2016-02-14 20:50:10 +03:00
|
|
|
<?php
|
2016-11-27 00:43:42 +03:00
|
|
|
namespace api\components\OAuth2\Storage;
|
2016-02-14 20:50:10 +03:00
|
|
|
|
2016-11-27 00:43:42 +03:00
|
|
|
use api\components\OAuth2\Entities\ClientEntity;
|
|
|
|
use api\components\OAuth2\Entities\SessionEntity;
|
2016-02-14 20:50:10 +03:00
|
|
|
use common\models\OauthClient;
|
|
|
|
use League\OAuth2\Server\Entity\SessionEntity as OriginalSessionEntity;
|
|
|
|
use League\OAuth2\Server\Storage\AbstractStorage;
|
|
|
|
use League\OAuth2\Server\Storage\ClientInterface;
|
2016-03-20 17:39:09 +03:00
|
|
|
use yii\helpers\StringHelper;
|
2016-02-14 20:50:10 +03:00
|
|
|
|
|
|
|
class ClientStorage extends AbstractStorage implements ClientInterface {
|
|
|
|
|
2018-04-17 23:47:25 +03:00
|
|
|
private const REDIRECT_STATIC_PAGE = 'static_page';
|
|
|
|
private const REDIRECT_STATIC_PAGE_WITH_CODE = 'static_page_with_code';
|
2016-03-20 17:39:09 +03:00
|
|
|
|
2016-02-14 20:50:10 +03:00
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) {
|
2018-02-28 01:27:35 +03:00
|
|
|
$model = $this->findClient($clientId);
|
|
|
|
if ($model === null) {
|
|
|
|
return null;
|
2016-02-14 20:50:10 +03:00
|
|
|
}
|
|
|
|
|
2018-02-28 01:27:35 +03:00
|
|
|
if ($clientSecret !== null && $clientSecret !== $model->secret) {
|
2016-02-14 20:50:10 +03:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2019-07-15 01:59:56 +03:00
|
|
|
// TODO: should check application type
|
|
|
|
// For "desktop" app type redirect_uri is not required and should be by default set
|
|
|
|
// to the static redirect, but for "site" it's required always.
|
2016-03-20 17:39:09 +03:00
|
|
|
if ($redirectUri !== null) {
|
2016-11-27 00:43:42 +03:00
|
|
|
if (in_array($redirectUri, [self::REDIRECT_STATIC_PAGE, self::REDIRECT_STATIC_PAGE_WITH_CODE], true)) {
|
2019-07-15 01:59:56 +03:00
|
|
|
// I think we should check the type of application here
|
2016-03-20 17:39:09 +03:00
|
|
|
} else {
|
2016-11-27 00:43:42 +03:00
|
|
|
if (!StringHelper::startsWith($redirectUri, $model->redirect_uri, false)) {
|
2016-03-20 17:39:09 +03:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-11-27 00:43:42 +03:00
|
|
|
$entity = $this->hydrate($model);
|
|
|
|
$entity->setRedirectUri($redirectUri);
|
2016-02-14 20:50:10 +03:00
|
|
|
|
|
|
|
return $entity;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function getBySession(OriginalSessionEntity $session) {
|
|
|
|
if (!$session instanceof SessionEntity) {
|
|
|
|
throw new \ErrorException('This module assumes that $session typeof ' . SessionEntity::class);
|
|
|
|
}
|
|
|
|
|
2018-02-28 01:27:35 +03:00
|
|
|
$model = $this->findClient($session->getClientId());
|
2016-02-14 20:50:10 +03:00
|
|
|
if ($model === null) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2016-11-27 00:43:42 +03:00
|
|
|
return $this->hydrate($model);
|
|
|
|
}
|
|
|
|
|
2018-04-17 23:47:25 +03:00
|
|
|
private function hydrate(OauthClient $model): ClientEntity {
|
2016-11-27 00:43:42 +03:00
|
|
|
$entity = new ClientEntity($this->server);
|
|
|
|
$entity->setId($model->id);
|
|
|
|
$entity->setName($model->name);
|
|
|
|
$entity->setSecret($model->secret);
|
2016-12-18 02:20:53 +03:00
|
|
|
$entity->setIsTrusted($model->is_trusted);
|
2016-11-27 00:43:42 +03:00
|
|
|
$entity->setRedirectUri($model->redirect_uri);
|
|
|
|
|
|
|
|
return $entity;
|
2016-02-14 20:50:10 +03:00
|
|
|
}
|
|
|
|
|
2018-02-28 01:27:35 +03:00
|
|
|
private function findClient(string $clientId): ?OauthClient {
|
|
|
|
return OauthClient::findOne($clientId);
|
|
|
|
}
|
|
|
|
|
2016-02-14 20:50:10 +03:00
|
|
|
}
|