[TPROD-168] Remove OAuth1 support (#10111)

* Remove OAuth1 support

* Several fixes

* Add database migration for removing OAuth1 tables

* Update composer.lock

* Fix mautic/core-lib dependency

* Another attempt to fix the core-lib dep 🤷‍♂️

* Fix minor typo

* Add note about OAuth1 removal to UPGRADE-4.0.md

.htaccess

@@ -8,7 +8,7 @@
 <IfModule mod_rewrite.c>
     RewriteEngine On
 
-    # Set Authorization header for OAuth1a for when php is running under fcgi
+    # Set Authorization header for OAuth2 for when php is running under fcgi
     RewriteCond %{HTTP:Authorization} .+
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 

LICENSE.txt

@@ -79,8 +79,6 @@ PHP
 
     mPDF - GPL - Copyright © 2005 - 2014  Ian N Back
 
-    OAuth1 Server Bundle - MIT - Copyright (c) 2011-2012 William Durand
-
     OAuth2 Server Bundle, Rest Bundle - MIT - Copyright (c) 2010 Tim Ridgely
 
     Password-compat - MIT - Copyright (c) 2012 Anthony Ferrara

UPGRADE-4.0.md

@@ -2,6 +2,8 @@
 *   Platform Requirements
     *   Minimal PHP version was increased from 7.3 to 7.4.
     *   Minimal MySQL version was increased from x to x
+*   API
+    *   OAuth1 support has been removed. Mautic supports the OAuth2 standard, including the Client Credentials grant, which was added in Mautic 4. Documentation can be found here: https://developer.mautic.org/#client-credentials
 *   Symfony 4
     *   Symfony deprecations were removed or refactored [https://github.com/symfony/symfony/blob/4.4/UPGRADE-4.0.md](https://github.com/symfony/symfony/blob/4.4/UPGRADE-4.0.md)
     *   Services are now private by default in Symfony 4. Mautic has a "hack" to register its own services as public but dependency injection should be preferred for Commands, Controllers, and services. Some Symfony services may no longer be available to the Controller via the Container.

app/AppKernel.php

@@ -128,7 +128,6 @@ public function registerBundles(): array
             new Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle(),
             new Knp\Bundle\MenuBundle\KnpMenuBundle(),
             new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
-            new Bazinga\OAuthServerBundle\BazingaOAuthServerBundle(),
             new FOS\RestBundle\FOSRestBundle(),
             new JMS\SerializerBundle\JMSSerializerBundle(),
             new Oneup\UploaderBundle\OneupUploaderBundle(),

app/assets/scaffold/build/processfiles.php

@@ -133,9 +133,6 @@
 // webfactory/exceptions-bundle
 system('rm -rf vendor/webfactory/exceptions-bundle/Resources/doc');
 
-// willdurand/oauth-server-bundle
-system('rm -rf vendor/willdurand/oauth-server-bundle/Resources/doc');
-
 // Delete random files
 system('find . -type f -name phpunit.xml -exec rm -f {} \\;');
 system('find . -type f -name phpunit.xml.dist -exec rm -f {} \\;');

app/assets/scaffold/files/htaccess

@@ -8,7 +8,7 @@
 <IfModule mod_rewrite.c>
     RewriteEngine On
 
-    # Set Authorization header for OAuth1a for when php is running under fcgi
+    # Set Authorization header for OAuth2 for when php is running under fcgi
     RewriteCond %{HTTP:Authorization} .+
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 

