1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/* |
4
|
|
|
* This file is part of OAuth 2.0 Laravel. |
5
|
|
|
* |
6
|
|
|
* (c) Luca Degasperi <[email protected]> |
7
|
|
|
* |
8
|
|
|
* For the full copyright and license information, please view the LICENSE |
9
|
|
|
* file that was distributed with this source code. |
10
|
|
|
*/ |
11
|
|
|
|
12
|
|
|
namespace LucaDegasperi\OAuth2Server\Storage; |
13
|
|
|
|
14
|
|
|
use Carbon\Carbon; |
15
|
|
|
use Illuminate\Database\ConnectionResolverInterface as Resolver; |
16
|
|
|
use League\OAuth2\Server\Entity\ClientEntity; |
17
|
|
|
use League\OAuth2\Server\Entity\SessionEntity; |
18
|
|
|
use League\OAuth2\Server\Storage\ClientInterface; |
19
|
|
|
|
20
|
|
|
/** |
21
|
|
|
* This is the fluent client class. |
22
|
|
|
* |
23
|
|
|
* @author Luca Degasperi <[email protected]> |
24
|
|
|
*/ |
25
|
|
|
class FluentClient extends AbstractFluentAdapter implements ClientInterface |
26
|
|
|
{ |
27
|
|
|
/** |
28
|
|
|
* Limit clients to grants. |
29
|
|
|
* |
30
|
|
|
* @var bool |
31
|
|
|
*/ |
32
|
|
|
protected $limitClientsToGrants = false; |
33
|
|
|
/** |
34
|
|
|
* Pre-register redirect url is required. |
35
|
|
|
* |
36
|
|
|
* @var bool |
37
|
|
|
*/ |
38
|
|
|
protected $limitRedirectUri = false; |
39
|
|
|
/** |
40
|
|
|
* Create a new fluent client instance. |
41
|
|
|
* |
42
|
|
|
* @param \Illuminate\Database\ConnectionResolverInterface $resolver |
43
|
|
|
* @param bool $limitClientsToGrants |
44
|
|
|
* @param bool $limitRedirectUri |
45
|
|
|
*/ |
46
|
24 |
|
public function __construct(Resolver $resolver, $limitClientsToGrants = false, $limitRedirectUri = false) |
47
|
|
|
{ |
48
|
24 |
|
parent::__construct($resolver); |
49
|
24 |
|
$this->limitClientsToGrants = $limitClientsToGrants; |
50
|
24 |
|
$this->limitRedirectUri = $limitRedirectUri; |
51
|
24 |
|
} |
52
|
|
|
|
53
|
|
|
/** |
54
|
|
|
* Check if clients are limited to grants. |
55
|
|
|
* |
56
|
|
|
* @return bool |
57
|
|
|
*/ |
58
|
6 |
|
public function areClientsLimitedToGrants() |
59
|
|
|
{ |
60
|
6 |
|
return $this->limitClientsToGrants; |
61
|
|
|
} |
62
|
|
|
|
63
|
|
|
/** |
64
|
|
|
* Whether or not to limit clients to grants. |
65
|
|
|
* |
66
|
|
|
* @param bool $limit |
67
|
|
|
*/ |
68
|
6 |
|
public function limitClientsToGrants($limit = false) |
69
|
|
|
{ |
70
|
6 |
|
$this->limitClientsToGrants = $limit; |
71
|
6 |
|
} |
72
|
|
|
|
73
|
|
|
/** |
74
|
|
|
* Get the client. |
75
|
|
|
* |
76
|
|
|
* @param string $clientId |
77
|
|
|
* @param string $clientSecret |
|
|
|
|
78
|
|
|
* @param string $redirectUri |
|
|
|
|
79
|
|
|
* @param string $grantType |
|
|
|
|
80
|
|
|
* |
81
|
|
|
* @return null|\League\OAuth2\Server\Entity\ClientEntity |
82
|
|
|
*/ |
83
|
18 |
|
public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) |
84
|
|
|
{ |
85
|
18 |
|
$query = null; |
86
|
|
|
|
87
|
18 |
|
