diff options
| author | Christian Weiske <cweiske@cweiske.de> | 2014-08-18 23:54:32 +0200 |
|---|---|---|
| committer | Christian Weiske <cweiske@cweiske.de> | 2014-08-18 23:54:32 +0200 |
| commit | db2f09d46ce2f3a46be1b6f6e031492966242025 (patch) | |
| tree | 4e22eba650c022936a4071afd9b2b0ee417ad34b /lib | |
| parent | 3780cf15a59c48b3d71e8ec27e3bdacd8a119460 (diff) | |
| download | grauphel-db2f09d46ce2f3a46be1b6f6e031492966242025.tar.gz grauphel-db2f09d46ce2f3a46be1b6f6e031492966242025.zip | |
oauth dance works
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/dependencies.php | 75 | ||||
| -rw-r--r-- | lib/oauth.php | 135 | ||||
| -rw-r--r-- | lib/oauthexception.php | 30 | ||||
| -rw-r--r-- | lib/response/errorresponse.php | 20 | ||||
| -rw-r--r-- | lib/response/formresponse.php | 20 | ||||
| -rw-r--r-- | lib/syncdata.php | 62 | ||||
| -rw-r--r-- | lib/token.php | 77 | ||||
| -rw-r--r-- | lib/tokenstorage.php | 121 | ||||
| -rw-r--r-- | lib/urlhelper.php | 41 |
9 files changed, 581 insertions, 0 deletions
diff --git a/lib/dependencies.php b/lib/dependencies.php new file mode 100644 index 0000000..bad48b2 --- /dev/null +++ b/lib/dependencies.php @@ -0,0 +1,75 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * Object container + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class Dependencies +{ + /** + * @var Frontend\Default + */ + public $frontend; + + /** + * @var Note\Storage + */ + public $noteStorage; + + /** + * @var OAuth\Storage + */ + public $oauthStorage; + + /** + * @var IURLGenerator + */ + public $urlGen; + + protected static $instance; + + public static function get() + { + if (self::$instance !== null) { + return self::$instance; + } + $deps = new self(); + /* + $deps->notes = new Note_Storage_Flatfile(); + $deps->notes->setDataDir($dataDir); + $deps->notes->setDeps($deps); + + $deps->urlGen = new UrlGen_Pretty(); + $deps->urlGen->setDeps($deps); + /* + $deps->frontend = new Frontend_Default(); + $deps->frontend->setDeps($deps); + */ + + $deps->tokens = new TokenStorage(); + + self::$instance = $deps; + return self::$instance; + } +} +?> diff --git a/lib/oauth.php b/lib/oauth.php new file mode 100644 index 0000000..7cfd4e0 --- /dev/null +++ b/lib/oauth.php @@ -0,0 +1,135 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * Storage base class that implements note updating + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class OAuth +{ + /** + * Token data store + * + * @var Token_Storage + */ + protected $tokens; + + public function setDeps(Dependencies $deps) + { + $this->tokens = $deps->tokens; + } + + /** + * Register callbacks for the oauth dance. + */ + public function registerHandler(\OAuthProvider $provider) + { + $provider->consumerHandler(array($this, 'lookupConsumer')); + $provider->timestampNonceHandler(array($this, 'timestampNonceChecker')); + return $this; + } + + public function registerVerificationTokenHandler(\OAuthProvider $provider) + { + $provider->tokenHandler(array($this, 'verifyTokenHandler')); + return $this; + } + + public function registerAccessTokenHandler(\OAuthProvider $provider) + { + $provider->tokenHandler(array($this, 'accessTokenHandler')); + return $this; + } + + public function validateToken($tokenKey) + { + return (bool) preg_match('#^[a-z0-9]+$#', $tokenKey); + } + + public function lookupConsumer(\OAuthProvider $provider) + { + //tomboy assumes secret==key=="anyone" + $provider->consumer_secret = $provider->consumer_key;//'anyone'; + $provider->addRequiredParameter('oauth_callback'); + + return OAUTH_OK; + } + + public function timestampNonceChecker(\OAuthProvider $provider) + { + //var_dump($provider->nonce, $provider->timestamp); + //OAUTH_BAD_NONCE + //OAUTH_BAD_TIMESTAMP + return OAUTH_OK; + } + + public function verifyTokenHandler(\OAuthProvider $provider) + { + $token = $this->tokens->load('verify', $provider->token); + if ($provider->verifier == '') { + return OAUTH_VERIFIER_INVALID; + } + if ($provider->verifier != $token->verifier) { + return