diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-07-16 20:35:56 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-07-16 20:35:56 -0400 |
| commit | ede1f1d9b0c06a05845f4125d59c97c29b6d9842 (patch) | |
| tree | 2fc9f21c586501d43440dace17e71bfb40618bfc /app/Auth | |
| parent | 12036aa21f4308aca4d816864b357f9627a0f437 (diff) | |
Refactoring of Github authentication (oauth url change)
Diffstat (limited to 'app/Auth')
| -rw-r--r-- | app/Auth/GitHub.php | 163 | ||||
| -rw-r--r-- | app/Auth/Github.php | 122 | ||||
| -rw-r--r-- | app/Auth/Google.php | 11 |
3 files changed, 129 insertions, 167 deletions
diff --git a/app/Auth/GitHub.php b/app/Auth/GitHub.php deleted file mode 100644 index 816cc9c1..00000000 --- a/app/Auth/GitHub.php +++ /dev/null @@ -1,163 +0,0 @@ -<?php - -namespace Auth; - -use Event\AuthEvent; -use OAuth\Common\Storage\Session; -use OAuth\Common\Consumer\Credentials; -use OAuth\Common\Http\Uri\UriFactory; -use OAuth\ServiceFactory; -use OAuth\Common\Http\Exception\TokenResponseException; - -/** - * GitHub backend - * - * @package auth - */ -class GitHub extends Base -{ - /** - * Backend name - * - * @var string - */ - const AUTH_NAME = 'Github'; - - /** - * Authenticate a GitHub user - * - * @access public - * @param string $github_id GitHub user id - * @return boolean - */ - public function authenticate($github_id) - { - $user = $this->user->getByGitHubId($github_id); - - if (! empty($user)) { - $this->userSession->refresh($user); - $this->container['dispatcher']->dispatch('auth.success', new AuthEvent(self::AUTH_NAME, $user['id'])); - return true; - } - - return false; - } - - /** - * Unlink a GitHub account for a given user - * - * @access public - * @param integer $user_id User id - * @return boolean - */ - public function unlink($user_id) - { - return $this->user->update(array( - 'id' => $user_id, - 'github_id' => '', - )); - } - - /** - * Update the user table based on the GitHub profile information - * - * @access public - * @param integer $user_id User id - * @param array $profile GitHub profile - * @return boolean - * @todo Don't overwrite existing email/name with empty GitHub data - */ - public function updateUser($user_id, array $profile) - { - return $this->user->update(array( - 'id' => $user_id, - 'github_id' => $profile['id'], - 'email' => $profile['email'], - 'name' => $profile['name'], - )); - } - - /** - * Get the GitHub service instance - * - * @access public - * @return \OAuth\OAuth2\Service\GitHub - */ - public function getService() - { - $uriFactory = new UriFactory(); - $currentUri = $uriFactory->createFromSuperGlobalArray($_SERVER); - $currentUri->setQuery('controller=user&action=gitHub'); - - $storage = new Session(false); - - $credentials = new Credentials( - GITHUB_CLIENT_ID, - GITHUB_CLIENT_SECRET, - $currentUri->getAbsoluteUri() - ); - - $serviceFactory = new ServiceFactory(); - - return $serviceFactory->createService( - 'gitHub', - $credentials, - $storage, - array('') - ); - } - - /** - * Get the authorization URL - * - * @access public - * @return \OAuth\Common\Http\Uri\Uri - */ - public function getAuthorizationUrl() - { - return $this->getService()->getAuthorizationUri(); - } - - /** - * Get GitHub profile information from the API - * - * @access public - * @param string $code GitHub authorization code - * @return bool|array - */ - public function getGitHubProfile($code) - { - try { - $gitHubService = $this->getService(); - $gitHubService->requestAccessToken($code); - - return json_decode($gitHubService->request('user'), true); - } - catch (TokenResponseException $e) { - return false; - } - } - - /** - * Revokes this user's GitHub tokens for Kanboard - * - * @access public - * @return bool|array - * @todo Currently this simply removes all our tokens for this user, ideally it should - * restrict itself to the one in question - */ - public function revokeGitHubAccess() - { - try { - $gitHubService = $this->getService(); - - $basicAuthHeader = array('Authorization' => 'Basic ' . - base64_encode(GITHUB_CLIENT_ID.':'.GITHUB_CLIENT_SECRET)); - - return json_decode($gitHubService->request('/applications/'.GITHUB_CLIENT_ID.'