open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

API: Add callback_fail, add OC_OAuth::init and bespoke request token method

Browse Source
remotes/origin/stable5
Tom Needham 13 years ago
parent 47eebe5f6c
commit 37bb16becb
3 changed files with 75 additions and 24 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 50
      lib/oauth/server.php
  2. 22
      lib/oauth/store.php
  3. 27
      settings/oauth.php

50
lib/oauth/server.php
Unescape View File

@ -26,16 +26,31 @@ require_once(OC::$THIRDPARTYROOT.'/3rdparty/OAuth/OAuth.php');
class OC_OAuth_Server extends OAuthServer {
public function fetch_request_token(&$request) {
$this->get_version($request);
$consumer = $this->get_consumer($request);
$this->check_signature($request, $consumer, null);
$callback = $request->get_parameter('oauth_callback');
$scope = $request->get_parameter('scope');
// TODO Validate scopes
return $this->data_store->new_request_token($consumer, $scope, $callback);
/**
* sets up the server object
*/
public static function init(){
$server = new OC_OAuth_Server(new OC_OAuth_Store());
$server->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
return $server;
}
public function get_request_token(&$request){
// Check the signature
$token = $this->fetch_request_token($request);
$scopes = $request->get_parameter('scopes');
// Add scopes to request token
$this->saveScopes($token, $scopes);
return $token;
}
public function saveScopes($token, $scopes){
$query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_scopes` (`key`, `scopes`) VALUES (?, ?)");
$result = $query->execute(array($token->key, $scopes));
}
/**
* authorises a request token
* @param string $request the request token to authorise
@ -74,4 +89,23 @@ class OC_OAuth_Server extends OAuthServer {
// return $user;
}
/**
* registers a consumer with the ownCloud Instance
* @param string $name the name of the external app
* @param string $url the url to find out more info on the external app
* @param string $callbacksuccess the url to redirect to after autorisation success
* @param string $callbackfail the url to redirect to if the user does not authorise the application
* @return false|OAuthConsumer object
*/
static function register_consumer($name, $url, $callbacksuccess=null, $callbackfail=null){
// TODO validation
// Check callback url is outside of ownCloud for security
// Generate key and secret
$key = sha1(md5(uniqid(rand(), true)));
$secret = sha1(md5(uniqid(rand(), true)));
$query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_consumers` (`key`, `secret`, `name`, `url`, `callback_success`, `callback_fail`) VALUES (?, ?, ?, ?, ?, ?)");
$result = $query->execute(array($key, $secret, $name, $url, $callbacksuccess, $callbackfail));
return new OAuthConsumer($key, $secret, $callbacksuccess);
}
}

22
lib/oauth/store.php
Unescape View File

@ -22,16 +22,18 @@
*
*/
class OC_OAuth_Store {
class OC_OAuth_Store extends OAuthDataStore {
static private $MAX_TIMESTAMP_DIFFERENCE = 300;
function lookup_consumer($consumer_key) {
$query = OC_DB::prepare("SELECT `key`, `secret`, `callback` FROM `*PREFIX*oauth_consumers` WHERE `key` = ?");
$query = OC_DB::prepare("SELECT `key`, `secret`, `callback_success` FROM `*PREFIX*oauth_consumers` WHERE `key` = ?");
$results = $query->execute(array($consumer_key));
if($results->numRows()==0){
return NULL;
} else {
$details = $results->fetchRow();
$callback = !empty($details['callback']) ? $details['callback'] : NULL;
$callback = !empty($details['callback_success']) ? $details['callback_success'] : NULL;
return new OAuthConsumer($details['key'], $details['secret'], $callback);
}
}
@ -49,24 +51,24 @@ class OC_OAuth_Store {
function lookup_nonce($consumer, $token, $nonce, $timestamp) {
$query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_nonce` (`consumer_key`, `token`, `timestamp`, `nonce`) VALUES (?, ?, ?, ?)");
$affectedrows = $query->exec(array($consumer->key, $token->key, $timestamp, $nonce));
$affectedrows = $query->execute(array($consumer->key, $token, $timestamp, $nonce));
// Delete all timestamps older than the one passed
$query = OC_DB::prepare("DELETE FROM `*PREFIX*oauth_nonce` WHERE `consumer_key` = ? AND `token` = ? AND `timestamp` < ?");
$query->execute(array($consumer->key, $token->key, $timestamp - self::MAX_TIMESTAMP_DIFFERENCE));
$result = $query->exec(array($consumer->key, $token, $timestamp - self::$MAX_TIMESTAMP_DIFFERENCE));
return $result;
}
function new_token($consumer, $token_type, $scope = null) {
function new_token($consumer, $token_type) {
$key = md5(time());
$secret = time() + time();
$token = new OAuthToken($key, md5(md5($secret)));
$query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_tokens` (`consumer_key`, `key`, `secret`, `type`, `scope`, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)");
$result = $query->execute(array($consumer->key, $key, $secret, $token_type, $scope, time()));
$query = OC_DB::prepare("INSERT INTO `*PREFIX*oauth_tokens` (`consumer_key`, `key`, `secret`, `type`, `timestamp`) VALUES (?, ?, ?, ?, ?, ?)");
$result = $query->execute(array($consumer->key, $key, $secret, $token_type, time()));
return $token;
}
function new_request_token($consumer, $scope, $callback = null) {
return $this->new_token($consumer, 'request', $scope);
function new_request_token($consumer, $callback = null) {
return $this->new_token($consumer, 'request');
}
function authorise_request_token($token, $consumer, $uid) {

27
settings/oauth.php
Unescape View File

@ -6,27 +6,41 @@
*/
require_once('../lib/base.php');
// Logic
$operation = isset($_GET['operation']) ? $_GET['operation'] : '';
$server = new OC_OAuth_Server(new OC_OAuth_Store());
$server = OC_OAuth_server::init();
switch($operation){
case 'register':
// Here external apps can register with an ownCloud
if(empty($_GET['name']) || empty($_GET['url'])){
// Invalid request
echo 401;
} else {
$callbacksuccess = empty($_GET['callback_success']) ? null : $_GET['callback_success'];
$callbackfail = empty($_GET['callback_fail']) ? null : $_GET['callback_fail'];
$consumer = OC_OAuth_Server::register_consumer($_GET['name'], $_GET['url'], $callbacksuccess, $callbackfail);
echo 'Registered consumer successfully! </br></br>Key: ' . $consumer->key . '</br>Secret: ' . $consumer->secret;
}
break;
case 'request_token':
try {
$request = OAuthRequest::from_request();
$token = $server->fetch_request_token($request);
$token = $server->get_request_token($request);
echo $token;
} catch (OAuthException $exception) {
OC_Log::write('OC_OAuth_Server', $exception->getMessage(), OC_LOG::ERROR);
echo $exception->getMessage();
}
break;
break;
case 'authorise';
OC_API::checkLoggedIn();
// Example
$consumer = array(
@ -74,7 +88,8 @@ switch($operation){
OC_Log::write('OC_OAuth_Server', $exception->getMessage(), OC_LOG::ERROR);
echo $exception->getMessage();
}
break;
break;
default:
// Something went wrong, we need an operation!
OC_Response::setStatus(400);

Write Preview
Loading…
Cancel
Save