aboutsummaryrefslogtreecommitdiffstats
path: root/library/oauth2/src/OAuth2/Storage/Redis.php
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2017-08-16 10:32:35 +0200
committerMario Vavti <mario@mariovavti.com>2017-08-16 10:32:35 +0200
commit4a7384bc0ce1893a432bf4b7d67bca23796fe9db (patch)
tree5623c66a3f66445284529d6207e4ab4a2edb2810 /library/oauth2/src/OAuth2/Storage/Redis.php
parentc664a4bdcd1bd578f5ec3c2884f7c97e9f68d2d7 (diff)
parent90bc21f2d560d879d7eaf05a85af6d6dca53ebac (diff)
downloadvolse-hubzilla-4a7384bc0ce1893a432bf4b7d67bca23796fe9db.tar.gz
volse-hubzilla-4a7384bc0ce1893a432bf4b7d67bca23796fe9db.tar.bz2
volse-hubzilla-4a7384bc0ce1893a432bf4b7d67bca23796fe9db.zip
Merge branch '2.6RC'2.6
Diffstat (limited to 'library/oauth2/src/OAuth2/Storage/Redis.php')
-rw-r--r--library/oauth2/src/OAuth2/Storage/Redis.php321
1 files changed, 0 insertions, 321 deletions
diff --git a/library/oauth2/src/OAuth2/Storage/Redis.php b/library/oauth2/src/OAuth2/Storage/Redis.php
deleted file mode 100644
index e6294e22d..000000000
--- a/library/oauth2/src/OAuth2/Storage/Redis.php
+++ /dev/null
@@ -1,321 +0,0 @@
-<?php
-
-namespace OAuth2\Storage;
-
-use OAuth2\OpenID\Storage\AuthorizationCodeInterface as OpenIDAuthorizationCodeInterface;
-
-/**
- * redis storage for all storage types
- *
- * To use, install "predis/predis" via composer
- *
- * Register client:
- * <code>
- * $storage = new OAuth2\Storage\Redis($redis);
- * $storage->setClientDetails($client_id, $client_secret, $redirect_uri);
- * </code>
- */
-class Redis implements AuthorizationCodeInterface,
- AccessTokenInterface,
- ClientCredentialsInterface,
- UserCredentialsInterface,
- RefreshTokenInterface,
- JwtBearerInterface,
- ScopeInterface,
- OpenIDAuthorizationCodeInterface
-{
-
- private $cache;
-
- /* The redis client */
- protected $redis;
-
- /* Configuration array */
- protected $config;
-
- /**
- * Redis Storage!
- *
- * @param \Predis\Client $redis
- * @param array $config
- */
- public function __construct($redis, $config=array())
- {
- $this->redis = $redis;
- $this->config = array_merge(array(
- 'client_key' => 'oauth_clients:',
- 'access_token_key' => 'oauth_access_tokens:',
- 'refresh_token_key' => 'oauth_refresh_tokens:',
- 'code_key' => 'oauth_authorization_codes:',
- 'user_key' => 'oauth_users:',
- 'jwt_key' => 'oauth_jwt:',
- 'scope_key' => 'oauth_scopes:',
- ), $config);
- }
-
- protected function getValue($key)
- {
- if ( isset($this->cache[$key]) ) {
- return $this->cache[$key];
- }
- $value = $this->redis->get($key);
- if ( isset($value) ) {
- return json_decode($value, true);
- } else {
- return false;
- }
- }
-
- protected function setValue($key, $value, $expire=0)
- {
- $this->cache[$key] = $value;
- $str = json_encode($value);
- if ($expire > 0) {
- $seconds = $expire - time();
- $ret = $this->redis->setex($key, $seconds, $str);
- } else {
- $ret = $this->redis->set($key, $str);
- }
-
- // check that the key was set properly
- // if this fails, an exception will usually thrown, so this step isn't strictly necessary
- return is_bool($ret) ? $ret : $ret->getPayload() == 'OK';
- }
-
- protected function expireValue($key)
- {
- unset($this->cache[$key]);
-
- return $this->redis->del($key);
- }
-
- /* AuthorizationCodeInterface */
- public function getAuthorizationCode($code)
- {
- return $this->getValue($this->config['code_key'] . $code);
- }
-
- public function setAuthorizationCode($authorization_code, $client_id, $user_id, $redirect_uri, $expires, $scope = null, $id_token = null)
- {
- return $this->setValue(
- $this->config['code_key'] . $authorization_code,
- compact('authorization_code', 'client_id', 'user_id', 'redirect_uri', 'expires', 'scope', 'id_token'),
- $expires
- );
- }
-
- public function expireAuthorizationCode($code)
- {
- $key = $this->config['code_key'] . $code;
- unset($this->cache[$key]);
-
- return $this->expireValue($key);
- }
-
- /* UserCredentialsInterface */
- public function checkUserCredentials($username, $password)
- {
- $user = $this->getUserDetails($username);
-
- return $user && $user['password'] === $password;
- }
-
- public function getUserDetails($username)
- {
- return $this->getUser($username);
- }
-
- public function getUser($username)
- {
- if (!$userInfo = $this->getValue($this->config['user_key'] . $username)) {
- return false;
- }
-
- // the default behavior is to use "username" as the user_id
- return array_merge(array(
- 'user_id' => $username,
- ), $userInfo);
- }
-
- public function setUser($username, $password, $first_name = null, $last_name = null)
- {
- return $this->setValue(
- $this->config['user_key'] . $username,
- compact('username', 'password', 'first_name', 'last_name')
- );
- }
-
- /* ClientCredentialsInterface */
- public function checkClientCredentials($client_id, $client_secret = null)
- {
- if (!$client = $this->getClientDetails($client_id)) {
- return false;
- }
-
- return isset($client['client_secret'])
- && $client['client_secret'] == $client_secret;
- }
-
- public function isPublicClient($client_id)
- {
- if (!$client = $this->getClientDetails($client_id)) {
- return false;
- }
-
- return empty($client['client_secret']);
- }
-
- /* ClientInterface */
- public function getClientDetails($client_id)
- {
- return $this->getValue($this->config['client_key'] . $client_id);
- }
-
- public function setClientDetails($client_id, $client_secret = null, $redirect_uri = null, $grant_types = null, $scope = null, $user_id = null)
- {
- return $this->setValue(
- $this->config['client_key'] . $client_id,
- compact('client_id', 'client_secret', 'redirect_uri', 'grant_types', 'scope', 'user_id')
- );
- }
-
- public function checkRestrictedGrantType($client_id, $grant_type)
- {
- $details = $this->getClientDetails($client_id);
- if (isset($details['grant_types'])) {
- $grant_types = explode(' ', $details['grant_types']);
-
- return in_array($grant_type, (array) $grant_types);
- }
-
- // if grant_types are not defined, then none are restricted
- return true;
- }
-
- /* RefreshTokenInterface */
- public function getRefreshToken($refresh_token)
- {
- return $this->getValue($this->config['refresh_token_key'] . $refresh_token);
- }
-
- public function setRefreshToken($refresh_token, $client_id, $user_id, $expires, $scope = null)
- {
- return $this->setValue(
- $this->config['refresh_token_key'] . $refresh_token,
- compact('refresh_token', 'client_id', 'user_id', 'expires', 'scope'),
- $expires
- );
- }
-
- public function unsetRefreshToken($refresh_token)
- {
- $result = $this->expireValue($this->config['refresh_token_key'] . $refresh_token);
-
- return $result > 0;
- }
-
- /* AccessTokenInterface */
- public function getAccessToken($access_token)
- {
- return $this->getValue($this->config['access_token_key'].$access_token);
- }
-
- public function setAccessToken($access_token, $client_id, $user_id, $expires, $scope = null)
- {
- return $this->setValue(
- $this->config['access_token_key'].$access_token,
- compact('access_token', 'client_id', 'user_id', 'expires', 'scope'),
- $expires
- );
- }
-
- public function unsetAccessToken($access_token)
- {
- $result = $this->expireValue($this->config['access_token_key'] . $access_token);
-
- return $result > 0;
- }
-
- /* ScopeInterface */
- public function scopeExists($scope)
- {
- $scope = explode(' ', $scope);
-
- $result = $this->getValue($this->config['scope_key'].'supported:global');
-
- $supportedScope = explode(' ', (string) $result);
-
- return (count(array_diff($scope, $supportedScope)) == 0);
- }
-
- public function getDefaultScope($client_id = null)
- {
- if (is_null($client_id) || !$result = $this->getValue($this->config['scope_key'].'default:'.$client_id)) {
- $result = $this->getValue($this->config['scope_key'].'default:global');
- }
-
- return $result;
- }
-
- public function setScope($scope, $client_id = null, $type = 'supported')
- {
- if (!in_array($type, array('default', 'supported'))) {
- throw new \InvalidArgumentException('"$type" must be one of "default", "supported"');
- }
-
- if (is_null($client_id)) {
- $key = $this->config['scope_key'].$type.':global';
- } else {
- $key = $this->config['scope_key'].$type.':'.$client_id;
- }
-
- return $this->setValue($key, $scope);
- }
-
- /*JWTBearerInterface */
- public function getClientKey($client_id, $subject)
- {
- if (!$jwt = $this->getValue($this->config['jwt_key'] . $client_id)) {
- return false;
- }
-
- if (isset($jwt['subject']) && $jwt['subject'] == $subject) {
- return $jwt['key'];
- }
-
- return null;
- }
-
- public function setClientKey($client_id, $key, $subject = null)
- {
- return $this->setValue($this->config['jwt_key'] . $client_id, array(
- 'key' => $key,
- 'subject' => $subject
- ));
- }
-
- public function getClientScope($client_id)
- {
- if (!$clientDetails = $this->getClientDetails($client_id)) {
- return false;
- }
-
- if (isset($clientDetails['scope'])) {
- return $clientDetails['scope'];
- }
-
- return null;
- }
-
- public function getJti($client_id, $subject, $audience, $expiration, $jti)
- {
- //TODO: Needs redis implementation.
- throw new \Exception('getJti() for the Redis driver is currently unimplemented.');
- }
-
- public function setJti($client_id, $subject, $audience, $expiration, $jti)
- {
- //TODO: Needs redis implementation.
- throw new \Exception('setJti() for the Redis driver is currently unimplemented.');
- }
-}