diff options
Diffstat (limited to 'Zotlabs/Identity')
-rw-r--r-- | Zotlabs/Identity/OAuth2Server.php | 43 | ||||
-rw-r--r-- | Zotlabs/Identity/OAuth2Storage.php | 81 |
2 files changed, 124 insertions, 0 deletions
diff --git a/Zotlabs/Identity/OAuth2Server.php b/Zotlabs/Identity/OAuth2Server.php new file mode 100644 index 000000000..3d7d5efb2 --- /dev/null +++ b/Zotlabs/Identity/OAuth2Server.php @@ -0,0 +1,43 @@ +<?php + +namespace Zotlabs\Identity; + +class OAuth2Server { + + public $server; + + public function __construct() { + + $storage = new OAuth2Storage(\DBA::$dba->db); + + $config = [ + 'use_openid_connect' => true, + 'issuer' => \Zotlabs\Lib\System::get_site_name() + ]; + + // Pass a storage object or array of storage objects to the OAuth2 server class + $this->server = new \OAuth2\Server($storage,$config); + + // Add the "Client Credentials" grant type (it is the simplest of the grant types) + $this->server->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage)); + + // Add the "Authorization Code" grant type (this is where the oauth magic happens) + $this->server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage)); + + $keyStorage = new \OAuth2\Storage\Memory( [ + 'keys' => [ + 'public_key' => get_config('system','pubkey'), + 'private_key' => get_config('system','prvkey') + ] + ]); + + $this->server->addStorage($keyStorage,'public_key'); + + } + + public function get_server() { + return $this->server; + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Identity/OAuth2Storage.php b/Zotlabs/Identity/OAuth2Storage.php new file mode 100644 index 000000000..bc6db565c --- /dev/null +++ b/Zotlabs/Identity/OAuth2Storage.php @@ -0,0 +1,81 @@ +<?php + +namespace Zotlabs\Identity; + + +class OAuth2Storage extends \OAuth2\Storage\Pdo { + + /** + * @param string $username + * @param string $password + * @return bool + */ + public function checkUserCredentials($username, $password) + { + if ($user = $this->getUser($username)) { + return $this->checkPassword($user, $password); + } + + return false; + } + + /** + * @param string $username + * @return array|bool + */ + public function getUserDetails($username) + { + return $this->getUser($username); + } + + + /** + * + * @param array $user + * @param string $password + * @return bool + */ + protected function checkPassword($user, $password) + { + + $x = account_verify_password($user,$password); + return((array_key_exists('channel',$x) && ! empty($x['channel'])) ? true : false); + + } + + /** + * @param string $username + * @return array|bool + */ + public function getUser($username) + { + + $x = channelx_by_nick($username); + if(! $x) { + return false; + } + + return( [ + 'username' => $x['channel_address'], + 'user_id' => $x['channel_id'], + 'firstName' => $x['channel_name'], + 'lastName' => '', + 'password' => 'NotARealPassword' + ] ); + } + + /** + * plaintext passwords are bad! Override this for your application + * + * @param string $username + * @param string $password + * @param string $firstName + * @param string $lastName + * @return bool + */ + public function setUser($username, $password, $firstName = null, $lastName = null) + { + return true; + } + +}
\ No newline at end of file |