From 11e4fee71152d61ca07da60c7a106c03339f23c9 Mon Sep 17 00:00:00 2001
From: Josh Sherman <josh@gravityblvd.com>
Date: Sun, 19 Oct 2014 10:26:15 -0400
Subject: [PATCH] Switching the OAuth2 lib back again

Couldn't handle the fact that the errors were being echoed from the library
and not thrown or at the very least passed back so I could use them.
---
 composer.json                      |   2 +-
 src/OAuth2/AccessTokenStorage.php  |  84 +++++++++++++++++++++++
 src/OAuth2/ClientStorage.php       |  81 ++++++++++++++++++++++
 src/OAuth2/RefreshTokenStorage.php |  56 +++++++++++++++
 src/OAuth2/ScopeStorage.php        |  26 +++++++
 src/OAuth2/SessionStorage.php      | 106 +++++++++++++++++++++++++++++
 src/OAuth2/StorageAdapter.php      |  20 ++++++
 7 files changed, 374 insertions(+), 1 deletion(-)
 create mode 100644 src/OAuth2/AccessTokenStorage.php
 create mode 100644 src/OAuth2/ClientStorage.php
 create mode 100644 src/OAuth2/RefreshTokenStorage.php
 create mode 100644 src/OAuth2/ScopeStorage.php
 create mode 100644 src/OAuth2/SessionStorage.php
 create mode 100644 src/OAuth2/StorageAdapter.php

diff --git a/composer.json b/composer.json
index 8227c05..7638c3d 100644
--- a/composer.json
+++ b/composer.json
@@ -23,7 +23,7 @@
     },
     "require": {
         "php": ">=5.4",
-        "bshaffer/oauth2-server-php": "v1.5"
+        "league/oauth2-server": "4.0.x-dev"
     },
     "suggest": {
         "mongodb/mongo-php-driver": "Required to use the Mongo storage engine",
diff --git a/src/OAuth2/AccessTokenStorage.php b/src/OAuth2/AccessTokenStorage.php
new file mode 100644
index 0000000..04d8dc0
--- /dev/null
+++ b/src/OAuth2/AccessTokenStorage.php
@@ -0,0 +1,84 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Entity\AbstractTokenEntity;
+use \League\OAuth2\Server\Entity\AccessTokenEntity;
+use \League\OAuth2\Server\Entity\ScopeEntity;
+use \League\OAuth2\Server\Storage\AccessTokenInterface;
+
+class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface
+{
+    public function get($token)
+    {
+        $sql = 'SELECT oauth_access_tokens.*'
+             . ' FROM oauth_access_tokens'
+             . ' WHERE access_token = ?'
+             . ' AND expires_at >= ?;';
+
+        $results = $this->db->fetch($sql, [$token, time()]);
+
+        if (count($results) === 1)
+        {
+            return (new AccessTokenEntity($this->server))
+                ->setId($results[0]['access_token'])
+                ->setExpireTime($results[0]['expires_at']);
+        }
+
+        return null;
+    }
+
+    public function getScopes(AbstractTokenEntity $token)
+    {
+        $sql = 'SELECT oauth_scopes.id, oauth_scopes.description'
+             . ' FROM oauth_access_token_scopes'
+             . ' INNER JOIN oauth_scopes'
+             . ' ON oauth_access_token_scopes.scope_id = oauth_scopes.id'
+             . ' WHERE oauth_access_token_scopes.access_token_id = ?;';
+
+        $results  = $this->db->fetch($sql, [$token->getId()]);
+        $response = [];
+
+        if (count($results) > 0)
+        {
+            foreach ($results as $row)
+            {
+                $response[] = (new ScopeEntity($this->server))->hydrate([
+                    'id'          => $row['id'],
+                    'description' => $row['description']
+                ]);
+            }
+        }
+
+        return $response;
+    }
+
+    public function create($token, $expiration, $session_id)
+    {
+        $sql = 'INSERT INTO oauth_access_tokens'
+             . ' (access_token, session_id, expires_at)'
+             . ' VALUES'
+             . ' (?, ?, ?);';
+
+        $this->db->execute($sql, [$token, $session_id, $expiration]);
+    }
+
+    public function associateScope(AbstractTokenEntity $token, ScopeEntity $scope)
+    {
+        $sql = 'INSERT INTO oauth_access_token_scopes'
+             . ' (access_token, scope)'
+             . ' VALUES'
+             . ' (?, ?);';
+
+        $this->db->execute($sql, [$token->getId(), $scope->getId()]);
+    }
+
+    public function delete(AbstractTokenEntity $token)
+    {
+        $sql = 'DELETE FROM oauth_access_token_scopes'
+             . ' WHERE access_token = ?;';
+
+        $this->db->execute($sql, [$token->getId()]);
+    }
+}
+
diff --git a/src/OAuth2/ClientStorage.php b/src/OAuth2/ClientStorage.php
new file mode 100644
index 0000000..1a32583
--- /dev/null
+++ b/src/OAuth2/ClientStorage.php
@@ -0,0 +1,81 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Entity\ClientEntity;
+use \League\OAuth2\Server\Entity\SessionEntity;
+use \League\OAuth2\Server\Storage\Adapter;
