Skip to content

Commit

Permalink
Updated the library via composer
Browse files Browse the repository at this point in the history
  • Loading branch information
@mystralkk
mystralkk committed Jun 10, 2022
1 parent 7bf552c commit 2682ac4
Show file tree
Hide file tree
Showing 9 changed files with 354 additions and 193 deletions.
2 changes: 1 addition & 1 deletion system/composer.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions system/vendor/composer/installed.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -965,8 +965,8 @@
},
{
"name": "phpclasses/oauth-api",
"version": "1.0.119",
"version_normalized": "1.0.119.0",
"version": "1.0.120",
"version_normalized": "1.0.120.0",
"dist": {
"type": "zip",
"url": "https://www.phpclasses.org/install/package/oauth-api.zip"
Expand Down
8 changes: 4 additions & 4 deletions system/vendor/composer/installed.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
'name' => '__root__',
'pretty_version' => 'dev-master',
'version' => 'dev-master',
'reference' => '6b7927c98e39d4bc39354d340cb52584e24fbb18',
'reference' => '7bf552c7f6477c559da119ed1a02ecb568d2974e',
'type' => 'library',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
Expand All @@ -13,7 +13,7 @@
'__root__' => array(
'pretty_version' => 'dev-master',
'version' => 'dev-master',
'reference' => '6b7927c98e39d4bc39354d340cb52584e24fbb18',
'reference' => '7bf552c7f6477c559da119ed1a02ecb568d2974e',
'type' => 'library',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
Expand Down Expand Up @@ -173,8 +173,8 @@
'dev_requirement' => false,
),
'phpclasses/oauth-api' => array(
'pretty_version' => '1.0.119',
'version' => '1.0.119.0',
'pretty_version' => '1.0.120',
'version' => '1.0.120.0',
'reference' => NULL,
'type' => 'library',
'install_path' => __DIR__ . '/../phpclasses/oauth-api',
Expand Down
144 changes: 103 additions & 41 deletions system/vendor/phpclasses/oauth-api/cookie_oauth_client.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
/*
* cookie_oauth_client.php
*
* @(#) $Id: cookie_oauth_client.php,v 1.6 2017/02/26 07:29:23 mlemos Exp $
* @(#) $Id: cookie_oauth_client.php,v 1.7 2022/04/10 04:42:19 mlemos Exp $
*
*/

Expand All @@ -12,58 +12,120 @@ class cookie_oauth_client_class extends oauth_client_class
var $key = '';
var $cookie_name = 'OAuth_session';
var $cookie_value;
var $cipher = '';
var $openssl_default_cipher = 'bf-ofb';
var $mcrypt_default_cipher = 'blowfish-compat-ofb';

Function Encrypt($text, &$encrypted)

Function EncodeText($text, $context, &$error)
{
if(strlen($this->key) === 0)
$error = '';
$encode_time = time();
$algorithm_mode = $this->cipher;
if(function_exists('openssl_encrypt'))
{
$this->error = 'the cookie encryption key is empty';
return false;
if($algorithm_mode === '')
$algorithm_mode = $this->openssl_default_cipher;
$options = true;
if(!($iv_size = openssl_cipher_iv_length($algorithm_mode)))
{
$ciphers = openssl_get_cipher_methods();
if(in_array($cipher, $ciphers))
$error = $this->GetError('it was not possible to get the length for an OpenSSL cipher '.$cipher.' for '.$context);
else
{
$error = $this->GetError('the cipher '.$algorithm_mode.' is not made available by the OpenSSL extension of the current PHP installation. Use the openssl_get_cipher_methods function to discover which ciphers are available and set the Cipher property of the input managed by the '.__CLASS__.' class');
}
return '';
}
$iv = openssl_random_pseudo_bytes($iv_size);
$key = $encode_time.$this->key;
if(!($cipher = openssl_encrypt($text, $algorithm_mode, $key, $options, $iv)))
{
$error = $this->GetError('it was not possible to encrypt using OpenSSL a value for '.$context);
return '';
}
}
$encode_time = time();
$key = $encode_time.$this->key;
$key_size = mcrypt_get_key_size(MCRYPT_3DES, MCRYPT_MODE_CFB);
if(strlen($key) > $key_size)
$key=substr($key, 0, $key_size);
if(strlen($key)<$key_size)
$key=$key.str_repeat(chr(0),$key_size - strlen($key));
error_log(__LINE__.' '.strlen($key));
$iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
if(!($cipher = mcrypt_encrypt(MCRYPT_3DES, $key, $text, MCRYPT_MODE_CFB, $iv)))
elseif(function_exists('mcrypt_encrypt'))
{
$this->error = 'could not encrypt data';
return false;
if($algorithm_mode === '')
$algorithm_mode = $this->mcrypt_default_cipher;
$last_hiphen = strrpos($algorithm_mode, '-');
$algorithm = substr($algorithm_mode, 0, $last_hiphen);
$mode = substr($algorithm_mode, $last_hiphen + 1);
if(!($iv_size = @mcrypt_get_iv_size($algorithm, $mode)))
{
$algorithms = @mcrypt_list_algorithms();
if(!in_array($algorithm, $algorithms))
{
$error = $this->GetError('the cipher algorithm '.$algorithm.' is not made available by the mcrypt extension of the current PHP installation. Set the Cipher property of the input managed by the '.__CLASS__.' class to any of these algorithms: '.implode(', ',$algorithms));
}
else
{
$modes = mcrypt_list_modes();
if(!in_array($mode, $modes))
{
$error = $this->GetError('the cipher mode '.$mode.' for algorithm '.$algorithm.' is not made available by the mcrypt extension of the current PHP installation. Set the Cipher property of the input managed by the '.__CLASS__.' class to any of these modes for algorithm '.$algorithm.': '.implode(', ',$algorithms));
}
else
{
$error = 'the cipher '.$algorithm_mode.' is not made available by the mcrypt extension of the current PHP installation. Use the mcrypt_list_algorithms and mcrypt_list_modes functions to discover which algorithms and modes are available and set the Cipher property of the input managed by the '.__CLASS__.' class';
}
}
return '';
}
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$key = $this->FixKey($encode_time.$this->key);
if(!($cipher = mcrypt_encrypt($algorithm, $key, $text, $mode, $iv)))
{
$error = $this->GetError('it was not possible to encrypt using mcrypt a value for '.$context);
return '';
}
}
$encrypted = base64_encode($iv.$cipher).':'.$encode_time;
return true;
else
{
$error = 'neither the mcrypt nor the OpenSSL extensions are available in this PHP installation'.$context;
return '';
}
$encoded = base64_encode($iv.$cipher);
$encoded = $encoded.':'.$encode_time;
return $encoded;
}

