Loading .gitignore +2 −0 Original line number Diff line number Diff line Loading @@ -2,3 +2,5 @@ composer.lock config.php logs/ vendor/ client-icons/ /nbproject/ classes/DAO.php +8 −0 Original line number Diff line number Diff line Loading @@ -124,4 +124,12 @@ interface DAO { * @param type $token join token */ function deleteJoinRequest($token); /** * CRUD methods for OAuth2Clients (used by admin interface). */ function getOAuth2Clients(); function createOAuth2Client($client); function updateOAuth2Client($client); function deleteOAuth2Client($clientId); } classes/MySQLDAO.php +146 −0 Original line number Diff line number Diff line Loading @@ -332,4 +332,150 @@ class MySQLDAO implements DAO { $stmt->execute(); } function getOAuth2Clients() { $dbh = $this->getDBHandler(); // Load clients info $queryClient = "SELECT id, name, icon, client, secret, redirect_url, scope FROM oauth2_client"; $stmtClients = $dbh->prepare($queryClient); $stmtClients->execute(); $clientsMap = []; foreach ($stmtClients->fetchAll() as $row) { $client = new OAuth2Client(); $client->id = $row['id']; $client->name = $row['name']; $client->icon = $row['icon']; $client->client = $row['client']; $client->secret = $row['secret']; $client->redirectUrl = $row['redirect_url']; $client->scope = $row['scope']; $clientsMap[$client->id] = $client; } // Load authentication methods info $queryAuthNMethods = "SELECT client_id, auth_method FROM oauth2_client_auth_methods"; $stmtAuthNMethods = $dbh->prepare($queryAuthNMethods); $stmtAuthNMethods->execute(); foreach ($stmtAuthNMethods->fetchAll() as $row) { $id = $row['client_id']; array_push($clientsMap[$id]->authMethods, $row['auth_method']); } $clients = []; foreach ($clientsMap as $id => $client) { array_push($clients, $client); } return $clients; } function createOAuth2Client($client) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("INSERT INTO `oauth2_client`(`name`, `icon`, `client`, `secret`, `redirect_url`, `scope`)" . " VALUES(:name, :icon, :client, :secret, :redirect_url, :scope)"); $stmt->bindParam(':name', $client->name); $stmt->bindParam(':icon', $client->icon); $stmt->bindParam(':client', $client->client); $stmt->bindParam(':secret', $client->secret); $stmt->bindParam(':redirect_url', $client->redirectUrl); $stmt->bindParam(':scope', $client->scope); $stmt->execute(); $client->id = $dbh->lastInsertId(); foreach ($client->authMethods as $method) { $stmt = $dbh->prepare("INSERT INTO `oauth2_client_auth_methods`(`client_id`, `auth_method`)" . " VALUES(:client_id, :auth_method)"); $stmt->bindParam(':client_id', $client->id); $stmt->bindParam(':auth_method', $method); $stmt->execute(); } $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } return $client; } function updateOAuth2Client($client) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("UPDATE `oauth2_client` SET `name` = :name, `icon` = :icon, " . " `client` = :client, `secret` = :secret, `redirect_url` = :redirect_url, `scope` = :scope " . " WHERE id = :id"); $stmt->bindParam(':name', $client->name); $stmt->bindParam(':icon', $client->icon); $stmt->bindParam(':client', $client->client); $stmt->bindParam(':secret', $client->secret); $stmt->bindParam(':redirect_url', $client->redirectUrl); $stmt->bindParam(':scope', $client->scope); $stmt->bindParam(':id', $client->id); $stmt->execute(); // Delete old authentication methods $stmt = $dbh->prepare("DELETE FROM oauth2_client_auth_methods WHERE client_id = :id"); $stmt->bindParam(':id', $client->id); $stmt->execute(); // Re-add authentication methods foreach ($client->authMethods as $method) { $stmt = $dbh->prepare("INSERT INTO `oauth2_client_auth_methods`(`client_id`, `auth_method`)" . " VALUES(:client_id, :auth_method)"); $stmt->bindParam(':client_id', $client->id); $stmt->bindParam(':auth_method', $method); $stmt->execute(); } $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } return $client; } function deleteOAuth2Client($clientId) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("DELETE FROM `oauth2_client_auth_methods` WHERE client_id = :id"); $stmt->bindParam(':id', $clientId); $stmt->execute(); $stmt = $dbh->prepare("DELETE FROM `oauth2_client` WHERE id = :id"); $stmt->bindParam(':id', $clientId); $stmt->execute(); $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } } } classes/OAuth2Client.php 0 → 100644 +42 −0 Original line number Diff line number Diff line <?php /* ---------------------------------------------------------------------------- * INAF - National Institute for Astrophysics * IRA - Radioastronomical Institute - Bologna * OATS - Astronomical Observatory - Trieste * ---------------------------------------------------------------------------- * * Copyright (C) 2019 Istituto Nazionale di Astrofisica * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License Version 3 as published by the * Free Software Foundation. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. * * You should have received a copy of the GNU General Public License along with * this program; if not, write to the Free Software Foundation, Inc., 51 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ namespace RAP; /** * Data model for storing information about a RAP client connecting using OAuth2. */ class OAuth2Client { public $id; public $name; public $icon; public $client; public $secret; public $redirectUrl; public $scope; // list of AuthN methods public $authMethods = []; } include/admin.php 0 → 100644 +91 −0 Original line number Diff line number Diff line <?php /** * Functionalities for the admin panel. */ // function checkUser() { startSession(); global $session; if ($session->user === null) { http_response_code(401); die("You must be registered to perform this action"); } // TODO: check is admin } Flight::route('GET /admin', function() { global $VERSION; Flight::render('admin/index.php', array('title' => 'Admin panel', 'version' => $VERSION)); }); Flight::route('GET /admin/oauth2_clients', function() { checkUser(); global $dao; $clients = $dao->getOAuth2Clients(); Flight::json($clients); }); Flight::route('POST /admin/oauth2_clients', function() { checkUser(); global $dao; $client = $dao->createOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Flight::route('PUT /admin/oauth2_clients', function() { checkUser(); global $dao; $client = $dao->updateOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Flight::route('DELETE /admin/oauth2_clients/@id', function($id) { checkUser(); global $dao; $dao->deleteOAuth2Client($id); // Return no content Flight::halt(204); }); function buildOAuth2ClientFromData() { $data = Flight::request()->data; $client = new \RAP\OAuth2Client(); if (isset($data)) { if (isset($data['id'])) { $client->id = $data['id']; } $client->name = $data['name']; $client->icon = $data['icon']; $client->client = $data['client']; $client->secret = $data['secret']; $client->redirectUrl = $data['redirectUrl']; $client->scope = $data['scope']; } if (isset($data['authMethods'])) { foreach ($data['authMethods'] as $method) { array_push($client->authMethods, $method); } } return $client; } Loading
.gitignore +2 −0 Original line number Diff line number Diff line Loading @@ -2,3 +2,5 @@ composer.lock config.php logs/ vendor/ client-icons/ /nbproject/
classes/DAO.php +8 −0 Original line number Diff line number Diff line Loading @@ -124,4 +124,12 @@ interface DAO { * @param type $token join token */ function deleteJoinRequest($token); /** * CRUD methods for OAuth2Clients (used by admin interface). */ function getOAuth2Clients(); function createOAuth2Client($client); function updateOAuth2Client($client); function deleteOAuth2Client($clientId); }
classes/MySQLDAO.php +146 −0 Original line number Diff line number Diff line Loading @@ -332,4 +332,150 @@ class MySQLDAO implements DAO { $stmt->execute(); } function getOAuth2Clients() { $dbh = $this->getDBHandler(); // Load clients info $queryClient = "SELECT id, name, icon, client, secret, redirect_url, scope FROM oauth2_client"; $stmtClients = $dbh->prepare($queryClient); $stmtClients->execute(); $clientsMap = []; foreach ($stmtClients->fetchAll() as $row) { $client = new OAuth2Client(); $client->id = $row['id']; $client->name = $row['name']; $client->icon = $row['icon']; $client->client = $row['client']; $client->secret = $row['secret']; $client->redirectUrl = $row['redirect_url']; $client->scope = $row['scope']; $clientsMap[$client->id] = $client; } // Load authentication methods info $queryAuthNMethods = "SELECT client_id, auth_method FROM oauth2_client_auth_methods"; $stmtAuthNMethods = $dbh->prepare($queryAuthNMethods); $stmtAuthNMethods->execute(); foreach ($stmtAuthNMethods->fetchAll() as $row) { $id = $row['client_id']; array_push($clientsMap[$id]->authMethods, $row['auth_method']); } $clients = []; foreach ($clientsMap as $id => $client) { array_push($clients, $client); } return $clients; } function createOAuth2Client($client) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("INSERT INTO `oauth2_client`(`name`, `icon`, `client`, `secret`, `redirect_url`, `scope`)" . " VALUES(:name, :icon, :client, :secret, :redirect_url, :scope)"); $stmt->bindParam(':name', $client->name); $stmt->bindParam(':icon', $client->icon); $stmt->bindParam(':client', $client->client); $stmt->bindParam(':secret', $client->secret); $stmt->bindParam(':redirect_url', $client->redirectUrl); $stmt->bindParam(':scope', $client->scope); $stmt->execute(); $client->id = $dbh->lastInsertId(); foreach ($client->authMethods as $method) { $stmt = $dbh->prepare("INSERT INTO `oauth2_client_auth_methods`(`client_id`, `auth_method`)" . " VALUES(:client_id, :auth_method)"); $stmt->bindParam(':client_id', $client->id); $stmt->bindParam(':auth_method', $method); $stmt->execute(); } $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } return $client; } function updateOAuth2Client($client) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("UPDATE `oauth2_client` SET `name` = :name, `icon` = :icon, " . " `client` = :client, `secret` = :secret, `redirect_url` = :redirect_url, `scope` = :scope " . " WHERE id = :id"); $stmt->bindParam(':name', $client->name); $stmt->bindParam(':icon', $client->icon); $stmt->bindParam(':client', $client->client); $stmt->bindParam(':secret', $client->secret); $stmt->bindParam(':redirect_url', $client->redirectUrl); $stmt->bindParam(':scope', $client->scope); $stmt->bindParam(':id', $client->id); $stmt->execute(); // Delete old authentication methods $stmt = $dbh->prepare("DELETE FROM oauth2_client_auth_methods WHERE client_id = :id"); $stmt->bindParam(':id', $client->id); $stmt->execute(); // Re-add authentication methods foreach ($client->authMethods as $method) { $stmt = $dbh->prepare("INSERT INTO `oauth2_client_auth_methods`(`client_id`, `auth_method`)" . " VALUES(:client_id, :auth_method)"); $stmt->bindParam(':client_id', $client->id); $stmt->bindParam(':auth_method', $method); $stmt->execute(); } $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } return $client; } function deleteOAuth2Client($clientId) { $dbh = $this->getDBHandler(); try { $dbh->beginTransaction(); $stmt = $dbh->prepare("DELETE FROM `oauth2_client_auth_methods` WHERE client_id = :id"); $stmt->bindParam(':id', $clientId); $stmt->execute(); $stmt = $dbh->prepare("DELETE FROM `oauth2_client` WHERE id = :id"); $stmt->bindParam(':id', $clientId); $stmt->execute(); $dbh->commit(); } catch (Exception $ex) { $dbh->rollBack(); throw $ex; } } }
classes/OAuth2Client.php 0 → 100644 +42 −0 Original line number Diff line number Diff line <?php /* ---------------------------------------------------------------------------- * INAF - National Institute for Astrophysics * IRA - Radioastronomical Institute - Bologna * OATS - Astronomical Observatory - Trieste * ---------------------------------------------------------------------------- * * Copyright (C) 2019 Istituto Nazionale di Astrofisica * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License Version 3 as published by the * Free Software Foundation. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. * * You should have received a copy of the GNU General Public License along with * this program; if not, write to the Free Software Foundation, Inc., 51 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ namespace RAP; /** * Data model for storing information about a RAP client connecting using OAuth2. */ class OAuth2Client { public $id; public $name; public $icon; public $client; public $secret; public $redirectUrl; public $scope; // list of AuthN methods public $authMethods = []; }
include/admin.php 0 → 100644 +91 −0 Original line number Diff line number Diff line <?php /** * Functionalities for the admin panel. */ // function checkUser() { startSession(); global $session; if ($session->user === null) { http_response_code(401); die("You must be registered to perform this action"); } // TODO: check is admin } Flight::route('GET /admin', function() { global $VERSION; Flight::render('admin/index.php', array('title' => 'Admin panel', 'version' => $VERSION)); }); Flight::route('GET /admin/oauth2_clients', function() { checkUser(); global $dao; $clients = $dao->getOAuth2Clients(); Flight::json($clients); }); Flight::route('POST /admin/oauth2_clients', function() { checkUser(); global $dao; $client = $dao->createOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Flight::route('PUT /admin/oauth2_clients', function() { checkUser(); global $dao; $client = $dao->updateOAuth2Client(buildOAuth2ClientFromData()); Flight::json($client); }); Flight::route('DELETE /admin/oauth2_clients/@id', function($id) { checkUser(); global $dao; $dao->deleteOAuth2Client($id); // Return no content Flight::halt(204); }); function buildOAuth2ClientFromData() { $data = Flight::request()->data; $client = new \RAP\OAuth2Client(); if (isset($data)) { if (isset($data['id'])) { $client->id = $data['id']; } $client->name = $data['name']; $client->icon = $data['icon']; $client->client = $data['client']; $client->secret = $data['secret']; $client->redirectUrl = $data['redirectUrl']; $client->scope = $data['scope']; } if (isset($data['authMethods'])) { foreach ($data['authMethods'] as $method) { array_push($client->authMethods, $method); } } return $client; }
