQueue = that._processingQueue[that._promisePipe](
|
|
||||||
func,
|
|
||||||
func
|
|
||||||
).always(function () {
|
|
||||||
that._processing -= 1;
|
|
||||||
if (that._processing === 0) {
|
|
||||||
that._trigger('processstop');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
}
|
|
||||||
return this._processingQueue;
|
|
||||||
},
|
|
||||||
|
|
||||||
_create: function () {
|
|
||||||
this._super();
|
|
||||||
this._processing = 0;
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
this._processingQueue = $.Deferred().resolveWith(this).promise();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,759 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload User Interface Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define([
|
|
||||||
'jquery',
|
|
||||||
'blueimp-tmpl',
|
|
||||||
'./jquery.fileupload-image',
|
|
||||||
'./jquery.fileupload-audio',
|
|
||||||
'./jquery.fileupload-video',
|
|
||||||
'./jquery.fileupload-validate'
|
|
||||||
], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(
|
|
||||||
require('jquery'),
|
|
||||||
require('blueimp-tmpl'),
|
|
||||||
require('./jquery.fileupload-image'),
|
|
||||||
require('./jquery.fileupload-audio'),
|
|
||||||
require('./jquery.fileupload-video'),
|
|
||||||
require('./jquery.fileupload-validate')
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery, window.tmpl);
|
|
||||||
}
|
|
||||||
})(function ($, tmpl) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
$.blueimp.fileupload.prototype._specialOptions.push(
|
|
||||||
'filesContainer',
|
|
||||||
'uploadTemplateId',
|
|
||||||
'downloadTemplateId'
|
|
||||||
);
|
|
||||||
|
|
||||||
// The UI version extends the file upload widget
|
|
||||||
// and adds complete user interface interaction:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
// By default, files added to the widget are uploaded as soon
|
|
||||||
// as the user clicks on the start buttons. To enable automatic
|
|
||||||
// uploads, set the following option to true:
|
|
||||||
autoUpload: false,
|
|
||||||
// The class to show/hide UI elements:
|
|
||||||
showElementClass: 'in',
|
|
||||||
// The ID of the upload template:
|
|
||||||
uploadTemplateId: 'template-upload',
|
|
||||||
// The ID of the download template:
|
|
||||||
downloadTemplateId: 'template-download',
|
|
||||||
// The container for the list of files. If undefined, it is set to
|
|
||||||
// an element with class "files" inside of the widget element:
|
|
||||||
filesContainer: undefined,
|
|
||||||
// By default, files are appended to the files container.
|
|
||||||
// Set the following option to true, to prepend files instead:
|
|
||||||
prependFiles: false,
|
|
||||||
// The expected data type of the upload response, sets the dataType
|
|
||||||
// option of the $.ajax upload requests:
|
|
||||||
dataType: 'json',
|
|
||||||
|
|
||||||
// Error and info messages:
|
|
||||||
messages: {
|
|
||||||
unknownError: 'Unknown error'
|
|
||||||
},
|
|
||||||
|
|
||||||
// Function returning the current number of files,
|
|
||||||
// used by the maxNumberOfFiles validation:
|
|
||||||
getNumberOfFiles: function () {
|
|
||||||
return this.filesContainer.children().not('.processing').length;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Callback to retrieve the list of files from the server response:
|
|
||||||
getFilesFromResponse: function (data) {
|
|
||||||
if (data.result && $.isArray(data.result.files)) {
|
|
||||||
return data.result.files;
|
|
||||||
}
|
|
||||||
return [];
|
|
||||||
},
|
|
||||||
|
|
||||||
// The add callback is invoked as soon as files are added to the fileupload
|
|
||||||
// widget (via file input selection, drag & drop or add API call).
|
|
||||||
// See the basic file upload widget for more information:
|
|
||||||
add: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var $this = $(this),
|
|
||||||
that = $this.data('blueimp-fileupload') || $this.data('fileupload'),
|
|
||||||
options = that.options;
|
|
||||||
data.context = that
|
|
||||||
._renderUpload(data.files)
|
|
||||||
.data('data', data)
|
|
||||||
.addClass('processing');
|
|
||||||
options.filesContainer[options.prependFiles ? 'prepend' : 'append'](
|
|
||||||
data.context
|
|
||||||
);
|
|
||||||
that._forceReflow(data.context);
|
|
||||||
that._transition(data.context);
|
|
||||||
data
|
|
||||||
.process(function () {
|
|
||||||
return $this.fileupload('process', data);
|
|
||||||
})
|
|
||||||
.always(function () {
|
|
||||||
data.context
|
|
||||||
.each(function (index) {
|
|
||||||
$(this)
|
|
||||||
.find('.size')
|
|
||||||
.text(that._formatFileSize(data.files[index].size));
|
|
||||||
})
|
|
||||||
.removeClass('processing');
|
|
||||||
that._renderPreviews(data);
|
|
||||||
})
|
|
||||||
.done(function () {
|
|
||||||
data.context.find('.edit,.start').prop('disabled', false);
|
|
||||||
if (
|
|
||||||
that._trigger('added', e, data) !== false &&
|
|
||||||
(options.autoUpload || data.autoUpload) &&
|
|
||||||
data.autoUpload !== false
|
|
||||||
) {
|
|
||||||
data.submit();
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.fail(function () {
|
|
||||||
if (data.files.error) {
|
|
||||||
data.context.each(function (index) {
|
|
||||||
var error = data.files[index].error;
|
|
||||||
if (error) {
|
|
||||||
$(this).find('.error').text(error);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
// Callback for the start of each file upload request:
|
|
||||||
send: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload');
|
|
||||||
if (
|
|
||||||
data.context &&
|
|
||||||
data.dataType &&
|
|
||||||
data.dataType.substr(0, 6) === 'iframe'
|
|
||||||
) {
|
|
||||||
// Iframe Transport does not support progress events.
|
|
||||||
// In lack of an indeterminate progress bar, we set
|
|
||||||
// the progress to 100%, showing the full animated bar:
|
|
||||||
data.context
|
|
||||||
.find('.progress')
|
|
||||||
.addClass(!$.support.transition && 'progress-animated')
|
|
||||||
.attr('aria-valuenow', 100)
|
|
||||||
.children()
|
|
||||||
.first()
|
|
||||||
.css('width', '100%');
|
|
||||||
}
|
|
||||||
return that._trigger('sent', e, data);
|
|
||||||
},
|
|
||||||
// Callback for successful uploads:
|
|
||||||
done: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload'),
|
|
||||||
getFilesFromResponse =
|
|
||||||
data.getFilesFromResponse || that.options.getFilesFromResponse,
|
|
||||||
files = getFilesFromResponse(data),
|
|
||||||
template,
|
|
||||||
deferred;
|
|
||||||
if (data.context) {
|
|
||||||
data.context.each(function (index) {
|
|
||||||
var file = files[index] || { error: 'Empty file upload result' };
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
that._transition($(this)).done(function () {
|
|
||||||
var node = $(this);
|
|
||||||
template = that._renderDownload([file]).replaceAll(node);
|
|
||||||
that._forceReflow(template);
|
|
||||||
that._transition(template).done(function () {
|
|
||||||
data.context = $(this);
|
|
||||||
that._trigger('completed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
template = that
|
|
||||||
._renderDownload(files)
|
|
||||||
[that.options.prependFiles ? 'prependTo' : 'appendTo'](
|
|
||||||
that.options.filesContainer
|
|
||||||
);
|
|
||||||
that._forceReflow(template);
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
that._transition(template).done(function () {
|
|
||||||
data.context = $(this);
|
|
||||||
that._trigger('completed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
},
|
|
||||||
// Callback for failed (abort or error) uploads:
|
|
||||||
fail: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload'),
|
|
||||||
template,
|
|
||||||
deferred;
|
|
||||||
if (data.context) {
|
|
||||||
data.context.each(function (index) {
|
|
||||||
if (data.errorThrown !== 'abort') {
|
|
||||||
var file = data.files[index];
|
|
||||||
file.error =
|
|
||||||
file.error || data.errorThrown || data.i18n('unknownError');
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
that._transition($(this)).done(function () {
|
|
||||||
var node = $(this);
|
|
||||||
template = that._renderDownload([file]).replaceAll(node);
|
|
||||||
that._forceReflow(template);
|
|
||||||
that._transition(template).done(function () {
|
|
||||||
data.context = $(this);
|
|
||||||
that._trigger('failed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
that._transition($(this)).done(function () {
|
|
||||||
$(this).remove();
|
|
||||||
that._trigger('failed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
} else if (data.errorThrown !== 'abort') {
|
|
||||||
data.context = that
|
|
||||||
._renderUpload(data.files)
|
|
||||||
[that.options.prependFiles ? 'prependTo' : 'appendTo'](
|
|
||||||
that.options.filesContainer
|
|
||||||
)
|
|
||||||
.data('data', data);
|
|
||||||
that._forceReflow(data.context);
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
that._transition(data.context).done(function () {
|
|
||||||
data.context = $(this);
|
|
||||||
that._trigger('failed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
that._trigger('failed', e, data);
|
|
||||||
that._trigger('finished', e, data);
|
|
||||||
that._addFinishedDeferreds().resolve();
|
|
||||||
}
|
|
||||||
},
|
|
||||||
// Callback for upload progress events:
|
|
||||||
progress: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var progress = Math.floor((data.loaded / data.total) * 100);
|
|
||||||
if (data.context) {
|
|
||||||
data.context.each(function () {
|
|
||||||
$(this)
|
|
||||||
.find('.progress')
|
|
||||||
.attr('aria-valuenow', progress)
|
|
||||||
.children()
|
|
||||||
.first()
|
|
||||||
.css('width', progress + '%');
|
|
||||||
});
|
|
||||||
}
|
|
||||||
},
|
|
||||||
// Callback for global upload progress events:
|
|
||||||
progressall: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var $this = $(this),
|
|
||||||
progress = Math.floor((data.loaded / data.total) * 100),
|
|
||||||
globalProgressNode = $this.find('.fileupload-progress'),
|
|
||||||
extendedProgressNode = globalProgressNode.find('.progress-extended');
|
|
||||||
if (extendedProgressNode.length) {
|
|
||||||
extendedProgressNode.html(
|
|
||||||
(
|
|
||||||
$this.data('blueimp-fileupload') || $this.data('fileupload')
|
|
||||||
)._renderExtendedProgress(data)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
globalProgressNode
|
|
||||||
.find('.progress')
|
|
||||||
.attr('aria-valuenow', progress)
|
|
||||||
.children()
|
|
||||||
.first()
|
|
||||||
.css('width', progress + '%');
|
|
||||||
},
|
|
||||||
// Callback for uploads start, equivalent to the global ajaxStart event:
|
|
||||||
start: function (e) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload');
|
|
||||||
that._resetFinishedDeferreds();
|
|
||||||
that
|
|
||||||
._transition($(this).find('.fileupload-progress'))
|
|
||||||
.done(function () {
|
|
||||||
that._trigger('started', e);
|
|
||||||
});
|
|
||||||
},
|
|
||||||
// Callback for uploads stop, equivalent to the global ajaxStop event:
|
|
||||||
stop: function (e) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload'),
|
|
||||||
deferred = that._addFinishedDeferreds();
|
|
||||||
$.when.apply($, that._getFinishedDeferreds()).done(function () {
|
|
||||||
that._trigger('stopped', e);
|
|
||||||
});
|
|
||||||
that
|
|
||||||
._transition($(this).find('.fileupload-progress'))
|
|
||||||
.done(function () {
|
|
||||||
$(this)
|
|
||||||
.find('.progress')
|
|
||||||
.attr('aria-valuenow', '0')
|
|
||||||
.children()
|
|
||||||
.first()
|
|
||||||
.css('width', '0%');
|
|
||||||
$(this).find('.progress-extended').html(' ');
|
|
||||||
deferred.resolve();
|
|
||||||
});
|
|
||||||
},
|
|
||||||
processstart: function (e) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$(this).addClass('fileupload-processing');
|
|
||||||
},
|
|
||||||
processstop: function (e) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$(this).removeClass('fileupload-processing');
|
|
||||||
},
|
|
||||||
// Callback for file deletion:
|
|
||||||
destroy: function (e, data) {
|
|
||||||
if (e.isDefaultPrevented()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
var that =
|
|
||||||
$(this).data('blueimp-fileupload') || $(this).data('fileupload'),
|
|
||||||
removeNode = function () {
|
|
||||||
that._transition(data.context).done(function () {
|
|
||||||
$(this).remove();
|
|
||||||
that._trigger('destroyed', e, data);
|
|
||||||
});
|
|
||||||
};
|
|
||||||
if (data.url) {
|
|
||||||
data.dataType = data.dataType || that.options.dataType;
|
|
||||||
$.ajax(data)
|
|
||||||
.done(removeNode)
|
|
||||||
.fail(function () {
|
|
||||||
that._trigger('destroyfailed', e, data);
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
removeNode();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_resetFinishedDeferreds: function () {
|
|
||||||
this._finishedUploads = [];
|
|
||||||
},
|
|
||||||
|
|
||||||
_addFinishedDeferreds: function (deferred) {
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
var promise = deferred || $.Deferred();
|
|
||||||
this._finishedUploads.push(promise);
|
|
||||||
return promise;
|
|
||||||
},
|
|
||||||
|
|
||||||
_getFinishedDeferreds: function () {
|
|
||||||
return this._finishedUploads;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Link handler, that allows to download files
|
|
||||||
// by drag & drop of the links to the desktop:
|
|
||||||
_enableDragToDesktop: function () {
|
|
||||||
var link = $(this),
|
|
||||||
url = link.prop('href'),
|
|
||||||
name = link.prop('download'),
|
|
||||||
type = 'application/octet-stream';
|
|
||||||
link.on('dragstart', function (e) {
|
|
||||||
try {
|
|
||||||
e.originalEvent.dataTransfer.setData(
|
|
||||||
'DownloadURL',
|
|
||||||
[type, name, url].join(':')
|
|
||||||
);
|
|
||||||
} catch (ignore) {
|
|
||||||
// Ignore exceptions
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_formatFileSize: function (bytes) {
|
|
||||||
if (typeof bytes !== 'number') {
|
|
||||||
return '';
|
|
||||||
}
|
|
||||||
if (bytes >= 1000000000) {
|
|
||||||
return (bytes / 1000000000).toFixed(2) + ' GB';
|
|
||||||
}
|
|
||||||
if (bytes >= 1000000) {
|
|
||||||
return (bytes / 1000000).toFixed(2) + ' MB';
|
|
||||||
}
|
|
||||||
return (bytes / 1000).toFixed(2) + ' KB';
|
|
||||||
},
|
|
||||||
|
|
||||||
_formatBitrate: function (bits) {
|
|
||||||
if (typeof bits !== 'number') {
|
|
||||||
return '';
|
|
||||||
}
|
|
||||||
if (bits >= 1000000000) {
|
|
||||||
return (bits / 1000000000).toFixed(2) + ' Gbit/s';
|
|
||||||
}
|
|
||||||
if (bits >= 1000000) {
|
|
||||||
return (bits / 1000000).toFixed(2) + ' Mbit/s';
|
|
||||||
}
|
|
||||||
if (bits >= 1000) {
|
|
||||||
return (bits / 1000).toFixed(2) + ' kbit/s';
|
|
||||||
}
|
|
||||||
return bits.toFixed(2) + ' bit/s';
|
|
||||||
},
|
|
||||||
|
|
||||||
_formatTime: function (seconds) {
|
|
||||||
var date = new Date(seconds * 1000),
|
|
||||||
days = Math.floor(seconds / 86400);
|
|
||||||
days = days ? days + 'd ' : '';
|
|
||||||
return (
|
|
||||||
days +
|
|
||||||
('0' + date.getUTCHours()).slice(-2) +
|
|
||||||
':' +
|
|
||||||
('0' + date.getUTCMinutes()).slice(-2) +
|
|
||||||
':' +
|
|
||||||
('0' + date.getUTCSeconds()).slice(-2)
|
|
||||||
);
|
|
||||||
},
|
|
||||||
|
|
||||||
_formatPercentage: function (floatValue) {
|
|
||||||
return (floatValue * 100).toFixed(2) + ' %';
|
|
||||||
},
|
|
||||||
|
|
||||||
_renderExtendedProgress: function (data) {
|
|
||||||
return (
|
|
||||||
this._formatBitrate(data.bitrate) +
|
|
||||||
' | ' +
|
|
||||||
this._formatTime(((data.total - data.loaded) * 8) / data.bitrate) +
|
|
||||||
' | ' +
|
|
||||||
this._formatPercentage(data.loaded / data.total) +
|
|
||||||
' | ' +
|
|
||||||
this._formatFileSize(data.loaded) +
|
|
||||||
' / ' +
|
|
||||||
this._formatFileSize(data.total)
|
|
||||||
);
|
|
||||||
},
|
|
||||||
|
|
||||||
_renderTemplate: function (func, files) {
|
|
||||||
if (!func) {
|
|
||||||
return $();
|
|
||||||
}
|
|
||||||
var result = func({
|
|
||||||
files: files,
|
|
||||||
formatFileSize: this._formatFileSize,
|
|
||||||
options: this.options
|
|
||||||
});
|
|
||||||
if (result instanceof $) {
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
return $(this.options.templatesContainer).html(result).children();
|
|
||||||
},
|
|
||||||
|
|
||||||
_renderPreviews: function (data) {
|
|
||||||
data.context.find('.preview').each(function (index, elm) {
|
|
||||||
$(elm).empty().append(data.files[index].preview);
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_renderUpload: function (files) {
|
|
||||||
return this._renderTemplate(this.options.uploadTemplate, files);
|
|
||||||
},
|
|
||||||
|
|
||||||
_renderDownload: function (files) {
|
|
||||||
return this._renderTemplate(this.options.downloadTemplate, files)
|
|
||||||
.find('a[download]')
|
|
||||||
.each(this._enableDragToDesktop)
|
|
||||||
.end();
|
|
||||||
},
|
|
||||||
|
|
||||||
_editHandler: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
if (!this.options.edit) return;
|
|
||||||
var that = this,
|
|
||||||
button = $(e.currentTarget),
|
|
||||||
template = button.closest('.template-upload'),
|
|
||||||
data = template.data('data'),
|
|
||||||
index = button.data().index;
|
|
||||||
this.options.edit(data.files[index]).then(function (file) {
|
|
||||||
if (!file) return;
|
|
||||||
data.files[index] = file;
|
|
||||||
data.context.addClass('processing');
|
|
||||||
template.find('.edit,.start').prop('disabled', true);
|
|
||||||
$(that.element)
|
|
||||||
.fileupload('process', data)
|
|
||||||
.always(function () {
|
|
||||||
template
|
|
||||||
.find('.size')
|
|
||||||
.text(that._formatFileSize(data.files[index].size));
|
|
||||||
data.context.removeClass('processing');
|
|
||||||
that._renderPreviews(data);
|
|
||||||
})
|
|
||||||
.done(function () {
|
|
||||||
template.find('.edit,.start').prop('disabled', false);
|
|
||||||
})
|
|
||||||
.fail(function () {
|
|
||||||
template.find('.edit').prop('disabled', false);
|
|
||||||
var error = data.files[index].error;
|
|
||||||
if (error) {
|
|
||||||
template.find('.error').text(error);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_startHandler: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
var button = $(e.currentTarget),
|
|
||||||
template = button.closest('.template-upload'),
|
|
||||||
data = template.data('data');
|
|
||||||
button.prop('disabled', true);
|
|
||||||
if (data && data.submit) {
|
|
||||||
data.submit();
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_cancelHandler: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
var template = $(e.currentTarget).closest(
|
|
||||||
'.template-upload,.template-download'
|
|
||||||
),
|
|
||||||
data = template.data('data') || {};
|
|
||||||
data.context = data.context || template;
|
|
||||||
if (data.abort) {
|
|
||||||
data.abort();
|
|
||||||
} else {
|
|
||||||
data.errorThrown = 'abort';
|
|
||||||
this._trigger('fail', e, data);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_deleteHandler: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
var button = $(e.currentTarget);
|
|
||||||
this._trigger(
|
|
||||||
'destroy',
|
|
||||||
e,
|
|
||||||
$.extend(
|
|
||||||
{
|
|
||||||
context: button.closest('.template-download'),
|
|
||||||
type: 'DELETE'
|
|
||||||
},
|
|
||||||
button.data()
|
|
||||||
)
|
|
||||||
);
|
|
||||||
},
|
|
||||||
|
|
||||||
_forceReflow: function (node) {
|
|
||||||
return $.support.transition && node.length && node[0].offsetWidth;
|
|
||||||
},
|
|
||||||
|
|
||||||
_transition: function (node) {
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
var dfd = $.Deferred();
|
|
||||||
if (
|
|
||||||
$.support.transition &&
|
|
||||||
node.hasClass('fade') &&
|
|
||||||
node.is(':visible')
|
|
||||||
) {
|
|
||||||
var transitionEndHandler = function (e) {
|
|
||||||
// Make sure we don't respond to other transition events
|
|
||||||
// in the container element, e.g. from button elements:
|
|
||||||
if (e.target === node[0]) {
|
|
||||||
node.off($.support.transition.end, transitionEndHandler);
|
|
||||||
dfd.resolveWith(node);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
node
|
|
||||||
.on($.support.transition.end, transitionEndHandler)
|
|
||||||
.toggleClass(this.options.showElementClass);
|
|
||||||
} else {
|
|
||||||
node.toggleClass(this.options.showElementClass);
|
|
||||||
dfd.resolveWith(node);
|
|
||||||
}
|
|
||||||
return dfd;
|
|
||||||
},
|
|
||||||
|
|
||||||
_initButtonBarEventHandlers: function () {
|
|
||||||
var fileUploadButtonBar = this.element.find('.fileupload-buttonbar'),
|
|
||||||
filesList = this.options.filesContainer;
|
|
||||||
this._on(fileUploadButtonBar.find('.start'), {
|
|
||||||
click: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
filesList.find('.start').trigger('click');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
this._on(fileUploadButtonBar.find('.cancel'), {
|
|
||||||
click: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
filesList.find('.cancel').trigger('click');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
this._on(fileUploadButtonBar.find('.delete'), {
|
|
||||||
click: function (e) {
|
|
||||||
e.preventDefault();
|
|
||||||
filesList
|
|
||||||
.find('.toggle:checked')
|
|
||||||
.closest('.template-download')
|
|
||||||
.find('.delete')
|
|
||||||
.trigger('click');
|
|
||||||
fileUploadButtonBar.find('.toggle').prop('checked', false);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
this._on(fileUploadButtonBar.find('.toggle'), {
|
|
||||||
change: function (e) {
|
|
||||||
filesList
|
|
||||||
.find('.toggle')
|
|
||||||
.prop('checked', $(e.currentTarget).is(':checked'));
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_destroyButtonBarEventHandlers: function () {
|
|
||||||
this._off(
|
|
||||||
this.element
|
|
||||||
.find('.fileupload-buttonbar')
|
|
||||||
.find('.start, .cancel, .delete'),
|
|
||||||
'click'
|
|
||||||
);
|
|
||||||
this._off(this.element.find('.fileupload-buttonbar .toggle'), 'change.');
|
|
||||||
},
|
|
||||||
|
|
||||||
_initEventHandlers: function () {
|
|
||||||
this._super();
|
|
||||||
this._on(this.options.filesContainer, {
|
|
||||||
'click .edit': this._editHandler,
|
|
||||||
'click .start': this._startHandler,
|
|
||||||
'click .cancel': this._cancelHandler,
|
|
||||||
'click .delete': this._deleteHandler
|
|
||||||
});
|
|
||||||
this._initButtonBarEventHandlers();
|
|
||||||
},
|
|
||||||
|
|
||||||
_destroyEventHandlers: function () {
|
|
||||||
this._destroyButtonBarEventHandlers();
|
|
||||||
this._off(this.options.filesContainer, 'click');
|
|
||||||
this._super();
|
|
||||||
},
|
|
||||||
|
|
||||||
_enableFileInputButton: function () {
|
|
||||||
this.element
|
|
||||||
.find('.fileinput-button input')
|
|
||||||
.prop('disabled', false)
|
|
||||||
.parent()
|
|
||||||
.removeClass('disabled');
|
|
||||||
},
|
|
||||||
|
|
||||||
_disableFileInputButton: function () {
|
|
||||||
this.element
|
|
||||||
.find('.fileinput-button input')
|
|
||||||
.prop('disabled', true)
|
|
||||||
.parent()
|
|
||||||
.addClass('disabled');
|
|
||||||
},
|
|
||||||
|
|
||||||
_initTemplates: function () {
|
|
||||||
var options = this.options;
|
|
||||||
options.templatesContainer = this.document[0].createElement(
|
|
||||||
options.filesContainer.prop('nodeName')
|
|
||||||
);
|
|
||||||
if (tmpl) {
|
|
||||||
if (options.uploadTemplateId) {
|
|
||||||
options.uploadTemplate = tmpl(options.uploadTemplateId);
|
|
||||||
}
|
|
||||||
if (options.downloadTemplateId) {
|
|
||||||
options.downloadTemplate = tmpl(options.downloadTemplateId);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_initFilesContainer: function () {
|
|
||||||
var options = this.options;
|
|
||||||
if (options.filesContainer === undefined) {
|
|
||||||
options.filesContainer = this.element.find('.files');
|
|
||||||
} else if (!(options.filesContainer instanceof $)) {
|
|
||||||
options.filesContainer = $(options.filesContainer);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_initSpecialOptions: function () {
|
|
||||||
this._super();
|
|
||||||
this._initFilesContainer();
|
|
||||||
this._initTemplates();
|
|
||||||
},
|
|
||||||
|
|
||||||
_create: function () {
|
|
||||||
this._super();
|
|
||||||
this._resetFinishedDeferreds();
|
|
||||||
if (!$.support.fileInput) {
|
|
||||||
this._disableFileInputButton();
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
enable: function () {
|
|
||||||
var wasDisabled = false;
|
|
||||||
if (this.options.disabled) {
|
|
||||||
wasDisabled = true;
|
|
||||||
}
|
|
||||||
this._super();
|
|
||||||
if (wasDisabled) {
|
|
||||||
this.element.find('input, button').prop('disabled', false);
|
|
||||||
this._enableFileInputButton();
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
disable: function () {
|
|
||||||
if (!this.options.disabled) {
|
|
||||||
this.element.find('input, button').prop('disabled', true);
|
|
||||||
this._disableFileInputButton();
|
|
||||||
}
|
|
||||||
this._super();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,119 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Validation Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery', './jquery.fileupload-process'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(require('jquery'), require('./jquery.fileupload-process'));
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Append to the default processQueue:
|
|
||||||
$.blueimp.fileupload.prototype.options.processQueue.push({
|
|
||||||
action: 'validate',
|
|
||||||
// Always trigger this action,
|
|
||||||
// even if the previous action was rejected:
|
|
||||||
always: true,
|
|
||||||
// Options taken from the global options map:
|
|
||||||
acceptFileTypes: '@',
|
|
||||||
maxFileSize: '@',
|
|
||||||
minFileSize: '@',
|
|
||||||
maxNumberOfFiles: '@',
|
|
||||||
disabled: '@disableValidation'
|
|
||||||
});
|
|
||||||
|
|
||||||
// The File Upload Validation plugin extends the fileupload widget
|
|
||||||
// with file validation functionality:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
/*
|
|
||||||
// The regular expression for allowed file types, matches
|
|
||||||
// against either file type or file name:
|
|
||||||
acceptFileTypes: /(\.|\/)(gif|jpe?g|png)$/i,
|
|
||||||
// The maximum allowed file size in bytes:
|
|
||||||
maxFileSize: 10000000, // 10 MB
|
|
||||||
// The minimum allowed file size in bytes:
|
|
||||||
minFileSize: undefined, // No minimal file size
|
|
||||||
// The limit of files to be uploaded:
|
|
||||||
maxNumberOfFiles: 10,
|
|
||||||
*/
|
|
||||||
|
|
||||||
// Function returning the current number of files,
|
|
||||||
// has to be overridden for maxNumberOfFiles validation:
|
|
||||||
getNumberOfFiles: $.noop,
|
|
||||||
|
|
||||||
// Error and info messages:
|
|
||||||
messages: {
|
|
||||||
maxNumberOfFiles: 'Maximum number of files exceeded',
|
|
||||||
acceptFileTypes: 'File type not allowed',
|
|
||||||
maxFileSize: 'File is too large',
|
|
||||||
minFileSize: 'File is too small'
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
processActions: {
|
|
||||||
validate: function (data, options) {
|
|
||||||
if (options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
// eslint-disable-next-line new-cap
|
|
||||||
var dfd = $.Deferred(),
|
|
||||||
settings = this.options,
|
|
||||||
file = data.files[data.index],
|
|
||||||
fileSize;
|
|
||||||
if (options.minFileSize || options.maxFileSize) {
|
|
||||||
fileSize = file.size;
|
|
||||||
}
|
|
||||||
if (
|
|
||||||
$.type(options.maxNumberOfFiles) === 'number' &&
|
|
||||||
(settings.getNumberOfFiles() || 0) + data.files.length >
|
|
||||||
options.maxNumberOfFiles
|
|
||||||
) {
|
|
||||||
file.error = settings.i18n('maxNumberOfFiles');
|
|
||||||
} else if (
|
|
||||||
options.acceptFileTypes &&
|
|
||||||
!(
|
|
||||||
options.acceptFileTypes.test(file.type) ||
|
|
||||||
options.acceptFileTypes.test(file.name)
|
|
||||||
)
|
|
||||||
) {
|
|
||||||
file.error = settings.i18n('acceptFileTypes');
|
|
||||||
} else if (fileSize > options.maxFileSize) {
|
|
||||||
file.error = settings.i18n('maxFileSize');
|
|
||||||
} else if (
|
|
||||||
$.type(fileSize) === 'number' &&
|
|
||||||
fileSize < options.minFileSize
|
|
||||||
) {
|
|
||||||
file.error = settings.i18n('minFileSize');
|
|
||||||
} else {
|
|
||||||
delete file.error;
|
|
||||||
}
|
|
||||||
if (file.error || data.files.error) {
|
|
||||||
data.files.error = true;
|
|
||||||
dfd.rejectWith(this, [data]);
|
|
||||||
} else {
|
|
||||||
dfd.resolveWith(this, [data]);
|
|
||||||
}
|
|
||||||
return dfd.promise();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,101 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Video Preview Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2013, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery', 'load-image', './jquery.fileupload-process'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(
|
|
||||||
require('jquery'),
|
|
||||||
require('blueimp-load-image/js/load-image'),
|
|
||||||
require('./jquery.fileupload-process')
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery, window.loadImage);
|
|
||||||
}
|
|
||||||
})(function ($, loadImage) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Prepend to the default processQueue:
|
|
||||||
$.blueimp.fileupload.prototype.options.processQueue.unshift(
|
|
||||||
{
|
|
||||||
action: 'loadVideo',
|
|
||||||
// Use the action as prefix for the "@" options:
|
|
||||||
prefix: true,
|
|
||||||
fileTypes: '@',
|
|
||||||
maxFileSize: '@',
|
|
||||||
disabled: '@disableVideoPreview'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
action: 'setVideo',
|
|
||||||
name: '@videoPreviewName',
|
|
||||||
disabled: '@disableVideoPreview'
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
// The File Upload Video Preview plugin extends the fileupload widget
|
|
||||||
// with video preview functionality:
|
|
||||||
$.widget('blueimp.fileupload', $.blueimp.fileupload, {
|
|
||||||
options: {
|
|
||||||
// The regular expression for the types of video files to load,
|
|
||||||
// matched against the file type:
|
|
||||||
loadVideoFileTypes: /^video\/.*$/
|
|
||||||
},
|
|
||||||
|
|
||||||
_videoElement: document.createElement('video'),
|
|
||||||
|
|
||||||
processActions: {
|
|
||||||
// Loads the video file given via data.files and data.index
|
|
||||||
// as video element if the browser supports playing it.
