[6351] | 1 | <?php |
---|
| 2 | |
---|
| 3 | /** |
---|
| 4 | * @file |
---|
| 5 | * Sample OAuth2 Library Mongo DB Implementation. |
---|
| 6 | * |
---|
| 7 | */ |
---|
| 8 | |
---|
| 9 | require __DIR__ . '/../../../../lib/OAuth2.php'; |
---|
| 10 | require __DIR__ . '/../../../../lib/IOAuth2Storage.php'; |
---|
| 11 | require __DIR__ . '/../../../../lib/IOAuth2GrantCode.php'; |
---|
| 12 | require __DIR__ . '/../../../../lib/IOAuth2RefreshTokens.php'; |
---|
| 13 | |
---|
| 14 | /** |
---|
| 15 | * WARNING: This example file has not been kept up to date like the PDO example has. |
---|
| 16 | * FIXME: Update the Mongo examples |
---|
| 17 | * |
---|
| 18 | * Mongo storage engine for the OAuth2 Library. |
---|
| 19 | */ |
---|
| 20 | class OAuth2StorageMongo implements IOAuth2GrantCode, IOAuth2RefreshTokens { |
---|
| 21 | |
---|
| 22 | /** |
---|
| 23 | * Change this to something unique for your system |
---|
| 24 | * @var string |
---|
| 25 | */ |
---|
| 26 | const SALT = 'CHANGE_ME!'; |
---|
| 27 | |
---|
| 28 | const CONNECTION = 'mongodb://user:pass@mongoserver/mydb'; |
---|
| 29 | const DB = 'mydb'; |
---|
| 30 | |
---|
| 31 | /** |
---|
| 32 | * @var Mongo |
---|
| 33 | */ |
---|
| 34 | private $db; |
---|
| 35 | |
---|
| 36 | /** |
---|
| 37 | * Implements OAuth2::__construct(). |
---|
| 38 | */ |
---|
| 39 | public function __construct(PDO $db) { |
---|
| 40 | |
---|
| 41 | $mongo = new Mongo(self::CONNECTION); |
---|
| 42 | $this->db = $mongo->selectDB(self::DB); |
---|
| 43 | } |
---|
| 44 | |
---|
| 45 | /** |
---|
| 46 | * Release DB connection during destruct. |
---|
| 47 | */ |
---|
| 48 | function __destruct() { |
---|
| 49 | $this->db = NULL; // Release db connection |
---|
| 50 | } |
---|
| 51 | |
---|
| 52 | /** |
---|
| 53 | * Handle PDO exceptional cases. |
---|
| 54 | */ |
---|
| 55 | private function handleException($e) { |
---|
| 56 | echo 'Database error: ' . $e->getMessage(); |
---|
| 57 | exit(); |
---|
| 58 | } |
---|
| 59 | |
---|
| 60 | /** |
---|
| 61 | * Little helper function to add a new client to the database. |
---|
| 62 | * |
---|
| 63 | * @param $client_id |
---|
| 64 | * Client identifier to be stored. |
---|
| 65 | * @param $client_secret |
---|
| 66 | * Client secret to be stored. |
---|
| 67 | * @param $redirect_uri |
---|
| 68 | * Redirect URI to be stored. |
---|
| 69 | */ |
---|
| 70 | public function addClient($client_id, $client_secret, $redirect_uri) { |
---|
| 71 | $this->db->clients->insert(array("_id" => $client_id, "pw" => $this->hash($client_secret, $client_id), "redirect_uri" => $redirect_uri)); |
---|
| 72 | } |
---|
| 73 | |
---|
| 74 | /** |
---|
| 75 | * Implements IOAuth2Storage::checkClientCredentials(). |
---|
| 76 | * |
---|
| 77 | */ |
---|
| 78 | public function checkClientCredentials($client_id, $client_secret = NULL) { |
---|
| 79 | $client = $this->db->clients->findOne(array("_id" => $client_id, "pw" => $client_secret)); |
---|
| 80 | return $this->checkPassword($client_secret, $result['client_secret'], $client_id); |
---|
| 81 | } |
---|
| 82 | |
---|
| 83 | /** |
---|
| 84 | * Implements IOAuth2Storage::getRedirectUri(). |
---|
| 85 | */ |
---|
| 86 | public function getClientDetails($client_id) { |
---|
| 87 | $result = $this->db->clients->findOne(array("_id" => $client_id), array("redirect_uri")); |
---|
| 88 | } |
---|
| 89 | |
---|
| 90 | /** |
---|
| 91 | * Implements IOAuth2Storage::getAccessToken(). |
---|
| 92 | */ |
---|
| 93 | public function getAccessToken($oauth_token) { |
---|
