Permalink
Browse files

Adding an updated OAuth1 package.

  • Loading branch information...
1 parent afdf1da commit 9bc988185ccc3e1c437256cc2c927e49312b3d00 @LouisLandry committed Nov 17, 2012

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -0,0 +1,163 @@
+<?php
+/**
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ *
+ * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
+ * @license GNU General Public License version 2 or later; see LICENSE
+ */
+
+defined('JPATH_PLATFORM') or die;
+
+/**
+ * OAuth Client class for the Joomla Platform
+ *
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ * @since 12.3
+ */
+class JOAuth1Client
+{
+ /**
+ * @var JOAuth1TableClient JTable object for persisting the client object.
+ * @since 12.3
+ */
+ private $_table;
+
+ /**
+ * Object constructor.
+ *
+ * @param JOAuth1TableClient $table The JTable object to use when persisting the object.
+ * @param array $properties A set of properties with which to prime the object.
+ *
+ * @codeCoverageIgnore
+ * @since 12.3
+ */
+ public function __construct(JOAuth1TableClient $table = null, array $properties = null)
+ {
+ // Setup the table object.
+ $this->_table = $table ? $table : JTable::getInstance('Client', 'JOAuth1Table');
+
+ // Iterate over any input properties and bind them to the object.
+ if ($properties)
+ {
+ foreach ($properties as $k => $v)
+ {
+ $this->_table->$k = $v;
+ }
+ }
+ }
+
+ /**
+ * Method to get a property value.
+ *
+ * @param string $p The name of the property for which to return the value.
+ *
+ * @return mixed The property value for the given property name.
+ *
+ * @since 12.3
+ */
+ public function __get($p)
+ {
+ if (isset($this->_table->$p))
+ {
+ return $this->_table->$p;
+ }
+ }
+
+ /**
+ * Method to set a value for a property.
+ *
+ * @param string $p The name of the property for which to set the value.
+ * @param mixed $v The property value to set.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function __set($p, $v)
+ {
+ if (isset($this->_table->$p))
+ {
+ $this->_table->$p = $v;
+ }
+ }
+
+ /**
+ * Method to create the client in the database.
+ *
+ * @return boolean True on success.
+ *
+ * @since 12.3
+ */
+ public function create()
+ {
+ // Can't insert something that already has an ID.
+ if ($this->_table->client_id)
+ {
+ return false;
+ }
+
+ // Ensure we don't have an id to insert... use the auto-incrementor instead.
+ $this->_table->client_id = null;
+
+ return $this->_table->store();
+ }
+
+ /**
+ * Method to delete the client from the database.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function delete()
+ {
+ $this->_table->delete();
+ }
+
+ /**
+ * Method to load a client by id.
+ *
+ * @param integer $clientId The id of the client to load.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function load($clientId)
+ {
+ $this->_table->load($clientId);
+ }
+
+ /**
+ * Method to load a client by key.
+ *
+ * @param string $key The key of the client to load.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function loadByKey($key)
+ {
+ $this->_table->loadByKey($key);
+ }
+
+ /**
+ * Method to update the client in the database.
+ *
+ * @return boolean True on success.
+ *
+ * @since 12.3
+ */
+ public function update()
+ {
+ if (!$this->_table->client_id)
+ {
+ return false;
+ }
+
+ return $this->_table->store();
+ }
+}
@@ -0,0 +1,105 @@
+<?php
+/**
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ *
+ * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
+ * @license GNU General Public License version 2 or later; see LICENSE
+ */
+
+defined('JPATH_PLATFORM') or die;
+
+/*
+Step 2
+
+ The client redirects Jane's user-agent to the server's Resource Owner
+ Authorization endpoint to obtain Jane's approval for accessing her
+ private photos:
+
+ https://photos.example.net/authorise?oauth_token=hh5s93j4hdidpola
+
+ The server requests Jane to sign in using her username and password
+ and if successful, asks her to approve granting 'printer.example.com'
+ access to her private photos. Jane approves the request and her
+ user-agent is redirected to the callback URI provided by the client
+ in the previous request (line breaks are for display purposes only):
+
+ http://printer.example.com/ready?
+ oauth_token=hh5s93j4hdidpola&oauth_verifier=hfdp7dh39dks9884
+
+ */
+
+/**
+ * OAuth Controller class for authorising temporary credentials for the Joomla Platform.
+ *
+ * According to RFC 5849, this must be handled using a GET request, so route accordingly. When implementing this in your own
+ * app you should provide some means of protection against CSRF attacks.
+ *
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ * @since 12.3
+ */
+class JOAuth1ControllerAuthorise extends JControllerBase
+{
+ /**
+ * Create the credentials