|
|
||||||
// Accepts the options fileTypes (regular expression)
|
|
||||||
// and maxFileSize (integer) to limit the files to load:
|
|
||||||
loadVideo: function (data, options) {
|
|
||||||
if (options.disabled) {
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
var file = data.files[data.index],
|
|
||||||
url,
|
|
||||||
video;
|
|
||||||
if (
|
|
||||||
this._videoElement.canPlayType &&
|
|
||||||
this._videoElement.canPlayType(file.type) &&
|
|
||||||
($.type(options.maxFileSize) !== 'number' ||
|
|
||||||
file.size <= options.maxFileSize) &&
|
|
||||||
(!options.fileTypes || options.fileTypes.test(file.type))
|
|
||||||
) {
|
|
||||||
url = loadImage.createObjectURL(file);
|
|
||||||
if (url) {
|
|
||||||
video = this._videoElement.cloneNode(false);
|
|
||||||
video.src = url;
|
|
||||||
video.controls = true;
|
|
||||||
data.video = video;
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
},
|
|
||||||
|
|
||||||
// Sets the video element as a property of the file object:
|
|
||||||
setVideo: function (data, options) {
|
|
||||||
if (data.video && !options.disabled) {
|
|
||||||
data.files[data.index][options.name || 'preview'] = data.video;
|
|
||||||
}
|
|
||||||
return data;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,227 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery Iframe Transport Plugin
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2011, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// Register as an anonymous AMD module:
|
|
||||||
define(['jquery'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS:
|
|
||||||
factory(require('jquery'));
|
|
||||||
} else {
|
|
||||||
// Browser globals:
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
// Helper variable to create unique names for the transport iframes:
|
|
||||||
var counter = 0,
|
|
||||||
jsonAPI = $,
|
|
||||||
jsonParse = 'parseJSON';
|
|
||||||
|
|
||||||
if ('JSON' in window && 'parse' in JSON) {
|
|
||||||
jsonAPI = JSON;
|
|
||||||
jsonParse = 'parse';
|
|
||||||
}
|
|
||||||
|
|
||||||
// The iframe transport accepts four additional options:
|
|
||||||
// options.fileInput: a jQuery collection of file input fields
|
|
||||||
// options.paramName: the parameter name for the file form data,
|
|
||||||
// overrides the name property of the file input field(s),
|
|
||||||
// can be a string or an array of strings.
|
|
||||||
// options.formData: an array of objects with name and value properties,
|
|
||||||
// equivalent to the return data of .serializeArray(), e.g.:
|
|
||||||
// [{name: 'a', value: 1}, {name: 'b', value: 2}]
|
|
||||||
// options.initialIframeSrc: the URL of the initial iframe src,
|
|
||||||
// by default set to "javascript:false;"
|
|
||||||
$.ajaxTransport('iframe', function (options) {
|
|
||||||
if (options.async) {
|
|
||||||
// javascript:false as initial iframe src
|
|
||||||
// prevents warning popups on HTTPS in IE6:
|
|
||||||
// eslint-disable-next-line no-script-url
|
|
||||||
var initialIframeSrc = options.initialIframeSrc || 'javascript:false;',
|
|
||||||
form,
|
|
||||||
iframe,
|
|
||||||
addParamChar;
|
|
||||||
return {
|
|
||||||
send: function (_, completeCallback) {
|
|
||||||
form = $('<form style="display:none;"></form>');
|
|
||||||
form.attr('accept-charset', options.formAcceptCharset);
|
|
||||||
addParamChar = /\?/.test(options.url) ? '&' : '?';
|
|
||||||
// XDomainRequest only supports GET and POST:
|
|
||||||
if (options.type === 'DELETE') {
|
|
||||||
options.url = options.url + addParamChar + '_method=DELETE';
|
|
||||||
options.type = 'POST';
|
|
||||||
} else if (options.type === 'PUT') {
|
|
||||||
options.url = options.url + addParamChar + '_method=PUT';
|
|
||||||
options.type = 'POST';
|
|
||||||
} else if (options.type === 'PATCH') {
|
|
||||||
options.url = options.url + addParamChar + '_method=PATCH';
|
|
||||||
options.type = 'POST';
|
|
||||||
}
|
|
||||||
// IE versions below IE8 cannot set the name property of
|
|
||||||
// elements that have already been added to the DOM,
|
|
||||||
// so we set the name along with the iframe HTML markup:
|
|
||||||
counter += 1;
|
|
||||||
iframe = $(
|
|
||||||
'<iframe src="' +
|
|
||||||
initialIframeSrc +
|
|
||||||
'" name="iframe-transport-' +
|
|
||||||
counter +
|
|
||||||
'"></iframe>'
|
|
||||||
).on('load', function () {
|
|
||||||
var fileInputClones,
|
|
||||||
paramNames = $.isArray(options.paramName)
|
|
||||||
? options.paramName
|
|
||||||
: [options.paramName];
|
|
||||||
iframe.off('load').on('load', function () {
|
|
||||||
var response;
|
|
||||||
// Wrap in a try/catch block to catch exceptions thrown
|
|
||||||
// when trying to access cross-domain iframe contents:
|
|
||||||
try {
|
|
||||||
response = iframe.contents();
|
|
||||||
// Google Chrome and Firefox do not throw an
|
|
||||||
// exception when calling iframe.contents() on
|
|
||||||
// cross-domain requests, so we unify the response:
|
|
||||||
if (!response.length || !response[0].firstChild) {
|
|
||||||
throw new Error();
|
|
||||||
}
|
|
||||||
} catch (e) {
|
|
||||||
response = undefined;
|
|
||||||
}
|
|
||||||
// The complete callback returns the
|
|
||||||
// iframe content document as response object:
|
|
||||||
completeCallback(200, 'success', { iframe: response });
|
|
||||||
// Fix for IE endless progress bar activity bug
|
|
||||||
// (happens on form submits to iframe targets):
|
|
||||||
$('<iframe src="' + initialIframeSrc + '"></iframe>').appendTo(
|
|
||||||
form
|
|
||||||
);
|
|
||||||
window.setTimeout(function () {
|
|
||||||
// Removing the form in a setTimeout call
|
|
||||||
// allows Chrome's developer tools to display
|
|
||||||
// the response result
|
|
||||||
form.remove();
|
|
||||||
}, 0);
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.prop('target', iframe.prop('name'))
|
|
||||||
.prop('action', options.url)
|
|
||||||
.prop('method', options.type);
|
|
||||||
if (options.formData) {
|
|
||||||
$.each(options.formData, function (index, field) {
|
|
||||||
$('<input type="hidden"/>')
|
|
||||||
.prop('name', field.name)
|
|
||||||
.val(field.value)
|
|
||||||
.appendTo(form);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
if (
|
|
||||||
options.fileInput &&
|
|
||||||
options.fileInput.length &&
|
|
||||||
options.type === 'POST'
|
|
||||||
) {
|
|
||||||
fileInputClones = options.fileInput.clone();
|
|
||||||
// Insert a clone for each file input field:
|
|
||||||
options.fileInput.after(function (index) {
|
|
||||||
return fileInputClones[index];
|
|
||||||
});
|
|
||||||
if (options.paramName) {
|
|
||||||
options.fileInput.each(function (index) {
|
|
||||||
$(this).prop('name', paramNames[index] || options.paramName);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
// Appending the file input fields to the hidden form
|
|
||||||
// removes them from their original location:
|
|
||||||
form
|
|
||||||
.append(options.fileInput)
|
|
||||||
.prop('enctype', 'multipart/form-data')
|
|
||||||
// enctype must be set as encoding for IE:
|
|
||||||
.prop('encoding', 'multipart/form-data');
|
|
||||||
// Remove the HTML5 form attribute from the input(s):
|
|
||||||
options.fileInput.removeAttr('form');
|
|
||||||
}
|
|
||||||
window.setTimeout(function () {
|
|
||||||
// Submitting the form in a setTimeout call fixes an issue with
|
|
||||||
// Safari 13 not triggering the iframe load event after resetting
|
|
||||||
// the load event handler, see also:
|
|
||||||
// https://github.com/blueimp/jQuery-File-Upload/issues/3633
|
|
||||||
form.submit();
|
|
||||||
// Insert the file input fields at their original location
|
|
||||||
// by replacing the clones with the originals:
|
|
||||||
if (fileInputClones && fileInputClones.length) {
|
|
||||||
options.fileInput.each(function (index, input) {
|
|
||||||
var clone = $(fileInputClones[index]);
|
|
||||||
// Restore the original name and form properties:
|
|
||||||
$(input)
|
|
||||||
.prop('name', clone.prop('name'))
|
|
||||||
.attr('form', clone.attr('form'));
|
|
||||||
clone.replaceWith(input);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}, 0);
|
|
||||||
});
|
|
||||||
form.append(iframe).appendTo(document.body);
|
|
||||||
},
|
|
||||||
abort: function () {
|
|
||||||
if (iframe) {
|
|
||||||
// javascript:false as iframe src aborts the request
|
|
||||||
// and prevents warning popups on HTTPS in IE6.
|
|
||||||
iframe.off('load').prop('src', initialIframeSrc);
|
|
||||||
}
|
|
||||||
if (form) {
|
|
||||||
form.remove();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
// The iframe transport returns the iframe content document as response.
|
|
||||||
// The following adds converters from iframe to text, json, html, xml
|
|
||||||
// and script.
|
|
||||||
// Please note that the Content-Type for JSON responses has to be text/plain
|
|
||||||
// or text/html, if the browser doesn't include application/json in the
|
|
||||||
// Accept header, else IE will show a download dialog.
|
|
||||||
// The Content-Type for XML responses on the other hand has to be always
|
|
||||||
// application/xml or text/xml, so IE properly parses the XML response.
|
|
||||||
// See also
|
|
||||||
// https://github.com/blueimp/jQuery-File-Upload/wiki/Setup#content-type-negotiation
|
|
||||||
$.ajaxSetup({
|
|
||||||
converters: {
|
|
||||||
'iframe text': function (iframe) {
|
|
||||||
return iframe && $(iframe[0].body).text();
|
|
||||||
},
|
|
||||||
'iframe json': function (iframe) {
|
|
||||||
return iframe && jsonAPI[jsonParse]($(iframe[0].body).text());
|
|
||||||
},
|
|
||||||
'iframe html': function (iframe) {
|
|
||||||
return iframe && $(iframe[0].body).html();
|
|
||||||
},
|
|
||||||
'iframe xml': function (iframe) {
|
|
||||||
var xmlDoc = iframe && iframe[0];
|
|
||||||
return xmlDoc && $.isXMLDoc(xmlDoc)
|
|
||||||
? xmlDoc
|
|
||||||
: $.parseXML(
|
|
||||||
(xmlDoc.XMLDocument && xmlDoc.XMLDocument.xml) ||
|
|
||||||
$(xmlDoc.body).html()
|
|
||||||
);
|
|
||||||
},
|
|
||||||
'iframe script': function (iframe) {
|
|
||||||
return iframe && $.globalEval($(iframe[0].body).text());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
|
@ -1,805 +0,0 @@
|
||||||
/*! jQuery UI - v1.12.1+0b7246b6eeadfa9e2696e22f3230f6452f8129dc - 2020-02-20
|
|
||||||
* http://jqueryui.com
|
|
||||||
* Includes: widget.js
|
|
||||||
* Copyright jQuery Foundation and other contributors; Licensed MIT */
|
|
||||||
|
|
||||||
/* global define, require */
|
|
||||||
/* eslint-disable no-param-reassign, new-cap, jsdoc/require-jsdoc */
|
|
||||||
|
|
||||||
(function (factory) {
|
|
||||||
'use strict';
|
|
||||||
if (typeof define === 'function' && define.amd) {
|
|
||||||
// AMD. Register as an anonymous module.
|
|
||||||
define(['jquery'], factory);
|
|
||||||
} else if (typeof exports === 'object') {
|
|
||||||
// Node/CommonJS
|
|
||||||
factory(require('jquery'));
|
|
||||||
} else {
|
|
||||||
// Browser globals
|
|
||||||
factory(window.jQuery);
|
|
||||||
}
|
|
||||||
})(function ($) {
|
|
||||||
('use strict');
|
|
||||||
|
|
||||||
$.ui = $.ui || {};
|
|
||||||
|
|
||||||
$.ui.version = '1.12.1';
|
|
||||||
|
|
||||||
/*!
|
|
||||||
* jQuery UI Widget 1.12.1
|
|
||||||
* http://jqueryui.com
|
|
||||||
*
|
|
||||||
* Copyright jQuery Foundation and other contributors
|
|
||||||
* Released under the MIT license.
|
|
||||||
* http://jquery.org/license
|
|
||||||
*/
|
|
||||||
|
|
||||||
//>>label: Widget
|
|
||||||
//>>group: Core
|
|
||||||
//>>description: Provides a factory for creating stateful widgets with a common API.
|
|
||||||
//>>docs: http://api.jqueryui.com/jQuery.widget/
|
|
||||||
//>>demos: http://jqueryui.com/widget/
|
|
||||||
|
|
||||||
// Support: jQuery 1.9.x or older
|
|
||||||
// $.expr[ ":" ] is deprecated.
|
|
||||||
if (!$.expr.pseudos) {
|
|
||||||
$.expr.pseudos = $.expr[':'];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Support: jQuery 1.11.x or older
|
|
||||||
// $.unique has been renamed to $.uniqueSort
|
|
||||||
if (!$.uniqueSort) {
|
|
||||||
$.uniqueSort = $.unique;
|
|
||||||
}
|
|
||||||
|
|
||||||
var widgetUuid = 0;
|
|
||||||
var widgetHasOwnProperty = Array.prototype.hasOwnProperty;
|
|
||||||
var widgetSlice = Array.prototype.slice;
|
|
||||||
|
|
||||||
$.cleanData = (function (orig) {
|
|
||||||
return function (elems) {
|
|
||||||
var events, elem, i;
|
|
||||||
// eslint-disable-next-line eqeqeq
|
|
||||||
for (i = 0; (elem = elems[i]) != null; i++) {
|
|
||||||
// Only trigger remove when necessary to save time
|
|
||||||
events = $._data(elem, 'events');
|
|
||||||
if (events && events.remove) {
|
|
||||||
$(elem).triggerHandler('remove');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
orig(elems);
|
|
||||||
};
|
|
||||||
})($.cleanData);
|
|
||||||
|
|
||||||
$.widget = function (name, base, prototype) {
|
|
||||||
var existingConstructor, constructor, basePrototype;
|
|
||||||
|
|
||||||
// ProxiedPrototype allows the provided prototype to remain unmodified
|
|
||||||
// so that it can be used as a mixin for multiple widgets (#8876)
|
|
||||||
var proxiedPrototype = {};
|
|
||||||
|
|
||||||
var namespace = name.split('.')[0];
|
|
||||||
name = name.split('.')[1];
|
|
||||||
var fullName = namespace + '-' + name;
|
|
||||||
|
|
||||||
if (!prototype) {
|
|
||||||
prototype = base;
|
|
||||||
base = $.Widget;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($.isArray(prototype)) {
|
|
||||||
prototype = $.extend.apply(null, [{}].concat(prototype));
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create selector for plugin
|
|
||||||
$.expr.pseudos[fullName.toLowerCase()] = function (elem) {
|
|
||||||
return !!$.data(elem, fullName);
|
|
||||||
};
|
|
||||||
|
|
||||||
$[namespace] = $[namespace] || {};
|
|
||||||
existingConstructor = $[namespace][name];
|
|
||||||
constructor = $[namespace][name] = function (options, element) {
|
|
||||||
// Allow instantiation without "new" keyword
|
|
||||||
if (!this._createWidget) {
|
|
||||||
return new constructor(options, element);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Allow instantiation without initializing for simple inheritance
|
|
||||||
// must use "new" keyword (the code above always passes args)
|
|
||||||
if (arguments.length) {
|
|
||||||
this._createWidget(options, element);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
// Extend with the existing constructor to carry over any static properties
|
|
||||||
$.extend(constructor, existingConstructor, {
|
|
||||||
version: prototype.version,
|
|
||||||
|
|
||||||
// Copy the object used to create the prototype in case we need to
|
|
||||||
// redefine the widget later
|
|
||||||
_proto: $.extend({}, prototype),
|
|
||||||
|
|
||||||
// Track widgets that inherit from this widget in case this widget is
|
|
||||||
// redefined after a widget inherits from it
|
|
||||||
_childConstructors: []
|
|
||||||
});
|
|
||||||
|
|
||||||
basePrototype = new base();
|
|
||||||
|
|
||||||
// We need to make the options hash a property directly on the new instance
|
|
||||||
// otherwise we'll modify the options hash on the prototype that we're
|
|
||||||
// inheriting from
|
|
||||||
basePrototype.options = $.widget.extend({}, basePrototype.options);
|
|
||||||
$.each(prototype, function (prop, value) {
|
|
||||||
if (!$.isFunction(value)) {
|
|
||||||
proxiedPrototype[prop] = value;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
proxiedPrototype[prop] = (function () {
|
|
||||||
function _super() {
|
|
||||||
return base.prototype[prop].apply(this, arguments);
|
|
||||||
}
|
|
||||||
|
|
||||||
function _superApply(args) {
|
|
||||||
return base.prototype[prop].apply(this, args);
|
|
||||||
}
|
|
||||||
|
|
||||||
return function () {
|
|
||||||
var __super = this._super;
|
|
||||||
var __superApply = this._superApply;
|
|
||||||
var returnValue;
|
|
||||||
|
|
||||||
this._super = _super;
|
|
||||||
this._superApply = _superApply;
|
|
||||||
|
|
||||||
returnValue = value.apply(this, arguments);
|
|
||||||
|
|
||||||
this._super = __super;
|
|
||||||
this._superApply = __superApply;
|
|
||||||
|
|
||||||
return returnValue;
|
|
||||||
};
|
|
||||||
})();
|
|
||||||
});
|
|
||||||
constructor.prototype = $.widget.extend(
|
|
||||||
basePrototype,
|
|
||||||
{
|
|
||||||
// TODO: remove support for widgetEventPrefix
|
|
||||||
// always use the name + a colon as the prefix, e.g., draggable:start
|
|
||||||
// don't prefix for widgets that aren't DOM-based
|
|
||||||
widgetEventPrefix: existingConstructor
|
|
||||||
? basePrototype.widgetEventPrefix || name
|
|
||||||
: name
|
|
||||||
},
|
|
||||||
proxiedPrototype,
|
|
||||||
{
|
|
||||||
constructor: constructor,
|
|
||||||
namespace: namespace,
|
|
||||||
widgetName: name,
|
|
||||||
widgetFullName: fullName
|
|
||||||
}
|
|
||||||
);
|
|
||||||
|
|
||||||
// If this widget is being redefined then we need to find all widgets that
|
|
||||||
// are inheriting from it and redefine all of them so that they inherit from
|
|
||||||
// the new version of this widget. We're essentially trying to replace one
|
|
||||||
// level in the prototype chain.
|
|
||||||
if (existingConstructor) {
|
|
||||||
$.each(existingConstructor._childConstructors, function (i, child) {
|
|
||||||
var childPrototype = child.prototype;
|
|
||||||
|
|
||||||
// Redefine the child widget using the same prototype that was
|
|
||||||
// originally used, but inherit from the new version of the base
|
|
||||||
$.widget(
|
|
||||||
childPrototype.namespace + '.' + childPrototype.widgetName,
|
|
||||||
constructor,
|
|
||||||
child._proto
|
|
||||||
);
|
|
||||||
});
|
|
||||||
|
|
||||||
// Remove the list of existing child constructors from the old constructor
|
|
||||||
// so the old child constructors can be garbage collected
|
|
||||||
delete existingConstructor._childConstructors;
|
|
||||||
} else {
|
|
||||||
base._childConstructors.push(constructor);
|
|
||||||
}
|
|
||||||
|
|
||||||
$.widget.bridge(name, constructor);
|
|
||||||
|
|
||||||
return constructor;
|
|
||||||
};
|
|
||||||
|
|
||||||
$.widget.extend = function (target) {
|
|
||||||
var input = widgetSlice.call(arguments, 1);
|
|
||||||
var inputIndex = 0;
|
|
||||||
var inputLength = input.length;
|
|
||||||
var key;
|
|
||||||
var value;
|
|
||||||
|
|
||||||
for (; inputIndex < inputLength; inputIndex++) {
|
|
||||||
for (key in input[inputIndex]) {
|
|
||||||
value = input[inputIndex][key];
|
|
||||||
if (
|
|
||||||
widgetHasOwnProperty.call(input[inputIndex], key) &&
|
|
||||||
value !== undefined
|
|
||||||
) {
|
|
||||||
// Clone objects
|
|
||||||
if ($.isPlainObject(value)) {
|
|
||||||
target[key] = $.isPlainObject(target[key])
|
|
||||||
? $.widget.extend({}, target[key], value)
|
|
||||||
: // Don't extend strings, arrays, etc. with objects
|
|
||||||
$.widget.extend({}, value);
|
|
||||||
|
|
||||||
// Copy everything else by reference
|
|
||||||
} else {
|
|
||||||
target[key] = value;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return target;
|
|
||||||
};
|
|
||||||
|
|
||||||
$.widget.bridge = function (name, object) {
|
|
||||||
var fullName = object.prototype.widgetFullName || name;
|
|
||||||
$.fn[name] = function (options) {
|
|
||||||
var isMethodCall = typeof options === 'string';
|
|
||||||
var args = widgetSlice.call(arguments, 1);
|
|
||||||
var returnValue = this;
|
|
||||||
|
|
||||||
if (isMethodCall) {
|
|
||||||
// If this is an empty collection, we need to have the instance method
|
|
||||||
// return undefined instead of the jQuery instance
|
|
||||||
if (!this.length && options === 'instance') {
|
|
||||||
returnValue = undefined;
|
|
||||||
} else {
|
|
||||||
this.each(function () {
|
|
||||||
var methodValue;
|
|
||||||
var instance = $.data(this, fullName);
|
|
||||||
|
|
||||||
if (options === 'instance') {
|
|
||||||
returnValue = instance;
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!instance) {
|
|
||||||
return $.error(
|
|
||||||
'cannot call methods on ' +
|
|
||||||
name +
|
|
||||||
' prior to initialization; ' +
|
|
||||||
"attempted to call method '" +
|
|
||||||
options +
|
|
||||||
"'"
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$.isFunction(instance[options]) || options.charAt(0) === '_') {
|
|
||||||
return $.error(
|
|
||||||
"no such method '" +
|
|
||||||
options +
|
|
||||||
"' for " +
|
|
||||||
name +
|
|
||||||
' widget instance'
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
methodValue = instance[options].apply(instance, args);
|
|
||||||
|
|
||||||
if (methodValue !== instance && methodValue !== undefined) {
|
|
||||||
returnValue =
|
|
||||||
methodValue && methodValue.jquery
|
|
||||||
? returnValue.pushStack(methodValue.get())
|
|
||||||
: methodValue;
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// Allow multiple hashes to be passed on init
|
|
||||||
if (args.length) {
|
|
||||||
options = $.widget.extend.apply(null, [options].concat(args));
|
|
||||||
}
|
|
||||||
|
|
||||||
this.each(function () {
|
|
||||||
var instance = $.data(this, fullName);
|
|
||||||
if (instance) {
|
|
||||||
instance.option(options || {});
|
|
||||||
if (instance._init) {
|
|
||||||
instance._init();
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$.data(this, fullName, new object(options, this));
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
return returnValue;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
$.Widget = function (/* options, element */) {};
|
|
||||||
$.Widget._childConstructors = [];
|
|
||||||
|
|
||||||
$.Widget.prototype = {
|
|
||||||
widgetName: 'widget',
|
|
||||||
widgetEventPrefix: '',
|
|
||||||
defaultElement: '<div>',
|
|
||||||
|
|
||||||
options: {
|
|
||||||
classes: {},
|
|
||||||
disabled: false,
|
|
||||||
|
|
||||||
// Callbacks
|
|
||||||
create: null
|
|
||||||
},
|
|
||||||
|
|
||||||
_createWidget: function (options, element) {
|
|
||||||
element = $(element || this.defaultElement || this)[0];
|
|
||||||
this.element = $(element);
|
|
||||||
this.uuid = widgetUuid++;
|
|
||||||
this.eventNamespace = '.' + this.widgetName + this.uuid;
|
|
||||||
|
|
||||||
this.bindings = $();
|
|
||||||
this.hoverable = $();
|
|
||||||
this.focusable = $();
|
|
||||||
this.classesElementLookup = {};
|
|
||||||
|
|
||||||
if (element !== this) {
|
|
||||||
$.data(element, this.widgetFullName, this);
|
|
||||||
this._on(true, this.element, {
|
|
||||||
remove: function (event) {
|
|
||||||
if (event.target === element) {
|
|
||||||
this.destroy();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
this.document = $(
|
|
||||||
element.style
|
|
||||||
? // Element within the document
|
|
||||||
element.ownerDocument
|
|
||||||
: // Element is window or document
|
|
||||||
element.document || element
|
|
||||||
);
|
|
||||||
this.window = $(
|
|
||||||
this.document[0].defaultView || this.document[0].parentWindow
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
this.options = $.widget.extend(
|
|
||||||
{},
|
|
||||||
this.options,
|
|
||||||
this._getCreateOptions(),
|
|
||||||
options
|
|
||||||
);
|
|
||||||
|
|
||||||
this._create();
|
|
||||||
|
|
||||||
if (this.options.disabled) {
|
|
||||||
this._setOptionDisabled(this.options.disabled);
|
|
||||||
}
|
|
||||||
|
|
||||||
this._trigger('create', null, this._getCreateEventData());
|
|
||||||
this._init();
|
|
||||||
},
|
|
||||||
|
|
||||||
_getCreateOptions: function () {
|
|
||||||
return {};
|
|
||||||
},
|
|
||||||
|
|
||||||
_getCreateEventData: $.noop,
|
|
||||||
|
|
||||||
_create: $.noop,
|
|
||||||
|
|
||||||
_init: $.noop,
|
|
||||||
|
|
||||||
destroy: function () {
|
|
||||||
var that = this;
|
|
||||||
|
|
||||||
this._destroy();
|
|
||||||
$.each(this.classesElementLookup, function (key, value) {
|
|
||||||
that._removeClass(value, key);
|
|
||||||
});
|
|
||||||
|
|
||||||
// We can probably remove the unbind calls in 2.0
|
|
||||||
// all event bindings should go through this._on()
|
|
||||||
this.element.off(this.eventNamespace).removeData(this.widgetFullName);
|
|
||||||
this.widget().off(this.eventNamespace).removeAttr('aria-disabled');
|
|
||||||
|
|
||||||
// Clean up events and states
|
|
||||||
this.bindings.off(this.eventNamespace);
|
|
||||||
},
|
|
||||||
|
|
||||||
_destroy: $.noop,
|
|
||||||
|
|
||||||
widget: function () {
|
|
||||||
return this.element;
|
|
||||||
},
|
|
||||||
|
|
||||||
option: function (key, value) {
|
|
||||||
var options = key;
|
|
||||||
var parts;
|
|
||||||
var curOption;
|
|
||||||
var i;
|
|
||||||
|
|
||||||
if (arguments.length === 0) {
|
|
||||||
// Don't return a reference to the internal hash
|
|
||||||
return $.widget.extend({}, this.options);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof key === 'string') {
|
|
||||||
// Handle nested keys, e.g., "foo.bar" => { foo: { bar: ___ } }
|
|
||||||
options = {};
|
|
||||||
parts = key.split('.');
|
|
||||||
key = parts.shift();
|
|
||||||
if (parts.length) {
|
|
||||||
curOption = options[key] = $.widget.extend({}, this.options[key]);
|
|
||||||
for (i = 0; i < parts.length - 1; i++) {
|
|
||||||
curOption[parts[i]] = curOption[parts[i]] || {};
|
|
||||||
curOption = curOption[parts[i]];
|
|
||||||
}
|
|
||||||
key = parts.pop();
|
|
||||||
if (arguments.length === 1) {
|
|
||||||
return curOption[key] === undefined ? null : curOption[key];
|
|
||||||
}
|
|
||||||
curOption[key] = value;
|
|
||||||
} else {
|
|
||||||
if (arguments.length === 1) {
|
|
||||||
return this.options[key] === undefined ? null : this.options[key];
|
|
||||||
}
|
|
||||||
options[key] = value;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
this._setOptions(options);
|
|
||||||
|
|
||||||
return this;
|
|
||||||
},
|
|
||||||
|
|
||||||
_setOptions: function (options) {
|
|
||||||
var key;
|
|
||||||
|
|
||||||
for (key in options) {
|
|
||||||
this._setOption(key, options[key]);
|
|
||||||
}
|
|
||||||
|
|
||||||
return this;
|
|
||||||
},
|
|
||||||
|
|
||||||
_setOption: function (key, value) {
|
|
||||||
if (key === 'classes') {
|
|
||||||
this._setOptionClasses(value);
|
|
||||||
}
|
|
||||||
|
|
||||||
this.options[key] = value;
|
|
||||||
|
|
||||||
if (key === 'disabled') {
|
|
||||||
this._setOptionDisabled(value);
|
|
||||||
}
|
|
||||||
|
|
||||||
return this;
|
|
||||||
},
|
|
||||||
|
|
||||||
_setOptionClasses: function (value) {
|
|
||||||
var classKey, elements, currentElements;
|
|
||||||
|
|
||||||
for (classKey in value) {
|
|
||||||
currentElements = this.classesElementLookup[classKey];
|
|
||||||
if (
|
|
||||||
value[classKey] === this.options.classes[classKey] ||
|
|
||||||
!currentElements ||
|
|
||||||
!currentElements.length
|
|
||||||
) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
// We are doing this to create a new jQuery object because the _removeClass() call
|
|
||||||
// on the next line is going to destroy the reference to the current elements being
|
|
||||||
// tracked. We need to save a copy of this collection so that we can add the new classes
|
|
||||||
// below.