app/bundles/ApiBundle/Config/config.php

@@ -12,38 +12,6 @@
 return [
     'routes' => [
         'public' => [
-            // OAuth1.0a
-            'bazinga_oauth_server_requesttoken' => [
-                'path'       => '/oauth/v1/request_token',
-                'controller' => 'bazinga.oauth.controller.server:requestTokenAction',
-                'method'     => 'GET|POST',
-            ],
-            'bazinga_oauth_login_allow' => [
-                'path'       => '/oauth/v1/authorize',
-                'controller' => 'MauticApiBundle:oAuth1/Authorize:allow',
-                'method'     => 'GET',
-            ],
-            'bazinga_oauth_server_authorize' => [
-                'path'       => '/oauth/v1/authorize',
-                'controller' => 'bazinga.oauth.controller.server:authorizeAction',
-                'method'     => 'POST',
-            ],
-            'mautic_oauth1_server_auth_login' => [
-                'path'       => '/oauth/v1/authorize_login',
-                'controller' => 'MauticApiBundle:oAuth1/Security:login',
-                'method'     => 'GET|POST',
-            ],
-            'mautic_oauth1_server_auth_login_check' => [
-                'path'       => '/oauth/v1/authorize_login_check',
-                'controller' => 'MauticApiBundle:oAuth1/Security:loginCheck',
-                'method'     => 'GET|POST',
-            ],
-            'bazinga_oauth_server_accesstoken' => [
-                'path'       => '/oauth/v1/access_token',
-                'controller' => 'bazinga.oauth.controller.server:accessTokenAction',
-                'method'     => 'GET|POST',
-            ],
-
             // OAuth2
             'fos_oauth_server_token' => [
                 'path'       => '/oauth/v2/token',
@@ -113,13 +81,6 @@
                     'session',
                 ],
             ],
-            'mautic.api.oauth1.authorize_controller' => [
-                'class'     => \Mautic\ApiBundle\Controller\oAuth1\AuthorizeController::class,
-                'arguments' => [
-                    'bazinga.oauth.provider.token_provider',
-                    'security.token_storage',
-                ],
-            ],
         ],
         'events' => [
             'mautic.api.subscriber' => [
@@ -197,13 +158,6 @@
                     ],
                 ],
             ],
-            'mautic.api.oauth1.nonce_provider' => [
-                'class'     => 'Mautic\ApiBundle\Provider\NonceProvider',
-                'arguments' => 'doctrine.orm.entity_manager',
-            ],
-            'bazinga.oauth.security.authentication.provider.class'    => 'Mautic\ApiBundle\Security\OAuth1\Authentication\Provider\OAuthProvider',
-            'bazinga.oauth.security.authentication.listener.class'    => 'Mautic\ApiBundle\Security\OAuth1\Firewall\OAuthListener',
-            'bazinga.oauth.event_listener.request.class'              => 'Mautic\ApiBundle\EventListener\OAuth1\OAuthRequestListener',
             'fos_oauth_server.security.authentication.listener.class' => 'Mautic\ApiBundle\Security\OAuth2\Firewall\OAuthListener',
             'jms_serializer.metadata.annotation_driver'               => 'Mautic\ApiBundle\Serializer\Driver\AnnotationDriver',
             'jms_serializer.metadata.api_metadata_driver'             => [

app/bundles/ApiBundle/Controller/ClientController.php

@@ -42,7 +42,7 @@ public function indexAction($page = 1)
         $orderBy           = $this->get('session')->get('mautic.client.orderby', 'c.name');
         $orderByDir        = $this->get('session')->get('mautic.client.orderbydir', 'ASC');
         $filter            = $this->request->get('search', $this->get('session')->get('mautic.client.filter', ''));
-        $apiMode           = $this->factory->getRequest()->get('api_mode', $this->get('session')->get('mautic.client.filter.api_mode', 'oauth1a'));
+        $apiMode           = $this->factory->getRequest()->get('api_mode', $this->get('session')->get('mautic.client.filter.api_mode', 'oauth2'));
         $this->get('session')->set('mautic.client.filter.api_mode', $apiMode);
         $this->get('session')->set('mautic.client.filter', $filter);
 
@@ -82,7 +82,6 @@ public function indexAction($page = 1)
 
         // api options
         $apiOptions           = [];
-        $apiOptions['oauth1'] = 'OAuth 1';
         $apiOptions['oauth2'] = 'OAuth 2';
         $filters['api_mode']  = [
             'values'  => [$apiMode],
@@ -184,7 +183,7 @@ public function newAction($objectId = 0)
             return $this->accessDenied();
         }
 
-        $apiMode = (0 === $objectId) ? $this->get('session')->get('mautic.client.filter.api_mode', 'oauth1a') : $objectId;
+        $apiMode = (0 === $objectId) ? $this->get('session')->get('mautic.client.filter.api_mode', 'oauth2') : $objectId;
         $this->get('session')->set('mautic.client.filter.api_mode', $apiMode);
 
         /** @var \Mautic\ApiBundle\Model\ClientModel $model */