Skip to content
Snippets Groups Projects
Verified Commit 568e87ca authored by Andrej Ramašeuski's avatar Andrej Ramašeuski
Browse files

Initial commit

parents
No related branches found
No related tags found
No related merge requests found
<?php
namespace OAuth\OAuth2\Service;
use OAuth\OAuth2\Token\StdOAuth2Token;
use OAuth\Common\Http\Exception\TokenResponseException;
use OAuth\Common\Http\Uri\Uri;
use OAuth\Common\Consumer\CredentialsInterface;
use OAuth\Common\Http\Client\ClientInterface;
use OAuth\Common\Storage\TokenStorageInterface;
use OAuth\Common\Http\Uri\UriInterface;
class Pirati extends AbstractService
{
const SCOPE_OPENID = 'openid';
const SCOPE_EMAIL = 'email';
public function __construct(
CredentialsInterface $credentials,
ClientInterface $httpClient,
TokenStorageInterface $storage,
$scopes = array(),
UriInterface $baseApiUri = null
) {
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
if (null === $baseApiUri) {
$this->baseApiUri = new Uri('https://auth.pirati.cz/auth/realms/pirati/');
}
}
public function getAuthorizationUri(array $additionalParameters = array())
{
$parameters = array_merge(
$additionalParameters,
array(
//'type' => 'web_server',
'client_id' => $this->credentials->getConsumerId(),
'redirect_uri' => $this->credentials->getCallbackUrl(),
'response_type' => 'code',
'scope' => 'openid email', // do not mention basic.
)
);
if (!isset($parameters['state'])) {
$parameters['state'] = $this->generateAuthorizationState();
}
$this->storeAuthorizationState($parameters['state']);
// Build the url
$url = clone $this->getAuthorizationEndpoint();
foreach ($parameters as $key => $val) {
$url->addToQuery($key, $val);
}
return $url;
}
/**
* {@inheritdoc}
*/
public function getAuthorizationEndpoint()
{
return new Uri('https://auth.pirati.cz/auth/realms/pirati/protocol/openid-connect/auth');
}
/**
* {@inheritdoc}
*/
public function getAccessTokenEndpoint()
{
return new Uri('https://auth.pirati.cz/auth/realms/pirati/protocol/openid-connect/token');
}
/**
* {@inheritdoc}
*/
protected function getAuthorizationMethod()
{
return static::AUTHORIZATION_METHOD_HEADER_BEARER;
}
/**
* {@inheritdoc}
*/
protected function parseAccessTokenResponse($responseBody)
{
$data = json_decode($responseBody, true);
if (null === $data || !is_array($data)) {
throw new TokenResponseException('Unable to parse response.');
} elseif (isset($data['message'])) {
throw new TokenResponseException('Error in retrieving token: "' . $data['message'] . '"');
} elseif (isset($data['name'])) {
throw new TokenResponseException('Error in retrieving token: "' . $data['name'] . '"');
}
$token = new StdOAuth2Token();
$token->setAccessToken($data['access_token']);
$token->setLifeTime($data['expires_in']);
if (isset($data['refresh_token'])) {
$token->setRefreshToken($data['refresh_token']);
unset($data['refresh_token']);
}
unset($data['access_token']);
unset($data['expires_in']);
$token->setExtraParams($data);
return $token;
}
/**
* {@inheritdoc}
*/
public function requestAccessToken($code, $state = null)
{
if (null !== $state) {
$this->validateAuthorizationState($state);
}
$bodyParams = array(
'code' => $code,
'client_id' => $this->credentials->getConsumerId(),
'client_secret' => $this->credentials->getConsumerSecret(),
'redirect_uri' => $this->credentials->getCallbackUrl(),
'grant_type' => 'authorization_code',
);
$responseBody = $this->httpClient->retrieveResponse(
$this->getAccessTokenEndpoint(),
$bodyParams,
$this->getExtraOAuthHeaders()
);
$token = $this->parseAccessTokenResponse($responseBody);
$this->storage->storeAccessToken($this->service(), $token);
return $token;
}
}
# Pirátská identita OAuth2 extension
## Install
1. Download the latest release.
2. Unzip the downloaded release, and copy to your phpbb `ext` folder. (The files should now be located unter ./ext/pirati/pitid/)
