0
0
mirror of https://github.com/salesagility/SuiteCRM.git synced 2024-12-22 12:28:31 +00:00
salesagility_SuiteCRM/modules/OAuthTokens/OAuthToken.php

314 lines
9.3 KiB
PHP
Executable File

<?php
/**
*
* SugarCRM Community Edition is a customer relationship management program developed by
* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
*
* SuiteCRM is an extension to SugarCRM Community Edition developed by SalesAgility Ltd.
* Copyright (C) 2011 - 2018 SalesAgility Ltd.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
* You should have received a copy of the GNU Affero General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
* reasonably feasible for technical reasons, the Appropriate Legal Notices must
* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
*/
if (!defined('sugarEntry') || !sugarEntry) {
die('Not A Valid Entry Point');
}
require_once 'modules/OAuthKeys/OAuthKey.php';
/**
* OAuth token
*/
#[\AllowDynamicProperties]
class OAuthToken extends SugarBean
{
public $module_dir = 'OAuthTokens';
public $object_name = 'OAuthToken';
public $table_name = 'oauth_tokens';
public $disable_row_level_security = true;
public $token;
public $secret;
public $tstate;
public $token_ts;
public $verify;
public $consumer;
public $assigned_user_id;
public $consumer_obj;
public $callback_url;
// authdata is not preserved so far since we don't have any useful data yet
// so it's an extension point for the future
public $authdata;
public const REQUEST = 1;
public const ACCESS = 2;
public const INVALID = 3;
public function __construct($token='', $secret='')
{
parent::__construct();
$this->token = $token;
$this->secret = $secret;
$this->setState(self::REQUEST);
}
/**
* Set token state
* @param int $s
* @return OAuthToken
*/
public function setState($s)
{
$this->tstate = $s;
return $this;
}
/**
* Associate the token with the consumer key
* @param OAuthKey $consumer
* @return OAuthToken
*/
public function setConsumer($consumer)
{
$this->consumer = $consumer->id;
$this->consumer_obj = $consumer;
return $this;
}
/**
* Set callback URL for request token
* @param string $url
* @return OAuthToken
*/
public function setCallbackURL($url)
{
$this->callback_url = $url;
return $this;
}
/**
* Generate random token
* @return string
*/
protected static function randomValue()
{
$zop = new SuiteCRM\Zend_Oauth_Provider();
return bin2hex($zop->generateToken(6));
}
/**
* Generate random token/secret pair and create token
* @return OAuthToken
*/
public static function generate()
{
$t = self::randomValue();
$s = self::randomValue();
return new self($t, $s);
}
public function save($check_notify = false)
{
$this->token_ts = time();
if (!isset($this->id)) {
$this->new_with_id = true;
$this->id = $this->token;
}
return parent::save();
}
/**
* Load token by ID
* @param string $token
* @return OAuthToken
*/
public static function load($token)
{
$ltoken = new self();
$ltoken->retrieve($token);
if (empty($ltoken->id)) {
return null;
}
$ltoken->token = $ltoken->id;
if (!empty($ltoken->consumer)) {
$ltoken->consumer_obj = BeanFactory::getBean("OAuthKeys", $ltoken->consumer);
if (empty($ltoken->consumer_obj->id)) {
return null;
}
}
return $ltoken;
}
/**
* Invalidate token
*/
public function invalidate()
{
$this->setState(self::INVALID);
$this->verify = false;
return $this->save();
}
/**
* Create a new authorized token for specific user
* This bypasses normal OAuth process and creates a ready-made access token
* @param OAuthKey $consumer
* @param User $user
* @return OAuthToken
*/
public static function createAuthorized($consumer, $user)
{
$token = self::generate();
$token->setConsumer($consumer);
$token->setState(self::ACCESS);
$token->assigned_user_id = $user->id;
$token->save();
return $token;
}
/**
* Authorize request token
* @param mixed $authdata
* @return string Validation token
*/
public function authorize($authdata)
{
if ($this->tstate != self::REQUEST) {
return false;
}
$this->verify = self::randomValue();
$this->authdata = $authdata;
if (isset($authdata['user'])) {
$this->assigned_user_id = $authdata['user'];
}
$this->save();
return $this->verify;
}
/**
* Copy auth data between tokens
* @param OAuthToken $token
* @return OAuthToken
*/
public function copyAuthData(OAuthToken $token)
{
$this->authdata = $token->authdata;
$this->assigned_user_id = $token->assigned_user_id;
return $this;
}
/**
* Get query string for the token
*/
public function queryString()
{
return "oauth_token={$this->token}&oauth_token_secret={$this->secret}";
}
/**
* Clean up stale tokens
*/
public static function cleanup()
{
$db = DBManagerFactory::getInstance();
// delete invalidated tokens older than 1 day
$db->query("DELETE FROM oauth_tokens WHERE tstate = ".self::INVALID." AND token_ts < ".(time()-60*60*24));
// delete request tokens older than 1 day
$db->query("DELETE FROM oauth_tokens WHERE tstate = ".self::REQUEST." AND token_ts < ".(time()-60*60*24));
}
/**
* Check if the nonce is valid
* @param string $key
* @param string $nonce
* @param string $ts
*/
public static function checkNonce($key, $nonce, $ts)
{
$db = DBManagerFactory::getInstance();
$res = $db->query(sprintf("SELECT * FROM oauth_nonce WHERE conskey='%s' AND nonce_ts > %d", $db->quote($key), $ts));
if ($res && $db->fetchByAssoc($res)) {
// we have later ts
return SuiteCRM\Zend_Oauth_Provider::BAD_TIMESTAMP;
}
$res = $db->query(sprintf("SELECT * FROM oauth_nonce WHERE conskey='%s' AND nonce='%s' AND nonce_ts = %d", $db->quote($key), $db->quote($nonce), $ts));
if ($res && $db->fetchByAssoc($res)) {
// Already seen this one
return SuiteCRM\Zend_Oauth_Provider::BAD_NONCE;
}
$db->query(sprintf("DELETE FROM oauth_nonce WHERE conskey='%s' AND nonce_ts < %d", $db->quote($key), $ts));
$db->query(sprintf("INSERT INTO oauth_nonce(conskey, nonce, nonce_ts) VALUES('%s', '%s', %d)", $db->quote($key), $db->quote($nonce), $ts));
return SuiteCRM\Zend_Oauth_Provider::OK;
}
/**
* Delete token by ID
* @param string id
* @see SugarBean::mark_deleted($id)
*/
public function mark_deleted($id)
{
$this->db->query("DELETE from {$this->table_name} WHERE id='".$this->db->quote($id)."'");
}
/**
* Delete tokens by consumer ID
* @param string $user
*/
public static function deleteByConsumer($consumer_id)
{
$db = DBManagerFactory::getInstance();
$db->query("DELETE FROM oauth_tokens WHERE consumer='".$db->quote($consumer_id) ."'");
}
/**
* Delete tokens by user ID
* @param string $user
*/
public static function deleteByUser($user_id)
{
$db = DBManagerFactory::getInstance();
$db->query("DELETE FROM oauth_tokens WHERE assigned_user_id='".$db->quote($user_id) ."'");
}
}
function displayDateFromTs($focus, $field, $value, $view='ListView')
{
$field = strtoupper($field);
if (!isset($focus->$field)) {
return '';
}
global $timedate;
return $timedate->asUser($timedate->fromTimestamp($focus->$field));
}