diff options
| author | Tom Needham <needham.thomas@gmail.com> | 2012-09-04 11:10:42 +0000 |
|---|---|---|
| committer | Tom Needham <needham.thomas@gmail.com> | 2012-09-04 11:10:42 +0000 |
| commit | 37bb16becb11caf80fd2e4f608e16f7642c76137 (patch) | |
| tree | 7df37f1878f4707793939402cd7b20dfd2753b25 | |
| parent | 47eebe5f6c12258cd2536fe2f0d7a9e78ff46ae5 (diff) | |
| download | nextcloud-server-37bb16becb11caf80fd2e4f608e16f7642c76137.tar.gz nextcloud-server-37bb16becb11caf80fd2e4f608e16f7642c76137.zip | |
API: Add callback_fail, add OC_OAuth::init and bespoke request token method
| -rw-r--r-- | lib/oauth/server.php | 50 | ||||
| -rw-r--r-- | lib/oauth/store.php | 22 | ||||
| -rw-r--r-- | settings/oauth.php | 27 |
3 files changed, 75 insertions, 24 deletions
diff --git a/lib/oauth/server.php b/lib/oauth/server.php index b14277afea1..a82a1e2fb0e 100644 --- a/lib/oauth/server.php +++ b/lib/oauth/server.php @@ -26,16 +26,31 @@ require_once(OC::$THIRDPARTYROOT.'/3rdparty/OAuth/OAuth.php'); class OC_OAuth_Server extends OAuthServer { - public function fetch_request_token(&$request) { - $this->get_version($request); - $consumer = $this->get_consumer($request); - $this->check_signature($request, $consumer, null); - $callback = $request->get_parameter('oauth_callback'); - $scope = $request->get_parameter('scope'); - // TODO Validate scopes - return $this->data_store->new_request_token($consumer, $scope, $callback); + /** + * sets up the server object + */ + public static function init(){ + $server = new OC_OAuth_Server(new OC_OAuth_Store()); + $server->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1()); + return $server; + } + + public function get_request_token(&$request){ + // Check the signature + $token = $this->fetch_request_token($request); + $scopes = $request->get_parameter('scopes'); + // Add scopes to request token + $this->saveScopes($token, $scopes); + + return $token; } + public function saveScopes($token, $scopes){ + $query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_scopes` (`key`, `scopes`) VALUES (?, ?)"); + $result = $query->execute(array($token->key, $scopes)); + } + + /** * authorises a request token * @param string $request the request token to authorise @@ -74,4 +89,23 @@ class OC_OAuth_Server extends OAuthServer { // return $user; } + /** + * registers a consumer with the ownCloud Instance + * @param string $name the name of the external app + * @param string $url the url to find out more info on the external app + * @param string $callbacksuccess the url to redirect to after autorisation success + * @param string $callbackfail the url to redirect to if the user does not authorise the application + * @return false|OAuthConsumer object + */ + static function register_consumer($name, $url, $callbacksuccess=null, $callbackfail=null){ + // TODO validation + // Check callback url is outside of ownCloud for security + // Generate key and secret + $key = sha1(md5(uniqid(rand(), true))); + $secret = sha1(md5(uniqid(rand(), true))); + $query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_consumers` (`key`, `secret`, `name`, `url`, `callback_success`, `callback_fail`) VALUES (?, ?, ?, ?, ?, ?)"); + $result = $query->execute(array($key, $secret, $name, $url, $callbacksuccess, $callbackfail)); + return new OAuthConsumer($key, $secret, $callbacksuccess); + } + }