3. Copy `Pirati.php` to `vendor/lusitanian/oauth/src/OAuth/OAuth2/Service`
4. Navigate in the ACP to `Customise -> Manage extensions`.
5. Look for `Piratska Identita (Auth Extension)` under the Disabled Extensions list, and click its `Enable` link.
## Uninstall
1. Navigate in the ACP to `Customise -> Extension Management -> Extensions`.
2. Look for `Piratska Identita (Auth Extension)` under the Enabled Extensions list, and click its `Disable` link.
3. To permanently uninstall, click `Delete Data` and then delete the `./ext/pirati/pitid/` folder.
## License
[GNU General Public License v2](http://opensource.org/licenses/GPL-2.0)
{
"name": "pirates/pirid",
"type": "phpbb-extension",
"description": "Piratska Identita (Auth Extension)",
"homepage": "https://gitlab.pirati.cz/to/phpbb-oauth2-pirati/",
"version": "0.1.0",
"time": "2022-09-10",
"keywords": ["phpbb", "extension", "pirati", "sso"],
"license": "GPL-2.0-only",
"authors": [
{
"name": "Andrej Ramaszeuski",
"email": "andrej.ramaseuski@pirati.cz",
"homepage": "https://gitlab.pirati.cz/ramaseuski",
"role": "System Administrator"
}
],
"require": {
"php": ">=5.4.0",
"composer/installers": "~1.0"
},
"require-dev": {
"phpbb/epv": "dev-master"
},
"extra": {
"display-name": "Piratska Identita (Auth Extension)",
"soft-require": {
"phpbb/phpbb": "~3.2"
}
}
}
services:
auth.provider.oauth.service.pirati:
class: pirates\pirid\pirati
arguments:
- '@config'
- '@request'
tags:
- { name: auth.provider.oauth.service }
<?php
if (!defined('IN_PHPBB'))
{
exit;
}
if (empty($lang) || !is_array($lang))
{
$lang = array();
}
$lang = array_merge($lang, array(
'AUTH_PROVIDER_OAUTH_SERVICE_PIRATI' => 'Pirátská identita',
));
<?php
if (!defined('IN_PHPBB'))
{
exit;
}
if (empty($lang) || !is_array($lang))
{
$lang = array();
}
$lang = array_merge($lang, array(
'AUTH_PROVIDER_OAUTH_SERVICE_PIRATI' => 'Pirátská identita',
));
<?php
if (!defined('IN_PHPBB'))
{
exit;
}
if (empty($lang) || !is_array($lang))
{
$lang = array();
}
$lang = array_merge($lang, array(
'AUTH_PROVIDER_OAUTH_SERVICE_PIRATI' => 'Pirate identity',
));
<?php
if (!defined('IN_PHPBB'))
{
exit;
}
if (empty($lang) || !is_array($lang))
{
$lang = array();
}
$lang = array_merge($lang, array(
'AUTH_PROVIDER_OAUTH_SERVICE_PIRATI' => 'Pirate identity',
));
<?php
/**
*
* This file is not a part of the phpBB Forum Software package.
*
* @copyleft (c) Czech Pirates Party <https://www.pirati.cz>
* @license GNU General Public License, version 2 (GPL-2.0)
*
*/
namespace pirates\pirid;
/**
* Pirati OAuth service
*/
class pirati extends \phpbb\auth\provider\oauth\service\base
{
/**
* phpBB config
*
* @var \phpbb\config\config
*/
protected $config;
/**
* phpBB request
*
* @var \phpbb\request\request_interface
*/
protected $request;
/**
* Constructor
*
* @param \phpbb\config\config $config
* @param \phpbb\request\request_interface $request
*/
public function __construct(\phpbb\config\config $config, \phpbb\request\request_interface $request)
{
$this->config = $config;
$this->request = $request;
global $phpbb_container;
$language = $phpbb_container->get('language');
$language->add_lang(array('common', 'acp/common'), 'pirates/pirid');
}
public function get_external_service_class()
{
return 'Pirati';
}
/**
* {@inheritdoc}
*/
public function get_auth_scope()
{
return [
'openid',
'email',
];
}
/**
* {@inheritdoc}
*/
public function get_service_credentials()
{
return array(
'key' => $this->config['auth_oauth_pirid_key'],
'secret' => $this->config['auth_oauth_pirid_secret'],
);
}
/**
* {@inheritdoc}
*/
public function perform_auth_login()
{
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Pirati))
{
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
}
try
{
// This was a callback request, get the token
$this->service_provider->requestAccessToken($this->request->variable('code', ''));
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
{
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
try
{
// Send a request with it
$result = (array) json_decode($this->service_provider->request('protocol/openid-connect/userinfo'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Prevent SQL error
if (!isset($result['preferred_username']))
{
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_RETURN_ERROR');
}
return $result['sub'];
}
/**
* {@inheritdoc}
*/
public function perform_token_auth()
{
if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Pirati))
{
throw new \phpbb\auth\provider\oauth\service\exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');
}
try
{
// Send a request with it
$result = (array) json_decode($this->service_provider->request('protocol/openid-connect/userinfo'), true);
}
catch (\OAuth\Common\Exception\Exception $e)
{
throw new exception('AUTH_PROVIDER_OAUTH_ERROR_REQUEST');
}
// Prevent SQL error
if (!isset($result['preferred_username']))
{
throw new exception('AUTH_PROVIDER_OAUTH_RETURN_ERROR');
}
return $result['sub'];
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment