9 * @author Christian Weiske <cweiske@cweiske.de>
10 * @copyright 2014 Christian Weiske
11 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
12 * @link http://cweiske.de/grauphel.htm
14 namespace OCA\Grauphel\Controller;
16 use \OCP\AppFramework\Controller;
17 use \OCP\AppFramework\Http;
18 use \OCP\AppFramework\Http\RedirectResponse;
19 use \OCP\AppFramework\Http\TemplateResponse;
21 use \OCA\Grauphel\Lib\Token;
22 use \OCA\Grauphel\Lib\OAuth;
23 use \OCA\Grauphel\Lib\Dependencies;
24 use \OCA\Grauphel\Lib\Response\ErrorResponse;
25 use \OCA\Grauphel\Lib\Response\FormResponse;
26 use \OCA\Grauphel\Lib\OAuthException;
27 use \OCA\Grauphel\Lib\UrlHelper;
34 * @author Christian Weiske <cweiske@cweiske.de>
35 * @copyright 2014 Christian Weiske
36 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
37 * @version Release: @package_version@
38 * @link http://cweiske.de/grauphel.htm
40 class OauthController extends Controller
45 * constructor of the controller
47 * @param string $appName Name of the app
48 * @param IRequest $request Instance of the request
50 public function __construct($appName, \OCP\IRequest $request, $user)
52 parent::__construct($appName, $request);
54 $this->deps = Dependencies::get();
56 //default http header: we assume something is broken
57 header('HTTP/1.0 500 Internal Server Error');
61 * Handle out an access token after verifying the verification token
68 public function accessToken()
71 $oauth->setDeps($this->deps);
72 $urlGen = $this->deps->urlGen;
75 $provider = OAuth::getProvider();
76 $oauth->registerHandler($provider)
77 ->registerVerificationTokenHandler($provider);
78 $provider->checkOAuthRequest(
79 $urlGen->getAbsoluteURL(
80 $urlGen->linkToRoute('grauphel.oauth.accessToken')
84 $token = $this->deps->tokens->loadAndDelete('verify', $provider->token);
86 $newToken = new Token('access');
87 $newToken->tokenKey = 'a' . bin2hex($provider->generateToken(8));
88 $newToken->secret = 's' . bin2hex($provider->generateToken(8));
89 $newToken->user = $token->user;
90 $this->deps->tokens->store($newToken);
92 return new FormResponse(
94 'oauth_token' => $newToken->tokenKey,
95 'oauth_token_secret' => $newToken->secret,
98 } catch (OAuthException $e) {
99 return new ErrorResponse($e->getMessage());
100 } catch (\OAuthException $e) {
106 * Log the user in and let him authorize that the app may access notes
109 * Page is not public and thus requires owncloud login
114 public function authorize()
116 $token = $this->verifyRequestToken();
117 if (!$token instanceof Token) {
121 $res = new TemplateResponse('grauphel', 'oauthAuthorize');
124 'oauth_token' => $token->tokenKey,
125 'formaction' => $this->deps->urlGen->linkToRoute(
126 'grauphel.oauth.confirm'
134 * User confirms or declines the authorization request
135 * OAuth step 2.5 of 3
139 public function confirm()
141 $token = $this->verifyRequestToken();
142 $oauth = new OAuth();
143 $oauth->setDeps($this->deps);
146 $token = $this->deps->tokens->loadAndDelete('temp', $token->tokenKey);
147 } catch (OAuthException $e) {
148 return new ErrorResponse($e->getMessage());
151 $authState = isset($_POST['auth']) && $_POST['auth'] == 'ok';
152 if ($authState === false) {
155 //http://wiki.oauth.net/w/page/12238543/ProblemReporting
156 $res = new RedirectResponse(
157 UrlHelper::addParams(
160 'oauth_token' => $token->tokenKey,
161 'oauth_problem' => 'permission_denied',
165 $res->setStatus(Http::STATUS_SEE_OTHER);
169 //the user is logged in and authorized
170 $provider = OAuth::getProvider();
172 $newToken = new Token('verify');
173 $newToken->tokenKey = $token->tokenKey;
174 $newToken->secret = $token->secret;
175 $newToken->verifier = 'v' . bin2hex($provider->generateToken(8));
176 $newToken->user = $this->user->getUID();
178 $this->deps->tokens->store($newToken);
181 //FIXME: if no callback is given, show the token to the user
182 $res = new RedirectResponse(
183 UrlHelper::addParams(
186 'oauth_token' => $newToken->tokenKey,
187 'oauth_verifier' => $newToken->verifier
191 $res->setStatus(Http::STATUS_SEE_OTHER);
195 protected function verifyRequestToken()
197 if (!isset($_REQUEST['oauth_token'])) {
198 return new ErrorResponse('oauth_token missing');
201 $oauth = new OAuth();
202 $oauth->setDeps($this->deps);
203 if (!$oauth->validateToken($_REQUEST['oauth_token'])) {
204 return new ErrorResponse('Invalid token string');
207 $reqToken = $_REQUEST['oauth_token'];
210 $token = $this->deps->tokens->load('temp', $reqToken);
211 } catch (OAuthException $e) {
212 return new ErrorResponse($e->getMessage());
219 * Create and return a request token.
226 public function requestToken()
228 $oauth = new OAuth();
229 $oauth->setDeps($this->deps);
230 $urlGen = $this->deps->urlGen;
233 $provider = OAuth::getProvider();
234 $oauth->registerHandler($provider);
235 $provider->isRequestTokenEndpoint(true);
236 $provider->checkOAuthRequest(
237 $urlGen->getAbsoluteURL(
238 $urlGen->linkToRoute('grauphel.oauth.requestToken')
242 //store token + callback URI for later
243 $token = new Token('temp');
244 $token->tokenKey = 'r' . bin2hex($provider->generateToken(8));
245 $token->secret = 's' . bin2hex($provider->generateToken(8));
246 $token->callback = $provider->callback;
248 $this->deps->tokens->store($token);
250 return new FormResponse(
252 'oauth_token' => $token->tokenKey,
253 'oauth_token_secret' => $token->secret,
254 'oauth_callback_confirmed' => 'TRUE'
257 } catch (OAuthException $e) {
258 return new ErrorResponse($e->getMessage());
259 } catch (\OAuthException $e) {