ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
OAuthStore.php
Go to the documentation of this file.
1<?php
2require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');
3
15
16 private $store;
17 private $config;
18 private $defaultversion = '1.0';
19
20 protected $_store_tables = array(
21 'consumers' => 'consumer = array with consumer attributes',
22 'nonce' => 'nonce+consumer_key = -boolean-',
23 'requesttorequest' => 'requestToken.key = array(version,callback,consumerKey,)',
24 'authorized' => 'requestToken.key, verifier = array(authenticated-user-attributes)',
25 'access' => 'accessToken.key+consumerKey = accestoken',
26 'request' => 'requestToken.key+consumerKey = requesttoken',
27 );
28
29 function __construct() {
30 $this->store = new sspmod_core_Storage_SQLPermanentStorage('oauth');
31 $this->config = SimpleSAML_Configuration::getOptionalConfig('module_oauth.php');
32 }
33
34
41 public function authorize($requestTokenKey, $data) {
42 $url = null;
43 $verifier = '';
45
46 // See whether to remember values from the original requestToken request:
47 $request_attributes = $this->store->get('requesttorequest', $requestTokenKey, ''); // must be there ..
48 if ($request_attributes['value']) {
49 // establish version to work with
50 $v = $request_attributes['value']['version'];
51 if ($v) $version = $v;
52
53 // establish callback to use
54 if ($request_attributes['value']['callback']) {
55 $url = $request_attributes['value']['callback'];
56 }
57 }
58
59
60 // Is there a callback registered? This is leading, even over a supplied oauth_callback-parameter
61 $oConsumer = $this->lookup_consumer($request_attributes['value']['consumerKey']);
62
63 if ($oConsumer && ($oConsumer->callback_url)) $url = $oConsumer->callback_url;
64
66 $url = \SimpleSAML\Utils\HTTP::addURLParameters($url, array("oauth_verifier"=>$verifier));
67
68 $this->store->set('authorized', $requestTokenKey, $verifier, $data, $this->config->getValue('requestTokenDuration', 60*30) );
69
70 return array($url, $verifier);
71 }
72
81 public function isAuthorized($requestToken, $verifier='') {
82 SimpleSAML\Logger::info('OAuth isAuthorized(' . $requestToken . ')');
83 return $this->store->exists('authorized', $requestToken, $verifier);
84 }
85
86 public function getAuthorizedData($token, $verifier = '') {
87 SimpleSAML\Logger::info('OAuth getAuthorizedData(' . $token . ')');
88 $data = $this->store->get('authorized', $token, $verifier);
89 return $data['value'];
90 }
91
92 public function moveAuthorizedData($requestToken, $verifier, $accessTokenKey) {
93 SimpleSAML\Logger::info('OAuth moveAuthorizedData(' . $requestToken . ', ' . $accessTokenKey . ')');
94
95 // Retrieve authorizedData from authorized.requestToken (with provider verifier)
96 $authorizedData = $this->getAuthorizedData($requestToken, $verifier);
97
98 // Remove the requesttoken+verifier from authorized store
99 $this->store->remove('authorized', $requestToken, $verifier);
100
101 // Add accesstoken with authorizedData to authorized store (with empty verifier)
102 // accessTokenKey+consumer => accessToken is already registered in 'access'-table
103 $this->store->set('authorized', $accessTokenKey, '', $authorizedData, $this->config->getValue('accessTokenDuration', 60*60*24));
104 }
105
106 public function lookup_consumer($consumer_key) {
107 SimpleSAML\Logger::info('OAuth lookup_consumer(' . $consumer_key . ')');
108 if (! $this->store->exists('consumers', $consumer_key, '')) return NULL;
109 $consumer = $this->store->get('consumers', $consumer_key, '');
110
111 $callback = NULL;
112 if ($consumer['value']['callback_url']) $callback = $consumer['value']['callback_url'];
113
114 if ($consumer['value']['RSAcertificate']) {
115 return new OAuthConsumer($consumer['value']['key'], $consumer['value']['RSAcertificate'], $callback);
116 } else {
117 return new OAuthConsumer($consumer['value']['key'], $consumer['value']['secret'], $callback);
118 }
119 }
120
121 function lookup_token($consumer, $tokenType = 'default', $token) {
122 SimpleSAML\Logger::info('OAuth lookup_token(' . $consumer->key . ', ' . $tokenType. ',' . $token . ')');
123 $data = $this->store->get($tokenType, $token, $consumer->key);
124 if ($data == NULL) throw new Exception('Could not find token');
