mirror of
https://github.com/elyby/accounts.git
synced 2024-11-27 01:02:06 +05:30
Поправлено поведение для проверки возможности обратного редиректа на сайты с его фиксированным значением
This commit is contained in:
parent
951b6928a2
commit
ddb5fd813c
@ -7,45 +7,55 @@ use League\OAuth2\Server\Entity\ClientEntity;
|
|||||||
use League\OAuth2\Server\Entity\SessionEntity as OriginalSessionEntity;
|
use League\OAuth2\Server\Entity\SessionEntity as OriginalSessionEntity;
|
||||||
use League\OAuth2\Server\Storage\AbstractStorage;
|
use League\OAuth2\Server\Storage\AbstractStorage;
|
||||||
use League\OAuth2\Server\Storage\ClientInterface;
|
use League\OAuth2\Server\Storage\ClientInterface;
|
||||||
|
use yii\helpers\StringHelper;
|
||||||
|
|
||||||
class ClientStorage extends AbstractStorage implements ClientInterface {
|
class ClientStorage extends AbstractStorage implements ClientInterface {
|
||||||
|
|
||||||
|
const REDIRECT_STATIC_PAGE = 'static_page';
|
||||||
|
const REDIRECT_STATIC_PAGE_WITH_CODE = 'static_page_with_code';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @inheritdoc
|
* @inheritdoc
|
||||||
*/
|
*/
|
||||||
public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) {
|
public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) {
|
||||||
$query = OauthClient::find()
|
$query = OauthClient::find()
|
||||||
->select(['id', 'name', 'secret'])
|
->select(['id', 'name', 'secret', 'redirect_uri'])
|
||||||
->where([OauthClient::tableName() . '.id' => $clientId]);
|
->where([OauthClient::tableName() . '.id' => $clientId]);
|
||||||
|
|
||||||
if ($clientSecret !== null) {
|
if ($clientSecret !== null) {
|
||||||
$query->andWhere(['secret' => $clientSecret]);
|
$query->andWhere(['secret' => $clientSecret]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($redirectUri !== null) {
|
|
||||||
$query
|
|
||||||
->addSelect(['redirect_uri'])
|
|
||||||
->andWhere(['redirect_uri' => $redirectUri]);
|
|
||||||
}
|
|
||||||
|
|
||||||
$model = $query->asArray()->one();
|
$model = $query->asArray()->one();
|
||||||
if ($model === null) {
|
if ($model === null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: нужно учитывать тип приложения
|
||||||
|
/*
|
||||||
|
* Для приложений типа "настольный" redirect_uri необязателем - он должен быть по умолчанию равен
|
||||||
|
* статичному редиректу на страницу сайта
|
||||||
|
* А для приложений типа "сайт" редирект должен быть всегда.
|
||||||
|
* Короче это нужно учесть
|
||||||
|
*/
|
||||||
|
if ($redirectUri !== null) {
|
||||||
|
if ($redirectUri === self::REDIRECT_STATIC_PAGE || $redirectUri === self::REDIRECT_STATIC_PAGE_WITH_CODE) {
|
||||||
|
// Тут, наверное, нужно проверить тип приложения
|
||||||
|
} else {
|
||||||
|
if (!StringHelper::startsWith($redirectUri, $model['redirect_uri'], false)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$entity = new ClientEntity($this->server);
|
$entity = new ClientEntity($this->server);
|
||||||
$entity->hydrate([
|
$entity->hydrate([
|
||||||
'id' => $model['id'],
|
'id' => $model['id'],
|
||||||
'name' => $model['name'],
|
'name' => $model['name'],
|
||||||
'secret' => $model['secret'],
|
'secret' => $model['secret'],
|
||||||
|
'redirectUri' => $redirectUri,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
if (isset($model['redirect_uri'])) {
|
|
||||||
$entity->hydrate([
|
|
||||||
'redirectUri' => $model['redirect_uri'],
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $entity;
|
return $entity;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user