|
|
||||||
elements = $(currentElements.get());
|
|
||||||
this._removeClass(currentElements, classKey);
|
|
||||||
|
|
||||||
// We don't use _addClass() here, because that uses this.options.classes
|
|
||||||
// for generating the string of classes. We want to use the value passed in from
|
|
||||||
// _setOption(), this is the new value of the classes option which was passed to
|
|
||||||
// _setOption(). We pass this value directly to _classes().
|
|
||||||
elements.addClass(
|
|
||||||
this._classes({
|
|
||||||
element: elements,
|
|
||||||
keys: classKey,
|
|
||||||
classes: value,
|
|
||||||
add: true
|
|
||||||
})
|
|
||||||
);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
_setOptionDisabled: function (value) {
|
|
||||||
this._toggleClass(
|
|
||||||
this.widget(),
|
|
||||||
this.widgetFullName + '-disabled',
|
|
||||||
null,
|
|
||||||
!!value
|
|
||||||
);
|
|
||||||
|
|
||||||
// If the widget is becoming disabled, then nothing is interactive
|
|
||||||
if (value) {
|
|
||||||
this._removeClass(this.hoverable, null, 'ui-state-hover');
|
|
||||||
this._removeClass(this.focusable, null, 'ui-state-focus');
|
|
||||||
}
|
|
||||||
},
|
|
||||||
|
|
||||||
enable: function () {
|
|
||||||
return this._setOptions({ disabled: false });
|
|
||||||
},
|
|
||||||
|
|
||||||
disable: function () {
|
|
||||||
return this._setOptions({ disabled: true });
|
|
||||||
},
|
|
||||||
|
|
||||||
_classes: function (options) {
|
|
||||||
var full = [];
|
|
||||||
var that = this;
|
|
||||||
|
|
||||||
options = $.extend(
|
|
||||||
{
|
|
||||||
element: this.element,
|
|
||||||
classes: this.options.classes || {}
|
|
||||||
},
|
|
||||||
options
|
|
||||||
);
|
|
||||||
|
|
||||||
function bindRemoveEvent() {
|
|
||||||
options.element.each(function (_, element) {
|
|
||||||
var isTracked = $.map(that.classesElementLookup, function (elements) {
|
|
||||||
return elements;
|
|
||||||
}).some(function (elements) {
|
|
||||||
return elements.is(element);
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!isTracked) {
|
|
||||||
that._on($(element), {
|
|
||||||
remove: '_untrackClassesElement'
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function processClassString(classes, checkOption) {
|
|
||||||
var current, i;
|
|
||||||
for (i = 0; i < classes.length; i++) {
|
|
||||||
current = that.classesElementLookup[classes[i]] || $();
|
|
||||||
if (options.add) {
|
|
||||||
bindRemoveEvent();
|
|
||||||
current = $(
|
|
||||||
$.uniqueSort(current.get().concat(options.element.get()))
|
|
||||||
);
|
|
||||||
} else {
|
|
||||||
current = $(current.not(options.element).get());
|
|
||||||
}
|
|
||||||
that.classesElementLookup[classes[i]] = current;
|
|
||||||
full.push(classes[i]);
|
|
||||||
if (checkOption && options.classes[classes[i]]) {
|
|
||||||
full.push(options.classes[classes[i]]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (options.keys) {
|
|
||||||
processClassString(options.keys.match(/\S+/g) || [], true);
|
|
||||||
}
|
|
||||||
if (options.extra) {
|
|
||||||
processClassString(options.extra.match(/\S+/g) || []);
|
|
||||||
}
|
|
||||||
|
|
||||||
return full.join(' ');
|
|
||||||
},
|
|
||||||
|
|
||||||
_untrackClassesElement: function (event) {
|
|
||||||
var that = this;
|
|
||||||
$.each(that.classesElementLookup, function (key, value) {
|
|
||||||
if ($.inArray(event.target, value) !== -1) {
|
|
||||||
that.classesElementLookup[key] = $(value.not(event.target).get());
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
this._off($(event.target));
|
|
||||||
},
|
|
||||||
|
|
||||||
_removeClass: function (element, keys, extra) {
|
|
||||||
return this._toggleClass(element, keys, extra, false);
|
|
||||||
},
|
|
||||||
|
|
||||||
_addClass: function (element, keys, extra) {
|
|
||||||
return this._toggleClass(element, keys, extra, true);
|
|
||||||
},
|
|
||||||
|
|
||||||
_toggleClass: function (element, keys, extra, add) {
|
|
||||||
add = typeof add === 'boolean' ? add : extra;
|
|
||||||
var shift = typeof element === 'string' || element === null,
|
|
||||||
options = {
|
|
||||||
extra: shift ? keys : extra,
|
|
||||||
keys: shift ? element : keys,
|
|
||||||
element: shift ? this.element : element,
|
|
||||||
add: add
|
|
||||||
};
|
|
||||||
options.element.toggleClass(this._classes(options), add);
|
|
||||||
return this;
|
|
||||||
},
|
|
||||||
|
|
||||||
_on: function (suppressDisabledCheck, element, handlers) {
|
|
||||||
var delegateElement;
|
|
||||||
var instance = this;
|
|
||||||
|
|
||||||
// No suppressDisabledCheck flag, shuffle arguments
|
|
||||||
if (typeof suppressDisabledCheck !== 'boolean') {
|
|
||||||
handlers = element;
|
|
||||||
element = suppressDisabledCheck;
|
|
||||||
suppressDisabledCheck = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// No element argument, shuffle and use this.element
|
|
||||||
if (!handlers) {
|
|
||||||
handlers = element;
|
|
||||||
element = this.element;
|
|
||||||
delegateElement = this.widget();
|
|
||||||
} else {
|
|
||||||
element = delegateElement = $(element);
|
|
||||||
this.bindings = this.bindings.add(element);
|
|
||||||
}
|
|
||||||
|
|
||||||
$.each(handlers, function (event, handler) {
|
|
||||||
function handlerProxy() {
|
|
||||||
// Allow widgets to customize the disabled handling
|
|
||||||
// - disabled as an array instead of boolean
|
|
||||||
// - disabled class as method for disabling individual parts
|
|
||||||
if (
|
|
||||||
!suppressDisabledCheck &&
|
|
||||||
(instance.options.disabled === true ||
|
|
||||||
$(this).hasClass('ui-state-disabled'))
|
|
||||||
) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
return (
|
|
||||||
typeof handler === 'string' ? instance[handler] : handler
|
|
||||||
).apply(instance, arguments);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Copy the guid so direct unbinding works
|
|
||||||
if (typeof handler !== 'string') {
|
|
||||||
handlerProxy.guid = handler.guid =
|
|
||||||
handler.guid || handlerProxy.guid || $.guid++;
|
|
||||||
}
|
|
||||||
|
|
||||||
var match = event.match(/^([\w:-]*)\s*(.*)$/);
|
|
||||||
var eventName = match[1] + instance.eventNamespace;
|
|
||||||
var selector = match[2];
|
|
||||||
|
|
||||||
if (selector) {
|
|
||||||
delegateElement.on(eventName, selector, handlerProxy);
|
|
||||||
} else {
|
|
||||||
element.on(eventName, handlerProxy);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_off: function (element, eventName) {
|
|
||||||
eventName =
|
|
||||||
(eventName || '').split(' ').join(this.eventNamespace + ' ') +
|
|
||||||
this.eventNamespace;
|
|
||||||
element.off(eventName);
|
|
||||||
|
|
||||||
// Clear the stack to avoid memory leaks (#10056)
|
|
||||||
this.bindings = $(this.bindings.not(element).get());
|
|
||||||
this.focusable = $(this.focusable.not(element).get());
|
|
||||||
this.hoverable = $(this.hoverable.not(element).get());
|
|
||||||
},
|
|
||||||
|
|
||||||
_delay: function (handler, delay) {
|
|
||||||
var instance = this;
|
|
||||||
function handlerProxy() {
|
|
||||||
return (
|
|
||||||
typeof handler === 'string' ? instance[handler] : handler
|
|
||||||
).apply(instance, arguments);
|
|
||||||
}
|
|
||||||
return setTimeout(handlerProxy, delay || 0);
|
|
||||||
},
|
|
||||||
|
|
||||||
_hoverable: function (element) {
|
|
||||||
this.hoverable = this.hoverable.add(element);
|
|
||||||
this._on(element, {
|
|
||||||
mouseenter: function (event) {
|
|
||||||
this._addClass($(event.currentTarget), null, 'ui-state-hover');
|
|
||||||
},
|
|
||||||
mouseleave: function (event) {
|
|
||||||
this._removeClass($(event.currentTarget), null, 'ui-state-hover');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_focusable: function (element) {
|
|
||||||
this.focusable = this.focusable.add(element);
|
|
||||||
this._on(element, {
|
|
||||||
focusin: function (event) {
|
|
||||||
this._addClass($(event.currentTarget), null, 'ui-state-focus');
|
|
||||||
},
|
|
||||||
focusout: function (event) {
|
|
||||||
this._removeClass($(event.currentTarget), null, 'ui-state-focus');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
|
||||||
|
|
||||||
_trigger: function (type, event, data) {
|
|
||||||
var prop, orig;
|
|
||||||
var callback = this.options[type];
|
|
||||||
|
|
||||||
data = data || {};
|
|
||||||
event = $.Event(event);
|
|
||||||
event.type = (
|
|
||||||
type === this.widgetEventPrefix ? type : this.widgetEventPrefix + type
|
|
||||||
).toLowerCase();
|
|
||||||
|
|
||||||
// The original event may come from any element
|
|
||||||
// so we need to reset the target on the new event
|
|
||||||
event.target = this.element[0];
|
|
||||||
|
|
||||||
// Copy original event properties over to the new event
|
|
||||||
orig = event.originalEvent;
|
|
||||||
if (orig) {
|
|
||||||
for (prop in orig) {
|
|
||||||
if (!(prop in event)) {
|
|
||||||
event[prop] = orig[prop];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
this.element.trigger(event, data);
|
|
||||||
return !(
|
|
||||||
($.isFunction(callback) &&
|
|
||||||
callback.apply(this.element[0], [event].concat(data)) === false) ||
|
|
||||||
event.isDefaultPrevented()
|
|
||||||
);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
$.each({ show: 'fadeIn', hide: 'fadeOut' }, function (method, defaultEffect) {
|
|
||||||
$.Widget.prototype['_' + method] = function (element, options, callback) {
|
|
||||||
if (typeof options === 'string') {
|
|
||||||
options = { effect: options };
|
|
||||||
}
|
|
||||||
|
|
||||||
var hasOptions;
|
|
||||||
var effectName = !options
|
|
||||||
? method
|
|
||||||
: options === true || typeof options === 'number'
|
|
||||||
? defaultEffect
|
|
||||||
: options.effect || defaultEffect;
|
|
||||||
|
|
||||||
options = options || {};
|
|
||||||
if (typeof options === 'number') {
|
|
||||||
options = { duration: options };
|
|
||||||
}
|
|
||||||
|
|
||||||
hasOptions = !$.isEmptyObject(options);
|
|
||||||
options.complete = callback;
|
|
||||||
|
|
||||||
if (options.delay) {
|
|
||||||
element.delay(options.delay);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (hasOptions && $.effects && $.effects.effect[effectName]) {
|
|
||||||
element[method](options);
|
|
||||||
} else if (effectName !== method && element[effectName]) {
|
|
||||||
element[effectName](options.duration, options.easing, callback);
|
|
||||||
} else {
|
|
||||||
element.queue(function (next) {
|
|
||||||
$(this)[method]();
|
|
||||||
if (callback) {
|
|
||||||
callback.call(element[0]);
|
|
||||||
}
|
|
||||||
next();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
};
|
|
||||||
});
|
|
||||||
});
|
|
6853
vendor/blueimp/jquery-file-upload/package-lock.json
generated
vendored
6853
vendor/blueimp/jquery-file-upload/package-lock.json
generated
vendored
File diff suppressed because it is too large
Load diff
116
vendor/blueimp/jquery-file-upload/package.json
vendored
116
vendor/blueimp/jquery-file-upload/package.json
vendored
|
@ -1,116 +0,0 @@
|
||||||
{
|
|
||||||
"name": "blueimp-file-upload",
|
|
||||||
"version": "10.32.0",
|
|
||||||
"title": "jQuery File Upload",
|
|
||||||
"description": "File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.",
|
|
||||||
"keywords": [
|
|
||||||
"jquery",
|
|
||||||
"file",
|
|
||||||
"upload",
|
|
||||||
"widget",
|
|
||||||
"multiple",
|
|
||||||
"selection",
|
|
||||||
"drag",
|
|
||||||
"drop",
|
|
||||||
"progress",
|
|
||||||
"preview",
|
|
||||||
"cross-domain",
|
|
||||||
"cross-site",
|
|
||||||
"chunk",
|
|
||||||
"resume",
|
|
||||||
"gae",
|
|
||||||
"go",
|
|
||||||
"python",
|
|
||||||
"php",
|
|
||||||
"bootstrap"
|
|
||||||
],
|
|
||||||
"homepage": "https://github.com/blueimp/jQuery-File-Upload",
|
|
||||||
"author": {
|
|
||||||
"name": "Sebastian Tschan",
|
|
||||||
"url": "https://blueimp.net"
|
|
||||||
},
|
|
||||||
"repository": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "git://github.com/blueimp/jQuery-File-Upload.git"
|
|
||||||
},
|
|
||||||
"license": "MIT",
|
|
||||||
"peerDependencies": {
|
|
||||||
"jquery": ">=1.7"
|
|
||||||
},
|
|
||||||
"optionalDependencies": {
|
|
||||||
"blueimp-canvas-to-blob": "3",
|
|
||||||
"blueimp-load-image": "5",
|
|
||||||
"blueimp-tmpl": "3"
|
|
||||||
},
|
|
||||||
"devDependencies": {
|
|
||||||
"eslint": "7",
|
|
||||||
"eslint-config-blueimp": "2",
|
|
||||||
"eslint-config-prettier": "8",
|
|
||||||
"eslint-plugin-jsdoc": "36",
|
|
||||||
"eslint-plugin-prettier": "4",
|
|
||||||
"prettier": "2",
|
|
||||||
"stylelint": "13",
|
|
||||||
"stylelint-config-prettier": "8",
|
|
||||||
"stylelint-config-recommended": "5"
|
|
||||||
},
|
|
||||||
"stylelint": {
|
|
||||||
"extends": [
|
|
||||||
"stylelint-config-recommended",
|
|
||||||
"stylelint-config-prettier"
|
|
||||||
],
|
|
||||||
"ignoreFiles": [
|
|
||||||
"css/*.min.css",
|
|
||||||
"css/vendor/*",
|
|
||||||
"test/vendor/*"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"eslintConfig": {
|
|
||||||
"extends": [
|
|
||||||
"blueimp",
|
|
||||||
"plugin:jsdoc/recommended",
|
|
||||||
"plugin:prettier/recommended"
|
|
||||||
],
|
|
||||||
"env": {
|
|
||||||
"browser": true
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"eslintIgnore": [
|
|
||||||
"js/*.min.js",
|
|
||||||
"test/vendor"
|
|
||||||
],
|
|
||||||
"prettier": {
|
|
||||||
"arrowParens": "avoid",
|
|
||||||
"proseWrap": "always",
|
|
||||||
"singleQuote": true,
|
|
||||||
"trailingComma": "none"
|
|
||||||
},
|
|
||||||
"scripts": {
|
|
||||||
"lint": "stylelint '**/*.css' && eslint .",
|
|
||||||
"unit": "docker-compose run --rm mocha",
|
|
||||||
"wdio": "docker-compose run --rm wdio",
|
|
||||||
"test": "npm run lint && npm run unit && npm run wdio && npm run wdio -- conf/firefox.js",
|
|
||||||
"posttest": "docker-compose down -v",
|
|
||||||
"preversion": "npm test",
|
|
||||||
"postversion": "git push --tags origin master && npm publish"
|
|
||||||
},
|
|
||||||
"files": [
|
|
||||||
"css/jquery.fileupload-noscript.css",
|
|
||||||
"css/jquery.fileupload-ui-noscript.css",
|
|
||||||
"css/jquery.fileupload-ui.css",
|
|
||||||
"css/jquery.fileupload.css",
|
|
||||||
"img/loading.gif",
|
|
||||||
"img/progressbar.gif",
|
|
||||||
"js/cors/jquery.postmessage-transport.js",
|
|
||||||
"js/cors/jquery.xdr-transport.js",
|
|
||||||
"js/vendor/jquery.ui.widget.js",
|
|
||||||
"js/jquery.fileupload-audio.js",
|
|
||||||
"js/jquery.fileupload-image.js",
|
|
||||||
"js/jquery.fileupload-process.js",
|
|
||||||
"js/jquery.fileupload-ui.js",
|
|
||||||
"js/jquery.fileupload-validate.js",
|
|
||||||
"js/jquery.fileupload-video.js",
|
|
||||||
"js/jquery.fileupload.js",
|
|
||||||
"js/jquery.iframe-transport.js"
|
|
||||||
],
|
|
||||||
"main": "js/jquery.fileupload.js"
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
runtime: python27
|
|
||||||
api_version: 1
|
|
||||||
threadsafe: true
|
|
||||||
|
|
||||||
libraries:
|
|
||||||
- name: PIL
|
|
||||||
version: latest
|
|
||||||
|
|
||||||
handlers:
|
|
||||||
- url: /(favicon\.ico|robots\.txt)
|
|
||||||
static_files: static/\1
|
|
||||||
upload: static/(.*)
|
|
||||||
expiration: '1d'
|
|
||||||
- url: /.*
|
|
||||||
script: main.app
|
|
||||||
|
|
||||||
automatic_scaling:
|
|
||||||
max_instances: 1
|
|
|
@ -1,204 +0,0 @@
|
||||||
# -*- coding: utf-8 -*-
|
|
||||||
#
|
|
||||||
# jQuery File Upload Plugin GAE Python Example
|
|
||||||
# https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
#
|
|
||||||
# Copyright 2011, Sebastian Tschan
|
|
||||||
# https://blueimp.net
|
|
||||||
#
|
|
||||||
# Licensed under the MIT license:
|
|
||||||
# https://opensource.org/licenses/MIT
|
|
||||||
#
|
|
||||||
|
|
||||||
from google.appengine.api import memcache, images
|
|
||||||
import json
|
|
||||||
import os
|
|
||||||
import re
|
|
||||||
import urllib
|
|
||||||
import webapp2
|
|
||||||
|
|
||||||
DEBUG=os.environ.get('SERVER_SOFTWARE', '').startswith('Dev')
|
|
||||||
WEBSITE = 'https://blueimp.github.io/jQuery-File-Upload/'
|
|
||||||
MIN_FILE_SIZE = 1 # bytes
|
|
||||||
# Max file size is memcache limit (1MB) minus key size minus overhead:
|
|
||||||
MAX_FILE_SIZE = 999000 # bytes
|
|
||||||
IMAGE_TYPES = re.compile('image/(gif|p?jpeg|(x-)?png)')
|
|
||||||
ACCEPT_FILE_TYPES = IMAGE_TYPES
|
|
||||||
THUMB_MAX_WIDTH = 80
|
|
||||||
THUMB_MAX_HEIGHT = 80
|
|
||||||
THUMB_SUFFIX = '.'+str(THUMB_MAX_WIDTH)+'x'+str(THUMB_MAX_HEIGHT)+'.png'
|
|
||||||
EXPIRATION_TIME = 300 # seconds
|
|
||||||
# If set to None, only allow redirects to the referer protocol+host.
|
|
||||||
# Set to a regexp for custom pattern matching against the redirect value:
|
|
||||||
REDIRECT_ALLOW_TARGET = None
|
|
||||||
|
|
||||||
class CORSHandler(webapp2.RequestHandler):
|
|
||||||
def cors(self):
|
|
||||||
headers = self.response.headers
|
|
||||||
headers['Access-Control-Allow-Origin'] = '*'
|
|
||||||
headers['Access-Control-Allow-Methods'] =\
|
|
||||||
'OPTIONS, HEAD, GET, POST, DELETE'
|
|
||||||
headers['Access-Control-Allow-Headers'] =\
|
|
||||||
'Content-Type, Content-Range, Content-Disposition'
|
|
||||||
|
|
||||||
def initialize(self, request, response):
|
|
||||||
super(CORSHandler, self).initialize(request, response)
|
|
||||||
self.cors()
|
|
||||||
|
|
||||||
def json_stringify(self, obj):
|
|
||||||
return json.dumps(obj, separators=(',', ':'))
|
|
||||||
|
|
||||||
def options(self, *args, **kwargs):
|
|
||||||
pass
|
|
||||||
|
|
||||||
class UploadHandler(CORSHandler):
|
|
||||||
def validate(self, file):
|
|
||||||
if file['size'] < MIN_FILE_SIZE:
|
|
||||||
file['error'] = 'File is too small'
|
|
||||||
elif file['size'] > MAX_FILE_SIZE:
|
|
||||||
file['error'] = 'File is too big'
|
|
||||||
elif not ACCEPT_FILE_TYPES.match(file['type']):
|
|
||||||
file['error'] = 'Filetype not allowed'
|
|
||||||
else:
|
|
||||||
return True
|
|
||||||
return False
|
|
||||||
|
|
||||||
def validate_redirect(self, redirect):
|
|
||||||
if redirect:
|
|
||||||
if REDIRECT_ALLOW_TARGET:
|
|
||||||
return REDIRECT_ALLOW_TARGET.match(redirect)
|
|
||||||
referer = self.request.headers['referer']
|
|
||||||
if referer:
|
|
||||||
from urlparse import urlparse
|
|
||||||
parts = urlparse(referer)
|
|
||||||
redirect_allow_target = '^' + re.escape(
|
|
||||||
parts.scheme + '://' + parts.netloc + '/'
|
|
||||||
)
|
|
||||||
return re.match(redirect_allow_target, redirect)
|
|
||||||
return False
|
|
||||||
|
|
||||||
def get_file_size(self, file):
|
|
||||||
file.seek(0, 2) # Seek to the end of the file
|
|
||||||
size = file.tell() # Get the position of EOF
|
|
||||||
file.seek(0) # Reset the file position to the beginning
|
|
||||||
return size
|
|
||||||
|
|
||||||
def write_blob(self, data, info):
|
|
||||||
key = urllib.quote(info['type'].encode('utf-8'), '') +\
|
|
||||||
'/' + str(hash(data)) +\
|
|
||||||
'/' + urllib.quote(info['name'].encode('utf-8'), '')
|
|
||||||
try:
|
|
||||||
memcache.set(key, data, time=EXPIRATION_TIME)
|
|
||||||
except: #Failed to add to memcache
|
|
||||||
return (None, None)
|
|
||||||
thumbnail_key = None
|
|
||||||
if IMAGE_TYPES.match(info['type']):
|
|
||||||
try:
|
|
||||||
img = images.Image(image_data=data)
|
|
||||||
img.resize(
|
|
||||||
width=THUMB_MAX_WIDTH,
|
|
||||||
height=THUMB_MAX_HEIGHT
|
|
||||||
)
|
|
||||||
thumbnail_data = img.execute_transforms()
|
|
||||||
thumbnail_key = key + THUMB_SUFFIX
|
|
||||||
memcache.set(
|
|
||||||
thumbnail_key,
|
|
||||||
thumbnail_data,
|
|
||||||
time=EXPIRATION_TIME
|
|
||||||
)
|
|
||||||
except: #Failed to resize Image or add to memcache
|
|
||||||
thumbnail_key = None
|
|
||||||
return (key, thumbnail_key)
|
|
||||||
|
|
||||||
def handle_upload(self):
|
|
||||||
results = []
|
|
||||||
for name, fieldStorage in self.request.POST.items():
|
|
||||||
if type(fieldStorage) is unicode:
|
|
||||||
continue
|
|
||||||
result = {}
|
|
||||||
result['name'] = urllib.unquote(fieldStorage.filename)
|
|
||||||
result['type'] = fieldStorage.type
|
|
||||||
result['size'] = self.get_file_size(fieldStorage.file)
|
|
||||||
if self.validate(result):
|
|
||||||
key, thumbnail_key = self.write_blob(
|
|
||||||
fieldStorage.value,
|
|
||||||
result
|
|
||||||
)
|
|
||||||
if key is not None:
|
|
||||||
result['url'] = self.request.host_url + '/' + key
|
|
||||||
result['deleteUrl'] = result['url']
|
|
||||||
result['deleteType'] = 'DELETE'
|
|
||||||
if thumbnail_key is not None:
|
|
||||||
result['thumbnailUrl'] = self.request.host_url +\
|
|
||||||
'/' + thumbnail_key
|
|
||||||
else:
|
|
||||||
result['error'] = 'Failed to store uploaded file.'
|
|
||||||
results.append(result)
|
|
||||||
return results
|
|
||||||
|
|
||||||
def head(self):
|
|
||||||
pass
|
|
||||||
|
|
||||||
def get(self):
|
|
||||||
self.redirect(WEBSITE)
|
|
||||||
|
|
||||||
def post(self):
|
|
||||||
if (self.request.get('_method') == 'DELETE'):
|
|
||||||
return self.delete()
|
|
||||||
result = {'files': self.handle_upload()}
|
|
||||||
s = self.json_stringify(result)
|
|
||||||
redirect = self.request.get('redirect')
|
|
||||||
if self.validate_redirect(redirect):
|
|
||||||
return self.redirect(str(
|
|
||||||
redirect.replace('%s', urllib.quote(s, ''), 1)
|
|
||||||
))
|
|
||||||
if 'application/json' in self.request.headers.get('Accept'):
|
|
||||||
self.response.headers['Content-Type'] = 'application/json'
|
|
||||||
self.response.write(s)
|
|
||||||
|
|
||||||
class FileHandler(CORSHandler):
|
|
||||||
def normalize(self, str):
|
|
||||||
return urllib.quote(urllib.unquote(str), '')
|
|
||||||
|
|
||||||
def get(self, content_type, data_hash, file_name):
|
|
||||||
content_type = self.normalize(content_type)
|
|
||||||
file_name = self.normalize(file_name)
|
|
||||||
key = content_type + '/' + data_hash + '/' + file_name
|
|
||||||
data = memcache.get(key)
|
|
||||||
if data is None:
|
|
||||||
return self.error(404)
|
|
||||||
# Prevent browsers from MIME-sniffing the content-type:
|
|
||||||
self.response.headers['X-Content-Type-Options'] = 'nosniff'
|
|
||||||
content_type = urllib.unquote(content_type)
|
|
||||||
if not IMAGE_TYPES.match(content_type):
|
|
||||||
# Force a download dialog for non-image types:
|
|
||||||
content_type = 'application/octet-stream'
|
|
||||||
elif file_name.endswith(THUMB_SUFFIX):
|
|
||||||
content_type = 'image/png'
|
|
||||||
self.response.headers['Content-Type'] = content_type
|
|
||||||
# Cache for the expiration time:
|
|
||||||
self.response.headers['Cache-Control'] = 'public,max-age=%d' \
|
|
||||||
% EXPIRATION_TIME
|
|
||||||
self.response.write(data)
|
|
||||||
|
|
||||||
def delete(self, content_type, data_hash, file_name):
|
|
||||||
content_type = self.normalize(content_type)
|
|
||||||
file_name = self.normalize(file_name)
|
|
||||||
key = content_type + '/' + data_hash + '/' + file_name
|
|
||||||
result = {key: memcache.delete(key)}
|
|
||||||
content_type = urllib.unquote(content_type)
|
|
||||||
if IMAGE_TYPES.match(content_type):
|
|
||||||
thumbnail_key = key + THUMB_SUFFIX
|
|
||||||
result[thumbnail_key] = memcache.delete(thumbnail_key)
|
|
||||||
if 'application/json' in self.request.headers.get('Accept'):
|
|
||||||
self.response.headers['Content-Type'] = 'application/json'
|
|
||||||
s = self.json_stringify(result)
|
|
||||||
self.response.write(s)
|
|
||||||
|
|
||||||
app = webapp2.WSGIApplication(
|
|
||||||
[
|
|
||||||
('/', UploadHandler),
|
|
||||||
('/(.+)/([^/]+)/([^/]+)', FileHandler)
|
|
||||||
],
|
|
||||||
debug=DEBUG
|
|
||||||
)
|
|
|
@ -1,2 +0,0 @@
|
||||||
User-agent: *
|
|
||||||
Disallow:
|
|
|
@ -1,2 +0,0 @@
|
||||||
*
|
|
||||||
!php.ini
|
|
|
@ -1,44 +0,0 @@
|
||||||
FROM php:8.0.11-apache
|
|
||||||
|
|
||||||
# Enable the Apache Headers module:
|
|
||||||
RUN ln -s /etc/apache2/mods-available/headers.load \
|
|
||||||
/etc/apache2/mods-enabled/headers.load
|
|
||||||
|
|
||||||
# Enable the Apache Rewrite module:
|
|
||||||
RUN ln -s /etc/apache2/mods-available/rewrite.load \
|
|
||||||
/etc/apache2/mods-enabled/rewrite.load
|
|
||||||
|
|
||||||
# Install GD, Imagick and ImageMagick as image conversion options:
|
|
||||||
RUN DEBIAN_FRONTEND=noninteractive \
|
|
||||||
apt-get update && apt-get install -y --no-install-recommends \
|
|
||||||
libpng-dev \
|
|
||||||
libjpeg-dev \
|
|
||||||
libmagickwand-dev \
|
|
||||||
imagemagick \
|
|
||||||
&& pecl install \
|
|
||||||
imagick \
|
|
||||||
&& docker-php-ext-enable \
|
|
||||||
imagick \
|
|
||||||
&& docker-php-ext-configure \
|
|
||||||
gd --with-jpeg=/usr/include/ \
|
|
||||||
&& docker-php-ext-install \
|
|
||||||
gd \
|
|
||||||
# Uninstall obsolete packages:
|
|
||||||
&& apt-get autoremove -y \
|
|
||||||
libpng-dev \
|
|
||||||
libjpeg-dev \
|
|
||||||
libmagickwand-dev \
|
|
||||||
# Remove obsolete files:
|
|
||||||
&& apt-get clean \
|
|
||||||
&& rm -rf \
|
|
||||||
/tmp/* \
|
|
||||||
/usr/share/doc/* \
|
|
||||||
/var/cache/* \
|
|
||||||
/var/lib/apt/lists/* \
|
|
||||||
/var/tmp/*
|
|
||||||
|
|
||||||
# Use the default development configuration:
|
|
||||||
RUN mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"
|
|
||||||
|
|
||||||
# Add a custom configuration file:
|
|
||||||
COPY php.ini "$PHP_INI_DIR/conf.d/"