OAUTH_VERIFIER_INVALID; + } + + $provider->token_secret = $token->secret; + return OAUTH_OK; + } + + public function accessTokenHandler(\OAuthProvider $provider) + { + $token = $this->tokens->load('access', $provider->token); + $provider->token_secret = $token->secret; + return OAUTH_OK; + } + + public function verifyOAuthUser($username, $url) + { + try { + $provider = new \OAuthProvider(); + $this->registerHandler($provider); + $this->registerAccessTokenHandler($provider); + //do not use "user" in signature + $provider->setParam('user', null); + + $provider->checkOAuthRequest($url); + + $token = $this->tokens->load('access', $provider->token); + if ($token->user != $username) { + errorOut('Invalid user'); + } + } catch (\OAuthException $e) { + $this->error($e); + } + } + + public function error(\OAuthException $e) + { + header('HTTP/1.0 400 Bad Request'); + //header('Content-type: application/x-www-form-urlencoded'); + echo \OAuthProvider::reportProblem($e); + //var_dump($e); + exit(1); + } +} +?> diff --git a/lib/oauthexception.php b/lib/oauthexception.php new file mode 100644 index 0000000..d1b26f8 --- /dev/null +++ b/lib/oauthexception.php @@ -0,0 +1,30 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * OAuth error + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class OAuthException extends \Exception +{ +} +?> diff --git a/lib/response/errorresponse.php b/lib/response/errorresponse.php new file mode 100644 index 0000000..b72224f --- /dev/null +++ b/lib/response/errorresponse.php @@ -0,0 +1,20 @@ +<?php +namespace OCA\Grauphel\Lib\Response; + +class ErrorResponse extends \OCP\AppFramework\Http\Response +{ + protected $error; + + public function __construct($error) + { + $this->setStatus(\OCP\AppFramework\Http::STATUS_BAD_REQUEST); + $this->addHeader('Content-Type', 'text/plain; charset=utf-8'); + $this->error = $error; + } + + public function render() + { + return $this->error . "\n"; + } +} +?> diff --git a/lib/response/formresponse.php b/lib/response/formresponse.php new file mode 100644 index 0000000..e7ce33d --- /dev/null +++ b/lib/response/formresponse.php @@ -0,0 +1,20 @@ +<?php +namespace OCA\Grauphel\Lib\Response; + +class FormResponse extends \OCP\AppFramework\Http\Response +{ + protected $data; + + public function __construct($data) + { + $this->setStatus(\OCP\AppFramework\Http::STATUS_OK); + $this->addHeader('Content-Type', 'application/x-www-form-urlencoded'); + $this->data = $data; + } + + public function render() + { + return http_build_query($this->data, null, '&'); + } +} +?> diff --git a/lib/syncdata.php b/lib/syncdata.php new file mode 100644 index 0000000..b8cf873 --- /dev/null +++ b/lib/syncdata.php @@ -0,0 +1,62 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * Synchronization data model + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class SyncData +{ + /** + * The latest sync revision from Tomboy, given from last PUT + * of a note from Tomboy. + * Give a -1 here if you have not synced with Tomboy yet., + * + * @var integer + */ + public $latestSyncRevision; + + /** + * A uuid generated by the sync application. + * It should change only if the user decides to clear their + * sync history from the server and start over + * with an empty note set. + * + * @var string + */ + public $currentSyncGuid; + + /** + * Initialize the variables to represent the data of a user + * that never synced + * + * @param string $username Name of user + * + * @return void + */ + public function initNew($username) + { + $this->latestSyncRevision = -1; + $this->currentSyncGuid = uniqid($username . '-', true); + } +} +?> diff --git a/lib/token.php b/lib/token.php new file mode 100644 index 0000000..ebb0783 --- /dev/null +++ b/lib/token.php @@ -0,0 +1,77 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * OAuth token with some additional data + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class Token +{ + /** + * One of: temp, access, verify + * + * @var string + */ + public $type; + + /** + * Actual random token string + * + * @var string + */ + public $tokenKey; + + /** + * Matching secret for the token string + * + * @var string + */ + public $secret; + + /** + * User name for which the token is valid + * + * @var string + */ + public $user; + + /** + * Verification string. + * Only used when $type == 'verify' + * + * @var string + */ + public $verifier; + + /** + * Callback URL for temp tokens + * + * @var string + */ + public $callback; + + public function __construct($type = null) + { + $this->type = $type; + } +} +?> diff --git a/lib/tokenstorage.php b/lib/tokenstorage.php new file mode 100644 index 0000000..c40ab33 --- /dev/null +++ b/lib/tokenstorage.php @@ -0,0 +1,121 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * Token store + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class TokenStorage +{ + /** + * Store the given token + * + * @param OAuth_Token $token Token object to store + * + * @return void + */ + public function store(OAuth_Token $token) + { + \OC_DB::executeAudited( + 'INSERT INTO `*PREFIX*grauphel_oauth_tokens`' + . '(`token_user`, `token_type`, `token_key`, `token_secret`, `token_verifier`, `token_callback`)' + . ' VALUES(?, ?, ?, ?, ?, ?)', + array( + $token->user, + $token->type, + $token->tokenKey, + (string) $token->secret, + (string) $token->verifier, + (string) $token->callback + ) + ); + } + + /** + * Load the token and destroy it. + * + * @param string $type Token type: temp, access, verify + * @param string $tokenKey Random token string to load + * + * @return OAuth_Token Stored token + * + * @throws OAuth_Exception When token does not exist + */ + public function loadAndDelete($type, $tokenKey) + { + try { + $token = $this->load($type, $tokenKey); + \OC_DB::executeAudited( + 'DELETE FROM `*PREFIX*grauphel_oauth_tokens`' + . ' WHERE `token_key` = ? AND `token_type` = ?', + array($tokenKey, $type) + ); + return $token; + } catch (OAuthException $e) { + throw $e; + } + } + + + /** + * Load the token. + * + * @param string $type Token type: temp, access, verify + * @param string $tokenKey Random token string to load + * + * @return OAuth_Token Stored token + * + * @throws OAuth_Exception When token does not exist or + */ + public function load($type, $tokenKey) + { + $tokenRow = \OC_DB::executeAudited( + 'SELECT * FROM `*PREFIX*grauphel_oauth_tokens`' + . ' WHERE `token_key` = ? AND `token_type` = ?', + array($tokenKey, $type) + )->fetchRow(); + + if ($tokenRow === false) { + throw new OAuthException('Unknown token: ' . $type . ' / ' . $tokenKey); + } + + $token = $this->fromDb($tokenRow); + if ($token->tokenKey != $tokenKey) { + throw new OAuthException('Invalid token'); + } + + return $token; + } + + protected function fromDb($tokenRow) + { + $token = new Token(); + $token->type = $tokenRow['token_user']; + $token->tokenKey = $tokenRow['token_key']; + $token->secret = $tokenRow['token_secret']; + $token->user = $tokenRow['token_user']; + $token->verifier = $tokenRow['token_verifier']; + $token->callback = $tokenRow['token_callback']; + return $token; + } +} +?> diff --git a/lib/urlhelper.php b/lib/urlhelper.php new file mode 100644 index 0000000..e0de8f9 --- /dev/null +++ b/lib/urlhelper.php @@ -0,0 +1,41 @@ +<?php +/** + * Part of grauphel + * + * PHP version 5 + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @link http://cweiske.de/grauphel.htm + */ +namespace OCA\Grauphel\Lib; + +/** + * URL helper methods + * + * @category Tools + * @package Grauphel + * @author Christian Weiske <cweiske@cweiske.de> + * @copyright 2014 Christian Weiske + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3 + * @version Release: @package_version@ + * @link http://cweiske.de/grauphel.htm + */ +class UrlHelper +{ + public static function addParams($url, $arParams) + { + $parts = array(); + foreach($arParams as $key => $val) { + if ($val != '') { + $parts[] = urlencode($key) . '=' . urlencode($val); + } + } + $sep = (strpos($url, '?') !== false) ? '&' : '?'; + return $url . $sep . implode('&', $parts); + } +} +?> |