-
Notifications
You must be signed in to change notification settings - Fork 10
/
o_auth2.php
95 lines (88 loc) · 2.76 KB
/
o_auth2.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
class OAuth2Component extends Object {
/**
* Persistent reference to controller invoking this component.
*/
var $controller;
/**
* initialize() callback.
* The initialize method is called before the controller's beforeFilter method.
*/
function initialize(&$controller, $settings = array()) {
$this->controller = &$controller;
// include customized version of third-party class
App::import('Lib', 'OAuth2Server.OAuth2Lib');
$controller->OAuth2Lib = new OAuth2Lib(
Configure::read('OAuth2Server.access_token_lifetime'),
Configure::read('OAuth2Server.auth_code_lifetime'),
Configure::read('OAuth2Server.refresh_token_lifetime')
);
$controller->OAuth2Lib->controller = &$this->controller; // provide reference to OauthController object
if (method_exists($controller, 'isAuthorized')) {
$valid = $controller->isAuthorized();
switch (true) {
case $valid === true: // assume valid
return true;
break;
case $valid === false: // assume invalid
$controller->OAuth2Lib->send_401_unauthorized($realm = null, $scope = null, ERROR_INVALID_TOKEN);
break;
default:
case $valid === null: // check normally
$controller->OAuth2Lib->verify_access_token();
break;
}
}
else { // check normally
$controller->OAuth2Lib->verify_access_token();
}
}
/**
* Obtain information about the currently OAuth2 authenticated user.
* Similar to AuthComponent::user().
*
* @param String $field Name of field on User object to return.
* @return Mixed Requested data from User object.
*/
function user($field) {
return $this->controller->OAuth2Lib->get_token_user($field);
}
/**
* Obtain the access_token used by the current user, if any.
*
* @return String access_token
*/
function token() {
return $this->controller->OAuth2Lib->get_token();
}
/**
* Obtain the User.id of the currently OAuth2 authenticated user; or,
* throw an exception to be caught higher up.
*
* @param Boolean $throwExceptionOnFail (optional) Whether or not to throw
* an exception if user is not authenticated. Default is TRUE.
* @return Integer Current User.id
*/
function getCurrentUserId($throwExceptionOnFail = true) {
// validate and cache to reduce db queries
static $current_user_id = null;
if (empty($_REQUEST['access_token'])) { // validate
if ($throwExceptionOnFail) {
throw new Exception(__('Missing access_token.', true));
}
return false;
}
else if ($current_user_id !== null) { // check cache
return $current_user_id;
}
else { // query db
if ($current_user_id = $this->controller->OAuth2->user('id')) {
return $current_user_id;
}
}
if ($throwExceptionOnFail) {
throw new Exception(__('Invalid, expired, or underprivileged access_token.', true));
return false;
}
}
}