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,3 +0,0 @@
|
||||||
*
|
|
||||||
!.gitignore
|
|
||||||
!.htaccess
|
|
|
@ -1,50 +0,0 @@
|
||||||
# If you have not done so already, please first read SECURITY.md in the root
|
|
||||||
# directory of this project or online:
|
|
||||||
# https://github.com/blueimp/jQuery-File-Upload/blob/master/SECURITY.md
|
|
||||||
#
|
|
||||||
# The settings in this file require Apache to support configuration overrides
|
|
||||||
# in .htaccess files, which is disabled by default since Apache v2.3.9 and needs
|
|
||||||
# to be enabled for the directives in this file to have any effect, see also:
|
|
||||||
# https://httpd.apache.org/docs/current/mod/core.html#allowoverride
|
|
||||||
#
|
|
||||||
# If you have full control over the web server, it is preferrable to define the
|
|
||||||
# settings in the Apache configuration (e.g. /etc/apache2/apache2.conf) itself.
|
|
||||||
#
|
|
||||||
# Some of the directives require the Apache Headers module. If it is not
|
|
||||||
# already enabled, please execute the following command and reload Apache:
|
|
||||||
# sudo a2enmod headers
|
|
||||||
#
|
|
||||||
# Please note that the order of directives across configuration files matters,
|
|
||||||
# see also:
|
|
||||||
# https://httpd.apache.org/docs/current/sections.html#merging
|
|
||||||
|
|
||||||
# The following directive matches all files and forces them to be handled as
|
|
||||||
# static content, which prevents the server from parsing and executing files
|
|
||||||
# that are associated with a dynamic runtime, e.g. PHP files.
|
|
||||||
# It also forces their Content-Type header to "application/octet-stream" and
|
|
||||||
# adds a "Content-Disposition: attachment" header to force a download dialog,
|
|
||||||
# which prevents browsers from interpreting files in the context of the
|
|
||||||
# web server, e.g. HTML files containing JavaScript.
|
|
||||||
# Lastly it also prevents browsers from MIME-sniffing the Content-Type,
|
|
||||||
# preventing them from interpreting a file as a different Content-Type than
|
|
||||||
# the one sent by the webserver.
|
|
||||||
<FilesMatch ".*">
|
|
||||||
SetHandler default-handler
|
|
||||||
ForceType application/octet-stream
|
|
||||||
Header set Content-Disposition attachment
|
|
||||||
Header set X-Content-Type-Options nosniff
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
# The following directive matches known image files and unsets the forced
|
|
||||||
# Content-Type so they can be served with their original mime type.
|
|
||||||
# It also unsets the Content-Disposition header to allow displaying them
|
|
||||||
# inline in the browser.
|
|
||||||
<FilesMatch ".+\.(?i:(gif|jpe?g|png))$">
|
|
||||||
ForceType none
|
|
||||||
Header unset Content-Disposition
|
|
||||||
</FilesMatch>
|
|
||||||
|
|
||||||
# Uncomment the following lines to prevent unauthorized download of files:
|
|
||||||
#AuthName "Authorization required"
|
|
||||||
#AuthType Basic
|
|
||||||
#require valid-user
|
|
|
@ -1,15 +0,0 @@
|
||||||
<?php
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Plugin PHP Example
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
error_reporting(E_ALL | E_STRICT);
|
|
||||||
require('UploadHandler.php');
|
|
||||||
$upload_handler = new UploadHandler();
|
|
|
@ -1,5 +0,0 @@
|
||||||
max_execution_time = 300
|
|
||||||
memory_limit = 500M
|
|
||||||
post_max_size = 4G
|
|
||||||
upload_max_filesize = 4G
|
|
||||||
max_file_uploads = 50
|
|
|
@ -1,49 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<!--
|
|
||||||
/*
|
|
||||||
* jQuery File Upload Test
|
|
||||||
* https://github.com/blueimp/jQuery-File-Upload
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
-->
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<meta charset="utf-8" />
|
|
||||||
<title>jQuery File Upload Test</title>
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
||||||
<link rel="stylesheet" href="vendor/mocha.css" />
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<div id="mocha"></div>
|
|
||||||
<script src="vendor/mocha.js"></script>
|
|
||||||
<script src="vendor/chai.js"></script>
|
|
||||||
<script>
|
|
||||||
mocha.setup('bdd');
|
|
||||||
</script>
|
|
||||||
<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
|
|
||||||
<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
|
|
||||||
<script
|
|
||||||
src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"
|
|
||||||
integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ"
|
|
||||||
crossorigin="anonymous"
|
|
||||||
></script>
|
|
||||||
<script src="../js/vendor/jquery.ui.widget.js"></script>
|
|
||||||
<script src="../js/jquery.iframe-transport.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload-process.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload-image.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload-audio.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload-video.js"></script>
|
|
||||||
<script src="../js/jquery.fileupload-validate.js"></script>
|
|
||||||
<script src="unit.js"></script>
|
|
||||||
<script>
|
|
||||||
mocha.checkLeaks();
|
|
||||||
mocha.run();
|
|
||||||
</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
989
vendor/blueimp/jquery-file-upload/test/unit.js
vendored
989
vendor/blueimp/jquery-file-upload/test/unit.js
vendored
|
@ -1,989 +0,0 @@
|
||||||
/*
|
|
||||||
* jQuery File Upload Test
|
|
||||||
* https://github.com/blueimp/JavaScript-Load-Image
|
|
||||||
*
|
|
||||||
* Copyright 2010, Sebastian Tschan
|
|
||||||
* https://blueimp.net
|
|
||||||
*
|
|
||||||
* Licensed under the MIT license:
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* global beforeEach, afterEach, describe, it */
|
|
||||||
/* eslint-disable new-cap */
|
|
||||||
|
|
||||||
(function (expect, $) {
|
|
||||||
'use strict';
|
|
||||||
|
|
||||||
var canCreateBlob = !!window.dataURLtoBlob;
|
|
||||||
// 80x60px GIF image (color black, base64 data):
|
|
||||||
var b64DataGIF =
|
|
||||||
'R0lGODdhUAA8AIABAAAAAP///ywAAAAAUAA8AAACS4SPqcvtD6' +
|
|
||||||
'OctNqLs968+w+G4kiW5omm6sq27gvH8kzX9o3n+s73/g8MCofE' +
|
|
||||||
'ovGITCqXzKbzCY1Kp9Sq9YrNarfcrvcLDovH5PKsAAA7';
|
|
||||||
var imageUrlGIF = 'data:image/gif;base64,' + b64DataGIF;
|
|
||||||
var blobGIF = canCreateBlob && window.dataURLtoBlob(imageUrlGIF);
|
|
||||||
|
|
||||||
// 2x1px JPEG (color white, with the Exif orientation flag set to 6 and the
|
|
||||||
// IPTC ObjectName (2:5) set to 'objectname'):
|
|
||||||
var b64DataJPEG =
|
|
||||||
'/9j/4AAQSkZJRgABAQEAYABgAAD/4QAiRXhpZgAASUkqAAgAAAABABIBAwABAAAA' +
|
|
||||||
'BgASAAAAAAD/7QAsUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAA8cAgUACm9iamVj' +
|
|
||||||
'dG5hbWUA/9sAQwABAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB' +
|
|
||||||
'AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB/9sAQwEBAQEBAQEBAQEBAQEBAQEB' +
|
|
||||||
'AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB' +
|
|
||||||
'/8AAEQgAAQACAwEiAAIRAQMRAf/EAB8AAAEFAQEBAQEBAAAAAAAAAAABAgMEBQYH' +
|
|
||||||
'CAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZGh' +
|
|
||||||
'CCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RVVldY' +
|
|
||||||
'WVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1' +
|
|
||||||
'tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8B' +
|
|
||||||
'AAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkKC//EALURAAIBAgQEAwQHBQQEAAEC' +
|
|
||||||
'dwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1LwFWJy0QoWJDThJfEXGBka' +
|
|
||||||
'JicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoKDhIWG' +
|
|
||||||
'h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ' +
|
|
||||||
'2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8A/v4ooooA/9k=';
|
|
||||||
var imageUrlJPEG = 'data:image/jpeg;base64,' + b64DataJPEG;
|
|
||||||
var blobJPEG = canCreateBlob && window.dataURLtoBlob(imageUrlJPEG);
|
|
||||||
|
|
||||||
var fileGIF, fileJPEG, files, items, eventObject;
|
|
||||||
|
|
||||||
var uploadURL = '../server/php/';
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Creates a fileupload form and adds it to the DOM
|
|
||||||
*
|
|
||||||
* @returns {object} jQuery node
|
|
||||||
*/
|
|
||||||
function createFileuploadForm() {
|
|
||||||
return $('<form><input type="file" name="files[]" multiple></form>')
|
|
||||||
.prop({
|
|
||||||
action: uploadURL,
|
|
||||||
method: 'POST',
|
|
||||||
enctype: 'multipart/form-data'
|
|
||||||
})
|
|
||||||
.css({ display: 'none' })
|
|
||||||
.appendTo(document.body);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Deletes all files from the upload server
|
|
||||||
*
|
|
||||||
* @param {Array} files Response files list
|
|
||||||
* @param {Function} callback Callback function
|
|
||||||
*/
|
|
||||||
function deleteFiles(files, callback) {
|
|
||||||
$.when(
|
|
||||||
files.map(function (file) {
|
|
||||||
return $.ajax({
|
|
||||||
type: file.deleteType,
|
|
||||||
url: file.deleteUrl
|
|
||||||
});
|
|
||||||
})
|
|
||||||
).always(function () {
|
|
||||||
callback();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
beforeEach(function () {
|
|
||||||
fileGIF = new File([blobGIF], 'example.gif', { type: 'image/gif' });
|
|
||||||
fileJPEG = new File([blobJPEG], 'example.jpg', { type: 'image/jpeg' });
|
|
||||||
files = [fileGIF, fileJPEG];
|
|
||||||
items = [
|
|
||||||
{
|
|
||||||
getAsFile: function () {
|
|
||||||
return files[0];
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
getAsFile: function () {
|
|
||||||
return files[1];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
];
|
|
||||||
eventObject = {
|
|
||||||
originalEvent: {
|
|
||||||
dataTransfer: { files: files, types: ['Files'] },
|
|
||||||
clipboardData: { items: items }
|
|
||||||
}
|
|
||||||
};
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(function (done) {
|
|
||||||
$.getJSON(uploadURL).then(function (result) {
|
|
||||||
deleteFiles(result.files, done);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
describe('Initialization', function () {
|
|
||||||
var form;
|
|
||||||
|
|
||||||
beforeEach(function () {
|
|
||||||
form = createFileuploadForm();
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(function () {
|
|
||||||
form.remove();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('widget', function () {
|
|
||||||
form.fileupload();
|
|
||||||
expect(form.data('blueimp-fileupload')).to.be.an('object');
|
|
||||||
});
|
|
||||||
|
|
||||||
it('file input', function () {
|
|
||||||
form.fileupload();
|
|
||||||
expect(form.fileupload('option', 'fileInput').length).to.equal(1);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('drop zone', function () {
|
|
||||||
form.fileupload();
|
|
||||||
expect(form.fileupload('option', 'dropZone').length).to.equal(1);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('paste zone', function () {
|
|
||||||
form.fileupload({ pasteZone: document });
|
|
||||||
expect(form.fileupload('option', 'pasteZone').length).to.equal(1);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('data attributes', function () {
|
|
||||||
form.attr('data-url', 'https://example.org');
|
|
||||||
form.fileupload();
|
|
||||||
expect(form.fileupload('option', 'url')).to.equal('https://example.org');
|
|
||||||
expect(form.data('blueimp-fileupload')).to.be.an('object');
|
|
||||||
});
|
|
||||||
|
|
||||||
it('event listeners', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload({
|
|
||||||
autoUpload: false,
|
|
||||||
pasteZone: document,
|
|
||||||
dragover: function () {
|
|
||||||
eventsData.dragover = true;
|
|
||||||
},
|
|
||||||
dragenter: function () {
|
|
||||||
eventsData.dragenter = true;
|
|
||||||
},
|
|
||||||
dragleave: function () {
|
|
||||||
eventsData.dragleave = true;
|
|
||||||
},
|
|
||||||
drop: function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
},
|
|
||||||
paste: function (e, data) {
|
|
||||||
eventsData.paste = data;
|
|
||||||
},
|
|
||||||
change: function () {
|
|
||||||
eventsData.change = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'fileInput')
|
|
||||||
.trigger($.Event('change', eventObject));
|
|
||||||
expect(eventsData.change).to.equal(true);
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragover', eventObject))
|
|
||||||
.trigger($.Event('dragenter', eventObject))
|
|
||||||
.trigger($.Event('dragleave', eventObject))
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.dragover).to.equal(true);
|
|
||||||
expect(eventsData.dragenter).to.equal(true);
|
|
||||||
expect(eventsData.dragleave).to.equal(true);
|
|
||||||
expect(eventsData.drop.files).to.deep.equal(files);
|
|
||||||
form
|
|
||||||
.fileupload('option', 'pasteZone')
|
|
||||||
.trigger($.Event('paste', eventObject));
|
|
||||||
expect(eventsData.paste.files).to.deep.equal(files);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
describe('API', function () {
|
|
||||||
var form;
|
|
||||||
|
|
||||||
beforeEach(function () {
|
|
||||||
form = createFileuploadForm().fileupload({
|
|
||||||
dataType: 'json',
|
|
||||||
autoUpload: false
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(function () {
|
|
||||||
form.remove();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('destroy', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
pasteZone: document,
|
|
||||||
dragover: function () {
|
|
||||||
eventsData.dragover = true;
|
|
||||||
},
|
|
||||||
dragenter: function () {
|
|
||||||
eventsData.dragenter = true;
|
|
||||||
},
|
|
||||||
dragleave: function () {
|
|
||||||
eventsData.dragleave = true;
|
|
||||||
},
|
|
||||||
drop: function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
},
|
|
||||||
paste: function (e, data) {
|
|
||||||
eventsData.paste = data;
|
|
||||||
},
|
|
||||||
change: function () {
|
|
||||||
eventsData.change = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
var fileInput = form.fileupload('option', 'fileInput');
|
|
||||||
var dropZone = form.fileupload('option', 'dropZone');
|
|
||||||
var pasteZone = form.fileupload('option', 'pasteZone');
|
|
||||||
form.fileupload('destroy');
|
|
||||||
expect(form.data('blueimp-fileupload')).to.equal();
|
|
||||||
fileInput.trigger($.Event('change', eventObject));
|
|
||||||
expect(eventsData.change).to.equal();
|
|
||||||
dropZone
|
|
||||||
.trigger($.Event('dragover', eventObject))
|
|
||||||
.trigger($.Event('dragenter', eventObject))
|
|
||||||
.trigger($.Event('dragleave', eventObject))
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.dragover).to.equal();
|
|
||||||
expect(eventsData.dragenter).to.equal();
|
|
||||||
expect(eventsData.dragleave).to.equal();
|
|
||||||
expect(eventsData.drop).to.equal();
|
|
||||||
pasteZone.trigger($.Event('paste', eventObject));
|
|
||||||
expect(eventsData.paste).to.equal();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('disable', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
pasteZone: document,
|
|
||||||
dragover: function () {
|
|
||||||
eventsData.dragover = true;
|
|
||||||
},
|
|
||||||
dragenter: function () {
|
|
||||||
eventsData.dragenter = true;
|
|
||||||
},
|
|
||||||
dragleave: function () {
|
|
||||||
eventsData.dragleave = true;
|
|
||||||
},
|
|
||||||
drop: function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
},
|
|
||||||
paste: function (e, data) {
|
|
||||||
eventsData.paste = data;
|
|
||||||
},
|
|
||||||
change: function () {
|
|
||||||
eventsData.change = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('disable');
|
|
||||||
form
|
|
||||||
.fileupload('option', 'fileInput')
|
|
||||||
.trigger($.Event('change', eventObject));
|
|
||||||
expect(eventsData.change).to.equal();
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragover', eventObject))
|
|
||||||
.trigger($.Event('dragenter', eventObject))
|
|
||||||
.trigger($.Event('dragleave', eventObject))
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.dragover).to.equal();
|
|
||||||
expect(eventsData.dragenter).to.equal();
|
|
||||||
expect(eventsData.dragleave).to.equal();
|
|
||||||
expect(eventsData.drop).to.equal();
|
|
||||||
form
|
|
||||||
.fileupload('option', 'pasteZone')
|
|
||||||
.trigger($.Event('paste', eventObject));
|
|
||||||
expect(eventsData.paste).to.equal();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('enable', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
pasteZone: document,
|
|
||||||
dragover: function () {
|
|
||||||
eventsData.dragover = true;
|
|
||||||
},
|
|
||||||
dragenter: function () {
|
|
||||||
eventsData.dragenter = true;
|
|
||||||
},
|
|
||||||
dragleave: function () {
|
|
||||||
eventsData.dragleave = true;
|
|
||||||
},
|
|
||||||
drop: function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
},
|
|
||||||
paste: function (e, data) {
|
|
||||||
eventsData.paste = data;
|
|
||||||
},
|
|
||||||
change: function () {
|
|
||||||
eventsData.change = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('disable');
|
|
||||||
form.fileupload('enable');
|
|
||||||
form
|
|
||||||
.fileupload('option', 'fileInput')
|
|
||||||
.trigger($.Event('change', eventObject));
|
|
||||||
expect(eventsData.change).to.equal(true);
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragover', eventObject))
|
|
||||||
.trigger($.Event('dragenter', eventObject))
|
|
||||||
.trigger($.Event('dragleave', eventObject))
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.dragover).to.equal(true);
|
|
||||||
expect(eventsData.dragenter).to.equal(true);
|
|
||||||
expect(eventsData.dragleave).to.equal(true);
|
|
||||||
expect(eventsData.drop.files).to.deep.equal(files);
|
|
||||||
form
|
|
||||||
.fileupload('option', 'pasteZone')
|
|
||||||
.trigger($.Event('paste', eventObject));
|
|
||||||
expect(eventsData.paste.files).to.deep.equal(files);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('option', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', 'drop', function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
});
|
|
||||||
var dropZone = form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.drop.files).to.deep.equal(files);
|
|
||||||
delete eventsData.drop;
|
|
||||||
form.fileupload('option', 'dropZone', null);
|
|
||||||
dropZone.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.drop).to.equal();
|
|
||||||
form.fileupload('option', {
|
|
||||||
dropZone: dropZone
|
|
||||||
});
|
|
||||||
dropZone.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.drop.files).to.deep.equal(files);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('add', function () {
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', 'add', function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
expect(eventData.length).to.equal(2);
|
|
||||||
expect(eventData[0].files[0]).to.equal(files[0]);
|
|
||||||
expect(eventData[1].files[0]).to.equal(files[1]);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('send', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
form.fileupload('send', { files: files }).complete(function (result) {
|
|
||||||
var uploadedFiles = result.responseJSON.files;
|
|
||||||
expect(uploadedFiles.length).to.equal(2);
|
|
||||||
expect(uploadedFiles[0].type).to.equal(files[0].type);
|
|
||||||
expect(uploadedFiles[0].error).to.equal();
|
|
||||||
expect(uploadedFiles[1].type).to.equal(files[1].type);
|
|
||||||
expect(uploadedFiles[1].error).to.equal();
|
|
||||||
done();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
describe('Callbacks', function () {
|
|
||||||
var form;
|
|
||||||
|
|
||||||
beforeEach(function () {
|
|
||||||
form = createFileuploadForm().fileupload({ dataType: 'json' });
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(function () {
|
|
||||||
form.remove();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('add', function () {
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', 'add', function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
expect(eventData.length).to.equal(2);
|
|
||||||
expect(eventData[0].files[0]).to.equal(files[0]);
|
|
||||||
expect(eventData[1].files[0]).to.equal(files[1]);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('submit', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', {
|
|
||||||
submit: function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (eventData.length < 2) return;
|
|
||||||
expect(eventData[0].files[0]).to.equal(files[0]);
|
|
||||||
expect(eventData[1].files[0]).to.equal(files[1]);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('send', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', {
|
|
||||||
send: function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
expect(eventData.length).to.equal(1);
|
|
||||||
expect(eventData[0].files).to.deep.equal(files);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('send', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('done', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', {
|
|
||||||
done: function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (eventData.length < 2) return;
|
|
||||||
expect(eventData[0].result.files.length).to.equal(1);
|
|
||||||
expect(eventData[1].result.files.length).to.equal(1);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('fail', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', {
|
|
||||||
url: uploadURL + '404',
|
|
||||||
fail: function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (eventData.length < 2) return;
|
|
||||||
expect(eventData[0].result).to.equal();
|
|
||||||
expect(eventData[1].result).to.equal();
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('always', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var eventData = [];
|
|
||||||
form.fileupload('option', {
|
|
||||||
always: function (e, data) {
|
|
||||||
eventData.push(data);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (eventData.length < 2) {
|
|
||||||
expect(eventData[0].result).to.equal();
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
expect(eventData[1].result.files.length).to.equal(1);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF], url: uploadURL + '404' });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('progress', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var loaded;
|
|
||||||
var total;
|
|
||||||
form.fileupload('option', {
|
|
||||||
progress: function (e, data) {
|
|
||||||
loaded = data.loaded;
|
|
||||||
total = data.total;
|
|
||||||
expect(loaded).to.be.at.most(total);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
expect(loaded).to.equal(total);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('progressall', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var loaded;
|
|
||||||
var total;
|
|
||||||
var completed = 0;
|
|
||||||
form.fileupload('option', {
|
|
||||||
progressall: function (e, data) {
|
|
||||||
loaded = data.loaded;
|
|
||||||
total = data.total;
|
|
||||||
expect(loaded).to.be.at.most(total);
|
|
||||||
},
|
|
||||||
always: function () {
|
|
||||||
completed++;
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (completed < 2) return;
|
|
||||||
expect(loaded).to.equal(total);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('start', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
var started;
|
|
||||||
form.fileupload('option', {
|
|
||||||
start: function () {
|
|
||||||
started = true;
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
expect(started).to.equal(true);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('stop', function (done) {
|
|
||||||
this.slow(200);
|
|
||||||
form.fileupload('option', {
|
|
||||||
stop: function () {
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('dragover', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
dragover: function () {
|
|
||||||
eventsData.dragover = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragover', eventObject));
|
|
||||||
expect(eventsData.dragover).to.equal(true);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('dragenter', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
dragenter: function () {
|
|
||||||
eventsData.dragenter = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragenter', eventObject));
|
|
||||||
expect(eventsData.dragenter).to.equal(true);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('dragleave', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
dragleave: function () {
|
|
||||||
eventsData.dragleave = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('dragleave', eventObject));
|
|
||||||
expect(eventsData.dragleave).to.equal(true);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('drop', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
drop: function (e, data) {
|
|
||||||
eventsData.drop = data;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'dropZone')
|
|
||||||
.trigger($.Event('drop', eventObject));
|
|
||||||
expect(eventsData.drop.files).to.deep.equal(files);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('paste', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
pasteZone: document,
|
|
||||||
paste: function (e, data) {
|
|
||||||
eventsData.paste = data;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'pasteZone')
|
|
||||||
.trigger($.Event('paste', eventObject));
|
|
||||||
expect(eventsData.paste.files).to.deep.equal(files);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('change', function () {
|
|
||||||
var eventsData = {};
|
|
||||||
form.fileupload('option', {
|
|
||||||
autoUpload: false,
|
|
||||||
change: function () {
|
|
||||||
eventsData.change = true;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form
|
|
||||||
.fileupload('option', 'fileInput')
|
|
||||||
.trigger($.Event('change', eventObject));
|
|
||||||
expect(eventsData.change).to.equal(true);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
describe('Options', function () {
|
|
||||||
var form;
|
|
||||||
|
|
||||||
beforeEach(function () {
|
|
||||||
form = createFileuploadForm();
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(function () {
|
|
||||||
form.remove();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('paramName', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.paramName[0]).to.equal(
|
|
||||||
form.fileupload('option', 'fileInput').prop('name')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('url', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.url).to.equal(form.prop('action'));
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('type', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
type: 'PUT',
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.type).to.equal('PUT');
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('replaceFileInput', function () {
|
|
||||||
form.fileupload();
|
|
||||||
var fileInput = form.fileupload('option', 'fileInput');
|
|
||||||
fileInput.trigger($.Event('change', eventObject));
|
|
||||||
expect(form.fileupload('option', 'fileInput')[0]).to.not.equal(
|
|
||||||
fileInput[0]
|
|
||||||
);
|
|
||||||
form.fileupload('option', 'replaceFileInput', false);
|
|
||||||
fileInput = form.fileupload('option', 'fileInput');
|
|
||||||
fileInput.trigger($.Event('change', eventObject));
|
|
||||||
expect(form.fileupload('option', 'fileInput')[0]).to.equal(fileInput[0]);
|
|
||||||
});
|
|
||||||
|
|
||||||
it('forceIframeTransport', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
forceIframeTransport: 'PUT',
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.dataType.substr(0, 6)).to.equal('iframe');
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('singleFileUploads', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
singleFileUploads: false,
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.files).to.deep.equal(files);
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('limitMultiFileUploads', function (done) {
|
|
||||||
var completed = 0;
|
|
||||||
form.fileupload({
|
|
||||||
singleFileUploads: false,
|
|
||||||
limitMultiFileUploads: 2,
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.files).to.deep.equal(files);
|
|
||||||
completed++;
|
|
||||||
if (completed < 2) return;
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files.concat(files) });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('limitMultiFileUploadSize', function (done) {
|
|
||||||
var completed = 0;
|
|
||||||
form.fileupload({
|
|
||||||
singleFileUploads: false,
|
|
||||||
limitMultiFileUploadSize: files[0].size + files[1].size,
|
|
||||||
limitMultiFileUploadSizeOverhead: 0,
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.files).to.deep.equal(files);
|
|
||||||
completed++;
|
|
||||||
if (completed < 2) return;
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files.concat(files) });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('sequentialUploads', function (done) {
|
|
||||||
this.slow(400);
|
|
||||||
var completed = 0;
|
|
||||||
var events = [];
|
|
||||||
form.fileupload({
|
|
||||||
sequentialUploads: true,
|
|
||||||
dataType: 'json',
|
|
||||||
send: function () {
|
|
||||||
events.push('send');
|
|
||||||
},
|
|
||||||
always: function () {
|
|
||||||
events.push('complete');
|
|
||||||
completed++;
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (completed === 4) {
|
|
||||||
expect(events.join(',')).to.equal(
|
|
||||||
[
|
|
||||||
'send',
|
|
||||||
'complete',
|
|
||||||
'send',
|
|
||||||
'complete',
|
|
||||||
'send',
|
|
||||||
'complete',
|
|
||||||
'send',
|
|
||||||
'complete'
|
|
||||||
].join(',')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files.concat(files) });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('limitConcurrentUploads', function (done) {
|
|
||||||
this.slow(800);
|
|
||||||
var completed = 0;
|
|
||||||
var loadCount = 0;
|
|
||||||
form.fileupload({
|
|
||||||
limitConcurrentUploads: 2,
|
|
||||||
dataType: 'json',
|
|
||||||
send: function () {
|
|
||||||
loadCount++;
|
|
||||||
expect(loadCount).to.be.at.most(2);
|
|
||||||
},
|
|
||||||
always: function () {
|
|
||||||
completed++;
|
|
||||||
loadCount--;
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
if (completed === 8) {
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', {
|
|
||||||
files: files.concat(files).concat(files).concat(files)
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
it('multipart', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
multipart: false,
|
|
||||||
send: function (e, data) {
|
|
||||||
expect(data.contentType).to.equal(fileGIF.type);
|
|
||||||
expect(data.headers['Content-Disposition']).to.equal(
|
|
||||||
'attachment; filename="' + fileGIF.name + '"'
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('uniqueFilenames', function (done) {
|
|
||||||
form.fileupload({
|
|
||||||
uniqueFilenames: {},
|
|
||||||
send: function (e, data) {
|
|
||||||
var formFiles = data.data.getAll('files[]');
|
|