\ No newline at end of file diff --git a/lib/oauth/store.php b/lib/oauth/store.php index f1df7d49b93..aa68d38957d 100644 --- a/lib/oauth/store.php +++ b/lib/oauth/store.php @@ -22,16 +22,18 @@ * */ -class OC_OAuth_Store { +class OC_OAuth_Store extends OAuthDataStore { + + static private $MAX_TIMESTAMP_DIFFERENCE = 300; function lookup_consumer($consumer_key) { - $query = OC_DB::prepare("SELECT `key`, `secret`, `callback` FROM `*PREFIX*oauth_consumers` WHERE `key` = ?"); + $query = OC_DB::prepare("SELECT `key`, `secret`, `callback_success` FROM `*PREFIX*oauth_consumers` WHERE `key` = ?"); $results = $query->execute(array($consumer_key)); if($results->numRows()==0){ return NULL; } else { $details = $results->fetchRow(); - $callback = !empty($details['callback']) ? $details['callback'] : NULL; + $callback = !empty($details['callback_success']) ? $details['callback_success'] : NULL; return new OAuthConsumer($details['key'], $details['secret'], $callback); } } @@ -49,24 +51,24 @@ class OC_OAuth_Store { function lookup_nonce($consumer, $token, $nonce, $timestamp) { $query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_nonce` (`consumer_key`, `token`, `timestamp`, `nonce`) VALUES (?, ?, ?, ?)"); - $affectedrows = $query->exec(array($consumer->key, $token->key, $timestamp, $nonce)); + $affectedrows = $query->execute(array($consumer->key, $token, $timestamp, $nonce)); // Delete all timestamps older than the one passed $query = OC_DB::prepare("DELETE FROM `*PREFIX*oauth_nonce` WHERE `consumer_key` = ? AND `token` = ? AND `timestamp` < ?"); - $query->execute(array($consumer->key, $token->key, $timestamp - self::MAX_TIMESTAMP_DIFFERENCE)); + $result = $query->exec(array($consumer->key, $token, $timestamp - self::$MAX_TIMESTAMP_DIFFERENCE)); return $result; } - function new_token($consumer, $token_type, $scope = null) { + function new_token($consumer, $token_type) { $key = md5(time()); $secret = time() + time(); $token = new OAuthToken($key, md5(md5($secret))); - $query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_tokens` (`consumer_key`, `key`, `secret`, `type`, `scope`, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)"); - $result = $query->execute(array($consumer->key, $key, $secret, $token_type, $scope, time())); + $query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_tokens` (`consumer_key`, `key`, `secret`, `type`, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)"); + $result = $query->execute(array($consumer->key, $key, $secret, $token_type, time())); return $token; } - function new_request_token($consumer, $scope, $callback = null) { - return $this->new_token($consumer, 'request', $scope); + function new_request_token($consumer, $callback = null) { + return $this->new_token($consumer, 'request'); } function authorise_request_token($token, $consumer, $uid) { diff --git a/settings/oauth.php b/settings/oauth.php index c6c9be515bf..8dba9b33a53 100644 --- a/settings/oauth.php +++ b/settings/oauth.php @@ -6,27 +6,41 @@ */ require_once('../lib/base.php'); - // Logic $operation = isset($_GET['operation']) ? $_GET['operation'] : ''; -$server = new OC_OAuth_Server(new OC_OAuth_Store()); +$server = OC_OAuth_server::init(); + switch($operation){ case 'register': - + + // Here external apps can register with an ownCloud + if(empty($_GET['name']) || empty($_GET['url'])){ + // Invalid request + echo 401; + } else { + $callbacksuccess = empty($_GET['callback_success']) ? null : $_GET['callback_success']; + $callbackfail = empty($_GET['callback_fail']) ? null : $_GET['callback_fail']; + $consumer = OC_OAuth_Server::register_consumer($_GET['name'], $_GET['url'], $callbacksuccess, $callbackfail); + + echo 'Registered consumer successfully! </br></br>Key: ' . $consumer->key . '</br>Secret: ' . $consumer->secret; + } break; case 'request_token': + try { $request = OAuthRequest::from_request(); - $token = $server->fetch_request_token($request); + $token = $server->get_request_token($request); echo $token; } catch (OAuthException $exception) { OC_Log::write('OC_OAuth_Server', $exception->getMessage(), OC_LOG::ERROR); echo $exception->getMessage(); } - break; + + break; case 'authorise'; + OC_API::checkLoggedIn(); // Example $consumer = array( @@ -74,7 +88,8 @@ switch($operation){ OC_Log::write('OC_OAuth_Server', $exception->getMessage(), OC_LOG::ERROR); echo $exception->getMessage(); } - break; + + break; default: // Something went wrong, we need an operation! OC_Response::setStatus(400); |