| 94 | return $this->db->tokens->findOne(array("_id" => $oauth_token)); |
---|
| 95 | } |
---|
| 96 | |
---|
| 97 | /** |
---|
| 98 | * Implements IOAuth2Storage::setAccessToken(). |
---|
| 99 | */ |
---|
| 100 | public function setAccessToken($oauth_token, $client_id, $user_id, $expires, $scope = NULL) { |
---|
| 101 | $this->db->tokens->insert(array("_id" => $oauth_token, "client_id" => $client_id, "expires" => $expires, "scope" => $scope)); |
---|
| 102 | } |
---|
| 103 | |
---|
| 104 | /** |
---|
| 105 | * @see IOAuth2Storage::getRefreshToken() |
---|
| 106 | */ |
---|
| 107 | public function getRefreshToken($refresh_token) { |
---|
| 108 | return $this->getToken($refresh_token, TRUE); |
---|
| 109 | } |
---|
| 110 | |
---|
| 111 | /** |
---|
| 112 | * @see IOAuth2Storage::setRefreshToken() |
---|
| 113 | */ |
---|
| 114 | public function setRefreshToken($refresh_token, $client_id, $user_id, $expires, $scope = NULL) { |
---|
| 115 | return $this->setToken($refresh_token, $client_id, $user_id, $expires, $scope, TRUE); |
---|
| 116 | } |
---|
| 117 | |
---|
| 118 | /** |
---|
| 119 | * @see IOAuth2Storage::unsetRefreshToken() |
---|
| 120 | */ |
---|
| 121 | public function unsetRefreshToken($refresh_token) { |
---|
| 122 | try { |
---|
| 123 | $sql = 'DELETE FROM ' . self::TABLE_TOKENS . ' WHERE refresh_token = :refresh_token'; |
---|
| 124 | $stmt = $this->db->prepare($sql); |
---|
| 125 | $stmt->bindParam(':refresh_token', $refresh_token, PDO::PARAM_STR); |
---|
| 126 | $stmt->execute(); |
---|
| 127 | } catch (PDOException $e) { |
---|
| 128 | $this->handleException($e); |
---|
| 129 | } |
---|
| 130 | } |
---|
| 131 | |
---|
| 132 | /** |
---|
| 133 | * Implements IOAuth2Storage::getAuthCode(). |
---|
| 134 | */ |
---|
| 135 | public function getAuthCode($code) { |
---|
| 136 | $stored_code = $this->db->auth_codes->findOne(array("_id" => $code)); |
---|
| 137 | return $stored_code !== NULL ? $stored_code : FALSE; |
---|
| 138 | } |
---|
| 139 | |
---|
| 140 | /** |
---|
| 141 | * Implements IOAuth2Storage::setAuthCode(). |
---|
| 142 | */ |
---|
| 143 | public function setAuthCode($code, $client_id, $user_id, $redirect_uri, $expires, $scope = NULL) { |
---|
| 144 | $this->db->auth_codes->insert(array("_id" => $code, "client_id" => $client_id, "redirect_uri" => $redirect_uri, "expires" => $expires, "scope" => $scope)); |
---|
| 145 | } |
---|
| 146 | |
---|
| 147 | /** |
---|
| 148 | * @see IOAuth2Storage::checkRestrictedGrantType() |
---|
| 149 | */ |
---|
| 150 | public function checkRestrictedGrantType($client_id, $grant_type) { |
---|
| 151 | return TRUE; // Not implemented |
---|
| 152 | } |
---|
| 153 | |
---|
| 154 | /** |
---|
| 155 | * Change/override this to whatever your own password hashing method is. |
---|
| 156 | * |
---|
| 157 | * @param string $secret |
---|
| 158 | * @return string |
---|
| 159 | */ |
---|
| 160 | protected function hash($client_secret, $client_id) { |
---|
| 161 | return hash('blowfish', $client_id . $client_secret . self::SALT); |
---|
| 162 | } |
---|
| 163 | |
---|
| 164 | /** |
---|
| 165 | * Checks the password. |
---|
| 166 | * Override this if you need to |
---|
| 167 | * |
---|
| 168 | * @param string $client_id |
---|
| 169 | * @param string $client_secret |
---|
| 170 | * @param string $actualPassword |
---|
| 171 | */ |
---|
| 172 | protected function checkPassword($try, $client_secret, $client_id) { |
---|
| 173 | return $try == $this->hash($client_secret, $client_id); |
---|
| 174 | } |
---|
| 175 | } |
---|