· 6 years ago · Nov 24, 2018, 05:00 AM
1<?php
2/**
3 * @category Cautela
4 * @package Auth
5 * @subpackage OAuth2
6 */
7namespace Auth\OAuth2;
8use OAuth2\Grant\GrantCodeInterface;
9use OAuth2\RefreshTokensInterface;
10use Zend_Db_Adapter_Abstract;
11use Zend_Db_Exception;
12
13/**
14 *
15 * @category OAuth2
16 * @package Auth
17 * @subpackage OAuth2
18 */
19class ZendDb implements GrantCodeInterface, RefreshTokensInterface
20{
21 /**
22 * Database table names
23 *
24 * @var array
25 */
26 protected $_tableMap = array(
27 'clients' => 'clients',
28 'auth_code' => 'auth_code',
29 'access_tokens' => 'access_tokens',
30 'refresh_tokens' => 'refresh_tokens'
31 );
32
33 /**
34 * @var Zend_Db_Adapter_Abstract
35 */
36 protected $_db;
37
38 /**
39 *
40 */
41 public function __construct(Zend_Db_Adapter_Abstract $db)
42 {
43
44 try {
45 $this->db = $db;
46 } catch (Zend_Db_Exception $e) {
47 die('Connection failed: ' . $e->getMessage());
48 }
49 }
50
51 /**
52 * @param array $tableMap
53 * @return ZendDb
54 */
55 public function setTableMap(array $tableMap)
56 {
57 $this->_tableMap = $tableMap;
58 return $this;
59 }
60 /**
61 * @return Zend_Db_Adapter_Abstract
62 */
63 public function getDb()
64 {
65 return $this->_db;
66 }
67
68 /**
69 * @param Zend_Db_Adapter_Abstract $db
70 * @return ZendDb
71 */
72 public function setDb(Zend_Db_Adapter_Abstract $db)
73 {
74 $this->_db = $db;
75 return $this;
76 }
77
78 /**
79 *
80 */
81 protected function handleException(\Exception $e)
82 {
83 throw $e;
84 }
85
86 /**
87 *
88 * @param string $client_id Client identifier to be stored.
89 * @param string $client_secret Client secret to be stored.
90 * @param string $redirect_uri Redirect URI to be stored.
91 * @return ZendDb
92 */
93 public function addClient($client_id, $client_secret, $redirect_uri)
94 {
95 try {
96 $client_secret = $this->hash($client_secret, $client_id);
97 $data = array(
98 'client_id' => $client_id,
99 'client_secret' => $client_secret,
100 'redirect_uri' => $redirect_uri
101 );
102 $this->getDb()->insert($this->_tableMap['clients'], $data);
103 }
104 catch (Zend_Db_Exception $e) {
105 $this->handleException($e);
106 }
107 return $this;
108 }
109
110 /**
111 * @param string $client_id
112 * @param null|string $client_secret
113 * @return bool
114 */
115 public function checkClientCredentials($client_id, $client_secret = null)
116 {
117 try {
118 $sql = $this->getDb()->select()
119 ->from($this->_tableMap['clients'], 'client_secret')
120 ->where($this->getDb()->quoteInto('client_id = ?', $client_id));
121
122 $hashed_secret = $this->getDb()->fetchOne($sql);
123
124 if ($client_secret === null) {
125 return $hashed_secret !== false;
126 }
127
128 return $this->checkPassword(
129 $client_secret, $hashed_secret, $client_id
130 );
131 }
132 catch (Zend_Db_Exception $e) {
133 $this->handleException($e);
134 }
135 return false;
136 }
137
138 /**
139 * @param $client_id
140 * @return bool|string|void
141 */
142 public function getClientDetails($client_id)
143 {
144 try {
145 $sql = $this->getDb()->select()
146 ->from($this->_tableMap['clients'], 'redirect_uri')
147 ->where($this->getDb()->quoteInto('client_id = ?', $client_id));
148
149 $redirect_uri = $this->getDb()->fetchOne($sql);
150
151
152 if ($redirect_uri === false) {
153 return $redirect_uri !== false;
154 }
155 }
156 catch (Zend_Db_Exception $e) {
157 $this->handleException($e);
158 }
159 return null;
160 }
161
162 /**
163 * @param string $oauth_token
164 * @return array|null
165 */
166 public function getAccessToken($oauth_token)
167 {
168 return $this->getToken($oauth_token, false);
169 }
170
171 /**
172 * @param string $oauth_token
173 * @param string $client_id
174 * @param string $user_id
175 * @param string $expires
176 * @param null $scope
177 * @return ZendDb
178 */
179 public function setAccessToken($oauth_token, $client_id, $user_id, $expires,
180 $scope = null)
181 {
182 return $this->setToken(
183 $oauth_token, $client_id, $user_id, $expires, $scope, false
184 );
185 }
186
187 /**
188 * @param string $refresh_token
189 * @return array|null
190 */
191 public function getRefreshToken($refresh_token)
192 {
193 return $this->getToken($refresh_token, true);
194 }
195
196 /**
197 * @param string $refresh_token
198 * @param string $client_id
199 * @param string $user_id
200 * @param string $expires
201 * @param null $scope
202 * @return ZendDb
203 */
204 public function setRefreshToken($refresh_token, $client_id, $user_id,
205 $expires, $scope = null)
206 {
207 return $this->setToken(
208 $refresh_token, $client_id, $user_id, $expires, $scope, true
209 );
210 }
211
212 /**
213 * @param string $refresh_token
214 * @return ZendDb
215 */
216 public function unsetRefreshToken($refresh_token)
217 {
218 try {
219 $this->getDb()->delete(
220 $this->_tableMap['refresh_tokens'],
221 $this->getDb()->quoteInto('refresh_token = ?', $refresh_token)
222 );
223 }
224 catch (Zend_Db_Exception $e) {
225 $this->handleException($e);
226 }
227 return $this;
228 }
229
230 /**
231 * @param string $code
232 * @return array|null
233 */
234 public function getAuthCode($code)
235 {
236 try {
237 $sql = $this->getDb()->select()
238 ->from(
239 $this->_tableMap['auth_codes'], array(
240 'code', 'client_id',
241 'user_id', 'redirect_uri',
242 'expires', 'scope'
243 )
244 )
245 ->where($this->getDb()->quoteInto('code = ?', $code));
246 $result = $this->getDb()->fetchRow($sql);
247
248 return $result !== false ? $result : null;
249 }
250 catch (Zend_Db_Exception $e) {
251 $this->handleException($e);
252 }
253 return null;
254 }
255
256 /**
257 * @param string $code
258 * @param string $client_id
259 * @param string $user_id
260 * @param string $redirect_uri
261 * @param string $expires
262 * @param null $scope
263 * @return ZendDb
264 */
265 public function setAuthCode($code, $client_id, $user_id, $redirect_uri,
266 $expires, $scope = null)
267 {
268 try {
269 $data = array(
270 'code' => $code, 'client_code' => $client_id,
271 'user_id' => $user_id, 'redirect_uri' => $redirect_uri,
272 'expires' => $expires, 'scope' => $scope
273 );
274 $this->getDb()->insert($this->_tableMap['auth_codes'], $data);
275 }
276 catch (Zend_Db_Exception $e) {
277 $this->handleException($e);
278 }
279 return $this;
280 }
281
282 /**
283 * @deprecated
284 *
285 * @param string $client_id
286 * @param string $grant_type
287 * @return bool
288 */
289 public function checkRestrictedGrantType($client_id, $grant_type)
290 {
291 return true;
292 }
293
294 /**
295 * Creates a refresh or access token
296 *
297 * @param string $token - Access or refresh token id
298 * @param string $client_id
299 * @param mixed $user_id
300 * @param int $expires
301 * @param string $scope
302 * @param bool $isRefresh
303 * @return ZendDb
304 */
305 protected function setToken($token, $client_id, $user_id, $expires, $scope,
306 $isRefresh = true)
307 {
308 try {
309 $data = array(
310 'token' => $token, 'client_id' => $client_id,
311 'user_id' => $user_id, 'expires' => $expires, 'scope' => $scope
312 );
313
314 $this->getDb()->insert(
315 $isRefresh ? $this->_tableMap['refresh_tokens'] :
316 $this->_tableMap['access_tokens'], $data
317 );
318 }
319 catch (Zend_Db_Exception $e) {
320 $this->handleException($e);
321 }
322 return $this;
323 }
324
325 /**
326 * Retrieves an access or refresh token.
327 *
328 * @param string $token
329 * @param bool $refresh
330 */
331 protected function getToken($token, $isRefresh = true)
332 {
333 try {
334 $tableName = $isRefresh ? $this->_tableMap['refresh_tokens'] :
335 $this->_tableMap['access_tokens'];
336 $tokenName = $isRefresh ? 'refresh_token' : 'oauth_token';
337
338 $sql = $this->getDb()->select()
339 ->from(
340 $tableName,
341 array($tokenName, 'client_id', 'expires', 'scope', 'user_id')
342 )->where($this->getDb()->quoteInto('token = ?', $token));
343
344 $result = $this->getDb()->fetchRow($sql);
345
346 return $result !== false ? $result : null;
347 }
348 catch (Zend_Db_Exception $e) {
349 $this->handleException($e);
350 }
351 return null;
352 }
353
354 /**
355 *
356 * @param string $secret
357 * @return string
358 */
359 protected function hash($client_secret, $client_id)
360 {
361 return hash('blowfish', $client_id . $client_secret);
362 }
363
364 /**
365 *
366 * @param string $client_id
367 * @param string $client_secret
368 * @param string $actualPassword
369 */
370 protected function checkPassword($try, $client_secret, $client_id)
371 {
372 return $try == $this->hash($client_secret, $client_id);
373 }
374}