+ *
+ * @return JOAuth1Credentials
+ *
+ * @since 12.3
+ */
+ protected function createCredentials()
+ {
+ return new JOAuth1Credentials;
+ }
+
+ /**
+ * Handle the request.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function execute()
+ {
+ // Verify that we have an OAuth 1.0 application.
+ if ((!$this->app instanceof JOAuth1ApplicationWeb))
+ {
+ throw new LogicException('Cannot perform OAuth 1.0 authorisation without an OAuth 1.0 application.');
+ }
+
+ // Get the credentials for the request.
+ $credentials = $this->createCredentials();
+ $credentials->load($this->input->get->get('oauth_token'));
+
+ // Ensure the credentials are temporary.
+ if ($credentials->getType() !== JOAuth1Credentials::TEMPORARY)
+ {
+ $this->app->setHeader('status', '400');
+ $this->app->setBody('The token is not for a temporary credentials set.');
+
+ return;
+ }
+
+ // Verify that we have a signed in user.
+ if ($this->app->getIdentity()->get('guest'))
+ {
+ $this->app->setHeader('status', '400');
+ $this->app->setBody('You must first sign in.');
+
+ return;
+ }
+
+ // Attempt to authorise the credentials for the current user.
+ $credentials->authorise($this->app->getIdentity()->get('id'));
+
+ if ($credentials->getCallbackUrl() && $credentials->getCallbackUrl() != 'oob')
+ {
+ $this->app->redirect($credentials->getCallbackUrl());
+
+ return;
+ }
+
+ $this->app->setBody('Credentials authorised. The verifier token is ' . $credentials->getVerifierKey());
+ }
+}
@@ -0,0 +1,119 @@
+<?php
+/**
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ *
+ * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
+ * @license GNU General Public License version 2 or later; see LICENSE
+ */
+
+defined('JPATH_PLATFORM') or die;
+
+/*
+Step 3
+
+ The callback request informs the client that Jane completed the
+ authorization process. The client then requests a set of token
+ credentials using its temporary credentials (over a secure Transport
+ Layer Security (TLS) channel):
+
+ POST /token HTTP/1.1
+ Host: photos.example.net
+ Authorization: OAuth realm="Photos",
+ oauth_consumer_key="dpf43f3p2l4k3l03",
+ oauth_token="hh5s93j4hdidpola",
+ oauth_signature_method="HMAC-SHA1",
+ oauth_timestamp="137131201",
+ oauth_nonce="walatlh",
+ oauth_verifier="hfdp7dh39dks9884",
+ oauth_signature="gKgrFCywp7rO0OXSjdot%2FIHF7IU%3D"
+
+ The server validates the request and replies with a set of token
+ credentials in the body of the HTTP response:
+
+ HTTP/1.1 200 OK
+ Content-Type: application/x-www-form-urlencoded
+
+ oauth_token=nnch734d00sl2jdk&oauth_token_secret=pfkkdhi9sl3r4s00
+ */
+
+/**
+ * OAuth Controller class for converting authorised credentials to token credentials for the Joomla Platform.
+ *
+ * @package Joomla.Platform
+ * @subpackage OAuth1
+ * @since 12.3
+ */
+class JOAuth1ControllerConvert extends JControllerBase
+{
+ /**
+ * Create the credentials
+ *
+ * @return JOAuth1Credentials
+ *
+ * @since 12.3
+ */
+ protected function createCredentials()
+ {
+ return new JOAuth1Credentials;
+ }
+
+ /**
+ * Handle the request.
+ *
+ * @return void
+ *
+ * @since 12.3
+ */
+ public function execute()
+ {
+ // Verify that we have an OAuth 1.0 application.
+ if ((!$this->app instanceof JOAuth1ApplicationWeb))
+ {
+ throw new LogicException('Cannot perform OAuth 1.0 authorisation without an OAuth 1.0 application.');
+ }
+
+ // Get the OAuth message from the appliation.
+ $message = $this->app->getMessage();
+
+ // We need a valid signature to do initialisation.
+ if (!$message->signature)
+ {
+ $this->app->sendInvalidAuthMessage('Invalid OAuth request signature.');
+
+ return 0;
+ }
+
+ // Get the credentials for the request.
+ $credentials = $this->createCredentials();
+ $credentials->load($message->token);
+
+ // Ensure the credentials are authorised.
+ if ($credentials->getType() === JOAuth1Credentials::TOKEN)
+ {
+ $this->app->setHeader('status', '400');
+ $this->app->setBody('The token is not for a temporary credentials set.');
+
+ return;
+ }
+
+ // Ensure the credentials are authorised.
+ if ($credentials->getType() === JOAuth1Credentials::TEMPORARY)
+ {
+ $this->app->setHeader('status', '400');
+ $this->app->setBody('The token has not been authorised by the resource owner.');
+
+ return;
+ }
+
+ // Convert the credentials to valid Token credentials for requesting protected resources.
+ $credentials->convert();
+
+ // Build the response for the client.
+ $response = array('oauth_token' => $credentials->getKey(), 'oauth_token_secret' => $credentials->getSecret());
+
+ // Set the application response code and body.
+ $this->app->setHeader('status', '200');
+ $this->app->setBody(http_build_query($response));
+ }
+}
Oops, something went wrong.

0 comments on commit 9bc9881

Please sign in to comment.