if (!$this->limitRedirectUri === false && !is_null($redirectUri) && is_null($clientSecret)) { |
88
|
|
|
$query = $this->getConnection()->table('oauth_clients') |
89
|
|
|
->select( |
90
|
|
|
'oauth_clients.id as id', |
91
|
|
|
'oauth_clients.secret as secret', |
92
|
|
|
'oauth_client_endpoints.redirect_uri as redirect_uri', |
93
|
|
|
'oauth_clients.name as name') |
94
|
|
|
->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') |
95
|
|
|
->where('oauth_clients.id', $clientId) |
96
|
|
|
->where('oauth_client_endpoints.redirect_uri', $redirectUri); |
97
|
18 |
|
} elseif (!is_null($redirectUri) && is_null($clientSecret)) { |
98
|
6 |
|
$query = $this->getConnection()->table('oauth_clients') |
99
|
6 |
|
->select( |
100
|
6 |
|
'oauth_clients.id as id', |
101
|
6 |
|
'oauth_clients.secret as secret', |
102
|
6 |
|
'oauth_clients.name as name') |
103
|
6 |
|
->where('oauth_clients.id', $clientId); |
104
|
18 |
View Code Duplication |
} elseif (!is_null($clientSecret) && is_null($redirectUri)) { |
|
|
|
|
105
|
6 |
|
$query = $this->getConnection()->table('oauth_clients') |
106
|
6 |
|
->select( |
107
|
6 |
|
'oauth_clients.id as id', |
108
|
6 |
|
'oauth_clients.secret as secret', |
109
|
6 |
|
'oauth_clients.name as name') |
110
|
6 |
|
->where('oauth_clients.id', $clientId) |
111
|
6 |
|
->where('oauth_clients.secret', $clientSecret); |
112
|
15 |
|
} elseif ($this->limitRedirectUri === true && !is_null($clientSecret) && !is_null($redirectUri)) { |
113
|
|
|
$query = $this->getConnection()->table('oauth_clients') |
114
|
|
|
->select( |
115
|
|
|
'oauth_clients.id as id', |
116
|
|
|
'oauth_clients.secret as secret', |
117
|
|
|
'oauth_client_endpoints.redirect_uri as redirect_uri', |
118
|
|
|
'oauth_clients.name as name') |
119
|
|
|
->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') |
120
|
|
|
->where('oauth_clients.id', $clientId) |
121
|
|
|
->where('oauth_clients.secret', $clientSecret) |
122
|
|
|
->where('oauth_client_endpoints.redirect_uri', $redirectUri); |
123
|
12 |
View Code Duplication |
} elseif (!is_null($clientSecret) && !is_null($redirectUri)) { |
|
|
|
|
124
|
12 |
|
$query = $this->getConnection()->table('oauth_clients') |
125
|
12 |
|
->select( |
126
|
12 |
|
'oauth_clients.id as id', |
127
|
12 |
|
'oauth_clients.secret as secret', |
128
|
12 |
|
'oauth_clients.name as name') |
129
|
12 |
|
->where('oauth_clients.id', $clientId) |
130
|
12 |
|
->where('oauth_clients.secret', $clientSecret); |
131
|
12 |
|
} |
132
|
|
|
|
133
|
18 |
|
if ($this->limitClientsToGrants === true && !is_null($grantType)) { |
134
|
6 |
|
$query = $query->join('oauth_client_grants', 'oauth_clients.id', '=', 'oauth_client_grants.client_id') |
135
|
6 |
|
->join('oauth_grants', 'oauth_grants.id', '=', 'oauth_client_grants.grant_id') |
136
|
6 |
|
->where('oauth_grants.id', $grantType); |
137
|
6 |
|
} |
138
|
|
|
|
139
|
18 |
|
$result = $query->first(); |
140
|
|
|
|
141
|
18 |
|