Function Decrypt($encoded, &$encode_time, &$decrypted)
Function DecodeText($encoded, &$encode_time, &$error)
{
if(strlen($this->key) === 0)
{
$this->error = 'the cookie encryption key is empty';
return false;
}
$error = '';
if(GetType($colon = strpos($encoded, ':')) != 'integer'
|| ($encode_time = intval(substr($encoded, $colon + 1))) == 0
|| $encode_time > time()
|| !($encrypted = base64_decode(substr($encoded, 0, $colon))))
|| !($encrypted = base64_decode($e = substr($encoded, 0, $colon))))
return '';
$algorithm_mode = $this->cipher;
if(function_exists('openssl_decrypt'))
{
$this->OutputDebug($this->error = 'invalid encrypted data to decode: '.$encoded);
return false;
if($algorithm_mode === '')
$algorithm_mode = $this->openssl_default_cipher;
$options = true;
$iv_size = openssl_cipher_iv_length($algorithm_mode);
$iv = substr($encrypted, 0, $iv_size);
$encrypted = substr($encrypted, $iv_size);
$key = $encode_time.$this->key;
$decrypted = openssl_decrypt($encrypted, $algorithm_mode, $key, $options, $iv);
return($decrypted);
}
$iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_CFB);
$iv = substr($encrypted, 0, $iv_size);
$key = $encode_time.$this->key;
$key_size = mcrypt_get_key_size(MCRYPT_3DES, MCRYPT_MODE_CFB);
if(strlen($key) > $key_size)
$key = substr($key, 0, $key_size);
if(strlen($key)<$key_size)
$key=$key.str_repeat(chr(0),$key_size - strlen($key));
$decrypted = mcrypt_decrypt(MCRYPT_3DES, $key, substr($encrypted, $iv_size), MCRYPT_MODE_CFB, $iv);
return true;
elseif(function_exists('mcrypt_decrypt'))
{
if($algorithm_mode === '')
$algorithm_mode = $this->mcrypt_default_cipher;
$last_hiphen = strrpos($algorithm_mode, '-');
$algorithm = substr($algorithm_mode, 0, $last_hiphen);
$mode = substr($algorithm_mode, $last_hiphen + 1);
$iv_size = mcrypt_get_iv_size($algorithm, $mode);
$iv = substr($encrypted, 0, $iv_size);
$key = $this->FixKey($encode_time.$this->key);
return mcrypt_decrypt($algorithm, $key, substr($encrypted, $iv_size), $mode, $iv);
}
return '';
}

Function Unserialize()
Expand All @@ -72,7 +134,7 @@ class cookie_oauth_client_class extends oauth_client_class
return $this->cookie_value;
if(!IsSet($_COOKIE[$this->cookie_name]))
return null;
if(!$this->Decrypt($_COOKIE[$this->cookie_name], $encode_time, $serialized))
if(($serialized = $this->DecodeText($_COOKIE[$this->cookie_name], $encode_time, $this->error)) === '')
return null;
$value = unserialize($serialized);
if(GetType($value) != 'array')
Expand All @@ -82,7 +144,7 @@ class cookie_oauth_client_class extends oauth_client_class