||||||
expect(formFiles[0].name).to.equal(fileGIF.name);
|
|
||||||
expect(formFiles[1].name).to.equal(
|
|
||||||
fileGIF.name.replace('.gif', ' (1).gif')
|
|
||||||
);
|
|
||||||
expect(formFiles[2].name).to.equal(
|
|
||||||
fileGIF.name.replace('.gif', ' (2).gif')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('send', { files: [fileGIF, fileGIF, fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('maxChunkSize', function (done) {
|
|
||||||
this.slow(400);
|
|
||||||
var events = [];
|
|
||||||
form.fileupload({
|
|
||||||
maxChunkSize: 32,
|
|
||||||
dataType: 'json',
|
|
||||||
chunkbeforesend: function () {
|
|
||||||
events.push('chunkbeforesend');
|
|
||||||
},
|
|
||||||
chunksend: function () {
|
|
||||||
events.push('chunksend');
|
|
||||||
},
|
|
||||||
chunkdone: function () {
|
|
||||||
events.push('chunkdone');
|
|
||||||
},
|
|
||||||
done: function (e, data) {
|
|
||||||
var uploadedFile = data.result.files[0];
|
|
||||||
expect(uploadedFile.type).to.equal(fileGIF.type);
|
|
||||||
expect(uploadedFile.size).to.equal(fileGIF.size);
|
|
||||||
},
|
|
||||||
stop: function () {
|
|
||||||
expect(events.join(',')).to.equal(
|
|
||||||
[
|
|
||||||
'chunkbeforesend',
|
|
||||||
'chunksend',
|
|
||||||
'chunkdone',
|
|
||||||
'chunkbeforesend',
|
|
||||||
'chunksend',
|
|
||||||
'chunkdone',
|
|
||||||
'chunkbeforesend',
|
|
||||||
'chunksend',
|
|
||||||
'chunkdone',
|
|
||||||
'chunkbeforesend',
|
|
||||||
'chunksend',
|
|
||||||
'chunkdone'
|
|
||||||
].join(',')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('send', { files: [fileGIF] });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('acceptFileTypes', function (done) {
|
|
||||||
var processData;
|
|
||||||
form.fileupload({
|
|
||||||
acceptFileTypes: /^image\/gif$/,
|
|
||||||
singleFileUploads: false,
|
|
||||||
processalways: function (e, data) {
|
|
||||||
processData = data;
|
|
||||||
},
|
|
||||||
processstop: function () {
|
|
||||||
expect(processData.files[0].error).to.equal();
|
|
||||||
expect(processData.files[1].error).to.equal(
|
|
||||||
form.fileupload('option').i18n('acceptFileTypes')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('maxFileSize', function (done) {
|
|
||||||
var processData;
|
|
||||||
form.fileupload({
|
|
||||||
maxFileSize: 200,
|
|
||||||
singleFileUploads: false,
|
|
||||||
processalways: function (e, data) {
|
|
||||||
processData = data;
|
|
||||||
},
|
|
||||||
processstop: function () {
|
|
||||||
expect(processData.files[0].error).to.equal();
|
|
||||||
expect(processData.files[1].error).to.equal(
|
|
||||||
form.fileupload('option').i18n('maxFileSize')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('minFileSize', function (done) {
|
|
||||||
var processData;
|
|
||||||
form.fileupload({
|
|
||||||
minFileSize: 200,
|
|
||||||
singleFileUploads: false,
|
|
||||||
processalways: function (e, data) {
|
|
||||||
processData = data;
|
|
||||||
},
|
|
||||||
processstop: function () {
|
|
||||||
expect(processData.files[0].error).to.equal(
|
|
||||||
form.fileupload('option').i18n('minFileSize')
|
|
||||||
);
|
|
||||||
expect(processData.files[1].error).to.equal();
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
|
|
||||||
it('maxNumberOfFiles', function (done) {
|
|
||||||
var processData;
|
|
||||||
form.fileupload({
|
|
||||||
maxNumberOfFiles: 2,
|
|
||||||
getNumberOfFiles: function () {
|
|
||||||
return 2;
|
|
||||||
},
|
|
||||||
singleFileUploads: false,
|
|
||||||
processalways: function (e, data) {
|
|
||||||
processData = data;
|
|
||||||
},
|
|
||||||
processstop: function () {
|
|
||||||
expect(processData.files[0].error).to.equal(
|
|
||||||
form.fileupload('option').i18n('maxNumberOfFiles')
|
|
||||||
);
|
|
||||||
expect(processData.files[1].error).to.equal(
|
|
||||||
form.fileupload('option').i18n('maxNumberOfFiles')
|
|
||||||
);
|
|
||||||
done();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
form.fileupload('add', { files: files });
|
|
||||||
});
|
|
||||||
});
|
|
||||||
})(this.chai.expect, this.jQuery);
|
|
10854
vendor/blueimp/jquery-file-upload/test/vendor/chai.js
vendored
10854
vendor/blueimp/jquery-file-upload/test/vendor/chai.js
vendored
File diff suppressed because it is too large
Load diff
|
@ -1,325 +0,0 @@
|
||||||
@charset "utf-8";
|
|
||||||
|
|
||||||
body {
|
|
||||||
margin:0;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha {
|
|
||||||
font: 20px/1.5 "Helvetica Neue", Helvetica, Arial, sans-serif;
|
|
||||||
margin: 60px 50px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha ul,
|
|
||||||
#mocha li {
|
|
||||||
margin: 0;
|
|
||||||
padding: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha ul {
|
|
||||||
list-style: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha h1,
|
|
||||||
#mocha h2 {
|
|
||||||
margin: 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha h1 {
|
|
||||||
margin-top: 15px;
|
|
||||||
font-size: 1em;
|
|
||||||
font-weight: 200;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha h1 a {
|
|
||||||
text-decoration: none;
|
|
||||||
color: inherit;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha h1 a:hover {
|
|
||||||
text-decoration: underline;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .suite .suite h1 {
|
|
||||||
margin-top: 0;
|
|
||||||
font-size: .8em;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .hidden {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha h2 {
|
|
||||||
font-size: 12px;
|
|
||||||
font-weight: normal;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .suite {
|
|
||||||
margin-left: 15px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test {
|
|
||||||
margin-left: 15px;
|
|
||||||
overflow: hidden;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pending:hover h2::after {
|
|
||||||
content: '(pending)';
|
|
||||||
font-family: arial, sans-serif;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pass.medium .duration {
|
|
||||||
background: #c09853;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pass.slow .duration {
|
|
||||||
background: #b94a48;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pass::before {
|
|
||||||
content: '✓';
|
|
||||||
font-size: 12px;
|
|
||||||
display: block;
|
|
||||||
float: left;
|
|
||||||
margin-right: 5px;
|
|
||||||
color: #00d6b2;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pass .duration {
|
|
||||||
font-size: 9px;
|
|
||||||
margin-left: 5px;
|
|
||||||
padding: 2px 5px;
|
|
||||||
color: #fff;
|
|
||||||
-webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.2);
|
|
||||||
-moz-box-shadow: inset 0 1px 1px rgba(0,0,0,.2);
|
|
||||||
box-shadow: inset 0 1px 1px rgba(0,0,0,.2);
|
|
||||||
-webkit-border-radius: 5px;
|
|
||||||
-moz-border-radius: 5px;
|
|
||||||
-ms-border-radius: 5px;
|
|
||||||
-o-border-radius: 5px;
|
|
||||||
border-radius: 5px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pass.fast .duration {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pending {
|
|
||||||
color: #0b97c4;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.pending::before {
|
|
||||||
content: '◦';
|
|
||||||
color: #0b97c4;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.fail {
|
|
||||||
color: #c00;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.fail pre {
|
|
||||||
color: black;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test.fail::before {
|
|
||||||
content: '✖';
|
|
||||||
font-size: 12px;
|
|
||||||
display: block;
|
|
||||||
float: left;
|
|
||||||
margin-right: 5px;
|
|
||||||
color: #c00;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test pre.error {
|
|
||||||
color: #c00;
|
|
||||||
max-height: 300px;
|
|
||||||
overflow: auto;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test .html-error {
|
|
||||||
overflow: auto;
|
|
||||||
color: black;
|
|
||||||
display: block;
|
|
||||||
float: left;
|
|
||||||
clear: left;
|
|
||||||
font: 12px/1.5 monaco, monospace;
|
|
||||||
margin: 5px;
|
|
||||||
padding: 15px;
|
|
||||||
border: 1px solid #eee;
|
|
||||||
max-width: 85%; /*(1)*/
|
|
||||||
max-width: -webkit-calc(100% - 42px);
|
|
||||||
max-width: -moz-calc(100% - 42px);
|
|
||||||
max-width: calc(100% - 42px); /*(2)*/
|
|
||||||
max-height: 300px;
|
|
||||||
word-wrap: break-word;
|
|
||||||
border-bottom-color: #ddd;
|
|
||||||
-webkit-box-shadow: 0 1px 3px #eee;
|
|
||||||
-moz-box-shadow: 0 1px 3px #eee;
|
|
||||||
box-shadow: 0 1px 3px #eee;
|
|
||||||
-webkit-border-radius: 3px;
|
|
||||||
-moz-border-radius: 3px;
|
|
||||||
border-radius: 3px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test .html-error pre.error {
|
|
||||||
border: none;
|
|
||||||
-webkit-border-radius: 0;
|
|
||||||
-moz-border-radius: 0;
|
|
||||||
border-radius: 0;
|
|
||||||
-webkit-box-shadow: 0;
|
|
||||||
-moz-box-shadow: 0;
|
|
||||||
box-shadow: 0;
|
|
||||||
padding: 0;
|
|
||||||
margin: 0;
|
|
||||||
margin-top: 18px;
|
|
||||||
max-height: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* (1): approximate for browsers not supporting calc
|
|
||||||
* (2): 42 = 2*15 + 2*10 + 2*1 (padding + margin + border)
|
|
||||||
* ^^ seriously
|
|
||||||
*/
|
|
||||||
#mocha .test pre {
|
|
||||||
display: block;
|
|
||||||
float: left;
|
|
||||||
clear: left;
|
|
||||||
font: 12px/1.5 monaco, monospace;
|
|
||||||
margin: 5px;
|
|
||||||
padding: 15px;
|
|
||||||
border: 1px solid #eee;
|
|
||||||
max-width: 85%; /*(1)*/
|
|
||||||
max-width: -webkit-calc(100% - 42px);
|
|
||||||
max-width: -moz-calc(100% - 42px);
|
|
||||||
max-width: calc(100% - 42px); /*(2)*/
|
|
||||||
word-wrap: break-word;
|
|
||||||
border-bottom-color: #ddd;
|
|
||||||
-webkit-box-shadow: 0 1px 3px #eee;
|
|
||||||
-moz-box-shadow: 0 1px 3px #eee;
|
|
||||||
box-shadow: 0 1px 3px #eee;
|
|
||||||
-webkit-border-radius: 3px;
|
|
||||||
-moz-border-radius: 3px;
|
|
||||||
border-radius: 3px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test h2 {
|
|
||||||
position: relative;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test a.replay {
|
|
||||||
position: absolute;
|
|
||||||
top: 3px;
|
|
||||||
right: 0;
|
|
||||||
text-decoration: none;
|
|
||||||
vertical-align: middle;
|
|
||||||
display: block;
|
|
||||||
width: 15px;
|
|
||||||
height: 15px;
|
|
||||||
line-height: 15px;
|
|
||||||
text-align: center;
|
|
||||||
background: #eee;
|
|
||||||
font-size: 15px;
|
|
||||||
-webkit-border-radius: 15px;
|
|
||||||
-moz-border-radius: 15px;
|
|
||||||
border-radius: 15px;
|
|
||||||
-webkit-transition:opacity 200ms;
|
|
||||||
-moz-transition:opacity 200ms;
|
|
||||||
-o-transition:opacity 200ms;
|
|
||||||
transition: opacity 200ms;
|
|
||||||
opacity: 0.3;
|
|
||||||
color: #888;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha .test:hover a.replay {
|
|
||||||
opacity: 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-report.pass .test.fail {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-report.fail .test.pass {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-report.pending .test.pass,
|
|
||||||
#mocha-report.pending .test.fail {
|
|
||||||
display: none;
|
|
||||||
}
|
|
||||||
#mocha-report.pending .test.pass.pending {
|
|
||||||
display: block;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-error {
|
|
||||||
color: #c00;
|
|
||||||
font-size: 1.5em;
|
|
||||||
font-weight: 100;
|
|
||||||
letter-spacing: 1px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats {
|
|
||||||
position: fixed;
|
|
||||||
top: 15px;
|
|
||||||
right: 10px;
|
|
||||||
font-size: 12px;
|
|
||||||
margin: 0;
|
|
||||||
color: #888;
|
|
||||||
z-index: 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats .progress {
|
|
||||||
float: right;
|
|
||||||
padding-top: 0;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set safe initial values, so mochas .progress does not inherit these
|
|
||||||
* properties from Bootstrap .progress (which causes .progress height to
|
|
||||||
* equal line height set in Bootstrap).
|
|
||||||
*/
|
|
||||||
height: auto;
|
|
||||||
-webkit-box-shadow: none;
|
|
||||||
-moz-box-shadow: none;
|
|
||||||
box-shadow: none;
|
|
||||||
background-color: initial;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats em {
|
|
||||||
color: black;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats a {
|
|
||||||
text-decoration: none;
|
|
||||||
color: inherit;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats a:hover {
|
|
||||||
border-bottom: 1px solid #eee;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats li {
|
|
||||||
display: inline-block;
|
|
||||||
margin: 0 5px;
|
|
||||||
list-style: none;
|
|
||||||
padding-top: 11px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha-stats canvas {
|
|
||||||
width: 40px;
|
|
||||||
height: 40px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha code .comment { color: #ddd; }
|
|
||||||
#mocha code .init { color: #2f6fad; }
|
|
||||||
#mocha code .string { color: #5890ad; }
|
|
||||||
#mocha code .keyword { color: #8a6343; }
|
|
||||||
#mocha code .number { color: #2f6fad; }
|
|
||||||
|
|
||||||
@media screen and (max-device-width: 480px) {
|
|
||||||
#mocha {
|
|
||||||
margin: 60px 0px;
|
|
||||||
}
|
|
||||||
|
|
||||||
#mocha #stats {
|
|
||||||
position: absolute;
|
|
||||||
}
|
|
||||||
}
|
|
18178
vendor/blueimp/jquery-file-upload/test/vendor/mocha.js
vendored
18178
vendor/blueimp/jquery-file-upload/test/vendor/mocha.js
vendored
File diff suppressed because one or more lines are too long
|
@ -1,10 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
module.exports = {
|
|
||||||
env: {
|
|
||||||
node: true
|
|
||||||
},
|
|
||||||
parserOptions: {
|
|
||||||
ecmaVersion: 2019
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,9 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
module.exports = {
|
|
||||||
arrowParens: 'avoid',
|
|
||||||
proseWrap: 'always',
|
|
||||||
semi: false,
|
|
||||||
singleQuote: true,
|
|
||||||
trailingComma: 'none'
|
|
||||||
}
|
|
|
@ -1,20 +0,0 @@
|
||||||
MIT License
|
|
||||||
|
|
||||||
Copyright © 2019 Sebastian Tschan, https://blueimp.net
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
|
||||||
this software and associated documentation files (the "Software"), to deal in
|
|
||||||
the Software without restriction, including without limitation the rights to
|
|
||||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
|
||||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
|
||||||
subject to the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be included in all
|
|
||||||
copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
|
||||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
|
||||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
|
||||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
||||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
Binary file not shown.
Before Width: | Height: | Size: 407 B |
Binary file not shown.
Before Width: | Height: | Size: 145 B |
|
@ -1,40 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
/* eslint-disable jsdoc/valid-types */
|
|
||||||
/** @type WebdriverIO.Config */
|
|
||||||
const config = {
|
|
||||||
hostname: 'chromedriver',
|
|
||||||
path: '/',
|
|
||||||
capabilities: [
|
|
||||||
{
|
|
||||||
// Set maxInstances to 1 if screen recordings are enabled:
|
|
||||||
// maxInstances: 1,
|
|
||||||
browserName: 'chrome',
|
|
||||||
'goog:chromeOptions': {
|
|
||||||
// Disable headless mode if screen recordings are enabled:
|
|
||||||
args: ['--headless', '--window-size=1440,900']
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
logLevel: 'warn',
|
|
||||||
reporters: ['spec'],
|
|
||||||
framework: 'mocha',
|
|
||||||
mochaOpts: {
|
|
||||||
timeout: 60000
|
|
||||||
},
|
|
||||||
specs: ['test/specs/**/*.js'],
|
|
||||||
maximizeWindow: true,
|
|
||||||
screenshots: {
|
|
||||||
saveOnFail: true
|
|
||||||
},
|
|
||||||
videos: {
|
|
||||||
enabled: false,
|
|
||||||
resolution: '1440x900',
|
|
||||||
startDelay: 500,
|
|
||||||
stopDelay: 500
|
|
||||||
},
|
|
||||||
assetsDir: '/home/webdriver/assets/',
|
|
||||||
baseUrl: 'http://example'
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.config = Object.assign({}, require('../hooks'), config)
|
|
|
@ -1,25 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
/* eslint-disable jsdoc/valid-types */
|
|
||||||
/** @type WebdriverIO.Config */
|
|
||||||
const config = {
|
|
||||||
hostname: 'geckodriver',
|
|
||||||
capabilities: [
|
|
||||||
{
|
|
||||||
// geckodriver supports no parallel sessions:
|
|
||||||
maxInstances: 1,
|
|
||||||
browserName: 'firefox',
|
|
||||||
'moz:firefoxOptions': {
|
|
||||||
//args: ['-headless', '--window-size=1440,900']
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
videos: {
|
|
||||||
enabled: true,
|
|
||||||
resolution: '1440x900',
|
|
||||||
startDelay: 500,
|
|
||||||
stopDelay: 500
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.config = Object.assign({}, require('./chrome').config, config)
|
|
|
@ -1,36 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
/* global browser, Promise */
|
|
||||||
|
|
||||||
const cmds = require('wdio-screen-commands')
|
|
||||||
|
|
||||||
/* eslint-disable jsdoc/valid-types */
|
|
||||||
/** @type WebdriverIO.HookFunctionExtension */
|
|
||||||
const config = {
|
|
||||||
before: async () => {
|
|
||||||
// Add browser commands:
|
|
||||||
browser.addCommand('saveScreenshotByName', cmds.saveScreenshotByName)
|
|
||||||
browser.addCommand('saveAndDiffScreenshot', cmds.saveAndDiffScreenshot)
|
|
||||||
// Add element commands:
|
|
||||||
browser.addCommand('saveScreenshotByName', cmds.saveScreenshotByName, true)
|
|
||||||
browser.addCommand(
|
|
||||||
'saveAndDiffScreenshot',
|
|
||||||
cmds.saveAndDiffScreenshot,
|
|
||||||
true
|
|
||||||
)
|
|
||||||
if (browser.config.appium)
|
|
||||||
await browser.updateSettings(browser.config.appium)
|
|
||||||
if (browser.config.maximizeWindow) await browser.maximizeWindow()
|
|
||||||
},
|
|
||||||
beforeTest: async test => {
|
|
||||||
await cmds.startScreenRecording(test)
|
|
||||||
},
|
|
||||||
afterTest: async (test, context, result) => {
|
|
||||||
await Promise.all([
|
|
||||||
cmds.stopScreenRecording(test, result),
|
|
||||||
cmds.saveScreenshotByTest(test, result)
|
|
||||||
])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = config
|
|
|
@ -1,2 +0,0 @@
|
||||||
*
|
|
||||||
!/.gitignore
|
|
|
@ -1,79 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
/* global browser, $, $$ */
|
|
||||||
/* eslint-disable class-methods-use-this */
|
|
||||||
|
|
||||||
class FileUpload {
|
|
||||||
get fileinput() {
|
|
||||||
return $('.fileinput-button input')
|
|
||||||
}
|
|
||||||
get start() {
|
|
||||||
return $('.fileupload-buttonbar .start')
|
|
||||||
}
|
|
||||||
get toggle() {
|
|
||||||
return $('.fileupload-buttonbar .toggle')
|
|
||||||
}
|
|
||||||
get remove() {
|
|
||||||
return $('.fileupload-buttonbar .delete')
|
|
||||||
}
|
|
||||||
get processing() {
|
|
||||||
return $$('.files .processing')
|
|
||||||
}
|
|
||||||
get uploads() {
|
|
||||||
return $$('.files .template-upload')
|
|
||||||
}
|
|
||||||
get downloads() {
|
|
||||||
return $$('.files .template-download')
|
|
||||||
}
|
|
||||||
get checked() {
|
|
||||||
return $$('.files .toggle:checked')
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* Opens the file upload form.
|
|
||||||
*
|
|
||||||
* @param {number} [timeout] Wait timeout
|
|
||||||
*/
|
|
||||||
async open(timeout) {
|
|
||||||
await browser.url('/')
|
|
||||||
await this.fileinput.waitForExist({ timeout })
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* Uploads files.
|
|
||||||
*
|
|
||||||
* @param {Array<string>} files Files to upload
|
|
||||||
* @param {number} [timeout] Wait timeout
|
|
||||||
*/
|
|
||||||
async upload(files, timeout) {
|
|
||||||
await this.fileinput.addValue(files.join('\n'))
|
|
||||||
await browser.waitUntil(async () => !(await this.processing.length), {
|
|
||||||
timeout
|
|
||||||
})
|
|
||||||
await this.start.click()
|
|
||||||
await browser.waitUntil(async () => !!(await this.downloads.length), {
|
|
||||||
timeout
|
|
||||||
})
|
|
||||||
await browser.waitUntil(async () => !(await this.uploads.length), {
|
|
||||||
timeout
|
|
||||||
})
|
|
||||||
}
|
|
||||||
/**
|
|
||||||
* Deletes uploaded files.
|
|
||||||
*
|
|
||||||
* @param {number} [timeout] Wait timeout
|
|
||||||
*/
|
|
||||||
async delete(timeout) {
|
|
||||||
await this.toggle.click()
|
|
||||||
await browser.waitUntil(
|
|
||||||
async () => (await this.downloads.length) === (await this.checked.length),
|
|
||||||
{
|
|
||||||
timeout
|
|
||||||
}
|
|
||||||
)
|
|
||||||
await this.remove.click()
|
|
||||||
await browser.waitUntil(async () => !(await this.downloads.length), {
|
|
||||||
timeout
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = new FileUpload()
|
|
|
@ -1,25 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
/* global browser, describe, it */
|
|
||||||
|
|
||||||
const FileUpload = require('../pages/file-upload')
|
|
||||||
const assetsDir = browser.config.assetsDir
|
|
||||||
|
|
||||||
describe('File Upload', () => {
|
|
||||||
if (!assetsDir) return
|
|
||||||
|
|
||||||
it('uploads files', async () => {
|
|
||||||
await FileUpload.open()
|
|
||||||
await FileUpload.upload([
|
|
||||||
assetsDir + 'black+white-60x40.gif',
|
|
||||||
assetsDir + 'black+white-3x2.jpg'
|
|
||||||
])
|
|
||||||
await browser.saveAndDiffScreenshot('Files uploaded')
|
|
||||||
})
|
|
||||||
|
|
||||||
it('deletes files', async () => {
|
|
||||||
await FileUpload.open()
|
|
||||||
await FileUpload.delete()
|
|
||||||
await browser.saveAndDiffScreenshot('Files deleted')
|
|
||||||
})
|
|
||||||
})
|
|
|
@ -1,4 +0,0 @@
|
||||||
'use strict'
|
|
||||||
|
|
||||||
// Default to the Chrome config:
|
|
||||||
exports.config = require('./conf/chrome').config
|
|
200
vendor/bshaffer/oauth2-server-php/CHANGELOG.md
vendored
200
vendor/bshaffer/oauth2-server-php/CHANGELOG.md
vendored
|
@ -1,200 +0,0 @@
|
||||||
CHANGELOG for 1.x
|
|
||||||
=================
|
|
||||||
|
|
||||||
This changelog references the relevant changes (bug and security fixes) done
|
|
||||||
in 1.x minor versions.
|
|
||||||
|
|
||||||
To see the files changed for a given bug, go to https://github.com/bshaffer/oauth2-server-php/issues/### where ### is the bug number
|
|
||||||
To get the diff between two versions, go to https://github.com/bshaffer/oauth2-server-php/compare/v1.0...v1.1
|
|
||||||
To get the diff for a specific change, go to https://github.com/bshaffer/oauth2-server-php/commit/XXX where XXX is the change hash
|
|
||||||
|
|
||||||
* 1.10.0 (2017-11-15)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/889
|
|
||||||
|
|
||||||
* #795 - [feature] added protected createPayload method to allow easier customization of JWT payload
|
|
||||||
* #807 - [refactor] simplifies UserInfoController constructor
|
|
||||||
* #814 - [docs] Adds https to README link
|
|
||||||
* #827 - [testing] Explicitly pulls in phpunit 4
|
|
||||||
* #828 - [docs] PHPDoc improvements and type hinting of variables.
|
|
||||||
* #829 - [bug] Fix CORS issue for revoking and requesting an access token
|
|
||||||
* #869 - [testing] Remove php 5.3 from travis and use vendored phpunit
|
|
||||||
* #834 - [feature] use random_bytes if available
|
|
||||||
* #851 - [docs] Fix PHPDoc
|
|
||||||
* #872 - [bug] Fix count() error on PHP 7.2
|
|
||||||
* #873 - [testing] adds php 7.2 to travis
|
|
||||||
* #794 - [docs] Fix typo in composer.json
|
|
||||||
* #885 - [testing] Use PHPUnit\Framework\TestCase instead of PHPUnit_Framework_TestCase
|
|
||||||
|
|
||||||
* 1.9.0 (2017-01-06)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/788
|
|
||||||
|
|
||||||
* bug #645 - Allow null for client_secret
|
|
||||||
* bug #651 - Fix bug in isPublicClient of Cassandra Storage
|
|
||||||
* bug #670 - Bug in client's scope restriction
|
|
||||||
* bug #672 - Implemented method to override the password hashing algorithm
|
|
||||||
* bug #698 - Fix Token Response's Content-Type to application/json
|
|
||||||
* bug #729 - Ensures unsetAccessToken and unsetRefreshToken return a bool
|
|
||||||
* bug #749 - Fix UserClaims for CodeIdToken
|
|
||||||
* bug #784 - RFC6750 compatibility
|
|
||||||
* bug #776 - Fix "redirect_uri_mismatch" for URIs with encoded characters
|
|
||||||
* bug #759 - no access token supplied to resource controller results in empty request body
|
|
||||||
* bug #773 - Use OpenSSL random method before attempting Mcrypt's.
|
|
||||||
* bug #790 - Add mongo db
|
|
||||||
|
|
||||||
* 1.8.0 (2015-09-18)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/643
|
|
||||||
|
|
||||||
* bug #594 - adds jti
|
|
||||||
* bug #598 - fixes lifetime configurations for JWTs
|
|
||||||
* bug #634 - fixes travis builds, upgrade to containers
|
|
||||||
* bug #586 - support for revoking tokens
|
|
||||||
* bug #636 - Adds FirebaseJWT bridge
|
|
||||||
* bug #639 - Mongo HHVM compatibility
|
|
||||||
|
|
||||||
* 1.7.0 (2015-04-23)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/572
|
|
||||||
|
|
||||||
* bug #500 - PDO fetch mode changed from FETCH_BOTH to FETCH_ASSOC
|
|
||||||
* bug #508 - Case insensitive for Bearer token header name ba716d4
|
|
||||||
* bug #512 - validateRedirectUri is now public
|
|
||||||
* bug #530 - Add PublicKeyInterface, UserClaimsInterface to Cassandra Storage
|
|
||||||
* bug #505 - DynamoDB storage fixes
|
|
||||||
* bug #556 - adds "code id_token" return type to openid connect
|
|
||||||
* bug #563 - Include "issuer" config key for JwtAccessToken
|
|
||||||
* bug #564 - Fixes JWT vulnerability
|
|
||||||
* bug #571 - Added unset_refresh_token_after_use option
|
|
||||||
|
|
||||||
* 1.6 (2015-01-16)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/496
|
|
||||||
|
|
||||||
* bug 437 - renames CryptoToken to JwtAccessToken / use_crypto_tokens to use_jwt_access_tokens
|
|
||||||
* bug 447 - Adds a Couchbase storage implementation
|
|
||||||
* bug 460 - Rename JWT claims to match spec
|
|
||||||
* bug 470 - order does not matter for multi-valued response types
|
|
||||||
* bug 471 - Make validateAuthorizeRequest available for POST in addition to GET
|
|
||||||
* bug 475 - Adds JTI table definitiion
|
|
||||||
* bug 481 - better randomness for generating access tokens
|
|
||||||
* bug 480 - Use hash_equals() for signature verification (prevents remote timing attacks)
|
|
||||||
* bugs 489, 491, 498 - misc other fixes
|
|
||||||
|
|
||||||
* 1.5 (2014-08-27)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/446
|
|
||||||
|
|
||||||
* bug #399 - Add DynamoDB Support
|
|
||||||
* bug #404 - renamed error name for malformed/expired tokens
|
|
||||||
* bug #412 - Openid connect: fixes for claims with more than one scope / Add support for the prompt parameter ('consent' and 'none')
|
|
||||||
* bug #411 - fixes xml output
|
|
||||||
* bug #413 - fixes invalid format error
|
|
||||||
* bug #401 - fixes code standards / whitespace
|
|
||||||
* bug #354 - bundles PDO SQL with the library
|
|
||||||
* [BC] bug #397 - refresh tokens should not be encrypted
|
|
||||||
* bug #423 - makes "scope" optional for refresh token storage
|
|
||||||
|
|
||||||
* 1.4 (2014-06-12)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/392
|
|
||||||
|
|
||||||
* bug #189 Storage\PDO - allows DSN string in constructor
|
|
||||||
* bug #233 Bearer Tokens - allows token in request body for PUT requests
|
|
||||||
* bug #346 Fixes open_basedir warning
|
|
||||||
* bug #351 Adds OpenID Connect support
|
|
||||||
* bug #355 Adds php 5.6 and HHVM to travis.ci testing
|
|
||||||
* [BC] bug #358 Adds `getQueryStringIdentifier()` to the GrantType interface
|
|
||||||
* bug #363 Encryption\JWT - Allows for subclassing JWT Headers
|
|
||||||
* bug #349 Bearer Tokens - adds requestHasToken method for when access tokens are optional
|
|
||||||
* bug #301 Encryption\JWT - fixes urlSafeB64Encode(): ensures newlines are replaced as expected
|
|
||||||
* bug #323 ResourceController - client_id is no longer required to be returned when calling getAccessToken
|
|
||||||
* bug #367 Storage\PDO - adds Postgres support
|
|
||||||
* bug #368 Access Tokens - use mcrypt_create_iv or openssl_random_pseudo_bytes to create token string
|
|
||||||
* bug #376 Request - allows case insensitive headers
|
|
||||||
* bug #384 Storage\PDO - can pass in PDO options in constructor of PDO storage
|
|
||||||
* misc fixes #361, #292, #373, #374, #379, #396
|
|
||||||
* 1.3 (2014-02-27)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/325
|
|
||||||
|
|
||||||
* bug #311 adds cassandra storage
|
|
||||||
* bug #298 fixes response code for user credentials grant type
|
|
||||||
* bug #318 adds 'use_crypto_tokens' config to Server class for better DX
|
|
||||||
* [BC] bug #320 pass client_id to getDefaultScope
|
|
||||||
* bug #324 better feedback when running tests
|
|
||||||
* bug #335 adds support for non-expiring refresh tokens
|
|
||||||
* bug #333 fixes Pdo storage for getClientKey
|
|
||||||
* bug #336 fixes Redis storage for expireAuthorizationCode
|
|
||||||
|
|
||||||
* 1.3 (2014-02-27)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/325
|
|
||||||
|
|
||||||
* bug #311 adds cassandra storage
|
|
||||||
* bug #298 fixes response code for user credentials grant type
|
|
||||||
* bug #318 adds 'use_crypto_tokens' config to Server class for better DX
|
|
||||||
* bug #320 pass client_id to getDefaultScope
|
|
||||||
* bug #324 better feedback when running tests
|
|
||||||
* bug #335 adds support for non-expiring refresh tokens
|
|
||||||
* bug #333 fixes Pdo storage for getClientKey
|
|
||||||
* bug #336 fixes Redis storage for expireAuthorizationCode
|
|
||||||
|
|
||||||
* 1.2 (2014-01-03)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/288
|
|
||||||
|
|
||||||
* bug #285 changed response header from 200 to 401 when empty token received
|
|
||||||
* bug #286 adds documentation and links to spec for not including error messages when no token is supplied
|
|
||||||
* bug #280 ensures PHP warnings do not get thrown as a result of an invalid argument to $jwt->decode()
|
|
||||||
* bug #279 predis wrong number of arguments
|
|
||||||
* bug #277 Securing JS WebApp client secret w/ password grant type
|
|
||||||
|
|
||||||
* 1.1 (2013-12-17)
|
|
||||||
|
|
||||||
PR: https://github.com/bshaffer/oauth2-server-php/pull/276
|
|
||||||
|
|
||||||
* bug #278 adds refresh token configuration to Server class
|
|
||||||
* bug #274 Supplying a null client_id and client_secret grants API access
|
|
||||||
* bug #244 [MongoStorage] More detailed implementation info
|
|
||||||
* bug #268 Implement jti for JWT Bearer tokens to prevent replay attacks.
