129 lines
3.5 KiB
PHP
129 lines
3.5 KiB
PHP
<?php
|
|
|
|
namespace Zotlabs\Identity;
|
|
|
|
|
|
class OAuth2Storage extends \OAuth2\Storage\Pdo {
|
|
|
|
/**
|
|
* @param string $username
|
|
* @param string $password
|
|
* @return bool
|
|
*/
|
|
public function checkUserCredentials($username, $password)
|
|
{
|
|
if ($user = $this->getUser($username)) {
|
|
return $this->checkPassword($user, $password);
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* @param string $username
|
|
* @return array|bool
|
|
*/
|
|
public function getUserDetails($username)
|
|
{
|
|
return $this->getUser($username);
|
|
}
|
|
|
|
|
|
/**
|
|
*
|
|
* @param array $user
|
|
* @param string $password
|
|
* @return bool
|
|
*/
|
|
protected function checkPassword($user, $password)
|
|
{
|
|
|
|
$x = account_verify_password($user,$password);
|
|
return((array_key_exists('channel',$x) && ! empty($x['channel'])) ? true : false);
|
|
|
|
}
|
|
|
|
/**
|
|
* @param string $username
|
|
* @return array|bool
|
|
*/
|
|
public function getUser($username)
|
|
{
|
|
|
|
$x = channelx_by_n($username);
|
|
if(! $x) {
|
|
return false;
|
|
}
|
|
|
|
return( [
|
|
'webbie' => $x['channel_address'].'@'.\App::get_hostname(),
|
|
'zothash' => $x['channel_hash'],
|
|
'username' => $x['channel_address'],
|
|
'user_id' => $x['channel_id'],
|
|
'name' => $x['channel_name'],
|
|
'firstName' => $x['channel_name'],
|
|
'lastName' => '',
|
|
'password' => 'NotARealPassword'
|
|
] );
|
|
}
|
|
|
|
public function scopeExists($scope) {
|
|
// Report that the scope is valid even if it's not.
|
|
// We will only return a very small subset no matter what.
|
|
// @TODO: Truly validate the scope
|
|
// see vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/ScopeInterface.php and
|
|
// vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
|
|
// for more info.
|
|
return true;
|
|
}
|
|
|
|
public function getDefaultScope($client_id=null) {
|
|
// Do not REQUIRE a scope
|
|
// see vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/ScopeInterface.php and
|
|
// for more info.
|
|
return null;
|
|
}
|
|
|
|
public function getUserClaims ($user_id, $claims) {
|
|
// Populate the CLAIMS requested (if any).
|
|
// @TODO: create a more reasonable/comprehensive list.
|
|
// @TODO: present claims on the AUTHORIZATION screen
|
|
|
|
$userClaims = Array();
|
|
$claims = explode (' ', trim($claims));
|
|
$validclaims = Array ("name","preferred_username","zothash");
|
|
$claimsmap = Array (
|
|
"zotwebbie" => 'webbie',
|
|
"zothash" => 'zothash',
|
|
"name" => 'name',
|
|
"preferred_username" => "username"
|
|
);
|
|
$userinfo = $this->getUser($user_id);
|
|
foreach ($validclaims as $validclaim) {
|
|
if (in_array($validclaim,$claims)) {
|
|
$claimkey = $claimsmap[$validclaim];
|
|
$userClaims[$validclaim] = $userinfo[$claimkey];
|
|
} else {
|
|
$userClaims[$validclaim] = $validclaim;
|
|
}
|
|
}
|
|
$userClaims["sub"]=$user_id;
|
|
return $userClaims;
|
|
}
|
|
|
|
/**
|
|
* plaintext passwords are bad! Override this for your application
|
|
*
|
|
* @param string $username
|
|
* @param string $password
|
|
* @param string $firstName
|
|
* @param string $lastName
|
|
* @return bool
|
|
*/
|
|
public function setUser($username, $password, $firstName = null, $lastName = null)
|
|
{
|
|
return true;
|
|
}
|
|
|
|
}
|