Function Serialize($s)
{
if(!$this->Encrypt(serialize($this->cookie_value = $s), $encrypted))
if(($encrypted = $this->EncodeText(serialize($this->cookie_value = $s), 'Serialize', $this->error)) === '')
return false;
SetCookie($this->cookie_name, $encrypted);
return true;
Expand Down
25 changes: 19 additions & 6 deletions system/vendor/phpclasses/oauth-api/database_oauth_client.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
/*
* database_oauth_client.php
*
* @(#) $Id: database_oauth_client.php,v 1.10 2021/03/22 23:55:47 mlemos Exp $
* @(#) $Id: database_oauth_client.php,v 1.11 2022/05/28 09:18:30 mlemos Exp $
*
*/

Expand All @@ -14,6 +14,19 @@ class database_oauth_client_class extends oauth_client_class
var $session_cookie = 'oauth_session';
var $session_path = '/';
var $sessions = array();
var $oauth_session_table = 'oauth_session';
var $oauth_state_field = 'state';
var $oauth_access_token_field = 'access_token';
var $oauth_access_token_secret_field = 'access_token_secret';
var $oauth_expiry_field = 'expiry';
var $oauth_authorized_field = 'authorized';
var $oauth_type_field = 'type';
var $oauth_server_field = 'server';
var $oauth_creation_field = 'creation';
var $oauth_refresh_token_field = 'refresh_token';
var $oauth_access_token_response_field = 'access_token_response';
var $oauth_id_field = 'id';
var $oauth_user_field = 'user';

Function Query($sql, $parameters, &$results, $result_types = null)
{
Expand Down Expand Up @@ -44,7 +57,7 @@ class database_oauth_client_class extends oauth_client_class
's', $session->refresh_token,
's', $session->access_token_response
);
if(!$this->Query('INSERT INTO oauth_session (session, state, access_token, access_token_secret, expiry, authorized, type, server, creation, refresh_token, access_token_response) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $parameters, $results))
if(!$this->Query('INSERT INTO '.$this->oauth_session_table.' (session, '.$this->oauth_state_field.', '.$this->oauth_access_token_field.', '.$this->oauth_access_token_secret_field.', '.$this->oauth_expiry_field.', '.$this->oauth_authorized_field.', '.$this->oauth_type_field.', '.$this->oauth_server_field.', '.$this->oauth_creation_field.', '.$this->oauth_refresh_token_field.', '.$this->oauth_access_token_response_field.') VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $parameters, $results))
return false;
$session->id = $results['insert_id'];
return true;
Expand Down Expand Up @@ -76,7 +89,7 @@ class database_oauth_client_class extends oauth_client_class
's', $this->server
);
$result_types = array( 'i','s', 's', 's', 's', 'ts', 'b', 's', 's', 'ts', 's', 's');
if(!$this->Query('SELECT id, session, state, access_token, access_token_secret, expiry, authorized, type, server, creation, refresh_token, access_token_response FROM oauth_session WHERE user=? AND server=?', $parameters, $results, $result_types))
if(!$this->Query('SELECT '.$this->oauth_id_field.', session, '.$this->oauth_state_field.', '.$this->oauth_access_token_field.', '.$this->oauth_access_token_secret_field.', '.$this->oauth_expiry_field.', '.$this->oauth_authorized_field.', '.$this->oauth_type_field.', '.$this->oauth_server_field.', '.$this->oauth_creation_field.', '.$this->oauth_refresh_token_field.', '.$this->oauth_access_token_response_field.' FROM '.$this->oauth_session_table.' WHERE '.$this->oauth_user_field.'=? AND '.$this->oauth_server_field.'=?', $parameters, $results, $result_types))
return false;
if(count($results['rows']) === 0)
{
Expand All @@ -101,7 +114,7 @@ class database_oauth_client_class extends oauth_client_class
's', $server
);
$result_types = array( 'i','s', 's', 's', 's', 'ts', 'b', 's', 's', 'ts', 's', 's');
if(!$this->Query('SELECT id, session, state, access_token, access_token_secret, expiry, authorized, type, server, creation, refresh_token, access_token_response FROM oauth_session WHERE session=? AND server=?', $parameters, $results, $result_types))
if(!$this->Query('SELECT '.$this->oauth_id_field.', session, '.$this->oauth_state_field.', '.$this->oauth_access_token_field.', '.$this->oauth_access_token_secret_field.', '.$this->oauth_expiry_field.', '.$this->oauth_authorized_field.', '.$this->oauth_type_field.', '.$this->oauth_server_field.', '.$this->oauth_creation_field.', '.$this->oauth_refresh_token_field.', '.$this->oauth_access_token_response_field.' FROM '.$this->oauth_session_table.' WHERE session=? AND '.$this->oauth_server_field.'=?', $parameters, $results, $result_types))
return false;
if(count($results['rows']) === 0)
{
Expand Down Expand Up @@ -154,7 +167,7 @@ class database_oauth_client_class extends oauth_client_class
'i', $this->user,
'i', $oauth_session->id
);
return $this->Query('UPDATE oauth_session SET session=?, state=?, access_token=?, access_token_secret=?, expiry=?, authorized=?, type=?, server=?, creation=?, refresh_token=?, access_token_response=?, user=? WHERE id=?', $parameters, $results);
return $this->Query('UPDATE '.$this->oauth_session_table.' SET session=?, '.$this->oauth_state_field.'=?, '.$this->oauth_access_token_field.'=?, '.$this->oauth_access_token_secret_field.'=?, '.$this->oauth_expiry_field.'=?, '.$this->oauth_authorized_field.'=?, '.$this->oauth_type_field.'=?, '.$this->oauth_server_field.'=?, '.$this->oauth_creation_field.'=?, '.$this->oauth_refresh_token_field.'=?, '.$this->oauth_access_token_response_field.'=?, '.$this->oauth_user_field.'=? WHERE '.$this->oauth_id_field.'=?', $parameters, $results);
}