+use \League\OAuth2\Server\Storage\ClientInterface;
+
+class ClientStorage extends StorageAdapter implements ClientInterface
+{
+    public function get($client_id, $client_secret = null, $redirect_uri = null, $grant_type = null)
+    {
+        $sql = 'SELECT oauth_clients.*';
+
+        if ($redirect_uri)
+        {
+            $sql .= ', oauth_client_redirect_uris.*'
+                 .  ' INNER JOIN oauth_redirect_uris'
+                 .  ' ON oauth_clients.id = oauth_redirect_uris.client_id';
+        }
+
+        $sql .= ' FROM oauth_clients WHERE oauth_clients.id = ?';
+
+        $parameters = [$client_id];
+
+        if ($client_secret)
+        {
+            $sql          .= ' AND oauth_clients.secret = ?';
+            $parameters[]  = $client_secret;
+        }
+
+        if ($redirect_uri)
+        {
+            $sql          .= 'AND oauth_redirect_uris.redirect_uri = ?';
+            $parameters[]  = $redirect_uri;
+        }
+
+        $results = $this->db->fetch($sql, $parameters);
+
+        if (count($results) === 1)
+        {
+            $client = new ClientEntity($this->server);
+
+            $client->hydrate([
+                'id'   => $results[0]['id'],
+                'name' => $results[0]['name']
+            ]);
+
+            return $client;
+        }
+
+        return null;
+    }
+
+    public function getBySession(SessionEntity $session)
+    {
+        $sql = 'SELECT oauth_clients.id, oauth_clients.name'
+             . ' FROM oauth_clients'
+             . ' INNER JOIN oauth_sessions'
+             . ' ON oauth_clients.id = oauth_sessions.client_id'
+             . ' WHERE oauth_sessions.id = ?';
+
+        $results = $this->db->fetch($sql, [$session->getId()]);
+
+        if (count($results) === 1)
+        {
+            $client = new ClientEntity($this->server);
+
+            $client->hydrate([
+                'id'   => $results[0]['id'],
+                'name' => $results[0]['name']
+            ]);
+
+            return $client;
+        }
+
+        return null;
+    }
+}
+
diff --git a/src/OAuth2/RefreshTokenStorage.php b/src/OAuth2/RefreshTokenStorage.php
new file mode 100644
index 0000000..bceea31
--- /dev/null
+++ b/src/OAuth2/RefreshTokenStorage.php
@@ -0,0 +1,56 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Entity\RefreshTokenEntity;
+use \League\OAuth2\Server\Storage\RefreshTokenInterface;
+
+class RefreshTokenStorage extends StorageAdapter implements RefreshTokenInterface
+{
+    public function get($token)
+    {
+        $sql = 'SELECT oauth_refresh_tokens.*'
+             . ' FROM oauth_refresh_tokens'
+             . ' WHERE refresh_token = ?'
+             . ' AND expires_at >= ?;';
+
+        $results = $this->db->fetch($sql, [$token, time()]);
+
+        if (count($results) === 1)
+        {
+            return (new RefreshTokenEntity($this->server))
+                ->setId($results[0]['refresh_token'])
+                ->setExpireTime($results[0]['expires_at'])
+                ->setAccessTokenId($results[0]['access_token_id']);
+        }
+
+        return null;
+    }
+
+    public function create($token, $expiration, $access_token)
+    {
+        $sql      = 'SELECT id FROM oauth_access_tokens WHERE access_token = ?;';
+        $results  = $this->db->fetch($sql, [$access_token]);
+        $token_id = $results[0]['id'];
+
+        $sql = 'INSERT INTO oauth_refresh_tokens'
+             . ' (refresh_token, access_token_id, expires_at, client_id)'
+             . ' VALUES'
+             . ' (?, ?, ?, ?);';
+
+        $this->db->execute($sql, [
+            $token,
+            $token_id,
+            $expiration,
+            $this->server->getRequest()->request->get('client_id', null),
+        ]);
+    }
+
+    public function delete(RefreshTokenEntity $token)
+    {
+        $sql = 'DELETE FROM oauth_refresh_tokens WHERE refresh_token = ?;';
+
+        $this->db->execute($sql, [$token->getId()]);
+    }
+}
+
diff --git a/src/OAuth2/ScopeStorage.php b/src/OAuth2/ScopeStorage.php
new file mode 100644
index 0000000..c614eb7
--- /dev/null
+++ b/src/OAuth2/ScopeStorage.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Storage\Adapter;
+use \League\OAuth2\Server\Storage\ScopeInterface;
+
+class ScopeStorage extends StorageAdapter implements ScopeInterface
+{
+    public function get($scope, $grant_type = null, $client_id = null)
+    {
+        $sql     = 'SELECT * FROM oauth_scopes WHERE id = ?;';
+        $results = $this->db->fetch($sql, [$scope]);
+
+        if (count($results) === 0)
+        {
+            return null;
+        }
+
