mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 21:35:13 +00:00
remove redundant oauth server options
This commit is contained in:
parent
59c4ea8558
commit
ee743514f8
4 changed files with 8 additions and 23 deletions
|
@ -33,8 +33,10 @@ class OAuth2Server extends Server
|
|||
// Need to use OpenID\GrantType to return id_token
|
||||
// (see:https://github.com/bshaffer/oauth2-server-php/issues/443)
|
||||
$this->addGrantType(new AuthorizationCode($storage));
|
||||
|
||||
// Add the "Refresh Token" grant type
|
||||
$this->addGrantType(new RefreshToken($storage));
|
||||
|
||||
$keyStorage = new Memory([
|
||||
'keys' => [
|
||||
'public_key' => get_config('system', 'pubkey'),
|
||||
|
|
|
@ -58,12 +58,6 @@ class Authorize extends Controller
|
|||
|
||||
$storage = new OAuth2Storage(DBA::$dba->db);
|
||||
$server = new OAuth2Server($storage);
|
||||
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
|
||||
$server->addGrantType(new GrantType\ClientCredentials($storage));
|
||||
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
|
||||
$server->addGrantType(new GrantType\AuthorizationCode($storage));
|
||||
// Add the "Refresh Token" grant type
|
||||
$server->addGrantType(new GrantType\RefreshToken($storage));
|
||||
|
||||
// TODO: The automatic client registration protocol below should adhere more
|
||||
// closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
|
||||
|
|
|
@ -40,13 +40,6 @@ class Token extends Controller
|
|||
|
||||
$storage = new OAuth2Storage(DBA::$dba->db);
|
||||
$server = new OAuth2Server($storage);
|
||||
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
|
||||
$server->addGrantType(new GrantType\ClientCredentials($storage));
|
||||
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
|
||||
$server->addGrantType(new GrantType\AuthorizationCode($storage));
|
||||
// Add the "Refresh Token" grant type
|
||||
$server->addGrantType(new GrantType\RefreshToken($storage));
|
||||
|
||||
$request = Request::createFromGlobals();
|
||||
$response = $server->handleTokenRequest($request);
|
||||
$response->send();
|
||||
|
|
|
@ -16,14 +16,14 @@ require_once('include/security.php');
|
|||
|
||||
/**
|
||||
* API Login via basic-auth, OpenWebAuth, or OAuth2
|
||||
* This function returns true or exits with a 401 and WWW-Authenticate header.
|
||||
* @noinspection PhpInconsistentReturnPointsInspection
|
||||
*/
|
||||
|
||||
function api_login()
|
||||
{
|
||||
|
||||
$record = null;
|
||||
$remote_auth = false;
|
||||
$sigblock = null;
|
||||
|
||||
if (array_key_exists('REDIRECT_REMOTE_USER', $_SERVER) && (! array_key_exists('HTTP_AUTHORIZATION', $_SERVER))) {
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_REMOTE_USER'];
|
||||
|
@ -35,12 +35,6 @@ function api_login()
|
|||
// OAuth 2.0
|
||||
$storage = new OAuth2Storage(DBA::$dba->db);
|
||||
$server = new OAuth2Server($storage);
|
||||
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
|
||||
$server->addGrantType(new GrantType\ClientCredentials($storage));
|
||||
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
|
||||
$server->addGrantType(new GrantType\AuthorizationCode($storage));
|
||||
// Add the "Refresh Token" grant type
|
||||
$server->addGrantType(new GrantType\RefreshToken($storage));
|
||||
|
||||
$request = Request::createFromGlobals();
|
||||
if ($server->verifyResourceRequest($request)) {
|
||||
|
@ -69,11 +63,13 @@ function api_login()
|
|||
authenticate_success($x[0], false, true, false, true, true);
|
||||
$_SESSION['allow_api'] = true;
|
||||
Hook::call('logged_in', App::$user);
|
||||
return;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
} catch (Exception $e) {
|
||||
// Just log the exception. Most of the time it will be because
|
||||
// a different identity mechanism is being used and no oauth2 parameters were found.
|
||||
logger($e->getMessage());
|
||||
}
|
||||
|
||||
|
@ -132,7 +128,6 @@ function api_login()
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
// process normal login request
|
||||
|
||||
if (isset($_SERVER['PHP_AUTH_USER']) && (! $record)) {
|
||||
|
@ -158,6 +153,7 @@ function api_login()
|
|||
log_failed_login('API login failure');
|
||||
retry_basic_auth();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue