From b08af13872a698c85bb2cf9abd6651bc5c98f7bd Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 3 May 2017 22:37:06 -0700 Subject: oauth2/oidc testing (please do not port - this requires several extra DB tables to work) --- Zotlabs/Module/Authorize.php | 71 ++++++++++++++++++++++++++++++++++++++++++++ Zotlabs/Module/Token.php | 40 +++++++++++++++++++++++++ include/oauth2.php | 21 +++++++++++++ 3 files changed, 132 insertions(+) create mode 100644 Zotlabs/Module/Authorize.php create mode 100644 Zotlabs/Module/Token.php create mode 100644 include/oauth2.php diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php new file mode 100644 index 000000000..06f66c456 --- /dev/null +++ b/Zotlabs/Module/Authorize.php @@ -0,0 +1,71 @@ +validateAuthorizeRequest($request, $response)) { + $response->send(); + killme(); + } + + // display an authorization form + if (empty($_POST)) { + + return ' +
+
+ + +
'; + } + + // print the authorization code if the user has authorized your client + $is_authorized = ($_POST['authorized'] === 'yes'); + $oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized); + if ($is_authorized) { + // this is only here so that you get to see your code in the cURL request. Otherwise, + // we'd redirect back to the client + $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40); + echo("SUCCESS! Authorization Code: $code"); + + } + + $response->send(); + killme(); + } + +} \ No newline at end of file diff --git a/Zotlabs/Module/Token.php b/Zotlabs/Module/Token.php new file mode 100644 index 000000000..e0d9d74d7 --- /dev/null +++ b/Zotlabs/Module/Token.php @@ -0,0 +1,40 @@ +handleTokenRequest(\OAuth2\Request::createFromGlobals())->send(); + + killme(); + } + +} \ No newline at end of file diff --git a/include/oauth2.php b/include/oauth2.php new file mode 100644 index 000000000..a0d65a995 --- /dev/null +++ b/include/oauth2.php @@ -0,0 +1,21 @@ +db); + $config = [ + 'use_openid_connect'] => true, + 'issuer' => \Zotlabs\Lib\System::get_site_name() + ]; + + $oauth2_server = new OAuth2\Server($storage,$config); + + $oauth2_server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); + $oauth2_server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); + + $keyStorage = new OAuth2\Storage\Memory( [ + 'keys' => [ + 'public_key' => get_config('system','pubkey'), + 'private_key' => get_config('system','prvkey') + ] + ]); + + $oauth2_server->addStorage($keyStorage,'public_key'); -- cgit v1.2.3