OAuthDrupalProvider.php in OAuth 1.0 8
Same filename and directory in other branches
Contains \Drupal\oauth\Authentication\Provider\OAuthProvider.
Namespace
Drupal\oauth\Authentication\ProviderFile
src/Authentication/Provider/OAuthDrupalProvider.phpView source
<?php
/**
* @file
* Contains \Drupal\oauth\Authentication\Provider\OAuthProvider.
*/
namespace Drupal\oauth\Authentication\Provider;
use Drupal\Core\Authentication\AuthenticationProviderInterface;
use Drupal\Core\Database\Connection;
use Drupal\user\Entity\User;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use OauthProvider;
use OauthException;
/**
* Oauth authentication provider.
*/
class OAuthDrupalProvider implements AuthenticationProviderInterface {
/**
* The database service.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* The logger service for OAuth.
*
* @var \Psr\Log\LoggerInterface
*/
protected $logger;
/**
* An authenticated user object.
*
* @var \Drupal\user\UserBCDecorator
*/
protected $user;
/**
* Constructor.
*
* @param \Psr\Log\LoggerInterface $logger
* The logger service for OAuth.
*/
public function __construct(Connection $connection, LoggerInterface $logger) {
$this->connection = $connection;
$this->logger = $logger;
}
/**
* {@inheritdoc}
*/
public function applies(Request $request) {
// Only check requests with the 'authorization' header starting with OAuth.
return preg_match('/^OAuth/', $request->headers
->get('authorization'));
}
/**
* {@inheritdoc}
*/
public function authenticate(Request $request) {
try {
// Initialize and configure the OauthProvider too handle the request.
$this->provider = new OAuthProvider();
$this->provider
->consumerHandler(array(
$this,
'lookupConsumer',
));
$this->provider
->timestampNonceHandler(array(
$this,
'timestampNonceChecker',
));
$this->provider
->tokenHandler(array(
$this,
'tokenHandler',
));
$this->provider
->is2LeggedEndpoint(TRUE);
// Now check the request validity.
$this->provider
->checkOAuthRequest();
} catch (OAuthException $e) {
// The OAuth extension throws an alert when there is something wrong
// with the request (ie. the consumer key is invalid).
$this->logger
->warning($e
->getMessage());
return NULL;
}
// Check if we found a user.
if (!empty($this->user)) {
return $this->user;
}
return NULL;
}
/**
* {@inheritdoc}
*/
public function cleanup(Request $request) {
}
/**
* {@inheritdoc}
*/
public function handleException(GetResponseForExceptionEvent $event) {
return FALSE;
}
/**
* Finds a user associated with the OAuth crendentials given in the request.
*
* For the moment it handles two legged authentication for a pair of
* dummy key and secret, 'a' and 'b' respectively.
*
* @param \OAuthProvider $provider
* An instance of OauthProvider with the authorization request headers.
* @return int
* - OAUTH_OK if the authentication was successful.
* - OAUTH_CONSUMER_KEY_UNKNOWN if not.
* @see http://www.php.net/manual/en/class.oauthprovider.php
*/
public function lookupConsumer(OAuthProvider $provider) {
$row = $this->connection
->query('select * from {oauth_consumer} where consumer_key = :consumer_key', array(
':consumer_key' => $provider->consumer_key,
))
->fetchObject();
if (!empty($row)) {
$provider->consumer_secret = $row->consumer_secret;
$this->user = User::load($row->uid);
return OAUTH_OK;
}
else {
return OAUTH_CONSUMER_KEY_UNKNOWN;
}
}
/**
* Token handler callback.
*
* @TODO this will be used in token authorization.
*/
public function tokenHandler($provider) {
return OAUTH_OK;
}
/**
* Nonce handler.
*
* @TODO need to remember what the hell this was.
*/
public function timestampNonceChecker($provider) {
return OAUTH_OK;
}
}Classes
Name |
Description |
|---|---|
| OAuthDrupalProvider | Oauth authentication provider. |