9 * @author Christian Weiske <cweiske@cweiske.de>
10 * @copyright 2014 Christian Weiske
11 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
12 * @link http://cweiske.de/grauphel.htm
14 namespace OCA\Grauphel\Controller;
16 use \OCP\AppFramework\Controller;
17 use \OCP\AppFramework\Http;
18 use \OCP\AppFramework\Http\JSONResponse;
19 use \OCP\AppFramework\Http\RedirectResponse;
20 use \OCP\AppFramework\Http\TemplateResponse;
22 use \OCA\Grauphel\Lib\Token;
23 use \OCA\Grauphel\Lib\OAuth;
24 use \OCA\Grauphel\Lib\Dependencies;
25 use \OCA\Grauphel\Lib\Response\ErrorResponse;
26 use \OCA\Grauphel\Lib\Response\FormResponse;
27 use \OCA\Grauphel\Lib\OAuthException;
28 use \OCA\Grauphel\Lib\UrlHelper;
35 * @author Christian Weiske <cweiske@cweiske.de>
36 * @copyright 2014 Christian Weiske
37 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
38 * @version Release: @package_version@
39 * @link http://cweiske.de/grauphel.htm
41 class OauthController extends Controller
46 * constructor of the controller
48 * @param string $appName Name of the app
49 * @param IRequest $request Instance of the request
51 public function __construct($appName, \OCP\IRequest $request, $user)
53 parent::__construct($appName, $request);
55 $this->deps = Dependencies::get();
57 //default http header: we assume something is broken
58 header('HTTP/1.0 500 Internal Server Error');
62 * Handle out an access token after verifying the verification token
69 public function accessToken()
72 $oauth->setDeps($this->deps);
73 $urlGen = $this->deps->urlGen;
76 $provider = new \OAuthProvider();
77 $oauth->registerHandler($provider)
78 ->registerVerificationTokenHandler($provider);
79 $provider->checkOAuthRequest(
80 $urlGen->getAbsoluteURL(
81 $urlGen->linkToRoute('grauphel.oauth.accessToken')
85 $token = $this->deps->tokens->loadAndDelete('verify', $provider->token);
87 $newToken = new Token('access');
88 $newToken->tokenKey = 'a' . bin2hex($provider->generateToken(8));
89 $newToken->secret = 's' . bin2hex($provider->generateToken(8));
90 $newToken->user = $token->user;
91 $this->deps->tokens->store($newToken);
93 return new FormResponse(
95 'oauth_token' => $newToken->tokenKey,
96 'oauth_token_secret' => $newToken->secret,
99 } catch (OAuthException $e) {
100 return new ErrorResponse($e->getMessage());
101 } catch (\OAuthException $e) {
107 * Log the user in and let him authorize that the app may access notes
110 * Page is not public and thus requires owncloud login
115 public function authorize()
117 $token = $this->verifyRequestToken();
118 if (!$token instanceof Token) {
122 $res = new TemplateResponse('grauphel', 'oauthAuthorize');
125 'oauth_token' => $token->tokenKey,
126 'formaction' => $this->deps->urlGen->linkToRoute(
127 'grauphel.oauth.confirm'
135 * User confirms or declines the authorization request
136 * OAuth step 2.5 of 3
140 public function confirm()
142 $token = $this->verifyRequestToken();
143 $oauth = new OAuth();
144 $oauth->setDeps($this->deps);
147 $token = $this->deps->tokens->loadAndDelete('temp', $token->tokenKey);
148 } catch (OAuthException $e) {
149 return new ErrorResponse($e->getMessage());
152 $authState = isset($_POST['auth']) && $_POST['auth'] == 'ok';
153 if ($authState === false) {
156 //http://wiki.oauth.net/w/page/12238543/ProblemReporting
157 $res = new RedirectResponse(
158 UrlHelper::addParams(
161 'oauth_token' => $token->tokenKey,
162 'oauth_problem' => 'permission_denied',
166 $res->setStatus(Http::STATUS_SEE_OTHER);
170 //the user is logged in and authorized
171 $provider = new \OAuthProvider();
173 $newToken = new Token('verify');
174 $newToken->tokenKey = $token->tokenKey;
175 $newToken->secret = $token->secret;
176 $newToken->verifier = 'v' . bin2hex($provider->generateToken(8));
177 $newToken->user = $this->user->getUID();
179 $this->deps->tokens->store($newToken);
182 //FIXME: if no callback is given, show the token to the user
183 $res = new RedirectResponse(
184 UrlHelper::addParams(
187 'oauth_token' => $newToken->tokenKey,
188 'oauth_verifier' => $newToken->verifier
192 $res->setStatus(Http::STATUS_SEE_OTHER);
196 protected function verifyRequestToken()
198 if (!isset($_REQUEST['oauth_token'])) {
199 return new ErrorResponse('oauth_token missing');
202 $oauth = new OAuth();
203 $oauth->setDeps($this->deps);
204 if (!$oauth->validateToken($_REQUEST['oauth_token'])) {
205 return new ErrorResponse('Invalid token string');
208 $reqToken = $_REQUEST['oauth_token'];
211 $token = $this->deps->tokens->load('temp', $reqToken);
212 } catch (OAuthException $e) {
213 return new ErrorResponse($e->getMessage());
220 * Create and return a request token.
227 public function requestToken()
229 $oauth = new OAuth();
230 $oauth->setDeps($this->deps);
231 $urlGen = $this->deps->urlGen;
234 $provider = new \OAuthProvider();
235 $oauth->registerHandler($provider);
236 $provider->isRequestTokenEndpoint(true);
237 $provider->checkOAuthRequest(
238 $urlGen->getAbsoluteURL(
239 $urlGen->linkToRoute('grauphel.oauth.requestToken')
243 //store token + callback URI for later
244 $token = new Token('temp');
245 $token->tokenKey = 'r' . bin2hex($provider->generateToken(8));
246 $token->secret = 's' . bin2hex($provider->generateToken(8));
247 $token->callback = $provider->callback;
249 $this->deps->tokens->store($token);
251 return new FormResponse(
253 'oauth_token' => $token->tokenKey,
254 'oauth_token_secret' => $token->secret,
255 'oauth_callback_confirmed' => 'TRUE'
258 } catch (OAuthException $e) {
259 return new ErrorResponse($e->getMessage());
260 } catch (\OAuthException $e) {