· 6 years ago · Feb 06, 2019, 07:28 PM
1<?php
2
3abstract class Photonic_OAuth2_Processor extends Photonic_Processor {
4 public $scope, $response_type, $client_id, $client_secret, $state, $access_token, $refresh_token_valid;
5
6 function __construct() {
7 parent::__construct();
8 }
9
10 public abstract function authentication_url();
11
12 public abstract function access_token_url();
13
14 public function redirect_url() {
15 return get_site_url();
16 }
17
18 public function get_authorization_url($args = array()) {
19 $url = add_query_arg('test', 'test');
20 $url = remove_query_arg('test', $url);
21 $parameters = array_merge(array(
22 'response_type' => $this->response_type,
23 'redirect_uri' => $this->redirect_url(),
24 'client_id' => $this->client_id,
25 'scope' => $this->scope,
26 'access_type' => 'offline',
27 'state' => md5($this->client_secret.$this->provider).'::'.urlencode($url),
28 ), $args);
29 return $this->authentication_url()."?".$this->build_query($parameters);
30 }
31
32 /**
33 * Takes an OAuth request token and exchanges it for an access token.
34 *
35 * @param $request_token
36 */
37 function get_access_token($request_token) {
38 $code = $request_token['code'];
39 $state_args = explode('::', $request_token['state']);
40 $secret = md5($this->client_secret, false);
41
42 if ($state_args[0] == md5($this->client_secret.$this->provider)) {
43 $url = urldecode($state_args[1]);
44 $response = Photonic::http($this->access_token_URL(), 'POST', array(
45 'code' => $code,
46 'grant_type' => 'authorization_code',
47 'client_id' => $this->client_id,
48 'client_secret' => $this->client_secret,
49 'redirect_uri' => $this->redirect_url(),
50 ));
51 if (is_wp_error($response)) {
52 $url = add_query_arg('error', $response->get_error_code(), $url);
53 }
54 else if ($response == null) {
55 $url = add_query_arg('error', 'null', $url);
56 }
57 else {
58 $body = $response['body'];
59 $body = json_decode($body);
60
61 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token'])) {
62 unset($_COOKIE['photonic-' . $secret . '-oauth-token']);
63 }
64 if (isset($_COOKIE['photonic-' . $secret . '-oauth-refresh-token']) && isset($body->refresh_token)) {
65 unset($_COOKIE['photonic-' . $secret . '-oauth-refresh-token']);
66 }
67 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-type'])) {
68 unset($_COOKIE['photonic-' . $secret . '-oauth-token-type']);
69 }
70 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-created'])) {
71 unset($_COOKIE['photonic-' . $secret . '-oauth-token-created']);
72 }
73 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-expires'])) {
74 unset($_COOKIE['photonic-' . $secret . '-oauth-token-expires']);
75 }
76 $cookie_expiration = 365 * 24 * 60 * 60;
77 setcookie('photonic-' . $secret . '-oauth-token', $body->access_token, time() + $cookie_expiration, COOKIEPATH);
78 if (isset($body->refresh_token)) {
79 setcookie('photonic-' . $secret . '-oauth-refresh-token', $body->refresh_token, time() + $cookie_expiration, COOKIEPATH);
80 }
81 setcookie('photonic-' . $secret . '-oauth-token-type', $body->token_type, time() + $cookie_expiration, COOKIEPATH);
82 setcookie('photonic-' . $secret . '-oauth-token-created', time(), time() + $cookie_expiration, COOKIEPATH);
83 setcookie('photonic-' . $secret . '-oauth-token-expires', $body->expires_in, time() + $cookie_expiration, COOKIEPATH);
84 }
85 }
86 else {
87 $url = remove_query_arg(array('token', 'code', 'state'));
88 }
89 wp_redirect($url);
90 exit();
91 }
92
93 function refresh_token($refresh_token) {
94 $token = $this->get_access_token_from_refresh($refresh_token, false);
95 if (!empty($token)) {
96 $secret = md5($this->client_secret, false);
97 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token'])) {
98 unset($_COOKIE['photonic-' . $secret . '-oauth-token']);
99 }
100 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-type'])) {
101 unset($_COOKIE['photonic-' . $secret . '-oauth-token-type']);
102 }
103 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-created'])) {
104 unset($_COOKIE['photonic-' . $secret . '-oauth-token-created']);
105 }
106 if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-expires'])) {
107 unset($_COOKIE['photonic-' . $secret . '-oauth-token-expires']);
108 }
109 $cookie_expiration = 365 * 24 * 60 * 60;
110 setcookie('photonic-' . $secret . '-oauth-token', $token['oauth_token'], time() + $cookie_expiration, COOKIEPATH);
111 setcookie('photonic-' . $secret . '-oauth-token-type', $token['oauth_token_type'], time() + $cookie_expiration, COOKIEPATH);
112 setcookie('photonic-' . $secret . '-oauth-token-created', $token['oauth_token_created'], time() + $cookie_expiration, COOKIEPATH);
113 setcookie('photonic-' . $secret . '-oauth-token-expires', $token['oauth_token_expires'], time() + $cookie_expiration, COOKIEPATH);
114 }
115 }
116
117 /**
118 * @param $refresh_token
119 */
120 public function perform_back_end_authentication($refresh_token) {
121 $photonic_authentication = get_option('photonic_authentication');
122 if (!isset($photonic_authentication)) {
123 $photonic_authentication = array();
124 }
125
126 if (!isset($photonic_authentication[$this->provider]) && !empty($refresh_token)) {
127 $token = $this->get_access_token_from_refresh($refresh_token, true);
128 }
129 else if (isset($photonic_authentication[$this->provider])) {
130 $token = $photonic_authentication[$this->provider];
131 if (isset($token)) {
132 if ($this->is_token_expired($token)) {
133 $token = $this->get_access_token_from_refresh($refresh_token, true);
134 }
135 else {
136 $this->refresh_token_valid = true;
137 }
138 }
139 }
140
141 if (!empty($token)) {
142 $this->access_token = $token['oauth_token'];
143 }
144 }
145
146 function get_access_token_from_refresh($refresh_token, $save) {
147 $token = array();
148 $response = Photonic::http($this->access_token_url(), 'POST', array(
149 'client_id' => $this->client_id,
150 'client_secret' => $this->client_secret,
151 'refresh_token' => $refresh_token,
152 'grant_type' => 'refresh_token'
153 ));
154
155print_r($response);
156 if (!is_wp_error($response)) {
157print_r('<br/>Good response. Token:<br/>');
158 $token = $this->parse_token($response);
159print_r($token);
160 if (!empty($token)) {
161print_r('Token client updated<br/>');
162 $token['client_id'] = $this->client_id;
163 }
164 if ($save) {
165print_r('Saving token');
166 $this->save_token($token);
167 }
168 }
169 return $token;
170 }
171
172 function is_token_expired($token) {
173 if (empty($token)) {
174 return true;
175 }
176 if (!isset($token['oauth_token']) || !isset($token['oauth_token_created']) || !isset($token['oauth_token_expires'])) {
177 return true;
178 }
179 if (!isset($token['client_id']) || (isset($token['client_id']) && $token['client_id'] !== $this->client_id)) {
180 return true;
181 }
182 $current = time();
183 if ($token['oauth_token_created'] + $token['oauth_token_expires'] < $current) {
184 return true;
185 }
186 return false;
187 }
188}