|
|
||||||
* bug #266 Removing unused argument to getAccessTokenData
|
|
||||||
* bug #247 Make Bearer token type consistent
|
|
||||||
* bug #253 Fixing CryptoToken refresh token lifetime
|
|
||||||
* bug #246 refactors public key logic to be more intuitive
|
|
||||||
* bug #245 adds support for JSON crypto tokens
|
|
||||||
* bug #230 Remove unused columns in oauth_clients
|
|
||||||
* bug #215 makes Redis Scope Storage obey the same paradigm as PDO
|
|
||||||
* bug #228 removes scope group
|
|
||||||
* bug #227 squelches open basedir restriction error
|
|
||||||
* bug #223 Updated docblocks for RefreshTokenInterface.php
|
|
||||||
* bug #224 Adds protected properties
|
|
||||||
* bug #217 Implement ScopeInterface for PDO, Redis
|
|
||||||
|
|
||||||
* 1.0 (2013-08-12)
|
|
||||||
|
|
||||||
* bug #203 Add redirect\_status_code config param for AuthorizeController
|
|
||||||
* bug #205 ensures unnecessary ? is not set when ** bug
|
|
||||||
* bug #204 Fixed call to LogicException
|
|
||||||
* bug #202 Add explode to checkRestrictedGrant in PDO Storage
|
|
||||||
* bug #197 adds support for 'false' default scope ** bug
|
|
||||||
* bug #192 reference errors and adds tests
|
|
||||||
* bug #194 makes some appropriate properties ** bug
|
|
||||||
* bug #191 passes config to HttpBasic
|
|
||||||
* bug #190 validates client credentials before ** bug
|
|
||||||
* bug #171 Fix wrong redirect following authorization step
|
|
||||||
* bug #187 client_id is now passed to getDefaultScope().
|
|
||||||
* bug #176 Require refresh_token in getRefreshToken response
|
|
||||||
* bug #174 make user\_id not required for refresh_token grant
|
|
||||||
* bug #173 Duplication in JwtBearer Grant
|
|
||||||
* bug #168 user\_id not required for authorization_code grant
|
|
||||||
* bug #133 hardens default security for user object
|
|
||||||
* bug #163 allows redirect\_uri on authorization_code to be NULL in docs example
|
|
||||||
* bug #162 adds getToken on ResourceController for convenience
|
|
||||||
* bug #161 fixes fatal error
|
|
||||||
* bug #163 Invalid redirect_uri handling
|
|
||||||
* bug #156 user\_id in OAuth2\_Storage_AuthorizationCodeInterface::getAuthorizationCode() response
|
|
||||||
* bug #157 Fix for extending access and refresh tokens
|
|
||||||
* bug #154 ResponseInterface: getParameter method is used in the library but not defined in the interface
|
|
||||||
* bug #148 Add more detail to examples in Readme.md
|
|
21
vendor/bshaffer/oauth2-server-php/LICENSE
vendored
21
vendor/bshaffer/oauth2-server-php/LICENSE
vendored
|
@ -1,21 +0,0 @@
|
||||||
The MIT License
|
|
||||||
|
|
||||||
Copyright (c) 2014 Brent Shaffer
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
|
||||||
in the Software without restriction, including without limitation the rights
|
|
||||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
||||||
copies of the Software, and to permit persons to whom the Software is
|
|
||||||
furnished to do so, subject to the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be included in
|
|
||||||
all copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
||||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
||||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
||||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
||||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
||||||
THE SOFTWARE.
|
|
8
vendor/bshaffer/oauth2-server-php/README.md
vendored
8
vendor/bshaffer/oauth2-server-php/README.md
vendored
|
@ -1,8 +0,0 @@
|
||||||
oauth2-server-php
|
|
||||||
=================
|
|
||||||
|
|
||||||
[![Build Status](https://travis-ci.org/bshaffer/oauth2-server-php.svg?branch=master)](https://travis-ci.org/bshaffer/oauth2-server-php)
|
|
||||||
|
|
||||||
[![Total Downloads](https://poser.pugx.org/bshaffer/oauth2-server-php/downloads.png)](https://packagist.org/packages/bshaffer/oauth2-server-php)
|
|
||||||
|
|
||||||
View the [complete documentation](https://bshaffer.github.io/oauth2-server-php-docs/)
|
|
36
vendor/bshaffer/oauth2-server-php/composer.json
vendored
36
vendor/bshaffer/oauth2-server-php/composer.json
vendored
|
@ -1,36 +0,0 @@
|
||||||
{
|
|
||||||
"name": "bshaffer/oauth2-server-php",
|
|
||||||
"description":"OAuth2 Server for PHP",
|
|
||||||
"keywords":["oauth","oauth2","auth"],
|
|
||||||
"type":"library",
|
|
||||||
"license":"MIT",
|
|
||||||
"authors":[
|
|
||||||
{
|
|
||||||
"name":"Brent Shaffer",
|
|
||||||
"email": "bshafs@gmail.com",
|
|
||||||
"homepage":"http://brentertainment.com"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"homepage": "http://github.com/bshaffer/oauth2-server-php",
|
|
||||||
"autoload": {
|
|
||||||
"psr-0": { "OAuth2": "src/" }
|
|
||||||
},
|
|
||||||
"require":{
|
|
||||||
"php":">=5.3.9"
|
|
||||||
},
|
|
||||||
"require-dev": {
|
|
||||||
"phpunit/phpunit": "^4.0",
|
|
||||||
"aws/aws-sdk-php": "~2.8",
|
|
||||||
"firebase/php-jwt": "~2.2",
|
|
||||||
"predis/predis": "dev-master",
|
|
||||||
"thobbs/phpcassa": "dev-master",
|
|
||||||
"mongodb/mongodb": "^1.1"
|
|
||||||
},
|
|
||||||
"suggest": {
|
|
||||||
"predis/predis": "Required to use Redis storage",
|
|
||||||
"thobbs/phpcassa": "Required to use Cassandra storage",
|
|
||||||
"aws/aws-sdk-php": "~2.8 is required to use DynamoDB storage",
|
|
||||||
"firebase/php-jwt": "~2.2 is required to use JWT features",
|
|
||||||
"mongodb/mongodb": "^1.1 is required to use MongoDB storage"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,54 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Autoloads OAuth2 classes
|
|
||||||
*
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
* @license MIT License
|
|
||||||
*/
|
|
||||||
class Autoloader
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
private $dir;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param string $dir
|
|
||||||
*/
|
|
||||||
public function __construct($dir = null)
|
|
||||||
{
|
|
||||||
if (is_null($dir)) {
|
|
||||||
$dir = dirname(__FILE__).'/..';
|
|
||||||
}
|
|
||||||
$this->dir = $dir;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Registers OAuth2\Autoloader as an SPL autoloader.
|
|
||||||
*/
|
|
||||||
public static function register($dir = null)
|
|
||||||
{
|
|
||||||
ini_set('unserialize_callback_func', 'spl_autoload_call');
|
|
||||||
spl_autoload_register(array(new self($dir), 'autoload'));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handles autoloading of classes.
|
|
||||||
*
|
|
||||||
* @param string $class - A class name.
|
|
||||||
* @return boolean - Returns true if the class has been loaded
|
|
||||||
*/
|
|
||||||
public function autoload($class)
|
|
||||||
{
|
|
||||||
if (0 !== strpos($class, 'OAuth2')) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (file_exists($file = $this->dir.'/'.str_replace('\\', '/', $class).'.php')) {
|
|
||||||
require $file;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,28 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\ClientAssertionType;
|
|
||||||
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Interface for all OAuth2 Client Assertion Types
|
|
||||||
*/
|
|
||||||
interface ClientAssertionTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Validate the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId();
|
|
||||||
}
|
|
|
@ -1,139 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\ClientAssertionType;
|
|
||||||
|
|
||||||
use OAuth2\Storage\ClientCredentialsInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use LogicException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate a client via Http Basic authentication
|
|
||||||
*
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class HttpBasic implements ClientAssertionTypeInterface
|
|
||||||
{
|
|
||||||
private $clientData;
|
|
||||||
|
|
||||||
protected $storage;
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Config array $config should look as follows:
|
|
||||||
* @code
|
|
||||||
* $config = array(
|
|
||||||
* 'allow_credentials_in_request_body' => true, // whether to look for credentials in the POST body in addition to the Authorize HTTP Header
|
|
||||||
* 'allow_public_clients' => true // if true, "public clients" (clients without a secret) may be authenticated
|
|
||||||
* );
|
|
||||||
* @endcode
|
|
||||||
*
|
|
||||||
* @param ClientCredentialsInterface $storage Storage
|
|
||||||
* @param array $config Configuration options for the server
|
|
||||||
*/
|
|
||||||
public function __construct(ClientCredentialsInterface $storage, array $config = array())
|
|
||||||
{
|
|
||||||
$this->storage = $storage;
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'allow_credentials_in_request_body' => true,
|
|
||||||
'allow_public_clients' => true,
|
|
||||||
), $config);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool|mixed
|
|
||||||
* @throws LogicException
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$clientData = $this->getClientCredentials($request, $response)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($clientData['client_id'])) {
|
|
||||||
throw new LogicException('the clientData array must have "client_id" set');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($clientData['client_secret']) || $clientData['client_secret'] == '') {
|
|
||||||
if (!$this->config['allow_public_clients']) {
|
|
||||||
$response->setError(400, 'invalid_client', 'client credentials are required');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$this->storage->isPublicClient($clientData['client_id'])) {
|
|
||||||
$response->setError(400, 'invalid_client', 'This client is invalid or must authenticate using a client secret');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} elseif ($this->storage->checkClientCredentials($clientData['client_id'], $clientData['client_secret']) === false) {
|
|
||||||
$response->setError(400, 'invalid_client', 'The client credentials are invalid');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->clientData = $clientData;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return $this->clientData['client_id'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Internal function used to get the client credentials from HTTP basic
|
|
||||||
* auth or POST data.
|
|
||||||
*
|
|
||||||
* According to the spec (draft 20), the client_id can be provided in
|
|
||||||
* the Basic Authorization header (recommended) or via GET/POST.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return array|null A list containing the client identifier and password, for example:
|
|
||||||
* @code
|
|
||||||
* return array(
|
|
||||||
* "client_id" => CLIENT_ID, // REQUIRED the client id
|
|
||||||
* "client_secret" => CLIENT_SECRET, // OPTIONAL the client secret (may be omitted for public clients)
|
|
||||||
* );
|
|
||||||
* @endcode
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-2.3.1
|
|
||||||
*
|
|
||||||
* @ingroup oauth2_section_2
|
|
||||||
*/
|
|
||||||
public function getClientCredentials(RequestInterface $request, ResponseInterface $response = null)
|
|
||||||
{
|
|
||||||
if (!is_null($request->headers('PHP_AUTH_USER')) && !is_null($request->headers('PHP_AUTH_PW'))) {
|
|
||||||
return array('client_id' => $request->headers('PHP_AUTH_USER'), 'client_secret' => $request->headers('PHP_AUTH_PW'));
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($this->config['allow_credentials_in_request_body']) {
|
|
||||||
// Using POST for HttpBasic authorization is not recommended, but is supported by specification
|
|
||||||
if (!is_null($request->request('client_id'))) {
|
|
||||||
/**
|
|
||||||
* client_secret can be null if the client's password is an empty string
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-2.3.1
|
|
||||||
*/
|
|
||||||
return array('client_id' => $request->request('client_id'), 'client_secret' => $request->request('client_secret'));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($response) {
|
|
||||||
$message = $this->config['allow_credentials_in_request_body'] ? ' or body' : '';
|
|
||||||
$response->setError(400, 'invalid_client', 'Client credentials were not found in the headers'.$message);
|
|
||||||
}
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,480 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\Storage\ClientInterface;
|
|
||||||
use OAuth2\ScopeInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use OAuth2\Scope;
|
|
||||||
use InvalidArgumentException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @see AuthorizeControllerInterface
|
|
||||||
*/
|
|
||||||
class AuthorizeController implements AuthorizeControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
private $scope;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var int
|
|
||||||
*/
|
|
||||||
private $state;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var mixed
|
|
||||||
*/
|
|
||||||
private $client_id;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
private $redirect_uri;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The response type
|
|
||||||
*
|
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
private $response_type;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ClientInterface
|
|
||||||
*/
|
|
||||||
protected $clientStorage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $responseTypes;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ScopeInterface
|
|
||||||
*/
|
|
||||||
protected $scopeUtil;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param ClientInterface $clientStorage REQUIRED Instance of OAuth2\Storage\ClientInterface to retrieve client information
|
|
||||||
* @param array $responseTypes OPTIONAL Array of OAuth2\ResponseType\ResponseTypeInterface objects. Valid array
|
|
||||||
* keys are "code" and "token"
|
|
||||||
* @param array $config OPTIONAL Configuration options for the server:
|
|
||||||
* @param ScopeInterface $scopeUtil OPTIONAL Instance of OAuth2\ScopeInterface to validate the requested scope
|
|
||||||
* @code
|
|
||||||
* $config = array(
|
|
||||||
* 'allow_implicit' => false, // if the controller should allow the "implicit" grant type
|
|
||||||
* 'enforce_state' => true // if the controller should require the "state" parameter
|
|
||||||
* 'require_exact_redirect_uri' => true, // if the controller should require an exact match on the "redirect_uri" parameter
|
|
||||||
* 'redirect_status_code' => 302, // HTTP status code to use for redirect responses
|
|
||||||
* );
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
public function __construct(ClientInterface $clientStorage, array $responseTypes = array(), array $config = array(), ScopeInterface $scopeUtil = null)
|
|
||||||
{
|
|
||||||
$this->clientStorage = $clientStorage;
|
|
||||||
$this->responseTypes = $responseTypes;
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'allow_implicit' => false,
|
|
||||||
'enforce_state' => true,
|
|
||||||
'require_exact_redirect_uri' => true,
|
|
||||||
'redirect_status_code' => 302,
|
|
||||||
), $config);
|
|
||||||
|
|
||||||
if (is_null($scopeUtil)) {
|
|
||||||
$scopeUtil = new Scope();
|
|
||||||
}
|
|
||||||
$this->scopeUtil = $scopeUtil;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handle the authorization request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param boolean $is_authorized
|
|
||||||
* @param mixed $user_id
|
|
||||||
* @return mixed|void
|
|
||||||
* @throws InvalidArgumentException
|
|
||||||
*/
|
|
||||||
public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null)
|
|
||||||
{
|
|
||||||
if (!is_bool($is_authorized)) {
|
|
||||||
throw new InvalidArgumentException('Argument "is_authorized" must be a boolean. This method must know if the user has granted access to the client.');
|
|
||||||
}
|
|
||||||
|
|
||||||
// We repeat this, because we need to re-validate. The request could be POSTed
|
|
||||||
// by a 3rd-party (because we are not internally enforcing NONCEs, etc)
|
|
||||||
if (!$this->validateAuthorizeRequest($request, $response)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// If no redirect_uri is passed in the request, use client's registered one
|
|
||||||
if (empty($this->redirect_uri)) {
|
|
||||||
$clientData = $this->clientStorage->getClientDetails($this->client_id);
|
|
||||||
$registered_redirect_uri = $clientData['redirect_uri'];
|
|
||||||
}
|
|
||||||
|
|
||||||
// the user declined access to the client's application
|
|
||||||
if ($is_authorized === false) {
|
|
||||||
$redirect_uri = $this->redirect_uri ?: $registered_redirect_uri;
|
|
||||||
$this->setNotAuthorizedResponse($request, $response, $redirect_uri, $user_id);
|
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// build the parameters to set in the redirect URI
|
|
||||||
if (!$params = $this->buildAuthorizeParameters($request, $response, $user_id)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$authResult = $this->responseTypes[$this->response_type]->getAuthorizeResponse($params, $user_id);
|
|
||||||
|
|
||||||
list($redirect_uri, $uri_params) = $authResult;
|
|
||||||
|
|
||||||
if (empty($redirect_uri) && !empty($registered_redirect_uri)) {
|
|
||||||
$redirect_uri = $registered_redirect_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
$uri = $this->buildUri($redirect_uri, $uri_params);
|
|
||||||
|
|
||||||
// return redirect response
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $uri);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set not authorized response
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param string $redirect_uri
|
|
||||||
* @param mixed $user_id
|
|
||||||
*/
|
|
||||||
protected function setNotAuthorizedResponse(RequestInterface $request, ResponseInterface $response, $redirect_uri, $user_id = null)
|
|
||||||
{
|
|
||||||
$error = 'access_denied';
|
|
||||||
$error_message = 'The user denied access to your application';
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $this->state, $error, $error_message);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* We have made this protected so this class can be extended to add/modify
|
|
||||||
* these parameters
|
|
||||||
*
|
|
||||||
* @TODO: add dependency injection for the parameters in this method
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param mixed $user_id
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
protected function buildAuthorizeParameters($request, $response, $user_id)
|
|
||||||
{
|
|
||||||
// @TODO: we should be explicit with this in the future
|
|
||||||
$params = array(
|
|
||||||
'scope' => $this->scope,
|
|
||||||
'state' => $this->state,
|
|
||||||
'client_id' => $this->client_id,
|
|
||||||
'redirect_uri' => $this->redirect_uri,
|
|
||||||
'response_type' => $this->response_type,
|
|
||||||
);
|
|
||||||
|
|
||||||
return $params;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
// Make sure a valid client id was supplied (we can not redirect because we were unable to verify the URI)
|
|
||||||
if (!$client_id = $request->query('client_id', $request->request('client_id'))) {
|
|
||||||
// We don't have a good URI to use
|
|
||||||
$response->setError(400, 'invalid_client', "No client id supplied");
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Get client details
|
|
||||||
if (!$clientData = $this->clientStorage->getClientDetails($client_id)) {
|
|
||||||
$response->setError(400, 'invalid_client', 'The client id supplied is invalid');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$registered_redirect_uri = isset($clientData['redirect_uri']) ? $clientData['redirect_uri'] : '';
|
|
||||||
|
|
||||||
// Make sure a valid redirect_uri was supplied. If specified, it must match the clientData URI.
|
|
||||||
// @see http://tools.ietf.org/html/rfc6749#section-3.1.2
|
|
||||||
// @see http://tools.ietf.org/html/rfc6749#section-4.1.2.1
|
|
||||||
// @see http://tools.ietf.org/html/rfc6749#section-4.2.2.1
|
|
||||||
if ($supplied_redirect_uri = $request->query('redirect_uri', $request->request('redirect_uri'))) {
|
|
||||||
// validate there is no fragment supplied
|
|
||||||
$parts = parse_url($supplied_redirect_uri);
|
|
||||||
if (isset($parts['fragment']) && $parts['fragment']) {
|
|
||||||
$response->setError(400, 'invalid_uri', 'The redirect URI must not contain a fragment');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// validate against the registered redirect uri(s) if available
|
|
||||||
if ($registered_redirect_uri && !$this->validateRedirectUri($supplied_redirect_uri, $registered_redirect_uri)) {
|
|
||||||
$response->setError(400, 'redirect_uri_mismatch', 'The redirect URI provided is missing or does not match', '#section-3.1.2');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$redirect_uri = $supplied_redirect_uri;
|
|
||||||
} else {
|
|
||||||
// use the registered redirect_uri if none has been supplied, if possible
|
|
||||||
if (!$registered_redirect_uri) {
|
|
||||||
$response->setError(400, 'invalid_uri', 'No redirect URI was supplied or stored');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (count(explode(' ', $registered_redirect_uri)) > 1) {
|
|
||||||
$response->setError(400, 'invalid_uri', 'A redirect URI must be supplied when multiple redirect URIs are registered', '#section-3.1.2.3');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
$redirect_uri = $registered_redirect_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Select the response type
|
|
||||||
$response_type = $request->query('response_type', $request->request('response_type'));
|
|
||||||
|
|
||||||
// for multiple-valued response types - make them alphabetical
|
|
||||||
if (false !== strpos($response_type, ' ')) {
|
|
||||||
$types = explode(' ', $response_type);
|
|
||||||
sort($types);
|
|
||||||
$response_type = ltrim(implode(' ', $types));
|
|
||||||
}
|
|
||||||
|
|
||||||
$state = $request->query('state', $request->request('state'));
|
|
||||||
|
|
||||||
// type and client_id are required
|
|
||||||
if (!$response_type || !in_array($response_type, $this->getValidResponseTypes())) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'invalid_request', 'Invalid or missing response type', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($response_type == self::RESPONSE_TYPE_AUTHORIZATION_CODE) {
|
|
||||||
if (!isset($this->responseTypes['code'])) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'unsupported_response_type', 'authorization code grant type not supported', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (!$this->clientStorage->checkRestrictedGrantType($client_id, 'authorization_code')) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'unauthorized_client', 'The grant type is unauthorized for this client_id', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if ($this->responseTypes['code']->enforceRedirect() && !$redirect_uri) {
|
|
||||||
$response->setError(400, 'redirect_uri_mismatch', 'The redirect URI is mandatory and was not supplied');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if (!$this->config['allow_implicit']) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'unsupported_response_type', 'implicit grant type not supported', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (!$this->clientStorage->checkRestrictedGrantType($client_id, 'implicit')) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'unauthorized_client', 'The grant type is unauthorized for this client_id', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// validate requested scope if it exists
|
|
||||||
$requestedScope = $this->scopeUtil->getScopeFromRequest($request);
|
|
||||||
|
|
||||||
if ($requestedScope) {
|
|
||||||
// restrict scope by client specific scope if applicable,
|
|
||||||
// otherwise verify the scope exists
|
|
||||||
$clientScope = $this->clientStorage->getClientScope($client_id);
|
|
||||||
if ((empty($clientScope) && !$this->scopeUtil->scopeExists($requestedScope))
|
|
||||||
|| (!empty($clientScope) && !$this->scopeUtil->checkScope($requestedScope, $clientScope))) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'invalid_scope', 'An unsupported scope was requested', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// use a globally-defined default scope
|
|
||||||
$defaultScope = $this->scopeUtil->getDefaultScope($client_id);
|
|
||||||
|
|
||||||
if (false === $defaultScope) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $state, 'invalid_client', 'This application requires you specify a scope parameter', null);
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$requestedScope = $defaultScope;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Validate state parameter exists (if configured to enforce this)
|
|
||||||
if ($this->config['enforce_state'] && !$state) {
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, null, 'invalid_request', 'The state parameter is required');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// save the input data and return true
|
|
||||||
$this->scope = $requestedScope;
|
|
||||||
$this->state = $state;
|
|
||||||
$this->client_id = $client_id;
|
|
||||||
// Only save the SUPPLIED redirect URI (@see http://tools.ietf.org/html/rfc6749#section-4.1.3)
|
|
||||||
$this->redirect_uri = $supplied_redirect_uri;
|
|
||||||
$this->response_type = $response_type;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Build the absolute URI based on supplied URI and parameters.
|
|
||||||
*
|
|
||||||
* @param string $uri An absolute URI.
|
|
||||||
* @param array $params Parameters to be append as GET.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
* An absolute URI with supplied parameters.
|
|
||||||
*
|
|
||||||
* @ingroup oauth2_section_4
|
|
||||||
*/
|
|
||||||
private function buildUri($uri, $params)
|
|
||||||
{
|
|
||||||
$parse_url = parse_url($uri);
|
|
||||||
|
|
||||||
// Add our params to the parsed uri
|
|
||||||
foreach ($params as $k => $v) {
|
|
||||||
if (isset($parse_url[$k])) {
|
|
||||||
$parse_url[$k] .= "&" . http_build_query($v, '', '&');
|
|
||||||
} else {
|
|
||||||
$parse_url[$k] = http_build_query($v, '', '&');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Put the uri back together
|
|
||||||
return
|
|
||||||
((isset($parse_url["scheme"])) ? $parse_url["scheme"] . "://" : "")
|
|
||||||
. ((isset($parse_url["user"])) ? $parse_url["user"]
|
|
||||||
. ((isset($parse_url["pass"])) ? ":" . $parse_url["pass"] : "") . "@" : "")
|
|
||||||
. ((isset($parse_url["host"])) ? $parse_url["host"] : "")
|
|
||||||
. ((isset($parse_url["port"])) ? ":" . $parse_url["port"] : "")
|
|
||||||
. ((isset($parse_url["path"])) ? $parse_url["path"] : "")
|
|
||||||
. ((isset($parse_url["query"]) && !empty($parse_url['query'])) ? "?" . $parse_url["query"] : "")
|
|
||||||
. ((isset($parse_url["fragment"])) ? "#" . $parse_url["fragment"] : "")
|
|
||||||
;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getValidResponseTypes()
|
|
||||||
{
|
|
||||||
return array(
|
|
||||||
self::RESPONSE_TYPE_ACCESS_TOKEN,
|
|
||||||
self::RESPONSE_TYPE_AUTHORIZATION_CODE,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Internal method for validating redirect URI supplied
|
|
||||||
*
|
|
||||||
* @param string $inputUri The submitted URI to be validated
|
|
||||||
* @param string $registeredUriString The allowed URI(s) to validate against. Can be a space-delimited string of URIs to
|
|
||||||
* allow for multiple URIs
|
|
||||||
* @return bool
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-3.1.2
|
|
||||||
*/
|
|
||||||
protected function validateRedirectUri($inputUri, $registeredUriString)
|
|
||||||
{
|
|
||||||
if (!$inputUri || !$registeredUriString) {
|
|
||||||
return false; // if either one is missing, assume INVALID
|
|
||||||
}
|
|
||||||
|
|
||||||
$registered_uris = preg_split('/\s+/', $registeredUriString);
|
|
||||||
foreach ($registered_uris as $registered_uri) {
|
|
||||||
if ($this->config['require_exact_redirect_uri']) {
|
|
||||||
// the input uri is validated against the registered uri using exact match
|
|
||||||
if (strcmp($inputUri, $registered_uri) === 0) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$registered_uri_length = strlen($registered_uri);
|
|
||||||
if ($registered_uri_length === 0) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// the input uri is validated against the registered uri using case-insensitive match of the initial string
|
|
||||||
// i.e. additional query parameters may be applied
|
|
||||||
if (strcasecmp(substr($inputUri, 0, $registered_uri_length), $registered_uri) === 0) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convenience method to access the scope
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
return $this->scope;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convenience method to access the state
|
|
||||||
*
|
|
||||||
* @return int
|
|
||||||
*/
|
|
||||||
public function getState()
|
|
||||||
{
|
|
||||||
return $this->state;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convenience method to access the client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return $this->client_id;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convenience method to access the redirect url
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getRedirectUri()
|
|
||||||
{
|
|
||||||
return $this->redirect_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convenience method to access the response type
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getResponseType()
|
|
||||||
{
|
|
||||||
return $this->response_type;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,58 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This controller is called when a user should be authorized
|
|
||||||
* by an authorization server. As OAuth2 does not handle
|
|
||||||
* authorization directly, this controller ensures the request is valid, but
|
|
||||||
* requires the application to determine the value of $is_authorized
|
|
||||||
*
|
|
||||||
* @code
|
|
||||||
* $user_id = $this->somehowDetermineUserId();
|
|
||||||
* $is_authorized = $this->somehowDetermineUserAuthorization();
|
|
||||||
* $response = new OAuth2\Response();
|
|
||||||
* $authorizeController->handleAuthorizeRequest(
|
|
||||||
* OAuth2\Request::createFromGlobals(),
|
|
||||||
* $response,
|
|
||||||
* $is_authorized,
|
|
||||||
* $user_id
|
|
||||||
* );
|
|
||||||
* $response->send();
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
interface AuthorizeControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* List of possible authentication response types.
|
|
||||||
* The "authorization_code" mechanism exclusively supports 'code'
|
|
||||||
* and the "implicit" mechanism exclusively supports 'token'.
|
|
||||||
*
|
|
||||||
* @var string
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4.1.1
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4.2.1
|
|
||||||
*/
|
|
||||||
const RESPONSE_TYPE_AUTHORIZATION_CODE = 'code';
|
|
||||||
const RESPONSE_TYPE_ACCESS_TOKEN = 'token';
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handle the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param $is_authorized
|
|
||||||
* @param null $user_id
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function handleAuthorizeRequest(RequestInterface $request, ResponseInterface $response, $is_authorized, $user_id = null);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response);
|
|
||||||
}
|
|
|
@ -1,156 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\TokenType\TokenTypeInterface;
|
|
||||||
use OAuth2\Storage\AccessTokenInterface;
|
|
||||||
use OAuth2\ScopeInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use OAuth2\Scope;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @see ResourceControllerInterface
|
|
||||||
*/
|
|
||||||
class ResourceController implements ResourceControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
private $token;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var TokenTypeInterface
|
|
||||||
*/
|
|
||||||
protected $tokenType;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var AccessTokenInterface
|
|
||||||
*/
|
|
||||||
protected $tokenStorage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ScopeInterface
|
|
||||||
*/
|
|
||||||
protected $scopeUtil;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param TokenTypeInterface $tokenType
|
|
||||||
* @param AccessTokenInterface $tokenStorage
|
|
||||||
* @param array $config
|
|
||||||
* @param ScopeInterface $scopeUtil
|
|
||||||
*/
|
|
||||||
public function __construct(TokenTypeInterface $tokenType, AccessTokenInterface $tokenStorage, $config = array(), ScopeInterface $scopeUtil = null)
|
|
||||||
{
|
|
||||||
$this->tokenType = $tokenType;
|
|
||||||
$this->tokenStorage = $tokenStorage;
|
|
||||||
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'www_realm' => 'Service',
|
|
||||||
), $config);
|
|
||||||
|
|
||||||
if (is_null($scopeUtil)) {
|
|
||||||
$scopeUtil = new Scope();
|
|
||||||
}
|
|
||||||
$this->scopeUtil = $scopeUtil;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Verify the resource request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param null $scope
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function verifyResourceRequest(RequestInterface $request, ResponseInterface $response, $scope = null)
|
|
||||||
{
|
|
||||||
$token = $this->getAccessTokenData($request, $response);
|
|
||||||
|
|
||||||
// Check if we have token data
|
|
||||||
if (is_null($token)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check scope, if provided
|
|
||||||
* If token doesn't have a scope, it's null/empty, or it's insufficient, then throw 403
|
|
||||||
* @see http://tools.ietf.org/html/rfc6750#section-3.1
|
|
||||||
*/
|
|
||||||
if ($scope && (!isset($token["scope"]) || !$token["scope"] || !$this->scopeUtil->checkScope($scope, $token["scope"]))) {
|
|
||||||
$response->setError(403, 'insufficient_scope', 'The request requires higher privileges than provided by the access token');
|
|
||||||
$response->addHttpHeaders(array(
|
|
||||||
'WWW-Authenticate' => sprintf('%s realm="%s", scope="%s", error="%s", error_description="%s"',
|
|
||||||
$this->tokenType->getTokenType(),
|
|
||||||
$this->config['www_realm'],
|
|
||||||
$scope,
|
|
||||||
$response->getParameter('error'),
|
|
||||||
$response->getParameter('error_description')
|
|
||||||
)
|
|
||||||
));
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// allow retrieval of the token
|
|
||||||
$this->token = $token;
|
|
||||||
|
|
||||||
return (bool) $token;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get access token data.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return array|null
|
|
||||||
*/
|
|
||||||
public function getAccessTokenData(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
// Get the token parameter
|
|
||||||
if ($token_param = $this->tokenType->getAccessTokenParameter($request, $response)) {
|
|
||||||
// Get the stored token data (from the implementing subclass)
|
|
||||||
// Check we have a well formed token
|
|
||||||
// Check token expiration (expires is a mandatory paramter)
|
|
||||||
if (!$token = $this->tokenStorage->getAccessToken($token_param)) {
|
|
||||||
$response->setError(401, 'invalid_token', 'The access token provided is invalid');
|
|
||||||
} elseif (!isset($token["expires"]) || !isset($token["client_id"])) {
|
|
||||||
$response->setError(401, 'malformed_token', 'Malformed token (missing "expires")');
|
|
||||||
} elseif (time() > $token["expires"]) {
|
|
||||||
$response->setError(401, 'invalid_token', 'The access token provided has expired');
|
|
||||||
} else {
|
|
||||||
return $token;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$authHeader = sprintf('%s realm="%s"', $this->tokenType->getTokenType(), $this->config['www_realm']);
|
|
||||||
|
|
||||||
if ($error = $response->getParameter('error')) {
|
|
||||||
$authHeader = sprintf('%s, error="%s"', $authHeader, $error);
|
|
||||||
if ($error_description = $response->getParameter('error_description')) {
|
|
||||||
$authHeader = sprintf('%s, error_description="%s"', $authHeader, $error_description);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->addHttpHeaders(array('WWW-Authenticate' => $authHeader));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* convenience method to allow retrieval of the token.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function getToken()
|
|
||||||
{
|
|
||||||
return $this->token;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,41 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This controller is called when a "resource" is requested.
|
|
||||||
* call verifyResourceRequest in order to determine if the request
|
|
||||||
* contains a valid token.
|
|
||||||
*
|
|
||||||
* @code
|
|
||||||
* if (!$resourceController->verifyResourceRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response())) {
|
|
||||||
* $response->send(); // authorization failed
|
|
||||||
* die();
|
|
||||||
* }
|
|
||||||
* return json_encode($resource); // valid token! Send the stuff!
