From 333b27176f67f80d059411bc70428be269c9a6fa Mon Sep 17 00:00:00 2001 From: Erik Amaru Ortiz Date: Tue, 1 Oct 2013 09:15:28 -0400 Subject: [PATCH] First functional OAuth2 implementation, but we're still working on it (adding missing files) --- .gitignore | 1 + .../model/map/OauthAccessTokensMapBuilder.php | 2 +- .../map/OauthRefreshTokensMapBuilder.php | 2 +- .../model/map/OauthScopesMapBuilder.php | 2 +- .../model/om/BaseOauthRefreshTokens.php | 46 +++++----- .../model/om/BaseOauthRefreshTokensPeer.php | 32 +++---- workflow/engine/config/schema.xml | 6 +- workflow/engine/data/mysql/schema.sql | 76 +++++++++++++++ workflow/engine/methods/login/sysLogin.php | 3 +- workflow/engine/services/oauth2/Server.php | 92 ++++++++++++++++--- workflow/public_html/sysGeneric.php | 6 +- 11 files changed, 208 insertions(+), 60 deletions(-) diff --git a/.gitignore b/.gitignore index 913180f19..00c1ca9c7 100755 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,4 @@ workflow/public_html/index.html composer.phar composer.lock vendor/ +workflow/engine/config/schema-transformed.xml diff --git a/workflow/engine/classes/model/map/OauthAccessTokensMapBuilder.php b/workflow/engine/classes/model/map/OauthAccessTokensMapBuilder.php index bc634baa7..ce7f4bddd 100644 --- a/workflow/engine/classes/model/map/OauthAccessTokensMapBuilder.php +++ b/workflow/engine/classes/model/map/OauthAccessTokensMapBuilder.php @@ -69,7 +69,7 @@ class OauthAccessTokensMapBuilder $tMap->addColumn('CLIENT_ID', 'ClientId', 'string', CreoleTypes::VARCHAR, true, 80); - $tMap->addColumn('USER_ID', 'UserId', 'string', CreoleTypes::VARCHAR, true, 32); + $tMap->addColumn('USER_ID', 'UserId', 'string', CreoleTypes::VARCHAR, false, 32); $tMap->addColumn('EXPIRES', 'Expires', 'int', CreoleTypes::TIMESTAMP, true, null); diff --git a/workflow/engine/classes/model/map/OauthRefreshTokensMapBuilder.php b/workflow/engine/classes/model/map/OauthRefreshTokensMapBuilder.php index 39c703b89..2d57993d0 100644 --- a/workflow/engine/classes/model/map/OauthRefreshTokensMapBuilder.php +++ b/workflow/engine/classes/model/map/OauthRefreshTokensMapBuilder.php @@ -65,7 +65,7 @@ class OauthRefreshTokensMapBuilder $tMap->setUseIdGenerator(false); - $tMap->addPrimaryKey('REFRESH_TOKES', 'RefreshTokes', 'string', CreoleTypes::VARCHAR, true, 40); + $tMap->addPrimaryKey('REFRESH_TOKEN', 'RefreshToken', 'string', CreoleTypes::VARCHAR, true, 40); $tMap->addColumn('CLIENT_ID', 'ClientId', 'string', CreoleTypes::VARCHAR, true, 80); diff --git a/workflow/engine/classes/model/map/OauthScopesMapBuilder.php b/workflow/engine/classes/model/map/OauthScopesMapBuilder.php index b63d5ec0a..b7629cef9 100644 --- a/workflow/engine/classes/model/map/OauthScopesMapBuilder.php +++ b/workflow/engine/classes/model/map/OauthScopesMapBuilder.php @@ -69,7 +69,7 @@ class OauthScopesMapBuilder $tMap->addColumn('SCOPE', 'Scope', 'string', CreoleTypes::VARCHAR, false, 2000); - $tMap->addColumn('CLIENT_ID', 'ClientId', 'string', CreoleTypes::VARCHAR, true, 80); + $tMap->addColumn('CLIENT_ID', 'ClientId', 'string', CreoleTypes::VARCHAR, false, 80); } // doBuild() diff --git a/workflow/engine/classes/model/om/BaseOauthRefreshTokens.php b/workflow/engine/classes/model/om/BaseOauthRefreshTokens.php index cb96b7061..f5241ae7c 100644 --- a/workflow/engine/classes/model/om/BaseOauthRefreshTokens.php +++ b/workflow/engine/classes/model/om/BaseOauthRefreshTokens.php @@ -28,10 +28,10 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent protected static $peer; /** - * The value for the refresh_tokes field. + * The value for the refresh_token