+        return (new ScopeEntity($this->server))->hydrate([
+            'id'          => $result[0]['id'],
+            'description' => $result[0]['description'],
+        ]);
+    }
+}
+
diff --git a/src/OAuth2/SessionStorage.php b/src/OAuth2/SessionStorage.php
new file mode 100644
index 0000000..2754b1d
--- /dev/null
+++ b/src/OAuth2/SessionStorage.php
@@ -0,0 +1,106 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Entity\AccessTokenEntity;
+use \League\OAuth2\Server\Entity\AuthCodeEntity;
+use \League\OAuth2\Server\Entity\ScopeEntity;
+use \League\OAuth2\Server\Entity\SessionEntity;
+use \League\OAuth2\Server\Storage\Adapter;
+use \League\OAuth2\Server\Storage\SessionInterface;
+
+class SessionStorage extends StorageAdapter implements SessionInterface
+{
+    public function getByAccessToken(AccessTokenEntity $access_token)
+    {
+        $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,'
+             . ' oauth_sessions.owner_id, oauth_sessions.client_id,'
+             . ' oauth_sessions.client_redirect_uri'
+             . ' FROM oauth_sessions'
+             . ' INNER JOIN oauth_access_tokens'
+             . ' ON oauth_access_tokens.session_id = oauth_sessions.id'
+             . ' WHERE oauth_access_tokens.access_token = ?;';
+
+        $results = $this->db->fetch($sql, [$access_token->getId()]);
+
+        if (count($results) === 1)
+        {
+            $session = new SessionEntity($this->server);
+            $session->setId($result[0]['id']);
+            $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']);
+
+            return $session;
+        }
+
+        return null;
+    }
+
+    public function getByAuthCode(AuthCodeEntity $auth_code)
+    {
+        $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,'
+             . ' oauth_sessions.owner_id, oauth_sessions.client_id,'
+             . ' oauth_sessions.client_redirect_uri'
+             . ' FROM oauth_sessions'
+             . ' INNER JOIN oauth_authorization_codes'
+             . ' ON oauth_authorization_codes.session_id = oauth_sessions.id'
+             . ' WHERE oauth_authorization_codes.authorization_code = ?;';
+
+        $results = $this->db->fetch($sql, [$auth_code->getId()]);
+
+        if (count($results) === 1)
+        {
+            $session = new SessionEntity($this->server);
+            $session->setId($result[0]['id']);
+            $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']);
+
+            return $session;
+        }
+
+        return null;
+    }
+
+    public function getScopes(SessionEntity $session)
+    {
+        $sql = 'SELECT oauth_sessions.*'
+             . ' FROM oauth_sessions'
+             . ' INNER JOIN oauth_access_token_scopes'
+             . ' ON oauth_sessions.id = oauth_access_token_scopes.access_token_id'
+             . ' INNER JOIN oauth_scopes'
+             . ' ON oauth_scopes.id = oauth_access_token_scopes.scope_id'
+             . ' WHERE oauth_sessions.id = ?;';
+
+        $results = $this->db->fetch($sql, [$session->getId()]);
+        $scopes  = [];
+
+        foreach ($results as $scope)
+        {
+            $scopes[] = (new ScopeEntity($this->server))->hydrate([
+                'id'          => $scope['id'],
+                'description' => $scope['description'],
+            ]);
+        }
+
+        return $scopes;
+    }
+
+    public function create($owner_type, $owner_id, $client_id, $client_redirect_uri = null)
+    {
+        $sql = 'INSERT INTO oauth_sessions'
+             . ' (owner_type, owner_id, client_id)'
+             . ' VALUES'
+             . ' (?, ?, ?);';
+
+        return $this->db->execute($sql, [$owner_type, $owner_id, $client_id]);
+    }
+
+    public function associateScope(SessionEntity $session, ScopeEntity $scope)
+    {
+        $sql = 'INSERT INTO oauth_access_token_scopes'
+             . ' (access_token_id, scope_id)'
+             . ' VALUES'
+             . ' (?, ?);';
+
+        $this->db->execute($sql, [$session->getId(), $scope->getId()]);
+    }
+}
+
diff --git a/src/OAuth2/StorageAdapter.php b/src/OAuth2/StorageAdapter.php
new file mode 100644
index 0000000..27ab436
--- /dev/null
+++ b/src/OAuth2/StorageAdapter.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace Pickles\OAuth2;
+
+use \League\OAuth2\Server\Storage\Adapter;
+use \Pickles\Config;
+use \Pickles\Database;
+
+class StorageAdapter extends Adapter
+{
+    protected $config;
+    protected $db;
+
+    public function __construct()
+    {
+        $this->config = Config::getInstance();
+        $this->db     = Database::getInstance();
+    }
+}
+