Function GetAccessToken(&$access_token)
Expand Down Expand Up @@ -210,7 +223,7 @@ class database_oauth_client_class extends oauth_client_class
's', $this->session,
's', $this->server,
);
if(!$this->Query('UPDATE oauth_session SET user=? WHERE session=? AND server=?', $parameters, $results))
if(!$this->Query('UPDATE '.$this->oauth_session_table.' SET '.$this->oauth_user_field.'=? WHERE session=? AND '.$this->oauth_server_field.'=?', $parameters, $results))
return false;
$this->user = $user;
return true;
Expand Down
20 changes: 10 additions & 10 deletions system/vendor/phpclasses/oauth-api/file_oauth_client.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
/*
* file_oauth_client.php
*
* @(#) $Id: file_oauth_client.php,v 1.2 2015/10/17 18:55:09 mlemos Exp $
* @(#) $Id: file_oauth_client.php,v 1.3 2021/12/21 09:23:55 mlemos Exp $
*
*/

Expand Down Expand Up @@ -50,18 +50,18 @@ class file_oauth_client_class extends oauth_client_class
if(!$this->opened_file)
{
if(!($this->opened_file = fopen($name, 'c+')))
return $this->SetPHPError('could not open the token file '.$name, $php_error_message);
return $this->SetPHPError('could not open the token file '.$name);
}
if(!flock($this->opened_file, LOCK_EX))
return $this->SetPHPError('could not lock the token file '.$name.' for writing', $php_error_message);
return $this->SetPHPError('could not lock the token file '.$name.' for writing');
if(fseek($this->opened_file, 0))
return $this->SetPHPError('could not rewind the token file '.$name.' for writing', $php_error_message);
return $this->SetPHPError('could not rewind the token file '.$name.' for writing');
if(!ftruncate($this->opened_file, 0))
return $this->SetPHPError('could not truncate the token file '.$name.' for writing', $php_error_message);
return $this->SetPHPError('could not truncate the token file '.$name.' for writing');
if(!fwrite($this->opened_file, json_encode($session)))
return $this->SetPHPError('could not write to the token file '.$name, $php_error_message);
return $this->SetPHPError('could not write to the token file '.$name);
if(!fclose($this->opened_file))
return $this->SetPHPError('could not close to the token file '.$name, $php_error_message);
return $this->SetPHPError('could not close to the token file '.$name);
$this->opened_file = false;
return true;
}
Expand All @@ -73,17 +73,17 @@ class file_oauth_client_class extends oauth_client_class
if(!file_exists($name))
return true;
if(!($this->opened_file = fopen($name, 'c+')))
return $this->SetPHPError('could not open the token file '.$name, $php_error_message);
return $this->SetPHPError('could not open the token file '.$name);
if(!flock($this->opened_file, LOCK_SH))
return $this->SetPHPError('could not lock the token file '.$name.' for reading', $php_error_message);
return $this->SetPHPError('could not lock the token file '.$name.' for reading');
$json = '';
while(!feof($this->opened_file))
{
$data = fread($this->opened_file, 1000);
if(!$data
&& !feof($this->opened_file))
{
$this->SetError('could not read the token file'.$name, $php_error_message);
$this->SetError('could not read the token file'.$name);
fclose($this->opened_file);
$this->opened_file = false;
return false;
Expand Down

0 comments on commit 2682ac4

Please sign in to comment.