field. * @var string */ - protected $refresh_tokes; + protected $refresh_token; /** * The value for the client_id field. @@ -72,14 +72,14 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent protected $alreadyInValidation = false; /** - * Get the [refresh_tokes] column value. + * Get the [refresh_token] column value. * * @return string */ - public function getRefreshTokes() + public function getRefreshToken() { - return $this->refresh_tokes; + return $this->refresh_token; } /** @@ -148,12 +148,12 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent } /** - * Set the value of [refresh_tokes] column. + * Set the value of [refresh_token] column. * * @param string $v new value * @return void */ - public function setRefreshTokes($v) + public function setRefreshToken($v) { // Since the native PHP type for this column is string, @@ -162,12 +162,12 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent $v = (string) $v; } - if ($this->refresh_tokes !== $v) { - $this->refresh_tokes = $v; - $this->modifiedColumns[] = OauthRefreshTokensPeer::REFRESH_TOKES; + if ($this->refresh_token !== $v) { + $this->refresh_token = $v; + $this->modifiedColumns[] = OauthRefreshTokensPeer::REFRESH_TOKEN; } - } // setRefreshTokes() + } // setRefreshToken() /** * Set the value of [client_id] column. @@ -277,7 +277,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { try { - $this->refresh_tokes = $rs->getString($startcol + 0); + $this->refresh_token = $rs->getString($startcol + 0); $this->client_id = $rs->getString($startcol + 1); @@ -497,7 +497,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { switch($pos) { case 0: - return $this->getRefreshTokes(); + return $this->getRefreshToken(); break; case 1: return $this->getClientId(); @@ -531,7 +531,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { $keys = OauthRefreshTokensPeer::getFieldNames($keyType); $result = array( - $keys[0] => $this->getRefreshTokes(), + $keys[0] => $this->getRefreshToken(), $keys[1] => $this->getClientId(), $keys[2] => $this->getUserId(), $keys[3] => $this->getExpires(), @@ -568,7 +568,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { switch($pos) { case 0: - $this->setRefreshTokes($value); + $this->setRefreshToken($value); break; case 1: $this->setClientId($value); @@ -606,7 +606,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent $keys = OauthRefreshTokensPeer::getFieldNames($keyType); if (array_key_exists($keys[0], $arr)) { - $this->setRefreshTokes($arr[$keys[0]]); + $this->setRefreshToken($arr[$keys[0]]); } if (array_key_exists($keys[1], $arr)) { @@ -636,8 +636,8 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { $criteria = new Criteria(OauthRefreshTokensPeer::DATABASE_NAME); - if ($this->isColumnModified(OauthRefreshTokensPeer::REFRESH_TOKES)) { - $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, $this->refresh_tokes); + if ($this->isColumnModified(OauthRefreshTokensPeer::REFRESH_TOKEN)) { + $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, $this->refresh_token); } if ($this->isColumnModified(OauthRefreshTokensPeer::CLIENT_ID)) { @@ -672,7 +672,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent { $criteria = new Criteria(OauthRefreshTokensPeer::DATABASE_NAME); - $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, $this->refresh_tokes); + $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, $this->refresh_token); return $criteria; } @@ -683,18 +683,18 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent */ public function getPrimaryKey() { - return $this->getRefreshTokes(); + return $this->getRefreshToken(); } /** - * Generic