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
interface ResourceControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Verify the resource request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - Request object
|
|
||||||
* @param ResponseInterface $response - Response object
|
|
||||||
* @param string $scope
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function verifyResourceRequest(RequestInterface $request, ResponseInterface $response, $scope = null);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get access token data.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - Request object
|
|
||||||
* @param ResponseInterface $response - Response object
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getAccessTokenData(RequestInterface $request, ResponseInterface $response);
|
|
||||||
}
|
|
|
@ -1,333 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\ClientAssertionType\ClientAssertionTypeInterface;
|
|
||||||
use OAuth2\GrantType\GrantTypeInterface;
|
|
||||||
use OAuth2\ScopeInterface;
|
|
||||||
use OAuth2\Scope;
|
|
||||||
use OAuth2\Storage\ClientInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use InvalidArgumentException;
|
|
||||||
use LogicException;
|
|
||||||
use RuntimeException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @see TokenControllerInterface
|
|
||||||
*/
|
|
||||||
class TokenController implements TokenControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var AccessTokenInterface
|
|
||||||
*/
|
|
||||||
protected $accessToken;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array<GrantTypeInterface>
|
|
||||||
*/
|
|
||||||
protected $grantTypes;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ClientAssertionTypeInterface
|
|
||||||
*/
|
|
||||||
protected $clientAssertionType;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ScopeInterface
|
|
||||||
*/
|
|
||||||
protected $scopeUtil;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var ClientInterface
|
|
||||||
*/
|
|
||||||
protected $clientStorage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param ClientInterface $clientStorage
|
|
||||||
* @param array $grantTypes
|
|
||||||
* @param ClientAssertionTypeInterface $clientAssertionType
|
|
||||||
* @param ScopeInterface $scopeUtil
|
|
||||||
* @throws InvalidArgumentException
|
|
||||||
*/
|
|
||||||
public function __construct(AccessTokenInterface $accessToken, ClientInterface $clientStorage, array $grantTypes = array(), ClientAssertionTypeInterface $clientAssertionType = null, ScopeInterface $scopeUtil = null)
|
|
||||||
{
|
|
||||||
if (is_null($clientAssertionType)) {
|
|
||||||
foreach ($grantTypes as $grantType) {
|
|
||||||
if (!$grantType instanceof ClientAssertionTypeInterface) {
|
|
||||||
throw new InvalidArgumentException('You must supply an instance of OAuth2\ClientAssertionType\ClientAssertionTypeInterface or only use grant types which implement OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$this->clientAssertionType = $clientAssertionType;
|
|
||||||
$this->accessToken = $accessToken;
|
|
||||||
$this->clientStorage = $clientStorage;
|
|
||||||
foreach ($grantTypes as $grantType) {
|
|
||||||
$this->addGrantType($grantType);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (is_null($scopeUtil)) {
|
|
||||||
$scopeUtil = new Scope();
|
|
||||||
}
|
|
||||||
$this->scopeUtil = $scopeUtil;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handle the token request.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - Request object to grant access token
|
|
||||||
* @param ResponseInterface $response - Response object
|
|
||||||
*/
|
|
||||||
public function handleTokenRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if ($token = $this->grantAccessToken($request, $response)) {
|
|
||||||
// @see http://tools.ietf.org/html/rfc6749#section-5.1
|
|
||||||
// server MUST disable caching in headers when tokens are involved
|
|
||||||
$response->setStatusCode(200);
|
|
||||||
$response->addParameters($token);
|
|
||||||
$response->addHttpHeaders(array(
|
|
||||||
'Cache-Control' => 'no-store',
|
|
||||||
'Pragma' => 'no-cache',
|
|
||||||
'Content-Type' => 'application/json'
|
|
||||||
));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Grant or deny a requested access token.
|
|
||||||
* This would be called from the "/token" endpoint as defined in the spec.
|
|
||||||
* You can call your endpoint whatever you want.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - Request object to grant access token
|
|
||||||
* @param ResponseInterface $response - Response object
|
|
||||||
*
|
|
||||||
* @return bool|null|array
|
|
||||||
*
|
|
||||||
* @throws \InvalidArgumentException
|
|
||||||
* @throws \LogicException
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-10.6
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4.1.3
|
|
||||||
*
|
|
||||||
* @ingroup oauth2_section_4
|
|
||||||
*/
|
|
||||||
public function grantAccessToken(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
|
|
||||||
$response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
|
|
||||||
$response->setError(405, 'invalid_request', 'The request method must be POST when requesting an access token', '#section-3.2');
|
|
||||||
$response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Determine grant type from request
|
|
||||||
* and validate the request for that grant type
|
|
||||||
*/
|
|
||||||
if (!$grantTypeIdentifier = $request->request('grant_type')) {
|
|
||||||
$response->setError(400, 'invalid_request', 'The grant type was not specified in the request');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($this->grantTypes[$grantTypeIdentifier])) {
|
|
||||||
/* TODO: If this is an OAuth2 supported grant type that we have chosen not to implement, throw a 501 Not Implemented instead */
|
|
||||||
$response->setError(400, 'unsupported_grant_type', sprintf('Grant type "%s" not supported', $grantTypeIdentifier));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/** @var GrantTypeInterface $grantType */
|
|
||||||
$grantType = $this->grantTypes[$grantTypeIdentifier];
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Retrieve the client information from the request
|
|
||||||
* ClientAssertionTypes allow for grant types which also assert the client data
|
|
||||||
* in which case ClientAssertion is handled in the validateRequest method
|
|
||||||
*
|
|
||||||
* @see \OAuth2\GrantType\JWTBearer
|
|
||||||
* @see \OAuth2\GrantType\ClientCredentials
|
|
||||||
*/
|
|
||||||
if (!$grantType instanceof ClientAssertionTypeInterface) {
|
|
||||||
if (!$this->clientAssertionType->validateRequest($request, $response)) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
$clientId = $this->clientAssertionType->getClientId();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Retrieve the grant type information from the request
|
|
||||||
* The GrantTypeInterface object handles all validation
|
|
||||||
* If the object is an instance of ClientAssertionTypeInterface,
|
|
||||||
* That logic is handled here as well
|
|
||||||
*/
|
|
||||||
if (!$grantType->validateRequest($request, $response)) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($grantType instanceof ClientAssertionTypeInterface) {
|
|
||||||
$clientId = $grantType->getClientId();
|
|
||||||
} else {
|
|
||||||
// validate the Client ID (if applicable)
|
|
||||||
if (!is_null($storedClientId = $grantType->getClientId()) && $storedClientId != $clientId) {
|
|
||||||
$response->setError(400, 'invalid_grant', sprintf('%s doesn\'t exist or is invalid for the client', $grantTypeIdentifier));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the client can use the requested grant type
|
|
||||||
*/
|
|
||||||
if (!$this->clientStorage->checkRestrictedGrantType($clientId, $grantTypeIdentifier)) {
|
|
||||||
$response->setError(400, 'unauthorized_client', 'The grant type is unauthorized for this client_id');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the scope of the token
|
|
||||||
*
|
|
||||||
* requestedScope - the scope specified in the token request
|
|
||||||
* availableScope - the scope associated with the grant type
|
|
||||||
* ex: in the case of the "Authorization Code" grant type,
|
|
||||||
* the scope is specified in the authorize request
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-3.3
|
|
||||||
*/
|
|
||||||
$requestedScope = $this->scopeUtil->getScopeFromRequest($request);
|
|
||||||
$availableScope = $grantType->getScope();
|
|
||||||
|
|
||||||
if ($requestedScope) {
|
|
||||||
// validate the requested scope
|
|
||||||
if ($availableScope) {
|
|
||||||
if (!$this->scopeUtil->checkScope($requestedScope, $availableScope)) {
|
|
||||||
$response->setError(400, 'invalid_scope', 'The scope requested is invalid for this request');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// validate the client has access to this scope
|
|
||||||
if ($clientScope = $this->clientStorage->getClientScope($clientId)) {
|
|
||||||
if (!$this->scopeUtil->checkScope($requestedScope, $clientScope)) {
|
|
||||||
$response->setError(400, 'invalid_scope', 'The scope requested is invalid for this client');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} elseif (!$this->scopeUtil->scopeExists($requestedScope)) {
|
|
||||||
$response->setError(400, 'invalid_scope', 'An unsupported scope was requested');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} elseif ($availableScope) {
|
|
||||||
// use the scope associated with this grant type
|
|
||||||
$requestedScope = $availableScope;
|
|
||||||
} else {
|
|
||||||
// use a globally-defined default scope
|
|
||||||
$defaultScope = $this->scopeUtil->getDefaultScope($clientId);
|
|
||||||
|
|
||||||
// "false" means default scopes are not allowed
|
|
||||||
if (false === $defaultScope) {
|
|
||||||
$response->setError(400, 'invalid_scope', 'This application requires you specify a scope parameter');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$requestedScope = $defaultScope;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $grantType->createAccessToken($this->accessToken, $clientId, $grantType->getUserId(), $requestedScope);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Add grant type
|
|
||||||
*
|
|
||||||
* @param GrantTypeInterface $grantType - the grant type to add for the specified identifier
|
|
||||||
* @param string|null $identifier - a string passed in as "grant_type" in the response that will call this grantType
|
|
||||||
*/
|
|
||||||
public function addGrantType(GrantTypeInterface $grantType, $identifier = null)
|
|
||||||
{
|
|
||||||
if (is_null($identifier) || is_numeric($identifier)) {
|
|
||||||
$identifier = $grantType->getQueryStringIdentifier();
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->grantTypes[$identifier] = $grantType;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
*/
|
|
||||||
public function handleRevokeRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if ($this->revokeToken($request, $response)) {
|
|
||||||
$response->setStatusCode(200);
|
|
||||||
$response->addParameters(array('revoked' => true));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Revoke a refresh or access token. Returns true on success and when tokens are invalid
|
|
||||||
*
|
|
||||||
* Note: invalid tokens do not cause an error response since the client
|
|
||||||
* cannot handle such an error in a reasonable way. Moreover, the
|
|
||||||
* purpose of the revocation request, invalidating the particular token,
|
|
||||||
* is already achieved.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @throws RuntimeException
|
|
||||||
* @return bool|null
|
|
||||||
*/
|
|
||||||
public function revokeToken(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (strtolower($request->server('REQUEST_METHOD')) === 'options') {
|
|
||||||
$response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (strtolower($request->server('REQUEST_METHOD')) !== 'post') {
|
|
||||||
$response->setError(405, 'invalid_request', 'The request method must be POST when revoking an access token', '#section-3.2');
|
|
||||||
$response->addHttpHeaders(array('Allow' => 'POST, OPTIONS'));
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$token_type_hint = $request->request('token_type_hint');
|
|
||||||
if (!in_array($token_type_hint, array(null, 'access_token', 'refresh_token'), true)) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Token type hint must be either \'access_token\' or \'refresh_token\'');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$token = $request->request('token');
|
|
||||||
if ($token === null) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Missing token parameter to revoke');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// @todo remove this check for v2.0
|
|
||||||
if (!method_exists($this->accessToken, 'revokeToken')) {
|
|
||||||
$class = get_class($this->accessToken);
|
|
||||||
throw new RuntimeException("AccessToken {$class} does not implement required revokeToken method");
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->accessToken->revokeToken($token, $token_type_hint);
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,39 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Controller;
|
|
||||||
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This controller is called when a token is being requested.
|
|
||||||
* it is called to handle all grant types the application supports.
|
|
||||||
* It also validates the client's credentials
|
|
||||||
*
|
|
||||||
* @code
|
|
||||||
* $tokenController->handleTokenRequest(OAuth2\Request::createFromGlobals(), $response = new OAuth2\Response());
|
|
||||||
* $response->send();
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
interface TokenControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Handle the token request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - The current http request
|
|
||||||
* @param ResponseInterface $response - An instance of OAuth2\ResponseInterface to contain the response data
|
|
||||||
*/
|
|
||||||
public function handleTokenRequest(RequestInterface $request, ResponseInterface $response);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Grant or deny a requested access token.
|
|
||||||
* This would be called from the "/token" endpoint as defined in the spec.
|
|
||||||
* You can call your endpoint whatever you want.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request - Request object to grant access token
|
|
||||||
* @param ResponseInterface $response - Response object
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function grantAccessToken(RequestInterface $request, ResponseInterface $response);
|
|
||||||
}
|
|
|
@ -1,34 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Encryption;
|
|
||||||
|
|
||||||
interface EncryptionInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @param $payload
|
|
||||||
* @param $key
|
|
||||||
* @param null $algorithm
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function encode($payload, $key, $algorithm = null);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $payload
|
|
||||||
* @param $key
|
|
||||||
* @param null $algorithm
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function decode($payload, $key, $algorithm = null);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $data
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function urlSafeB64Encode($data);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $b64
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function urlSafeB64Decode($b64);
|
|
||||||
}
|
|
|
@ -1,47 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Encryption;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Bridge file to use the firebase/php-jwt package for JWT encoding and decoding.
|
|
||||||
* @author Francis Chuang <francis.chuang@gmail.com>
|
|
||||||
*/
|
|
||||||
class FirebaseJwt implements EncryptionInterface
|
|
||||||
{
|
|
||||||
public function __construct()
|
|
||||||
{
|
|
||||||
if (!class_exists('\JWT')) {
|
|
||||||
throw new \ErrorException('firebase/php-jwt must be installed to use this feature. You can do this by running "composer require firebase/php-jwt"');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public function encode($payload, $key, $alg = 'HS256', $keyId = null)
|
|
||||||
{
|
|
||||||
return \JWT::encode($payload, $key, $alg, $keyId);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function decode($jwt, $key = null, $allowedAlgorithms = null)
|
|
||||||
{
|
|
||||||
try {
|
|
||||||
|
|
||||||
//Maintain BC: Do not verify if no algorithms are passed in.
|
|
||||||
if (!$allowedAlgorithms) {
|
|
||||||
$key = null;
|
|
||||||
}
|
|
||||||
|
|
||||||
return (array)\JWT::decode($jwt, $key, $allowedAlgorithms);
|
|
||||||
} catch (\Exception $e) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public function urlSafeB64Encode($data)
|
|
||||||
{
|
|
||||||
return \JWT::urlsafeB64Encode($data);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function urlSafeB64Decode($b64)
|
|
||||||
{
|
|
||||||
return \JWT::urlsafeB64Decode($b64);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,223 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\Encryption;
|
|
||||||
|
|
||||||
use Exception;
|
|
||||||
use InvalidArgumentException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @link https://github.com/F21/jwt
|
|
||||||
* @author F21
|
|
||||||
*/
|
|
||||||
class Jwt implements EncryptionInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @param $payload
|
|
||||||
* @param $key
|
|
||||||
* @param string $algo
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function encode($payload, $key, $algo = 'HS256')
|
|
||||||
{
|
|
||||||
$header = $this->generateJwtHeader($payload, $algo);
|
|
||||||
|
|
||||||
$segments = array(
|
|
||||||
$this->urlSafeB64Encode(json_encode($header)),
|
|
||||||
$this->urlSafeB64Encode(json_encode($payload))
|
|
||||||
);
|
|
||||||
|
|
||||||
$signing_input = implode('.', $segments);
|
|
||||||
|
|
||||||
$signature = $this->sign($signing_input, $key, $algo);
|
|
||||||
$segments[] = $this->urlsafeB64Encode($signature);
|
|
||||||
|
|
||||||
return implode('.', $segments);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param string $jwt
|
|
||||||
* @param null $key
|
|
||||||
* @param array|bool $allowedAlgorithms
|
|
||||||
* @return bool|mixed
|
|
||||||
*/
|
|
||||||
public function decode($jwt, $key = null, $allowedAlgorithms = true)
|
|
||||||
{
|
|
||||||
if (!strpos($jwt, '.')) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$tks = explode('.', $jwt);
|
|
||||||
|
|
||||||
if (count($tks) != 3) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
list($headb64, $payloadb64, $cryptob64) = $tks;
|
|
||||||
|
|
||||||
if (null === ($header = json_decode($this->urlSafeB64Decode($headb64), true))) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (null === $payload = json_decode($this->urlSafeB64Decode($payloadb64), true)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$sig = $this->urlSafeB64Decode($cryptob64);
|
|
||||||
|
|
||||||
if ((bool) $allowedAlgorithms) {
|
|
||||||
if (!isset($header['alg'])) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if bool arg supplied here to maintain BC
|
|
||||||
if (is_array($allowedAlgorithms) && !in_array($header['alg'], $allowedAlgorithms)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$this->verifySignature($sig, "$headb64.$payloadb64", $key, $header['alg'])) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return $payload;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $signature
|
|
||||||
* @param $input
|
|
||||||
* @param $key
|
|
||||||
* @param string $algo
|
|
||||||
* @return bool
|
|
||||||
* @throws InvalidArgumentException
|
|
||||||
*/
|
|
||||||
private function verifySignature($signature, $input, $key, $algo = 'HS256')
|
|
||||||
{
|
|
||||||
// use constants when possible, for HipHop support
|
|
||||||
switch ($algo) {
|
|
||||||
case'HS256':
|
|
||||||
case'HS384':
|
|
||||||
case'HS512':
|
|
||||||
return $this->hash_equals(
|
|
||||||
$this->sign($input, $key, $algo),
|
|
||||||
$signature
|
|
||||||
);
|
|
||||||
|
|
||||||
case 'RS256':
|
|
||||||
return openssl_verify($input, $signature, $key, defined('OPENSSL_ALGO_SHA256') ? OPENSSL_ALGO_SHA256 : 'sha256') === 1;
|
|
||||||
|
|
||||||
case 'RS384':
|
|
||||||
return @openssl_verify($input, $signature, $key, defined('OPENSSL_ALGO_SHA384') ? OPENSSL_ALGO_SHA384 : 'sha384') === 1;
|
|
||||||
|
|
||||||
case 'RS512':
|
|
||||||
return @openssl_verify($input, $signature, $key, defined('OPENSSL_ALGO_SHA512') ? OPENSSL_ALGO_SHA512 : 'sha512') === 1;
|
|
||||||
|
|
||||||
default:
|
|
||||||
throw new InvalidArgumentException("Unsupported or invalid signing algorithm.");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $input
|
|
||||||
* @param $key
|
|
||||||
* @param string $algo
|
|
||||||
* @return string
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
private function sign($input, $key, $algo = 'HS256')
|
|
||||||
{
|
|
||||||
switch ($algo) {
|
|
||||||
case 'HS256':
|
|
||||||
return hash_hmac('sha256', $input, $key, true);
|
|
||||||
|
|
||||||
case 'HS384':
|
|
||||||
return hash_hmac('sha384', $input, $key, true);
|
|
||||||
|
|
||||||
case 'HS512':
|
|
||||||
return hash_hmac('sha512', $input, $key, true);
|
|
||||||
|
|
||||||
case 'RS256':
|
|
||||||
return $this->generateRSASignature($input, $key, defined('OPENSSL_ALGO_SHA256') ? OPENSSL_ALGO_SHA256 : 'sha256');
|
|
||||||
|
|
||||||
case 'RS384':
|
|
||||||
return $this->generateRSASignature($input, $key, defined('OPENSSL_ALGO_SHA384') ? OPENSSL_ALGO_SHA384 : 'sha384');
|
|
||||||
|
|
||||||
case 'RS512':
|
|
||||||
return $this->generateRSASignature($input, $key, defined('OPENSSL_ALGO_SHA512') ? OPENSSL_ALGO_SHA512 : 'sha512');
|
|
||||||
|
|
||||||
default:
|
|
||||||
throw new Exception("Unsupported or invalid signing algorithm.");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $input
|
|
||||||
* @param $key
|
|
||||||
* @param string $algo
|
|
||||||
* @return mixed
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
private function generateRSASignature($input, $key, $algo)
|
|
||||||
{
|
|
||||||
if (!openssl_sign($input, $signature, $key, $algo)) {
|
|
||||||
throw new Exception("Unable to sign data.");
|
|
||||||
}
|
|
||||||
|
|
||||||
return $signature;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param string $data
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function urlSafeB64Encode($data)
|
|
||||||
{
|
|
||||||
$b64 = base64_encode($data);
|
|
||||||
$b64 = str_replace(array('+', '/', "\r", "\n", '='),
|
|
||||||
array('-', '_'),
|
|
||||||
$b64);
|
|
||||||
|
|
||||||
return $b64;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param string $b64
|
|
||||||
* @return mixed|string
|
|
||||||
*/
|
|
||||||
public function urlSafeB64Decode($b64)
|
|
||||||
{
|
|
||||||
$b64 = str_replace(array('-', '_'),
|
|
||||||
array('+', '/'),
|
|
||||||
$b64);
|
|
||||||
|
|
||||||
return base64_decode($b64);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Override to create a custom header
|
|
||||||
*/
|
|
||||||
protected function generateJwtHeader($payload, $algorithm)
|
|
||||||
{
|
|
||||||
return array(
|
|
||||||
'typ' => 'JWT',
|
|
||||||
'alg' => $algorithm,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param string $a
|
|
||||||
* @param string $b
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
protected function hash_equals($a, $b)
|
|
||||||
{
|
|
||||||
if (function_exists('hash_equals')) {
|
|
||||||
return hash_equals($a, $b);
|
|
||||||
}
|
|
||||||
$diff = strlen($a) ^ strlen($b);
|
|
||||||
for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
|
|
||||||
$diff |= ord($a[$i]) ^ ord($b[$i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $diff === 0;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,142 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\Storage\AuthorizationCodeInterface;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use Exception;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class AuthorizationCode implements GrantTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var AuthorizationCodeInterface
|
|
||||||
*/
|
|
||||||
protected $storage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $authCode;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param AuthorizationCodeInterface $storage - REQUIRED Storage class for retrieving authorization code information
|
|
||||||
*/
|
|
||||||
public function __construct(AuthorizationCodeInterface $storage)
|
|
||||||
{
|
|
||||||
$this->storage = $storage;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier()
|
|
||||||
{
|
|
||||||
return 'authorization_code';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$request->request('code')) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Missing parameter: "code" is required');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$code = $request->request('code');
|
|
||||||
if (!$authCode = $this->storage->getAuthorizationCode($code)) {
|
|
||||||
$response->setError(400, 'invalid_grant', 'Authorization code doesn\'t exist or is invalid for the client');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* 4.1.3 - ensure that the "redirect_uri" parameter is present if the "redirect_uri" parameter was included in the initial authorization request
|
|
||||||
* @uri - http://tools.ietf.org/html/rfc6749#section-4.1.3
|
|
||||||
*/
|
|
||||||
if (isset($authCode['redirect_uri']) && $authCode['redirect_uri']) {
|
|
||||||
if (!$request->request('redirect_uri') || urldecode($request->request('redirect_uri')) != urldecode($authCode['redirect_uri'])) {
|
|
||||||
$response->setError(400, 'redirect_uri_mismatch', "The redirect URI is missing or do not match", "#section-4.1.3");
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($authCode['expires'])) {
|
|
||||||
throw new \Exception('Storage must return authcode with a value for "expires"');
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($authCode["expires"] < time()) {
|
|
||||||
$response->setError(400, 'invalid_grant', "The authorization code has expired");
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($authCode['code'])) {
|
|
||||||
$authCode['code'] = $code; // used to expire the code after the access token is granted
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->authCode = $authCode;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return $this->authCode['client_id'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the scope
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
return isset($this->authCode['scope']) ? $this->authCode['scope'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the user id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getUserId()
|
|
||||||
{
|
|
||||||
return isset($this->authCode['user_id']) ? $this->authCode['user_id'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
$token = $accessToken->createAccessToken($client_id, $user_id, $scope);
|
|
||||||
$this->storage->expireAuthorizationCode($this->authCode['code']);
|
|
||||||
|
|
||||||
return $token;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,98 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\ClientAssertionType\HttpBasic;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\Storage\ClientCredentialsInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*
|
|
||||||
* @see HttpBasic
|
|
||||||
*/
|
|
||||||
class ClientCredentials extends HttpBasic implements GrantTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
private $clientData;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param ClientCredentialsInterface $storage
|
|
||||||
* @param array $config
|
|
||||||
*/
|
|
||||||
public function __construct(ClientCredentialsInterface $storage, array $config = array())
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* The client credentials grant type MUST only be used by confidential clients
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4.4
|
|
||||||
*/
|
|
||||||
$config['allow_public_clients'] = false;
|
|
||||||
|
|
||||||
parent::__construct($storage, $config);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get query string identifier
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier()
|
|
||||||
{
|
|
||||||
return 'client_credentials';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get scope
|
|
||||||
*
|
|
||||||
* @return string|null
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
$this->loadClientData();
|
|
||||||
|
|
||||||
return isset($this->clientData['scope']) ? $this->clientData['scope'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get user id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getUserId()
|
|
||||||
{
|
|
||||||
$this->loadClientData();
|
|
||||||
|
|
||||||
return isset($this->clientData['user_id']) ? $this->clientData['user_id'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Client Credentials Grant does NOT include a refresh token
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4.4.3
|
|
||||||
*/
|
|
||||||
$includeRefreshToken = false;
|
|
||||||
|
|
||||||
return $accessToken->createAccessToken($client_id, $user_id, $scope, $includeRefreshToken);
|
|
||||||
}
|
|
||||||
|
|
||||||
private function loadClientData()
|
|
||||||
{
|
|
||||||
if (!$this->clientData) {
|
|
||||||
$this->clientData = $this->storage->getClientDetails($this->getClientId());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,59 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Interface for all OAuth2 Grant Types
|
|
||||||
*/
|
|
||||||
interface GrantTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Get query string identifier
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get user id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getUserId();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get scope
|
|
||||||
*
|
|
||||||
* @return string|null
|
|
||||||
*/
|
|
||||||
public function getScope();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope);
|
|
||||||
}
|
|
|
@ -1,247 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\ClientAssertionType\ClientAssertionTypeInterface;
|
|
||||||
use OAuth2\Storage\JwtBearerInterface;
|
|
||||||
use OAuth2\Encryption\Jwt;
|
|
||||||
use OAuth2\Encryption\EncryptionInterface;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The JWT bearer authorization grant implements JWT (JSON Web Tokens) as a grant type per the IETF draft.
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-04#section-4
|
|
||||||
*
|
|
||||||
* @author F21
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class JwtBearer implements GrantTypeInterface, ClientAssertionTypeInterface
|
|
||||||
{
|
|
||||||
private $jwt;
|
|
||||||
|
|
||||||
protected $storage;
|
|
||||||
protected $audience;
|
|
||||||
protected $jwtUtil;
|
|
||||||
protected $allowedAlgorithms;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Creates an instance of the JWT bearer grant type.
|
|
||||||
*
|
|
||||||
* @param JwtBearerInterface $storage - A valid storage interface that implements storage hooks for the JWT
|
|
||||||
* bearer grant type.
|
|
||||||
* @param string $audience - The audience to validate the token against. This is usually the full
|
|
||||||
* URI of the OAuth token requests endpoint.
|
|
||||||
* @param EncryptionInterface|JWT $jwtUtil - OPTONAL The class used to decode, encode and verify JWTs.
|
|
||||||
* @param array $config
|
|
||||||
*/
|
|
||||||
public function __construct(JwtBearerInterface $storage, $audience, EncryptionInterface $jwtUtil = null, array $config = array())
|
|
||||||
{
|
|
||||||
$this->storage = $storage;
|
|
||||||
$this->audience = $audience;
|
|
||||||
|
|
||||||
if (is_null($jwtUtil)) {
|
|
||||||
$jwtUtil = new Jwt();
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'allowed_algorithms' => array('RS256', 'RS384', 'RS512')
|
|
||||||
), $config);
|
|
||||||
|
|
||||||
$this->jwtUtil = $jwtUtil;
|
|
||||||
|
|
||||||
$this->allowedAlgorithms = $this->config['allowed_algorithms'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the grant_type get parameter to identify the grant type request as JWT bearer authorization grant.
|
|
||||||
*
|
|
||||||
* @return string - The string identifier for grant_type.
|
|
||||||
*
|
|
||||||
* @see GrantTypeInterface::getQueryStringIdentifier()
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier()
|
|
||||||
{
|
|
||||||
return 'urn:ietf:params:oauth:grant-type:jwt-bearer';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validates the data from the decoded JWT.
