| 1 |  |  | <?php | 
            
                                                                                                            
                            
            
                                    
            
            
                | 2 |  |  | /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 3 |  |  |  * @package     Redcore | 
            
                                                                                                            
                            
            
                                    
            
            
                | 4 |  |  |  * @subpackage  Api | 
            
                                                                                                            
                            
            
                                    
            
            
                | 5 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 6 |  |  |  * @copyright   Copyright (C) 2008 - 2020 redWEB.dk. All rights reserved. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 7 |  |  |  * @license     GNU General Public License version 2 or later, see LICENSE. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 8 |  |  |  */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 9 |  |  | namespace OAuth2\Storage; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 10 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 11 |  |  | defined('JPATH_REDCORE') or die; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 12 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 13 |  |  | /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 14 |  |  |  * Extended PDO storage for all storage types | 
            
                                                                                                            
                            
            
                                    
            
            
                | 15 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 16 |  |  |  * @since  1.2 | 
            
                                                                                                            
                            
            
                                    
            
            
                | 17 |  |  |  */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 18 |  |  | class Pdoredcore extends Pdo | 
            
                                                                                                            
                            
            
                                    
            
            
                | 19 |  |  | { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 20 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 21 |  |  | 	 * Grant access tokens for basic user credentials. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 22 |  |  | 	 * Check the supplied username and password for validity. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 23 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 24 |  |  | 	 * You can also use the $client_id param to do any checks required based | 
            
                                                                                                            
                            
            
                                    
            
            
                | 25 |  |  | 	 * on a client, if you need that. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 26 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 27 |  |  | 	 * Required for OAuth2::GRANT_TYPE_USER_CREDENTIALS. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 28 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 29 |  |  | 	 * @param   string  $username  Username to be check with. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 30 |  |  | 	 * @param   string  $password  Password to be check with. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 31 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 32 |  |  | 	 * @return boolean  TRUE if the username and password are valid, and FALSE if it isn't. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 33 |  |  | 	 * Moreover, if the username and password are valid, and you want to | 
            
                                                                                                            
                            
            
                                    
            
            
                | 34 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 35 |  |  | 	 * @see http://tools.ietf.org/html/rfc6749#section-4.3 | 
            
                                                                                                            
                            
            
                                    
            
            
                | 36 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 37 |  |  | 	 * @ingroup oauth2_section_4 | 
            
                                                                                                            
                            
            
                                    
            
            
                | 38 |  |  | 	 */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 39 |  |  | 	public function checkUserCredentials($username, $password) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 40 |  |  | 	{ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 41 |  |  | 		$credentials = array('username' => $username, 'password' => $password); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 42 |  |  | 		$response = \RUser::userLogin($credentials); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 43 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 44 |  |  | 		return $response; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 45 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 46 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 47 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 48 |  |  | 	 * Gets user details | 
            
                                                                                                            
                            
            
                                    
            
            
                | 49 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 50 |  |  | 	 * @param   string  $username  Username to be check with. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 51 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 52 |  |  | 	 * @return  array  The associated "user_id" and optional "scope" values. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 53 |  |  | 	 * This function MUST return FALSE if the requested user does not exist or is | 
            
                                                                                                            
                            
            
                                    
            
            
                | 54 |  |  | 	 * invalid. "scope" is a space-separated list of restricted scopes. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 55 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 56 |  |  | 	 * @code | 
            
                                                                                                            
                            
            
                                    
            
            
                | 57 |  |  | 	 * return array( | 
            
                                                                                                            
                            
            
                                    
            
            
                | 58 |  |  | 	 *     "user_id"  => USER_ID,    // REQUIRED user_id to be stored with the authorization code or access token | 
            
                                                                                                            
                            
            
                                    
            
            
                | 59 |  |  | 	 *     "scope"    => SCOPE       // OPTIONAL space-separated list of restricted scopes | 
            
                                                                                                            
                            
            
                                    
            
            
                | 60 |  |  | 	 * ); | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 61 |  |  | 	 */ | 
            
                                                                        
                            
            
                                    
            
            
                | 62 |  |  | 	public function getUserDetails($username) | 
            
                                                                        
                            
            
                                    
            
            
                | 63 |  |  | 	{ | 
            
                                                                        
                            
            
                                    
            
            
                | 64 |  |  | 		$user = \JFactory::getUser(); | 
            
                                                                        
                            
            
                                    
            
            
                | 65 |  |  | 		$request = \OAuth2\Request::createFromGlobals(); | 
            
                                                                        
                            
            
                                    
            
            
                | 66 |  |  |  | 
            
                                                                        
                            
            
                                    
            
            
                | 67 |  |  | 		// We load scopes from client | 
            
                                                                        
                            
            
                                    
            
            
                | 68 |  |  | 		$clientId = $request->request('client_id'); | 
            
                                                                        
                            
            
                                    
            
            
                | 69 |  |  | 		$scopes = $this->getClientScope($clientId); | 
            
                                                                        
                            
            
                                    
            
            
                | 70 |  |  |  | 
            
                                                                        
                            
            
                                    
            
            
                | 71 |  |  | 		return array ( | 
            
                                                                        
                            
            
                                    
            
            
                | 72 |  |  | 			"user_id"   => $user->get('id'), | 
            
                                                                        
                            
            
                                    
            
            
                | 73 |  |  | 			"username"  => $user->get('username'), | 
            
                                                                        
                            
            
                                    
            
            
                | 74 |  |  | 			"name"      => $user->get('name'), | 
            
                                                                        
                            
            
                                    
            
            
                | 75 |  |  | 			"scope"     => $scopes, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 76 |  |  | 		); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 77 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 78 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 79 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 80 |  |  | 	 * @param   string  $clientId  Client id | 
            
                                                                                                            
                            
            
                                    
            
            
                | 81 |  |  | 	 * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 82 |  |  | 	 * @return boolean | 
            
                                                                                                            
                            
            
                                    
            
            
                | 83 |  |  | 	 */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 84 |  |  | 	public function isPublicClient($clientId) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 85 |  |  | 	{ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 86 |  |  | 		$stmt = $this->db->prepare(sprintf('SELECT * from %s where client_id = :clientId', $this->config['client_table'])); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 87 |  |  | 		$stmt->execute(compact('clientId')); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 88 |  |  | 		$result = $stmt->fetch(\PDO::FETCH_ASSOC); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 89 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 90 |  |  | 		return !empty($result['client_type']) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 91 |  |  | 			&& $result['client_type'] === 'public'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 92 |  |  | 	} | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 93 |  |  | } | 
            
                                                        
            
                                    
            
            
                | 94 |  |  |  |