/tokens', 'DELETE', null, $basicAuthHeader), true); - } - catch (TokenResponseException $e) { - return false; - } - } -} diff --git a/app/Auth/Github.php b/app/Auth/Github.php new file mode 100644 index 00000000..44bcc6c8 --- /dev/null +++ b/app/Auth/Github.php @@ -0,0 +1,122 @@ +<?php + +namespace Auth; + +use Event\AuthEvent; + +/** + * Github backend + * + * @package auth + */ +class Github extends Base +{ + /** + * Backend name + * + * @var string + */ + const AUTH_NAME = 'Github'; + + /** + * OAuth2 instance + * + * @access private + * @var \Core\OAuth2 + */ + private $service; + + /** + * Authenticate a Github user + * + * @access public + * @param string $github_id Github user id + * @return boolean + */ + public function authenticate($github_id) + { + $user = $this->user->getByGithubId($github_id); + + if (! empty($user)) { + $this->userSession->refresh($user); + $this->container['dispatcher']->dispatch('auth.success', new AuthEvent(self::AUTH_NAME, $user['id'])); + return true; + } + + return false; + } + + /** + * Unlink a Github account for a given user + * + * @access public + * @param integer $user_id User id + * @return boolean + */ + public function unlink($user_id) + { + return $this->user->update(array( + 'id' => $user_id, + 'github_id' => '', + )); + } + + /** + * Update the user table based on the Github profile information + * + * @access public + * @param integer $user_id User id + * @param array $profile Github profile + * @return boolean + */ + public function updateUser($user_id, array $profile) + { + $user = $this->user->getById($user_id); + + return $this->user->update(array( + 'id' => $user_id, + 'github_id' => $profile['id'], + 'email' => $profile['email'] ?: $user['email'], + 'name' => $profile['name'] ?: $user['name'], + )); + } + + /** + * Get OAuth2 configured service + * + * @access public + * @return \Core\OAuth2 + */ + public function getService() + { + if (empty($this->service)) { + $this->service = $this->oauth->createService( + GITHUB_CLIENT_ID, + GITHUB_CLIENT_SECRET, + $this->helper->url->to('oauth', 'github', array(), '', true), + 'https://github.com/login/oauth/authorize', + 'https://github.com/login/oauth/access_token', + array() + ); + } + + return $this->service; + } + + /** + * Get Github profile + * + * @access public + * @param string $code + * @return array + */ + public function getProfile($code) + { + $this->getService()->getAccessToken($code); + + return $this->httpClient->getJson( + 'https://api.github.com/user', + array($this->getService()->getAuthorizationHeader()) + ); + } +} diff --git a/app/Auth/Google.php b/app/Auth/Google.php index dd8f3834..972dd748 100644 --- a/app/Auth/Google.php +++ b/app/Auth/Google.php @@ -22,6 +22,7 @@ class Google extends Base /** * OAuth2 instance * + * @access private * @var \Core\OAuth2 */ private $service; @@ -71,11 +72,13 @@ class Google extends Base */ public function updateUser($user_id, array $profile) { + $user = $this->user->getById($user_id); + return $this->user->update(array( 'id' => $user_id, 'google_id' => $profile['id'], - 'email' => $profile['email'], - 'name' => $profile['name'], + 'email' => $profile['email'] ?: $user['email'], + 'name' => $profile['name'] ?: $user['name'], )); } @@ -114,7 +117,7 @@ class Google extends Base return $this->httpClient->getJson( 'https://www.googleapis.com/oauth2/v1/userinfo', - array($this->getService()->getAuthorizationHeader() - )); + array($this->getService()->getAuthorizationHeader()) + ); } } |