9 * @author Christian Weiske <cweiske@cweiske.de>
10 * @copyright 2014 Christian Weiske
11 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
12 * @link http://cweiske.de/grauphel.htm
14 namespace OCA\Grauphel\Controller;
16 use \OCP\AppFramework\Controller;
17 use \OCP\AppFramework\Http;
18 use \OCP\AppFramework\Http\RedirectResponse;
19 use \OCP\AppFramework\Http\TemplateResponse;
21 use \OCA\Grauphel\Lib\Token;
22 use \OCA\Grauphel\Lib\OAuth;
23 use \OCA\Grauphel\Lib\Dependencies;
24 use \OCA\Grauphel\Lib\Response\ErrorResponse;
25 use \OCA\Grauphel\Lib\Response\FormResponse;
26 use \OCA\Grauphel\Lib\OAuthException;
27 use \OCA\Grauphel\Lib\UrlHelper;
34 * @author Christian Weiske <cweiske@cweiske.de>
35 * @copyright 2014 Christian Weiske
36 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
37 * @version Release: @package_version@
38 * @link http://cweiske.de/grauphel.htm
40 class OauthController extends Controller
45 * constructor of the controller
47 * @param string $appName Name of the app
48 * @param IRequest $request Instance of the request
50 public function __construct($appName, \OCP\IRequest $request, $user)
52 parent::__construct($appName, $request);
54 $this->deps = Dependencies::get();
56 //default http header: we assume something is broken
57 header('HTTP/1.0 500 Internal Server Error');
61 * Handle out an access token after verifying the verification token
68 public function accessToken()
71 $oauth->setDeps($this->deps);
72 $urlGen = $this->deps->urlGen;
75 $provider = OAuth::getProvider();
76 $oauth->registerHandler($provider)
77 ->registerVerificationTokenHandler($provider);
78 $provider->checkOAuthRequest(
79 $urlGen->getAbsoluteURL(
80 $urlGen->linkToRoute('grauphel.oauth.accessToken')
84 $token = $this->deps->tokens->loadAndDelete('verify', $provider->token);
86 $newToken = new Token('access');
87 $newToken->tokenKey = 'a' . bin2hex($provider->generateToken(8));
88 $newToken->secret = 's' . bin2hex($provider->generateToken(8));
89 $newToken->user = $token->user;
90 $this->deps->tokens->store($newToken);
92 return new FormResponse(
94 'oauth_token' => $newToken->tokenKey,
95 'oauth_token_secret' => $newToken->secret,
98 } catch (OAuthException $e) {
99 return new ErrorResponse($e->getMessage());
100 } catch (\OAuthException $e) {
106 * Log the user in and let him authorize that the app may access notes
109 * Page is not public and thus requires owncloud login
114 public function authorize()
116 $token = $this->verifyRequestToken();
117 if (!$token instanceof Token) {
122 if (isset($_GET['client'])) {
123 $client = $_GET['client'];
126 $res = new TemplateResponse('grauphel', 'oauthAuthorize');
129 'oauth_token' => $token->tokenKey,
131 'formaction' => $this->deps->urlGen->linkToRoute(
132 'grauphel.oauth.confirm'
140 * User confirms or declines the authorization request
141 * OAuth step 2.5 of 3
145 public function confirm()
147 $token = $this->verifyRequestToken();
148 $oauth = new OAuth();
149 $oauth->setDeps($this->deps);
152 $token = $this->deps->tokens->loadAndDelete('temp', $token->tokenKey);
153 } catch (OAuthException $e) {
154 return new ErrorResponse($e->getMessage());
157 $authState = isset($_POST['auth']) && $_POST['auth'] == 'ok';
158 if ($authState === false) {
161 //http://wiki.oauth.net/w/page/12238543/ProblemReporting
162 $res = new RedirectResponse(
163 UrlHelper::addParams(
166 'oauth_token' => $token->tokenKey,
167 'oauth_problem' => 'permission_denied',
171 $res->setStatus(Http::STATUS_SEE_OTHER);
175 //the user is logged in and authorized
176 $provider = OAuth::getProvider();
178 $newToken = new Token('verify');
179 $newToken->tokenKey = $token->tokenKey;
180 $newToken->secret = $token->secret;
181 $newToken->verifier = 'v' . bin2hex($provider->generateToken(8));
182 $newToken->user = $this->user->getUID();
184 $this->deps->tokens->store($newToken);
187 //FIXME: if no callback is given, show the token to the user
188 $res = new RedirectResponse(
189 UrlHelper::addParams(
192 'oauth_token' => $newToken->tokenKey,
193 'oauth_verifier' => $newToken->verifier
197 $res->setStatus(Http::STATUS_SEE_OTHER);
201 protected function verifyRequestToken()
203 if (!isset($_REQUEST['oauth_token'])) {
204 return new ErrorResponse('oauth_token missing');
207 $oauth = new OAuth();
208 $oauth->setDeps($this->deps);
209 if (!$oauth->validateToken($_REQUEST['oauth_token'])) {
210 return new ErrorResponse('Invalid token string');
213 $reqToken = $_REQUEST['oauth_token'];
216 $token = $this->deps->tokens->load('temp', $reqToken);
217 } catch (OAuthException $e) {
218 return new ErrorResponse($e->getMessage());
225 * Create and return a request token.
232 public function requestToken()
234 $oauth = new OAuth();
235 $oauth->setDeps($this->deps);
236 $urlGen = $this->deps->urlGen;
239 $provider = OAuth::getProvider();
240 $oauth->registerHandler($provider);
241 $provider->isRequestTokenEndpoint(true);
242 $provider->checkOAuthRequest(
243 $urlGen->getAbsoluteURL(
244 $urlGen->linkToRoute('grauphel.oauth.requestToken')
248 //store token + callback URI for later
249 $token = new Token('temp');
250 $token->tokenKey = 'r' . bin2hex($provider->generateToken(8));
251 $token->secret = 's' . bin2hex($provider->generateToken(8));
252 $token->callback = $provider->callback;
254 $this->deps->tokens->store($token);
256 return new FormResponse(
258 'oauth_token' => $token->tokenKey,
259 'oauth_token_secret' => $token->secret,
260 'oauth_callback_confirmed' => 'true'
263 } catch (OAuthException $e) {
264 return new ErrorResponse($e->getMessage());
265 } catch (\OAuthException $e) {