Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
EOAuth2Service.php
1 <?php
2 /**
3  * EOAuth2Service class file.
4  *
5  * @author Maxim Zemskov <nodge@yandex.ru>
6  * @link http://code.google.com/p/yii-eauth/
7  * @license http://www.opensource.org/licenses/bsd-license.php
8  */
9 
10 require_once 'EAuthServiceBase.php';
11 
12 /**
13  * EOAuth2Service is a base class for all OAuth 2.0 providers.
14  * @package application.extensions.eauth
15  */
16 abstract class EOAuth2Service extends EAuthServiceBase implements IAuthService {
17 
18  /**
19  * @var string OAuth2 client id.
20  */
21  protected $client_id;
22 
23  /**
24  * @var string OAuth2 client secret key.
25  */
26  protected $client_secret;
27 
28  /**
29  * @var string OAuth scopes.
30  */
31  protected $scope = '';
32 
33  /**
34  * @var array Provider options. Must contain the keys: authorize, access_token.
35  */
36  protected $providerOptions = array(
37  'authorize' => '',
38  'access_token' => '',
39  );
40 
41  /**
42  * @var string current OAuth2 access token.
43  */
44  protected $access_token = '';
45 
46 
47  /**
48  * Authenticate the user.
49  * @return boolean whether user was successfuly authenticated.
50  */
51  public function authenticate() {
52  // user denied error
53  if (isset($_GET['error']) && $_GET['error'] == 'access_denied') {
54  $this->cancel();
55  return false;
56  }
57 
58  // Get the access_token and save them to the session.
59  if (isset($_GET['code'])) {
60  $code = $_GET['code'];
61  $token = $this->getAccessToken($code);
62  if (isset($token)) {
63  $this->saveAccessToken($token);
64  $this->authenticated = true;
65  }
66  }
67  // Redirect to the authorization page
68  else if (!$this->restoreAccessToken()) {
69  // Use the URL of the current page as the callback URL.
70  if (isset($_GET['redirect_uri'])) {
71  $redirect_uri = $_GET['redirect_uri'];
72  }
73  else {
74  $server = Yii::app()->request->getHostInfo();
75  $path = Yii::app()->request->getUrl();
76  $redirect_uri = $server.$path;
77  }
78  $url = $this->getCodeUrl($redirect_uri);
79  Yii::app()->request->redirect($url);
80  }
81 
82  return $this->getIsAuthenticated();
83  }
84 
85  /**
86  * Returns the url to request to get OAuth2 code.
87  * @param string $redirect_uri url to redirect after user confirmation.
88  * @return string url to request.
89  */
90  protected function getCodeUrl($redirect_uri) {
91  return $this->providerOptions['authorize'].'?client_id='.$this->client_id.'&redirect_uri='.urlencode($redirect_uri).'&scope='.$this->scope.'&response_type=code';
92  }
93 
94  /**
95  * Returns the url to request to get OAuth2 access token.
96  * @return string url to request.
97  */
98  protected function getTokenUrl($code) {
99  return $this->providerOptions['access_token'].'?client_id='.$this->client_id.'&client_secret='.$this->client_secret.'&code='.$code;
100  }
101 
102  /**
103  * Returns the OAuth2 access token.
104  * @param string $code the OAuth2 code. See {@link getCodeUrl}.
105  * @return string the token.
106  */
107  protected function getAccessToken($code) {
108  return $this->makeRequest($this->getTokenUrl($code));
109  }
110 
111  /**
112  * Save access token to the session.
113  * @param string $token access token.
114  */
115  protected function saveAccessToken($token) {
116  $this->setState('auth_token', $token);
117  $this->access_token = $token;
118  }
119 
120  /**
121  * Restore access token from the session.
122  * @return boolean whether the access token was successfuly restored.
123  */
124  protected function restoreAccessToken() {
125  if ($this->hasState('auth_token') && $this->getState('expires', 0) > time()) {
126  $this->access_token = $this->getState('auth_token');
127  $this->authenticated = true;
128  return true;
129  }
130  else {
131  $this->access_token = null;
132  $this->authenticated = false;
133  return false;
134  }
135  }
136 
137  /**
138  * Returns the protected resource.
139  * @param string $url url to request.
140  * @param array $options HTTP request options. Keys: query, data, referer.
141  * @param boolean $parseJson Whether to parse response in json format.
142  * @return string the response.
143  * @see makeRequest
144  */
145  public function makeSignedRequest($url, $options = array(), $parseJson = true) {
146  if (!$this->getIsAuthenticated())
147  throw new CHttpException(401, Yii::t('eauth', 'Unable to complete the request because the user was not authenticated.'));
148 
149  $options['query']['access_token'] = $this->access_token;
150  $result = $this->makeRequest($url, $options);
151  return $result;
152  }
153 }