method to set the primary key (refresh_tokes column). + * Generic method to set the primary key (refresh_token column). * * @param string $key Primary key. * @return void */ public function setPrimaryKey($key) { - $this->setRefreshTokes($key); + $this->setRefreshToken($key); } /** @@ -721,7 +721,7 @@ abstract class BaseOauthRefreshTokens extends BaseObject implements Persistent $copyObj->setNew(true); - $copyObj->setRefreshTokes(NULL); // this is a pkey column, so set to default value + $copyObj->setRefreshToken(NULL); // this is a pkey column, so set to default value } diff --git a/workflow/engine/classes/model/om/BaseOauthRefreshTokensPeer.php b/workflow/engine/classes/model/om/BaseOauthRefreshTokensPeer.php index bcb115035..d57ac2109 100644 --- a/workflow/engine/classes/model/om/BaseOauthRefreshTokensPeer.php +++ b/workflow/engine/classes/model/om/BaseOauthRefreshTokensPeer.php @@ -31,8 +31,8 @@ abstract class BaseOauthRefreshTokensPeer const NUM_LAZY_LOAD_COLUMNS = 0; - /** the column name for the REFRESH_TOKES field */ - const REFRESH_TOKES = 'OAUTH_REFRESH_TOKENS.REFRESH_TOKES'; + /** the column name for the REFRESH_TOKEN field */ + const REFRESH_TOKEN = 'OAUTH_REFRESH_TOKENS.REFRESH_TOKEN'; /** the column name for the CLIENT_ID field */ const CLIENT_ID = 'OAUTH_REFRESH_TOKENS.CLIENT_ID'; @@ -57,9 +57,9 @@ abstract class BaseOauthRefreshTokensPeer * e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id' */ private static $fieldNames = array ( - BasePeer::TYPE_PHPNAME => array ('RefreshTokes', 'ClientId', 'UserId', 'Expires', 'Scope', ), - BasePeer::TYPE_COLNAME => array (OauthRefreshTokensPeer::REFRESH_TOKES, OauthRefreshTokensPeer::CLIENT_ID, OauthRefreshTokensPeer::USER_ID, OauthRefreshTokensPeer::EXPIRES, OauthRefreshTokensPeer::SCOPE, ), - BasePeer::TYPE_FIELDNAME => array ('REFRESH_TOKES', 'CLIENT_ID', 'USER_ID', 'EXPIRES', 'SCOPE', ), + BasePeer::TYPE_PHPNAME => array ('RefreshToken', 'ClientId', 'UserId', 'Expires', 'Scope', ), + BasePeer::TYPE_COLNAME => array (OauthRefreshTokensPeer::REFRESH_TOKEN, OauthRefreshTokensPeer::CLIENT_ID, OauthRefreshTokensPeer::USER_ID, OauthRefreshTokensPeer::EXPIRES, OauthRefreshTokensPeer::SCOPE, ), + BasePeer::TYPE_FIELDNAME => array ('REFRESH_TOKEN', 'CLIENT_ID', 'USER_ID', 'EXPIRES', 'SCOPE', ), BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, ) ); @@ -70,9 +70,9 @@ abstract class BaseOauthRefreshTokensPeer * e.g. self::$fieldNames[BasePeer::TYPE_PHPNAME]['Id'] = 0 */ private static $fieldKeys = array ( - BasePeer::TYPE_PHPNAME => array ('RefreshTokes' => 0, 'ClientId' => 1, 'UserId' => 2, 'Expires' => 3, 'Scope' => 4, ), - BasePeer::TYPE_COLNAME => array (OauthRefreshTokensPeer::REFRESH_TOKES => 0, OauthRefreshTokensPeer::CLIENT_ID => 1, OauthRefreshTokensPeer::USER_ID => 2, OauthRefreshTokensPeer::EXPIRES => 3, OauthRefreshTokensPeer::SCOPE => 4, ), - BasePeer::TYPE_FIELDNAME => array ('REFRESH_TOKES' => 0, 'CLIENT_ID' => 1, 'USER_ID' => 2, 'EXPIRES' => 3, 'SCOPE' => 4, ), + BasePeer::TYPE_PHPNAME => array ('RefreshToken' => 0, 'ClientId' => 1, 'UserId' => 2, 'Expires' => 3, 'Scope' => 4, ), + BasePeer::TYPE_COLNAME => array (OauthRefreshTokensPeer::REFRESH_TOKEN => 0, OauthRefreshTokensPeer::CLIENT_ID => 1, OauthRefreshTokensPeer::USER_ID => 2, OauthRefreshTokensPeer::EXPIRES => 3, OauthRefreshTokensPeer::SCOPE => 4, ), + BasePeer::TYPE_FIELDNAME => array ('REFRESH_TOKEN' => 0, 'CLIENT_ID' => 1, 'USER_ID' => 2, 'EXPIRES' => 3, 'SCOPE' => 4, ), BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, ) ); @@ -174,7 +174,7 @@ abstract class BaseOauthRefreshTokensPeer public static function addSelectColumns(Criteria $criteria) { - $criteria->addSelectColumn(OauthRefreshTokensPeer::REFRESH_TOKES); + $criteria->addSelectColumn(OauthRefreshTokensPeer::REFRESH_TOKEN); $criteria->addSelectColumn(OauthRefreshTokensPeer::CLIENT_ID); @@ -186,8 +186,8 @@ abstract class BaseOauthRefreshTokensPeer } - const COUNT = 'COUNT(OAUTH_REFRESH_TOKENS.REFRESH_TOKES)'; - const COUNT_DISTINCT = 'COUNT(DISTINCT OAUTH_REFRESH_TOKENS.REFRESH_TOKES)'; + const COUNT = 'COUNT(OAUTH_REFRESH_TOKENS.REFRESH_TOKEN)'; + const COUNT_DISTINCT = 'COUNT(DISTINCT OAUTH_REFRESH_TOKENS.REFRESH_TOKEN)'; /** * Returns the number of rows matching criteria. @@ -396,8 +396,8 @@ abstract class BaseOauthRefreshTokensPeer if ($values instanceof Criteria) { $criteria = clone $values; // rename for clarity - $comparison = $criteria->getComparison(OauthRefreshTokensPeer::REFRESH_TOKES); - $selectCriteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, $criteria->remove(OauthRefreshTokensPeer::REFRESH_TOKES), $comparison); + $comparison = $criteria->getComparison(OauthRefreshTokensPeer::REFRESH_TOKEN); + $selectCriteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, $criteria->remove(OauthRefreshTokensPeer::REFRESH_TOKEN), $comparison); } else { $criteria = $values->buildCriteria(); // gets full criteria @@ -460,7 +460,7 @@ abstract class BaseOauthRefreshTokensPeer } else { // it must be the primary key $criteria = new Criteria(self::DATABASE_NAME); - $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, (array) $values, Criteria::IN); + $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, (array) $values, Criteria::IN); } // Set the correct dbName @@ -534,7 +534,7 @@ abstract class BaseOauthRefreshTokensPeer $criteria = new Criteria(OauthRefreshTokensPeer::DATABASE_NAME); - $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, $pk); + $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, $pk); $v = OauthRefreshTokensPeer::doSelect($criteria, $con); @@ -561,7 +561,7 @@ abstract class BaseOauthRefreshTokensPeer $objs = array(); } else { $criteria = new Criteria(); - $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKES, $pks, Criteria::IN); + $criteria->add(OauthRefreshTokensPeer::REFRESH_TOKEN, $pks, Criteria::IN); $objs = OauthRefreshTokensPeer::doSelect($criteria, $con); } return $objs; diff --git a/workflow/engine/config/schema.xml b/workflow/engine/config/schema.xml index 87d804456..5ddf60a33 100755 --- a/workflow/engine/config/schema.xml +++ b/workflow/engine/config/schema.xml @@ -3013,7 +3013,7 @@ - +
@@ -3031,7 +3031,7 @@ - + @@ -3040,6 +3040,6 @@
- +
diff --git a/workflow/engine/data/mysql/schema.sql b/workflow/engine/data/mysql/schema.sql index d8beeb6c4..3ff10f5ad 100755 --- a/workflow/engine/data/mysql/schema.sql +++ b/workflow/engine/data/mysql/schema.sql @@ -1472,5 +1472,81 @@ CREATE TABLE `SESSION_STORAGE` PRIMARY KEY (`ID`), KEY `indexSessionStorage`(`ID`) )ENGINE=InnoDB ; +#----------------------------------------------------------------------------- +#-- OAUTH_ACCESS_TOKENS +#----------------------------------------------------------------------------- + +DROP TABLE IF EXISTS `OAUTH_ACCESS_TOKENS`; + + +CREATE TABLE `OAUTH_ACCESS_TOKENS` +( + `ACCESS_TOKEN` VARCHAR(40) NOT NULL, + `CLIENT_ID` VARCHAR(80) NOT NULL, + `USER_ID` VARCHAR(32), + `EXPIRES` DATETIME NOT NULL, + `SCOPE` VARCHAR(2000), + PRIMARY KEY (`ACCESS_TOKEN`) +)ENGINE=InnoDB ; +#----------------------------------------------------------------------------- +#-- OAUTH_AUTHORIZATION_CODES +#----------------------------------------------------------------------------- + +DROP TABLE IF EXISTS `OAUTH_AUTHORIZATION_CODES`; + + +CREATE TABLE `OAUTH_AUTHORIZATION_CODES` +( + `AUTHORIZATION_CODE` VARCHAR(40) NOT NULL, + `CLIENT_ID` VARCHAR(80) NOT NULL, + `USER_ID` VARCHAR(32), + `REDIRECT_URI` VARCHAR(2000), + `EXPIRES` DATETIME NOT NULL, + `SCOPE` VARCHAR(2000), + PRIMARY KEY (`AUTHORIZATION_CODE`) +)ENGINE=InnoDB ; +#----------------------------------------------------------------------------- +#-- OAUTH_CLIENTS +#----------------------------------------------------------------------------- + +DROP TABLE IF EXISTS `OAUTH_CLIENTS`; + + +CREATE TABLE `OAUTH_CLIENTS` +( + `CLIENT_ID` VARCHAR(80) NOT NULL, + `CLIENT_SECRET` VARCHAR(80) NOT NULL, + `REDIRECT_URI` VARCHAR(2000) NOT NULL, + PRIMARY KEY (`CLIENT_ID`) +)ENGINE=InnoDB ; +#----------------------------------------------------------------------------- +#-- OAUTH_REFRESH_TOKENS +#----------------------------------------------------------------------------- + +DROP TABLE IF EXISTS `OAUTH_REFRESH_TOKENS`; + + +CREATE TABLE `OAUTH_REFRESH_TOKENS` +( + `REFRESH_TOKEN` VARCHAR(40) NOT NULL, + `CLIENT_ID` VARCHAR(80) NOT NULL, + `USER_ID` VARCHAR(32), + `EXPIRES` DATETIME NOT NULL, + `SCOPE` VARCHAR(2000), + PRIMARY KEY (`REFRESH_TOKEN`) +)ENGINE=InnoDB ; +#----------------------------------------------------------------------------- +#-- OAUTH_SCOPES +#----------------------------------------------------------------------------- + +DROP TABLE IF EXISTS `OAUTH_SCOPES`; + + +CREATE TABLE `OAUTH_SCOPES` +( + `TYPE` VARCHAR(40) NOT NULL, + `SCOPE` VARCHAR(2000), + `CLIENT_ID` VARCHAR(80) +)ENGINE=InnoDB ; # This restores the fkey checks, after having unset them earlier SET FOREIGN_KEY_CHECKS = 1; diff --git a/workflow/engine/methods/login/sysLogin.php b/workflow/engine/methods/login/sysLogin.php index f74ae4aa1..4f2df9b2c 100755 --- a/workflow/engine/methods/login/sysLogin.php +++ b/workflow/engine/methods/login/sysLogin.php @@ -44,7 +44,8 @@ if (isset($_SESSION["G_MESSAGE_TYPE"])) { } //Initialize session -session_destroy(); + +@session_destroy(); session_start(); session_regenerate_id(); diff --git a/workflow/engine/services/oauth2/Server.php b/workflow/engine/services/oauth2/Server.php index ea8a71090..dce3cecb0 100644 --- a/workflow/engine/services/oauth2/Server.php +++ b/workflow/engine/services/oauth2/Server.php @@ -20,18 +20,21 @@ class Server implements iAuthenticate /** * @var OAuth2_Server */ - protected static $server; + //protected static $server; + protected $server; + protected $storage; + /** * @var OAuth2_Storage_Pdo */ - protected static $storage; + //protected static $storage; /** * @var OAuth2_Request */ protected static $request; public function __construct() { - $dir = __DIR__ . '/db/'; + /*$dir = __DIR__ . '/db/'; $file = 'oauth.sqlite'; if (!file_exists($dir . $file)) { include_once $dir . 'rebuild_db.php'; @@ -43,19 +46,59 @@ class Server implements iAuthenticate static::$server = new \OAuth2\Server(static::$storage); static::$server->addGrantType( new \OAuth2\GrantType\AuthorizationCode(static::$storage) - ); + );*/ + + static::$request = \OAuth2\Request::createFromGlobals(); + + require_once 'PmPdo.php'; + + $dsn = 'mysql:dbname=wf_workflow;host=localhost'; + $username = 'root'; + $password = 'sample'; + + // error reporting (this is a demo, after all!) + //ini_set('display_errors',1);error_reporting(E_ALL); + + // Autoloading (composer is preferred, but for this example let's just do this) + //require_once('oauth2-server-php/src/OAuth2/Autoloader.php'); + //\OAuth2\Autoloader::register(); + + // $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost" + $storage = new PmPdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password)); + + // Pass a storage object or array of storage objects to the OAuth2 server class + $this->server = new \OAuth2\Server($storage); + + // Add the "Client Credentials" grant type (it is the simplest of the grant types) + $this->server->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage)); + + // Add the "Authorization Code" grant type (this is where the oauth magic happens) + $this->server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage)); + } + + /** + * @view oauth2/server/register.php + * @format HtmlFormat + */ + public function register() + { + static::$server->getResponse(static::$request); + return array('queryString' => $_SERVER['QUERY_STRING']); + } + /** * Stage 1: Client sends the user to this page * * User responds by accepting or denying * - * @view oauth2/server/authorize.twig + * @view oauth2/server/authorize.php * @format HtmlFormat */ public function authorize() { - static::$server->getResponse(static::$request); + $this->server->getResponse(static::$request); + return array('queryString' => $_SERVER['QUERY_STRING']); } /** @@ -73,12 +116,25 @@ class Server implements iAuthenticate */ public function postAuthorize($authorize = false) { - $response = static::$server->handleAuthorizeRequest( - static::$request, + $request = \OAuth2\Request::createFromGlobals(); + $response = new \OAuth2\Response(); + + $response = $this->server->handleAuthorizeRequest( + $request, + $response, (bool)$authorize ); + + if ($authorize) { + // this is only here so that you get to see your code in the cURL request. Otherwise, we'd redirect back to the client + $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40); + //exit("SUCCESS! Authorization Code: $code"); + } + die($response->send()); } + + /** * Stage 3: Client directly calls this api to exchange access token * @@ -100,7 +156,7 @@ class Server implements iAuthenticate * * @access protected */ - public function access() + public function postAccess() { return array( 'friends' => array('john', 'matt', 'jane') @@ -115,7 +171,21 @@ class Server implements iAuthenticate */ public function __isAllowed() { - return self::$server->verifyResourceRequest(static::$request); - //return self::$server->verifyAccessRequest(static::$request); + return $this->server->verifyResourceRequest(\OAuth2\Request::createFromGlobals()); + } + + + + /****************************************/ + + /** + * Stage 3: Client directly calls this api to exchange access token + * + * It can then use this access token to make calls to protected api + */ + public function postToken() + { + // Handle a request for an OAuth2.0 Access Token and send the response to the client + return $this->server->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send(); } } \ No newline at end of file diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 774eabcfa..d3e89825c 100755 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -679,9 +679,9 @@ try { //require_once ("propel/Propel.php"); //require_once ("creole/Creole.php"); - list($host, $port) = explode(':', DB_HOST); - $port = empty($port) ? '3306' : $port; - $handler = new PmSessionHandler(DB_USER, DB_PASS, DB_ADAPTER.":host=$host;dbname=".DB_NAME.";port=$port"); + list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, ''); + $port = empty($port) ? '' : ";port=$port"; + $handler = new PmSessionHandler(DB_USER, DB_PASS, DB_ADAPTER.":host=$host;dbname=".DB_NAME.$port); session_start();