if (is_null($result)) { |
142
|
6 |
|
return; |
143
|
|
|
} |
144
|
|
|
|
145
|
|
|
//populate redirect_uri in case where it is not in DB |
146
|
12 |
|
if (!$this->limitRedirectUri){ |
147
|
12 |
|
$result->redirect_uri = 'not required'; |
148
|
12 |
|
} |
149
|
|
|
|
150
|
|
|
|
151
|
12 |
|
return $this->hydrateEntity($result); |
152
|
|
|
} |
153
|
|
|
|
154
|
|
|
/** |
155
|
|
|
* Get the client associated with a session. |
156
|
|
|
* |
157
|
|
|
* @param \League\OAuth2\Server\Entity\SessionEntity $session The session |
158
|
|
|
* |
159
|
|
|
* @return null|\League\OAuth2\Server\Entity\ClientEntity |
160
|
|
|
*/ |
161
|
6 |
|
public function getBySession(SessionEntity $session) |
162
|
|
|
{ |
163
|
6 |
|
$result = $this->getConnection()->table('oauth_clients') |
164
|
6 |
|
->select( |
165
|
6 |
|
'oauth_clients.id as id', |
166
|
6 |
|
'oauth_clients.secret as secret', |
167
|
6 |
|
'oauth_clients.name as name') |
168
|
6 |
|
->join('oauth_sessions', 'oauth_sessions.client_id', '=', 'oauth_clients.id') |
169
|
6 |
|
->where('oauth_sessions.id', '=', $session->getId()) |
170
|
6 |
|
->first(); |
171
|
|
|
|
172
|
6 |
|
if (is_null($result)) { |
173
|
3 |
|
return; |
174
|
|
|
} |
175
|
|
|
|
176
|
3 |
|
return $this->hydrateEntity($result); |
177
|
|
|
} |
178
|
|
|
|
179
|
|
|
/** |
180
|
|
|
* Create a new client. |
181
|
|
|
* |
182
|
|
|
* @param string $name The client's unique name |
183
|
|
|
* @param string $id The client's unique id |
184
|
|
|
* @param string $secret The clients' unique secret |
185
|
|
|
* |
186
|
|
|
* @return string |
|
|
|
|
187
|
|
|
*/ |
188
|
|
|
public function create($name, $id, $secret) |
189
|
|
|
{ |
190
|
|
|
return $this->getConnection()->table('oauth_clients')->insertGetId([ |
191
|
|
|
'id' => $id, |
192
|
|
|
'name' => $name, |
193
|
|
|
'secret' => $secret, |
194
|
|
|
'created_at' => Carbon::now(), |
195
|
|
|
'updated_at' => Carbon::now(), |
196
|
|
|
]); |
197
|
|
|
} |
198
|
|
|
|
199
|
|
|
/** |
200
|
|
|
* Hydrate the entity. |
201
|
|
|
* |
202
|
|
|
* @param $result |
203
|
|
|
* |
204
|
|
|
* @return \League\OAuth2\Server\Entity\ClientEntity |
205
|
|
|
*/ |
206
|
15 |
|
protected function hydrateEntity($result) |
207
|
|
|
{ |
208
|
15 |
|
$client = new ClientEntity($this->getServer()); |
209
|
15 |
|
$client->hydrate([ |
210
|
15 |
|
'id' => $result->id, |
211
|
15 |
|
'name' => $result->name, |
212
|
15 |
|
'secret' => $result->secret, |
213
|
15 |
|
'redirectUri' => (isset($result->redirect_uri) ? $result->redirect_uri : null), |
214
|
15 |
|
]); |
215
|
|
|
|
216
|
15 |
|
return $client; |
217
|
|
|
} |
218
|
|
|
} |
219
|
|
|
|
This check looks for
@param
annotations where the type inferred by our type inference engine differs from the declared type.It makes a suggestion as to what type it considers more descriptive.
Most often this is a case of a parameter that can be null in addition to its declared types.