diff --git a/composer.json b/composer.json index dd8cc94..da9531c 100644 --- a/composer.json +++ b/composer.json @@ -23,7 +23,7 @@ }, "require": { "php": ">=5.4", - "league/oauth2-server": "4.*" + "league/oauth2-server": "3.2.*" }, "autoload": { "psr-4": { diff --git a/src/OAuth2/AccessTokenStorage.php b/src/OAuth2/AccessTokenStorage.php index d6af720..7ecd943 100644 --- a/src/OAuth2/AccessTokenStorage.php +++ b/src/OAuth2/AccessTokenStorage.php @@ -3,6 +3,7 @@ namespace Pickles\OAuth2; use \League\OAuth2\Server\Entity\AbstractTokenEntity; +use \League\OAuth2\Server\Entity\AccessTokenEntity; use \League\OAuth2\Server\Entity\ScopeEntity; use \League\OAuth2\Server\Storage\AccessTokenInterface; @@ -10,27 +11,74 @@ class AccessTokenStorage extends StorageAdapter implements AccessTokenInterface { public function get($token) { + $sql = 'SELECT oauth_session_access_tokens.*' + . ' FROM oauth_session_access_tokens' + . ' WHERE access_token = ?' + . ' AND access_token_expires >= ?;'; + $results = $this->db->fetch($sql, [$token, time()]); + + if (count($results) === 1) + { + return (new AccessTokenEntity($this->server)) + ->setId($results[0]['access_token']) + ->setExpireTime($results[0]['access_token_expires']); + } + + return null; } public function getScopes(AbstractTokenEntity $token) { + $sql = 'SELECT oauth_scopes.id, oauth_scopes.description' + . ' FROM oauth_session_token_scopes' + . ' INNER JOIN oauth_scopes' + . ' ON oauth_session_token_scopes.scope_id = oauth_scopes.id' + . ' WHERE oauth_session_token_scopes.session_access_token_id = ?;'; + $results = $this->db->fetch($sql, [$token->getId()]); + $response = []; + + if (count($results) > 0) + { + foreach ($results as $row) + { + $response[] = (new ScopeEntity($this->server))->hydrate([ + 'id' => $row['id'], + 'description' => $row['description'] + ]); + } + } + + return $response; } public function create($token, $expiration, $session_id) { + $sql = 'INSERT INTO oauth_session_access_tokens' + . ' (access_token, session_id, access_token_expires)' + . ' VALUES' + . ' (?, ?, ?);'; + $this->db->execute($sql, [$token, $session_id, $expiration]); } public function associateScope(AbstractTokenEntity $token, ScopeEntity $scope) { + $sql = 'INSERT INTO oauth_session_token_scopes' + . ' (access_token, scope)' + . ' VALUES' + . ' (?, ?);'; + $this->db->execute($sql, [$token->getId(), $scope->getId()]); } public function delete(AbstractTokenEntity $token) { + $sql = 'DELETE FROM oauth_session_token_scopes' + . ' WHERE access_token = ?;'; + $this->db->execute($sql, [$token->getId()]); } } diff --git a/src/OAuth2/ClientStorage.php b/src/OAuth2/ClientStorage.php index dddfeda..8a38ffc 100644 --- a/src/OAuth2/ClientStorage.php +++ b/src/OAuth2/ClientStorage.php @@ -57,7 +57,7 @@ class ClientStorage extends StorageAdapter implements ClientInterface { $sql = 'SELECT oauth_clients.id, oauth_clients.name' . ' FROM oauth_clients' - . ' JOIN oauth_sessions' + . ' INNER JOIN oauth_sessions' . ' ON oauth_clients.id = oauth_sessions.client_id' . ' WHERE oauth_sessions.id = ?'; diff --git a/src/OAuth2/ScopeStorage.php b/src/OAuth2/ScopeStorage.php index 6cf7532..c614eb7 100644 --- a/src/OAuth2/ScopeStorage.php +++ b/src/OAuth2/ScopeStorage.php @@ -9,7 +9,18 @@ class ScopeStorage extends StorageAdapter implements ScopeInterface { public function get($scope, $grant_type = null, $client_id = null) { + $sql = 'SELECT * FROM oauth_scopes WHERE id = ?;'; + $results = $this->db->fetch($sql, [$scope]); + if (count($results) === 0) + { + return null; + } + + return (new ScopeEntity($this->server))->hydrate([ + 'id' => $result[0]['id'], + 'description' => $result[0]['description'], + ]); } } diff --git a/src/OAuth2/SessionStorage.php b/src/OAuth2/SessionStorage.php index 17b1639..68b015a 100644 --- a/src/OAuth2/SessionStorage.php +++ b/src/OAuth2/SessionStorage.php @@ -13,27 +13,94 @@ class SessionStorage extends StorageAdapter implements SessionInterface { public function getByAccessToken(AccessTokenEntity $access_token) { + $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,' + . ' oauth_sessions.owner_id, oauth_sessions.client_id,' + . ' oauth_sessions.client_redirect_uri' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_session_access_tokens' + . ' ON oauth_session_access_tokens.session_id = oauth_sessions.id' + . ' WHERE oauth_session_access_tokens.access_token = ?;'; + $results = $this->db->fetch($sql, [$access_token->getId()]); + + if (count($results) === 1) + { + $session = new SessionEntity($this->server); + $session->setId($result[0]['id']); + $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); + + return $session; + } + + return null; } public function getByAuthCode(AuthCodeEntity $auth_code) { + $sql = 'SELECT oauth_sessions.id, oauth_sessions.owner_type,' + . ' oauth_sessions.owner_id, oauth_sessions.client_id,' + . ' oauth_sessions.client_redirect_uri' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_authcodes' + . ' ON oauth_auth_codes.session_id = oauth_sessions.id' + . ' WHERE oauth_auth_codes.auth_code = ?;'; + $results = $this->db->fetch($sql, [$auth_code->getId()]); + + if (count($results) === 1) + { + $session = new SessionEntity($this->server); + $session->setId($result[0]['id']); + $session->setOwner($result[0]['owner_type'], $result[0]['owner_id']); + + return $session; + } + + return null; } public function getScopes(SessionEntity $session) { + $sql = 'SELECT oauth_sessions.*' + . ' FROM oauth_sessions' + . ' INNER JOIN oauth_session_token_scopes' + . ' ON oauth_sessions.id = oauth_session_token_scopes.session_access_token_id' + . ' INNER JOIN oauth_scopes' + . ' ON oauth_scopes.id = oauth_session_token_scopes.scope_id' + . ' WHERE oauth_sessions.id = ?;'; + $results = $this->db->fetch($sql, [$session->getId()]); + $scopes = []; + + foreach ($results as $scope) + { + $scopes[] = (new ScopeEntity($this->server))->hydrate([ + 'id' => $scope['id'], + 'description' => $scope['description'], + ]); + } + + return $scopes; } public function create($owner_type, $owner_id, $client_id, $client_redirect_uri = null) { + $sql = 'INSERT INTO oauth_sessions' + . ' (owner_type, owner_id, client_id)' + . ' VALUES' + . ' (?, ?, ?);'; + return $this->db->execute($sql, [$owner_type, $owner_id, $client_id]); } public function associateScope(SessionEntity $session, ScopeEntity $scope) { + $sql = 'INSERT INTO oauth_session_token_scopes' + . ' (session_access_token_id, scope_id)' + . ' VALUES' + . ' (?, ?);'; + $this->db->execute($sql, [$session->getId(), $scope->getId()]); } }