From 5f71805c35d04e585ea6d4227254b11204413dfd Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 4 May 2017 23:46:59 +0200 Subject: Add basic implementation for OAuth 2.0 Authorization Code Flow Signed-off-by: Lukas Reschke --- apps/oauth2/lib/Controller/OauthApiController.php | 88 +++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 apps/oauth2/lib/Controller/OauthApiController.php (limited to 'apps/oauth2/lib/Controller/OauthApiController.php') diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php new file mode 100644 index 00000000000..8432830bce3 --- /dev/null +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -0,0 +1,88 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCA\OAuth2\Controller; + +use OC\Authentication\Token\DefaultTokenMapper; +use OCA\OAuth2\Db\AccessTokenMapper; +use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\JSONResponse; +use OCP\IRequest; +use OCP\Security\ICrypto; +use OCP\Security\ISecureRandom; + +class OauthApiController extends Controller { + /** @var AccessTokenMapper */ + private $accessTokenMapper; + /** @var ICrypto */ + private $crypto; + /** @var DefaultTokenMapper */ + private $defaultTokenMapper; + /** @var ISecureRandom */ + private $secureRandom; + + /** + * @param string $appName + * @param IRequest $request + * @param ICrypto $crypto + * @param AccessTokenMapper $accessTokenMapper + * @param DefaultTokenMapper $defaultTokenMapper + * @param ISecureRandom $secureRandom + */ + public function __construct($appName, + IRequest $request, + ICrypto $crypto, + AccessTokenMapper $accessTokenMapper, + DefaultTokenMapper $defaultTokenMapper, + ISecureRandom $secureRandom) { + parent::__construct($appName, $request); + $this->crypto = $crypto; + $this->accessTokenMapper = $accessTokenMapper; + $this->defaultTokenMapper = $defaultTokenMapper; + $this->secureRandom = $secureRandom; + } + + /** + * @PublicPage + * @NoCSRFRequired + * + * @param string $code + * @return JSONResponse + */ + public function getToken($code) { + $accessToken = $this->accessTokenMapper->getByCode($code); + $decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code); + $newCode = $this->secureRandom->generate(128); + $accessToken->setHashedCode(hash('sha512', $newCode)); + $accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode)); + $this->accessTokenMapper->update($accessToken); + + return new JSONResponse( + [ + 'access_token' => $decryptedToken, + 'token_type' => 'token', + 'expires_in' => 3600, + 'refresh_token' => $newCode, + 'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(), + ] + ); + } +} -- cgit v1.2.3 From 4b4d3bb1c2aed09c288350822e6677426594a7ea Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Fri, 5 May 2017 00:19:28 +0200 Subject: It's a bearer Signed-off-by: Lukas Reschke --- apps/oauth2/lib/Controller/OauthApiController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apps/oauth2/lib/Controller/OauthApiController.php') diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index 8432830bce3..97f8185149a 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -78,7 +78,7 @@ class OauthApiController extends Controller { return new JSONResponse( [ 'access_token' => $decryptedToken, - 'token_type' => 'token', + 'token_type' => 'Bearer', 'expires_in' => 3600, 'refresh_token' => $newCode, 'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(), -- cgit v1.2.3 From 88afd8b22466e4dfab8e136f81440b160ee84acb Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 18 May 2017 15:16:50 +0200 Subject: Cleanup code Signed-off-by: Lukas Reschke --- apps/oauth2/lib/Controller/OauthApiController.php | 2 +- apps/oauth2/templates/admin.php | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'apps/oauth2/lib/Controller/OauthApiController.php') diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index 97f8185149a..b97d85ae3e6 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -81,7 +81,7 @@ class OauthApiController extends Controller { 'token_type' => 'Bearer', 'expires_in' => 3600, 'refresh_token' => $newCode, - 'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(), + 'user_id' => $this->defaultTokenMapper->getTokenById($accessToken->getTokenId())->getUID(), ] ); } diff --git a/apps/oauth2/templates/admin.php b/apps/oauth2/templates/admin.php index 9c09499add3..d2e34e08db8 100644 --- a/apps/oauth2/templates/admin.php +++ b/apps/oauth2/templates/admin.php @@ -45,12 +45,15 @@ $clients = $_['clients']; - + imagePath('core', 'actions/toggle.svg'); + foreach ($clients as $client) { + ?> getName()); ?> getRedirectUri()); ?> getClientIdentifier()); ?> - **** + ****
-- cgit v1.2.3