125 return $data['value'];
126 }
127
128 function lookup_nonce($consumer, $token, $nonce, $timestamp) {
129 SimpleSAML\Logger::info('OAuth lookup_nonce(' . $consumer . ', ' . $token. ',' . $nonce . ')');
130 if ($this->store->exists('nonce', $nonce, $consumer->key)) return TRUE;
131 $this->store->set('nonce', $nonce, $consumer->key, TRUE, $this->config->getValue('nonceCache', 60*60*24*14));
132 return FALSE;
133 }
134
135 function new_request_token($consumer, $callback = null, $version = null) {
136 SimpleSAML\Logger::info('OAuth new_request_token(' . $consumer . ')');
137
138 $lifetime = $this->config->getValue('requestTokenDuration', 60*30);
139
140 $token = new OAuthToken(SimpleSAML\Utils\Random::generateID(), SimpleSAML\Utils\Random::generateID());
141 $token->callback = $callback; // OAuth1.0-RevA
142 $this->store->set('request', $token->key, $consumer->key, $token, $lifetime);
143
144 // also store in requestToken->key => array('callback'=>CallbackURL, 'version'=>oauth_version
145 $request_attributes = array(
146 'callback' => $callback,
147 'version' => ($version?$version:$this->defaultversion),
148 'consumerKey' => $consumer->key,
149 );
150 $this->store->set('requesttorequest', $token->key, '', $request_attributes, $lifetime);
151
152 // also store in requestToken->key => Consumer->key (enables consumer-lookup during reqToken-authorization stage)
153 $this->store->set('requesttoconsumer', $token->key, '', $consumer->key, $lifetime);
154
155 return $token;
156 }
157
158 function new_access_token($requestToken, $consumer, $verifier = null) {
159 SimpleSAML\Logger::info('OAuth new_access_token(' . $requestToken . ',' . $consumer . ')');
160 $accestoken = new OAuthToken(SimpleSAML\Utils\Random::generateID(), SimpleSAML\Utils\Random::generateID());
161 $this->store->set('access', $accestoken->key, $consumer->key, $accestoken, $this->config->getValue('accessTokenDuration', 60*60*24) );
162 return $accestoken;
163 }
164
170 public function lookup_consumer_by_requestToken($requestTokenKey) {
171 SimpleSAML\Logger::info('OAuth lookup_consumer_by_requestToken(' . $requestTokenKey . ')');
172 if (! $this->store->exists('requesttorequest', $requestTokenKey, '')) return NULL;
173
174 $request = $this->store->get('requesttorequest', $requestTokenKey, '');
175 $consumerKey = $request['value']['consumerKey'];
176 if (! $consumerKey) {
177 return NULL;
178 }
179
180 $consumer = $this->store->get('consumers', $consumerKey['value'], '');
181 return $consumer['value'];
182 }
183
184
185
186}
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
An exception for terminatinating execution or to throw for unit testing.
OAuth PECL extension includes an OAuth Exception class, so we need to wrap the definition of this cla...
Definition: OAuth.php:37
static info($string)
Definition: Logger.php:201
static generateID()
Generate a random identifier, ID_LENGTH bytes long.
Definition: Random.php:26
static getOptionalConfig($filename='config.php', $configSet='simplesaml')
Load a configuration file from a configuration set.
lookup_token($consumer, $tokenType='default', $token)
Definition: OAuthStore.php:121
isAuthorized($requestToken, $verifier='')
Perform lookup whether a given token exists in the list of authorized tokens; if a verifier is passed...
Definition: OAuthStore.php:81
getAuthorizedData($token, $verifier='')
Definition: OAuthStore.php:86
lookup_consumer_by_requestToken($requestTokenKey)
Return OAuthConsumer-instance that a given requestToken was issued to.
Definition: OAuthStore.php:170
lookup_consumer($consumer_key)
Definition: OAuthStore.php:106
lookup_nonce($consumer, $token, $nonce, $timestamp)
Definition: OAuthStore.php:128
new_request_token($consumer, $callback=null, $version=null)
Definition: OAuthStore.php:135
moveAuthorizedData($requestToken, $verifier, $accessTokenKey)
Definition: OAuthStore.php:92
new_access_token($requestToken, $consumer, $verifier=null)
Definition: OAuthStore.php:158
authorize($requestTokenKey, $data)
Attach the data to the token, and establish the Callback URL and verifier.
Definition: OAuthStore.php:41
$requestToken
Definition: demo.php:33
$consumer
Definition: demo.php:30
Attribute-related utility methods.
$url