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool|mixed|null TRUE if the JWT request is valid and can be decoded. Otherwise, FALSE is returned.@see GrantTypeInterface::getTokenData()
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$request->request("assertion")) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Missing parameters: "assertion" required');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Store the undecoded JWT for later use
|
|
||||||
$undecodedJWT = $request->request('assertion');
|
|
||||||
|
|
||||||
// Decode the JWT
|
|
||||||
$jwt = $this->jwtUtil->decode($request->request('assertion'), null, false);
|
|
||||||
|
|
||||||
if (!$jwt) {
|
|
||||||
$response->setError(400, 'invalid_request', "JWT is malformed");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// ensure these properties contain a value
|
|
||||||
// @todo: throw malformed error for missing properties
|
|
||||||
$jwt = array_merge(array(
|
|
||||||
'scope' => null,
|
|
||||||
'iss' => null,
|
|
||||||
'sub' => null,
|
|
||||||
'aud' => null,
|
|
||||||
'exp' => null,
|
|
||||||
'nbf' => null,
|
|
||||||
'iat' => null,
|
|
||||||
'jti' => null,
|
|
||||||
'typ' => null,
|
|
||||||
), $jwt);
|
|
||||||
|
|
||||||
if (!isset($jwt['iss'])) {
|
|
||||||
$response->setError(400, 'invalid_grant', "Invalid issuer (iss) provided");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($jwt['sub'])) {
|
|
||||||
$response->setError(400, 'invalid_grant', "Invalid subject (sub) provided");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($jwt['exp'])) {
|
|
||||||
$response->setError(400, 'invalid_grant', "Expiration (exp) time must be present");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check expiration
|
|
||||||
if (ctype_digit($jwt['exp'])) {
|
|
||||||
if ($jwt['exp'] <= time()) {
|
|
||||||
$response->setError(400, 'invalid_grant', "JWT has expired");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$response->setError(400, 'invalid_grant', "Expiration (exp) time must be a unix time stamp");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check the not before time
|
|
||||||
if ($notBefore = $jwt['nbf']) {
|
|
||||||
if (ctype_digit($notBefore)) {
|
|
||||||
if ($notBefore > time()) {
|
|
||||||
$response->setError(400, 'invalid_grant', "JWT cannot be used before the Not Before (nbf) time");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$response->setError(400, 'invalid_grant', "Not Before (nbf) time must be a unix time stamp");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check the audience if required to match
|
|
||||||
if (!isset($jwt['aud']) || ($jwt['aud'] != $this->audience)) {
|
|
||||||
$response->setError(400, 'invalid_grant', "Invalid audience (aud)");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check the jti (nonce)
|
|
||||||
// @see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-13#section-4.1.7
|
|
||||||
if (isset($jwt['jti'])) {
|
|
||||||
$jti = $this->storage->getJti($jwt['iss'], $jwt['sub'], $jwt['aud'], $jwt['exp'], $jwt['jti']);
|
|
||||||
|
|
||||||
//Reject if jti is used and jwt is still valid (exp parameter has not expired).
|
|
||||||
if ($jti && $jti['expires'] > time()) {
|
|
||||||
$response->setError(400, 'invalid_grant', "JSON Token Identifier (jti) has already been used");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
} else {
|
|
||||||
$this->storage->setJti($jwt['iss'], $jwt['sub'], $jwt['aud'], $jwt['exp'], $jwt['jti']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Get the iss's public key
|
|
||||||
// @see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06#section-4.1.1
|
|
||||||
if (!$key = $this->storage->getClientKey($jwt['iss'], $jwt['sub'])) {
|
|
||||||
$response->setError(400, 'invalid_grant', "Invalid issuer (iss) or subject (sub) provided");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Verify the JWT
|
|
||||||
if (!$this->jwtUtil->decode($undecodedJWT, $key, $this->allowedAlgorithms)) {
|
|
||||||
$response->setError(400, 'invalid_grant', "JWT failed signature verification");
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->jwt = $jwt;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return $this->jwt['iss'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get user id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getUserId()
|
|
||||||
{
|
|
||||||
return $this->jwt['sub'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get scope
|
|
||||||
*
|
|
||||||
* @return null
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Creates an access token that is NOT associated with a refresh token.
|
|
||||||
* If a subject (sub) the name of the user/account we are accessing data on behalf of.
|
|
||||||
*
|
|
||||||
* @see GrantTypeInterface::createAccessToken()
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
$includeRefreshToken = false;
|
|
||||||
|
|
||||||
return $accessToken->createAccessToken($client_id, $user_id, $scope, $includeRefreshToken);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,154 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\Storage\RefreshTokenInterface;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class RefreshToken implements GrantTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
private $refreshToken;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var RefreshTokenInterface
|
|
||||||
*/
|
|
||||||
protected $storage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RefreshTokenInterface $storage - REQUIRED Storage class for retrieving refresh token information
|
|
||||||
* @param array $config - OPTIONAL Configuration options for the server
|
|
||||||
* @code
|
|
||||||
* $config = array(
|
|
||||||
* 'always_issue_new_refresh_token' => true, // whether to issue a new refresh token upon successful token request
|
|
||||||
* 'unset_refresh_token_after_use' => true // whether to unset the refresh token after after using
|
|
||||||
* );
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
public function __construct(RefreshTokenInterface $storage, $config = array())
|
|
||||||
{
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'always_issue_new_refresh_token' => false,
|
|
||||||
'unset_refresh_token_after_use' => true
|
|
||||||
), $config);
|
|
||||||
|
|
||||||
// to preserve B.C. with v1.6
|
|
||||||
// @see https://github.com/bshaffer/oauth2-server-php/pull/580
|
|
||||||
// @todo - remove in v2.0
|
|
||||||
if (isset($config['always_issue_new_refresh_token']) && !isset($config['unset_refresh_token_after_use'])) {
|
|
||||||
$this->config['unset_refresh_token_after_use'] = $config['always_issue_new_refresh_token'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->storage = $storage;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier()
|
|
||||||
{
|
|
||||||
return 'refresh_token';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate the OAuth request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool|mixed|null
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$request->request("refresh_token")) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Missing parameter: "refresh_token" is required');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$refreshToken = $this->storage->getRefreshToken($request->request("refresh_token"))) {
|
|
||||||
$response->setError(400, 'invalid_grant', 'Invalid refresh token');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($refreshToken['expires'] > 0 && $refreshToken["expires"] < time()) {
|
|
||||||
$response->setError(400, 'invalid_grant', 'Refresh token has expired');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
// store the refresh token locally so we can delete it when a new refresh token is generated
|
|
||||||
$this->refreshToken = $refreshToken;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get client id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return $this->refreshToken['client_id'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get user id
|
|
||||||
*
|
|
||||||
* @return mixed|null
|
|
||||||
*/
|
|
||||||
public function getUserId()
|
|
||||||
{
|
|
||||||
return isset($this->refreshToken['user_id']) ? $this->refreshToken['user_id'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get scope
|
|
||||||
*
|
|
||||||
* @return null|string
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
return isset($this->refreshToken['scope']) ? $this->refreshToken['scope'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
/*
|
|
||||||
* It is optional to force a new refresh token when a refresh token is used.
|
|
||||||
* However, if a new refresh token is issued, the old one MUST be expired
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-6
|
|
||||||
*/
|
|
||||||
$issueNewRefreshToken = $this->config['always_issue_new_refresh_token'];
|
|
||||||
$unsetRefreshToken = $this->config['unset_refresh_token_after_use'];
|
|
||||||
$token = $accessToken->createAccessToken($client_id, $user_id, $scope, $issueNewRefreshToken);
|
|
||||||
|
|
||||||
if ($unsetRefreshToken) {
|
|
||||||
$this->storage->unsetRefreshToken($this->refreshToken['refresh_token']);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $token;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,123 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\Storage\UserCredentialsInterface;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
use LogicException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class UserCredentials implements GrantTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
private $userInfo;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var UserCredentialsInterface
|
|
||||||
*/
|
|
||||||
protected $storage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param UserCredentialsInterface $storage - REQUIRED Storage class for retrieving user credentials information
|
|
||||||
*/
|
|
||||||
public function __construct(UserCredentialsInterface $storage)
|
|
||||||
{
|
|
||||||
$this->storage = $storage;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function getQueryStringIdentifier()
|
|
||||||
{
|
|
||||||
return 'password';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool|mixed|null
|
|
||||||
*
|
|
||||||
* @throws LogicException
|
|
||||||
*/
|
|
||||||
public function validateRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$request->request("password") || !$request->request("username")) {
|
|
||||||
$response->setError(400, 'invalid_request', 'Missing parameters: "username" and "password" required');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$this->storage->checkUserCredentials($request->request("username"), $request->request("password"))) {
|
|
||||||
$response->setError(401, 'invalid_grant', 'Invalid username and password combination');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$userInfo = $this->storage->getUserDetails($request->request("username"));
|
|
||||||
|
|
||||||
if (empty($userInfo)) {
|
|
||||||
$response->setError(400, 'invalid_grant', 'Unable to retrieve user information');
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($userInfo['user_id'])) {
|
|
||||||
throw new \LogicException("you must set the user_id on the array returned by getUserDetails");
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->userInfo = $userInfo;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get client id
|
|
||||||
*
|
|
||||||
* @return mixed|null
|
|
||||||
*/
|
|
||||||
public function getClientId()
|
|
||||||
{
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get user id
|
|
||||||
*
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getUserId()
|
|
||||||
{
|
|
||||||
return $this->userInfo['user_id'];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get scope
|
|
||||||
*
|
|
||||||
* @return null|string
|
|
||||||
*/
|
|
||||||
public function getScope()
|
|
||||||
{
|
|
||||||
return isset($this->userInfo['scope']) ? $this->userInfo['scope'] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
return $accessToken->createAccessToken($client_id, $user_id, $scope);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,135 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\Controller;
|
|
||||||
|
|
||||||
use OAuth2\Controller\AuthorizeController as BaseAuthorizeController;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @see OAuth2\Controller\AuthorizeControllerInterface
|
|
||||||
*/
|
|
||||||
class AuthorizeController extends BaseAuthorizeController implements AuthorizeControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var mixed
|
|
||||||
*/
|
|
||||||
private $nonce;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set not authorized response
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param string $redirect_uri
|
|
||||||
* @param null $user_id
|
|
||||||
*/
|
|
||||||
protected function setNotAuthorizedResponse(RequestInterface $request, ResponseInterface $response, $redirect_uri, $user_id = null)
|
|
||||||
{
|
|
||||||
$prompt = $request->query('prompt', 'consent');
|
|
||||||
if ($prompt == 'none') {
|
|
||||||
if (is_null($user_id)) {
|
|
||||||
$error = 'login_required';
|
|
||||||
$error_message = 'The user must log in';
|
|
||||||
} else {
|
|
||||||
$error = 'interaction_required';
|
|
||||||
$error_message = 'The user must grant access to your application';
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$error = 'consent_required';
|
|
||||||
$error_message = 'The user denied access to your application';
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->setRedirect($this->config['redirect_status_code'], $redirect_uri, $this->getState(), $error, $error_message);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @TODO: add dependency injection for the parameters in this method
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @param mixed $user_id
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
protected function buildAuthorizeParameters($request, $response, $user_id)
|
|
||||||
{
|
|
||||||
if (!$params = parent::buildAuthorizeParameters($request, $response, $user_id)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Generate an id token if needed.
|
|
||||||
if ($this->needsIdToken($this->getScope()) && $this->getResponseType() == self::RESPONSE_TYPE_AUTHORIZATION_CODE) {
|
|
||||||
$params['id_token'] = $this->responseTypes['id_token']->createIdToken($this->getClientId(), $user_id, $this->nonce);
|
|
||||||
}
|
|
||||||
|
|
||||||
// add the nonce to return with the redirect URI
|
|
||||||
$params['nonce'] = $this->nonce;
|
|
||||||
|
|
||||||
return $params;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function validateAuthorizeRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!parent::validateAuthorizeRequest($request, $response)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$nonce = $request->query('nonce');
|
|
||||||
|
|
||||||
// Validate required nonce for "id_token" and "id_token token"
|
|
||||||
if (!$nonce && in_array($this->getResponseType(), array(self::RESPONSE_TYPE_ID_TOKEN, self::RESPONSE_TYPE_ID_TOKEN_TOKEN))) {
|
|
||||||
$response->setError(400, 'invalid_nonce', 'This application requires you specify a nonce parameter');
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->nonce = $nonce;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Array of valid response types
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
protected function getValidResponseTypes()
|
|
||||||
{
|
|
||||||
return array(
|
|
||||||
self::RESPONSE_TYPE_ACCESS_TOKEN,
|
|
||||||
self::RESPONSE_TYPE_AUTHORIZATION_CODE,
|
|
||||||
self::RESPONSE_TYPE_ID_TOKEN,
|
|
||||||
self::RESPONSE_TYPE_ID_TOKEN_TOKEN,
|
|
||||||
self::RESPONSE_TYPE_CODE_ID_TOKEN,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns whether the current request needs to generate an id token.
|
|
||||||
*
|
|
||||||
* ID Tokens are a part of the OpenID Connect specification, so this
|
|
||||||
* method checks whether OpenID Connect is enabled in the server settings
|
|
||||||
* and whether the openid scope was requested.
|
|
||||||
*
|
|
||||||
* @param string $request_scope - A space-separated string of scopes.
|
|
||||||
* @return boolean - TRUE if an id token is needed, FALSE otherwise.
|
|
||||||
*/
|
|
||||||
public function needsIdToken($request_scope)
|
|
||||||
{
|
|
||||||
// see if the "openid" scope exists in the requested scope
|
|
||||||
return $this->scopeUtil->checkScope('openid', $request_scope);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getNonce()
|
|
||||||
{
|
|
||||||
return $this->nonce;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,12 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\Controller;
|
|
||||||
|
|
||||||
interface AuthorizeControllerInterface
|
|
||||||
{
|
|
||||||
const RESPONSE_TYPE_ID_TOKEN = 'id_token';
|
|
||||||
|
|
||||||
const RESPONSE_TYPE_ID_TOKEN_TOKEN = 'id_token token';
|
|
||||||
|
|
||||||
const RESPONSE_TYPE_CODE_ID_TOKEN = 'code id_token';
|
|
||||||
}
|
|
|
@ -1,62 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\Controller;
|
|
||||||
|
|
||||||
use OAuth2\Scope;
|
|
||||||
use OAuth2\TokenType\TokenTypeInterface;
|
|
||||||
use OAuth2\Storage\AccessTokenInterface;
|
|
||||||
use OAuth2\OpenID\Storage\UserClaimsInterface;
|
|
||||||
use OAuth2\Controller\ResourceController;
|
|
||||||
use OAuth2\ScopeInterface;
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @see OAuth2\Controller\UserInfoControllerInterface
|
|
||||||
*/
|
|
||||||
class UserInfoController extends ResourceController implements UserInfoControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var UserClaimsInterface
|
|
||||||
*/
|
|
||||||
protected $userClaimsStorage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param TokenTypeInterface $tokenType
|
|
||||||
* @param AccessTokenInterface $tokenStorage
|
|
||||||
* @param UserClaimsInterface $userClaimsStorage
|
|
||||||
* @param array $config
|
|
||||||
* @param ScopeInterface $scopeUtil
|
|
||||||
*/
|
|
||||||
public function __construct(TokenTypeInterface $tokenType, AccessTokenInterface $tokenStorage, UserClaimsInterface $userClaimsStorage, $config = array(), ScopeInterface $scopeUtil = null)
|
|
||||||
{
|
|
||||||
parent::__construct($tokenType, $tokenStorage, $config, $scopeUtil);
|
|
||||||
|
|
||||||
$this->userClaimsStorage = $userClaimsStorage;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handle the user info request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function handleUserInfoRequest(RequestInterface $request, ResponseInterface $response)
|
|
||||||
{
|
|
||||||
if (!$this->verifyResourceRequest($request, $response, 'openid')) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$token = $this->getToken();
|
|
||||||
$claims = $this->userClaimsStorage->getUserClaims($token['user_id'], $token['scope']);
|
|
||||||
// The sub Claim MUST always be returned in the UserInfo Response.
|
|
||||||
// http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
|
|
||||||
$claims += array(
|
|
||||||
'sub' => $token['user_id'],
|
|
||||||
);
|
|
||||||
$response->addParameters($claims);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\Controller;
|
|
||||||
|
|
||||||
use OAuth2\RequestInterface;
|
|
||||||
use OAuth2\ResponseInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This controller is called when the user claims for OpenID Connect's
|
|
||||||
* UserInfo endpoint should be returned.
|
|
||||||
*
|
|
||||||
* @code
|
|
||||||
* $response = new OAuth2\Response();
|
|
||||||
* $userInfoController->handleUserInfoRequest(
|
|
||||||
* OAuth2\Request::createFromGlobals(),
|
|
||||||
* $response
|
|
||||||
* );
|
|
||||||
* $response->send();
|
|
||||||
* @endcode
|
|
||||||
*/
|
|
||||||
interface UserInfoControllerInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Handle user info request
|
|
||||||
*
|
|
||||||
* @param RequestInterface $request
|
|
||||||
* @param ResponseInterface $response
|
|
||||||
*/
|
|
||||||
public function handleUserInfoRequest(RequestInterface $request, ResponseInterface $response);
|
|
||||||
}
|
|
|
@ -1,41 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\GrantType;
|
|
||||||
|
|
||||||
use OAuth2\GrantType\AuthorizationCode as BaseAuthorizationCode;
|
|
||||||
use OAuth2\ResponseType\AccessTokenInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class AuthorizationCode extends BaseAuthorizationCode
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Create access token
|
|
||||||
*
|
|
||||||
* @param AccessTokenInterface $accessToken
|
|
||||||
* @param mixed $client_id - client identifier related to the access token.
|
|
||||||
* @param mixed $user_id - user id associated with the access token
|
|
||||||
* @param string $scope - scopes to be stored in space-separated string.
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope)
|
|
||||||
{
|
|
||||||
$includeRefreshToken = true;
|
|
||||||
if (isset($this->authCode['id_token'])) {
|
|
||||||
// OpenID Connect requests include the refresh token only if the
|
|
||||||
// offline_access scope has been requested and granted.
|
|
||||||
$scopes = explode(' ', trim($scope));
|
|
||||||
$includeRefreshToken = in_array('offline_access', $scopes);
|
|
||||||
}
|
|
||||||
|
|
||||||
$token = $accessToken->createAccessToken($client_id, $user_id, $scope, $includeRefreshToken);
|
|
||||||
if (isset($this->authCode['id_token'])) {
|
|
||||||
$token['id_token'] = $this->authCode['id_token'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->storage->expireAuthorizationCode($this->authCode['code']);
|
|
||||||
|
|
||||||
return $token;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,66 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\AuthorizationCode as BaseAuthorizationCode;
|
|
||||||
use OAuth2\OpenID\Storage\AuthorizationCodeInterface as AuthorizationCodeStorageInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
class AuthorizationCode extends BaseAuthorizationCode implements AuthorizationCodeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param AuthorizationCodeStorageInterface $storage
|
|
||||||
* @param array $config
|
|
||||||
*/
|
|
||||||
public function __construct(AuthorizationCodeStorageInterface $storage, array $config = array())
|
|
||||||
{
|
|
||||||
parent::__construct($storage, $config);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $params
|
|
||||||
* @param null $user_id
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function getAuthorizeResponse($params, $user_id = null)
|
|
||||||
{
|
|
||||||
// build the URL to redirect to
|
|
||||||
$result = array('query' => array());
|
|
||||||
|
|
||||||
$params += array('scope' => null, 'state' => null, 'id_token' => null);
|
|
||||||
|
|
||||||
$result['query']['code'] = $this->createAuthorizationCode($params['client_id'], $user_id, $params['redirect_uri'], $params['scope'], $params['id_token']);
|
|
||||||
|
|
||||||
if (isset($params['state'])) {
|
|
||||||
$result['query']['state'] = $params['state'];
|
|
||||||
}
|
|
||||||
|
|
||||||
return array($params['redirect_uri'], $result);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Handle the creation of the authorization code.
|
|
||||||
*
|
|
||||||
* @param mixed $client_id - Client identifier related to the authorization code
|
|
||||||
* @param mixed $user_id - User ID associated with the authorization code
|
|
||||||
* @param string $redirect_uri - An absolute URI to which the authorization server will redirect the
|
|
||||||
* user-agent to when the end-user authorization step is completed.
|
|
||||||
* @param string $scope - OPTIONAL Scopes to be stored in space-separated string.
|
|
||||||
* @param string $id_token - OPTIONAL The OpenID Connect id_token.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4
|
|
||||||
* @ingroup oauth2_section_4
|
|
||||||
*/
|
|
||||||
public function createAuthorizationCode($client_id, $user_id, $redirect_uri, $scope = null, $id_token = null)
|
|
||||||
{
|
|
||||||
$code = $this->generateAuthorizationCode();
|
|
||||||
$this->storage->setAuthorizationCode($code, $client_id, $user_id, $redirect_uri, time() + $this->config['auth_code_lifetime'], $scope, $id_token);
|
|
||||||
|
|
||||||
return $code;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,27 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\AuthorizationCodeInterface as BaseAuthorizationCodeInterface;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Brent Shaffer <bshafs at gmail dot com>
|
|
||||||
*/
|
|
||||||
interface AuthorizationCodeInterface extends BaseAuthorizationCodeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Handle the creation of the authorization code.
|
|
||||||
*
|
|
||||||
* @param mixed $client_id - Client identifier related to the authorization code
|
|
||||||
* @param mixed $user_id - User ID associated with the authorization code
|
|
||||||
* @param string $redirect_uri - An absolute URI to which the authorization server will redirect the
|
|
||||||
* user-agent to when the end-user authorization step is completed.
|
|
||||||
* @param string $scope - OPTIONAL Scopes to be stored in space-separated string.
|
|
||||||
* @param string $id_token - OPTIONAL The OpenID Connect id_token.
|
|
||||||
* @return string
|
|
||||||
*
|
|
||||||
* @see http://tools.ietf.org/html/rfc6749#section-4
|
|
||||||
* @ingroup oauth2_section_4
|
|
||||||
*/
|
|
||||||
public function createAuthorizationCode($client_id, $user_id, $redirect_uri, $scope = null, $id_token = null);
|
|
||||||
}
|
|
|
@ -1,40 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
class CodeIdToken implements CodeIdTokenInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var AuthorizationCodeInterface
|
|
||||||
*/
|
|
||||||
protected $authCode;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var IdTokenInterface
|
|
||||||
*/
|
|
||||||
protected $idToken;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param AuthorizationCodeInterface $authCode
|
|
||||||
* @param IdTokenInterface $idToken
|
|
||||||
*/
|
|
||||||
public function __construct(AuthorizationCodeInterface $authCode, IdTokenInterface $idToken)
|
|
||||||
{
|
|
||||||
$this->authCode = $authCode;
|
|
||||||
$this->idToken = $idToken;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param array $params
|
|
||||||
* @param mixed $user_id
|
|
||||||
* @return mixed
|
|
||||||
*/
|
|
||||||
public function getAuthorizeResponse($params, $user_id = null)
|
|
||||||
{
|
|
||||||
$result = $this->authCode->getAuthorizeResponse($params, $user_id);
|
|
||||||
$resultIdToken = $this->idToken->getAuthorizeResponse($params, $user_id);
|
|
||||||
$result[1]['query']['id_token'] = $resultIdToken[1]['fragment']['id_token'];
|
|
||||||
|
|
||||||
return $result;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,9 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\ResponseTypeInterface;
|
|
||||||
|
|
||||||
interface CodeIdTokenInterface extends ResponseTypeInterface
|
|
||||||
{
|
|
||||||
}
|
|
|
@ -1,178 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
use OAuth2\Encryption\EncryptionInterface;
|
|
||||||
use OAuth2\Encryption\Jwt;
|
|
||||||
use OAuth2\Storage\PublicKeyInterface;
|
|
||||||
use OAuth2\OpenID\Storage\UserClaimsInterface;
|
|
||||||
use LogicException;
|
|
||||||
|
|
||||||
class IdToken implements IdTokenInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var UserClaimsInterface
|
|
||||||
*/
|
|
||||||
protected $userClaimsStorage;
|
|
||||||
/**
|
|
||||||
* @var PublicKeyInterface
|
|
||||||
*/
|
|
||||||
protected $publicKeyStorage;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var EncryptionInterface
|
|
||||||
*/
|
|
||||||
protected $encryptionUtil;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*
|
|
||||||
* @param UserClaimsInterface $userClaimsStorage
|
|
||||||
* @param PublicKeyInterface $publicKeyStorage
|
|
||||||
* @param array $config
|
|
||||||
* @param EncryptionInterface $encryptionUtil
|
|
||||||
* @throws LogicException
|
|
||||||
*/
|
|
||||||
public function __construct(UserClaimsInterface $userClaimsStorage, PublicKeyInterface $publicKeyStorage, array $config = array(), EncryptionInterface $encryptionUtil = null)
|
|
||||||
{
|
|
||||||
$this->userClaimsStorage = $userClaimsStorage;
|
|
||||||
$this->publicKeyStorage = $publicKeyStorage;
|
|
||||||
if (is_null($encryptionUtil)) {
|
|
||||||
$encryptionUtil = new Jwt();
|
|
||||||
}
|
|
||||||
$this->encryptionUtil = $encryptionUtil;
|
|
||||||
|
|
||||||
if (!isset($config['issuer'])) {
|
|
||||||
throw new LogicException('config parameter "issuer" must be set');
|
|
||||||
}
|
|
||||||
$this->config = array_merge(array(
|
|
||||||
'id_lifetime' => 3600,
|
|
||||||
), $config);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param array $params
|
|
||||||
* @param null $userInfo
|
|
||||||
* @return array|mixed
|
|
||||||
*/
|
|
||||||
public function getAuthorizeResponse($params, $userInfo = null)
|
|
||||||
{
|
|
||||||
// build the URL to redirect to
|
|
||||||
$result = array('query' => array());
|
|
||||||
$params += array('scope' => null, 'state' => null, 'nonce' => null);
|
|
||||||
|
|
||||||
// create the id token.
|
|
||||||
list($user_id, $auth_time) = $this->getUserIdAndAuthTime($userInfo);
|
|
||||||
$userClaims = $this->userClaimsStorage->getUserClaims($user_id, $params['scope']);
|
|
||||||
|
|
||||||
$id_token = $this->createIdToken($params['client_id'], $userInfo, $params['nonce'], $userClaims, null);
|
|
||||||
$result["fragment"] = array('id_token' => $id_token);
|
|
||||||
if (isset($params['state'])) {
|
|
||||||
$result["fragment"]["state"] = $params['state'];
|
|
||||||
}
|
|
||||||
|
|
||||||
return array($params['redirect_uri'], $result);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create id token
|
|
||||||
*
|
|
||||||
* @param string $client_id
|
|
||||||
* @param mixed $userInfo
|
|
||||||
* @param mixed $nonce
|
|
||||||
* @param mixed $userClaims
|
|
||||||
* @param mixed $access_token
|
|
||||||
* @return mixed|string
|
|
||||||
*/
|
|
||||||
public function createIdToken($client_id, $userInfo, $nonce = null, $userClaims = null, $access_token = null)
|
|
||||||
{
|
|
||||||
// pull auth_time from user info if supplied
|
|
||||||
list($user_id, $auth_time) = $this->getUserIdAndAuthTime($userInfo);
|
|
||||||
|
|
||||||
$token = array(
|
|
||||||
'iss' => $this->config['issuer'],
|
|
||||||
'sub' => $user_id,
|
|
||||||
'aud' => $client_id,
|
|
||||||
'iat' => time(),
|
|
||||||
'exp' => time() + $this->config['id_lifetime'],
|
|
||||||
'auth_time' => $auth_time,
|
|
||||||
);
|
|
||||||
|
|
||||||
if ($nonce) {
|
|
||||||
$token['nonce'] = $nonce;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($userClaims) {
|
|
||||||
$token += $userClaims;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($access_token) {
|
|
||||||
$token['at_hash'] = $this->createAtHash($access_token, $client_id);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->encodeToken($token, $client_id);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $access_token
|
|
||||||
* @param null $client_id
|
|
||||||
* @return mixed|string
|
|
||||||
*/
|
|
||||||
protected function createAtHash($access_token, $client_id = null)
|
|
||||||
{
|
|
||||||
// maps HS256 and RS256 to sha256, etc.
|
|
||||||
$algorithm = $this->publicKeyStorage->getEncryptionAlgorithm($client_id);
|
|
||||||
$hash_algorithm = 'sha' . substr($algorithm, 2);
|
|
||||||
$hash = hash($hash_algorithm, $access_token, true);
|
|
||||||
$at_hash = substr($hash, 0, strlen($hash) / 2);
|
|
||||||
|
|
||||||
return $this->encryptionUtil->urlSafeB64Encode($at_hash);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param array $token
|
|
||||||
* @param null $client_id
|
|
||||||
* @return mixed|string
|
|
||||||
*/
|
|
||||||
protected function encodeToken(array $token, $client_id = null)
|
|
||||||
{
|
|
||||||
$private_key = $this->publicKeyStorage->getPrivateKey($client_id);
|
|
||||||
$algorithm = $this->publicKeyStorage->getEncryptionAlgorithm($client_id);
|
|
||||||
|
|
||||||
return $this->encryptionUtil->encode($token, $private_key, $algorithm);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param $userInfo
|
|
||||||
* @return array
|
|
||||||
* @throws LogicException
|
|
||||||
*/
|
|
||||||
private function getUserIdAndAuthTime($userInfo)
|
|
||||||
{
|
|
||||||
$auth_time = null;
|
|
||||||
|
|
||||||
// support an array for user_id / auth_time
|
|
||||||
if (is_array($userInfo)) {
|
|
||||||
if (!isset($userInfo['user_id'])) {
|
|
||||||
throw new LogicException('if $user_id argument is an array, user_id index must be set');
|
|
||||||
}
|
|
||||||
|
|
||||||
$auth_time = isset($userInfo['auth_time']) ? $userInfo['auth_time'] : null;
|
|
||||||
$user_id = $userInfo['user_id'];
|
|
||||||
} else {
|
|
||||||
$user_id = $userInfo;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (is_null($auth_time)) {
|
|
||||||
$auth_time = time();
|
|
||||||
}
|
|
||||||
|
|
||||||
// userInfo is a scalar, and so this is the $user_id. Auth Time is null
|
|
||||||
return array($user_id, $auth_time);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace OAuth2\OpenID\ResponseType;
|
|
||||||
|
|
||||||
use OAuth2\ResponseType\ResponseTypeInterface;
|
|
||||||
|
|
||||||
interface IdTokenInterface extends ResponseTypeInterface
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Create the id token.
|
|
||||||
*
|
|
||||||
* If Authorization Code Flow is used, the id_token is generated when the
|
|
||||||
* authorization code is issued, and later returned from the token endpoint
|
|
||||||
* together with the access_token.
|
|
||||||
* If the Implicit Flow is used, the token and id_token are generated and
|
|
||||||
* returned together.
|
|
||||||
*
|
|
||||||
* @param string $client_id - The client id.
|
|
||||||
* @param mixed $userInfo - User info
|
|
||||||
* @param string $nonce - OPTIONAL The nonce.
|
|
||||||
* @param string $userClaims - OPTIONAL Claims about the user.
|
|
||||||
* @param string $access_token - OPTIONAL The access token, if known.
|
|
||||||
|
|
||||||
* @internal param string $user_id - The user id.
|
|
||||||
* @return string The ID Token represented as a JSON Web Token (JWT).
|
|
||||||
*
|
|
||||||
* @see http://openid.net/specs/openid-connect-core-1_0.html#IDToken
|
|
||||||
*/
|
|
||||||
public function createIdToken($client_id, $userInfo, $nonce = null, $userClaims = null, $access_token = null);
|
|
||||||
}
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue