aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Identity
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Identity')
-rw-r--r--Zotlabs/Identity/OAuth2Server.php43
-rw-r--r--Zotlabs/Identity/OAuth2Storage.php81
2 files changed, 124 insertions, 0 deletions
diff --git a/Zotlabs/Identity/OAuth2Server.php b/Zotlabs/Identity/OAuth2Server.php
new file mode 100644
index 000000000..3d7d5efb2
--- /dev/null
+++ b/Zotlabs/Identity/OAuth2Server.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+class OAuth2Server {
+
+ public $server;
+
+ public function __construct() {
+
+ $storage = new OAuth2Storage(\DBA::$dba->db);
+
+ $config = [
+ 'use_openid_connect' => true,
+ 'issuer' => \Zotlabs\Lib\System::get_site_name()
+ ];
+
+ // Pass a storage object or array of storage objects to the OAuth2 server class
+ $this->server = new \OAuth2\Server($storage,$config);
+
+ // Add the "Client Credentials" grant type (it is the simplest of the grant types)
+ $this->server->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage));
+
+ // Add the "Authorization Code" grant type (this is where the oauth magic happens)
+ $this->server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage));
+
+ $keyStorage = new \OAuth2\Storage\Memory( [
+ 'keys' => [
+ 'public_key' => get_config('system','pubkey'),
+ 'private_key' => get_config('system','prvkey')
+ ]
+ ]);
+
+ $this->server->addStorage($keyStorage,'public_key');
+
+ }
+
+ public function get_server() {
+ return $this->server;
+ }
+
+
+} \ No newline at end of file
diff --git a/Zotlabs/Identity/OAuth2Storage.php b/Zotlabs/Identity/OAuth2Storage.php
new file mode 100644
index 000000000..bc6db565c
--- /dev/null
+++ b/Zotlabs/Identity/OAuth2Storage.php
@@ -0,0 +1,81 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+
+class OAuth2Storage extends \OAuth2\Storage\Pdo {
+
+ /**
+ * @param string $username
+ * @param string $password
+ * @return bool
+ */
+ public function checkUserCredentials($username, $password)
+ {
+ if ($user = $this->getUser($username)) {
+ return $this->checkPassword($user, $password);
+ }
+
+ return false;
+ }
+
+ /**
+ * @param string $username
+ * @return array|bool
+ */
+ public function getUserDetails($username)
+ {
+ return $this->getUser($username);
+ }
+
+
+ /**
+ *
+ * @param array $user
+ * @param string $password
+ * @return bool
+ */
+ protected function checkPassword($user, $password)
+ {
+
+ $x = account_verify_password($user,$password);
+ return((array_key_exists('channel',$x) && ! empty($x['channel'])) ? true : false);
+
+ }
+
+ /**
+ * @param string $username
+ * @return array|bool
+ */
+ public function getUser($username)
+ {
+
+ $x = channelx_by_nick($username);
+ if(! $x) {
+ return false;
+ }
+
+ return( [
+ 'username' => $x['channel_address'],
+ 'user_id' => $x['channel_id'],
+ 'firstName' => $x['channel_name'],
+ 'lastName' => '',
+ 'password' => 'NotARealPassword'
+ ] );
+ }
+
+ /**
+ * plaintext passwords are bad! Override this for your application
+ *
+ * @param string $username
+ * @param string $password
+ * @param string $firstName
+ * @param string $lastName
+ * @return bool
+ */
+ public function setUser($username, $password, $firstName = null, $lastName = null)
+ {
+ return true;
+ }
+
+} \ No newline at end of file