Lots of fixes

This commit is contained in:
Alex Bilbie 2012-08-20 15:09:33 +01:00
parent ed3238b862
commit 6fdb6177bc

View File

@ -9,6 +9,12 @@ class OAuthResourceServerException extends \Exception
class Server class Server
{ {
/**
* Reference to the database abstractor
* @var object
*/
private $_db = null;
/** /**
* The access token. * The access token.
* @access private * @access private
@ -37,10 +43,22 @@ class Server
* Server configuration * Server configuration
* @var array * @var array
*/ */
private $config = array( private $_config = array(
'token_key' => 'oauth_token' 'token_key' => 'oauth_token'
); );
/**
* Error codes.
*
* To provide i8ln errors just overwrite the keys
*
* @var array
*/
public $errors = array(
'missing_access_token' => 'An access token was not presented with the request',
'invalid_access_token' => 'The access token is not registered with the resource server'
);
/** /**
* Constructor * Constructor
* *
@ -56,21 +74,22 @@ class Server
/** /**
* Magic method to test if access token represents a particular owner type * Magic method to test if access token represents a particular owner type
* @param [type] $method [description] * @param string $method The method name
* @param [type] $arguements [description] * @param mixed $arguements The method arguements
* @return [type] [description] * @return bool If method is valid, and access token is owned by the requested party then true,
*/ */
public function __call($method, $arguements) public function __call($method, $arguements = null)
{
if (substr($method, 0, 2) === 'is')
{
if ($this->_type === strtolower(substr($method, 2)))
{ {
if (substr($method, 0, 2) === 'is') {
if ($this->_type === strtolower(substr($method, 2))) {
return $this->_typeId; return $this->_typeId;
} }
return false; return false;
} }
trigger_error('Call to undefined function ' . $method . '()');
} }
/** /**
@ -82,7 +101,7 @@ class Server
*/ */
public function registerDbAbstractor($db) public function registerDbAbstractor($db)
{ {
$this->db = $db; $this->_db = $db;
} }
/** /**
@ -99,18 +118,18 @@ class Server
switch ($server['REQUEST_METHOD']) switch ($server['REQUEST_METHOD'])
{ {
case 'POST': case 'POST':
$accessToken = isset($_POST[$this->config['token_key']]) ? $_POST[$this->config['token_key']] : null; $accessToken = isset($_POST[$this->_config['token_key']]) ? $_POST[$this->_config['token_key']] : null;
break; break;
default: default:
$accessToken = isset($_GET[$this->config['token_key']]) ? $_GET[$this->config['token_key']] : null; $accessToken = isset($_GET[$this->_config['token_key']]) ? $_GET[$this->_config['token_key']] : null;
break; break;
} }
// Try and get an access token from the auth header // Try and get an access token from the auth header
$headers = getallheaders(); $headers = getallheaders();
if (isset($headers['Authorization'])) if (isset($headers['Authorization'])) {
{
$rawToken = trim(str_replace('Bearer', '', $headers['Authorization'])); $rawToken = trim(str_replace('Bearer', '', $headers['Authorization']));
if ( ! empty($rawToken)) if ( ! empty($rawToken))
{ {
@ -118,38 +137,29 @@ class Server
} }
} }
if ($accessToken) if ($accessToken) {
{
$sessionQuery = $this->ci->db->get_where('oauth_sessions', array('access_token' => $accessToken, 'stage' => 'granted'));
if ($session_query->num_rows() === 1) $result = $this->_dbCall('validateAccessToken', array($accessToken));
{
$session = $session_query->row();
$this->_accessToken = $session->access_token;
$this->_type = $session->type;
$this->_typeId = $session->type_id;
$scopes_query = $this->ci->db->get_where('oauth_session_scopes', array('access_token' => $accessToken)); if ($result === false)
if ($scopes_query->num_rows() > 0)
{ {
foreach ($scopes_query->result() as $scope) throw new OAuthResourceServerException($this->errors['invalid_access_token']);
{
$this->_scopes[] = $scope->scope;
}
}
} }
else else
{ {
$this->ci->output->set_status_header(403); $this->_accessToken = $accessToken;
$this->ci->output->set_output('Invalid access token'); $this->_type = $result['owner_type'];
} $this->_typeId = $result['owner_id'];
// Get the scopes
$this->_scopes = $this->_dbCall('sessionScopes', array($result['id']));
} }
else } else {
{
$this->ci->output->set_status_header(403); throw new OAuthResourceServerException($this->errors['missing_access_token']);
$this->ci->output->set_output('Missing access token');
} }
} }
@ -194,13 +204,13 @@ class Server
* *
* @return mixed The query result * @return mixed The query result
*/ */
private function dbcall() private function _dbCall()
{ {
if ($this->db === null) { if ($this->_db === null) {
throw new OAuthResourceServerException('No registered database abstractor'); throw new OAuthResourceServerException('No registered database abstractor');
} }
if ( ! $this->db instanceof Database) { if ( ! $this->_db instanceof Database) {
throw new OAuthResourceServerException('Registered database abstractor is not an instance of Oauth2\Resource\Database'); throw new OAuthResourceServerException('Registered database abstractor is not an instance of Oauth2\Resource\Database');
} }
@ -209,6 +219,6 @@ class Server
unset($args[0]); unset($args[0]);
$params = array_values($args); $params = array_values($args);
return call_user_func_array(array($this->db, $method), $args); return call_user_func_array(array($this->_db, $method), $args);
} }
} }