From 907ce8c044159ca8da6ccce3ec5362ac61e7c142 Mon Sep 17 00:00:00 2001 From: yehudah Date: Mon, 25 Nov 2019 07:50:30 +0000 Subject: deleted by mistake --- .../PostmanAbstractAuthenticationManager.php | 171 --------------------- .../Postman-Auth/PostmanAuthenticationManager.php | 18 --- .../PostmanAuthenticationManagerFactory.php | 58 ------- .../PostmanGoogleAuthenticationManager.php | 122 --------------- .../PostmanMicrosoftAuthenticationManager.php | 107 ------------- .../PostmanNonOAuthAuthenticationManager.php | 46 ------ .../PostmanStateIdMissingException.php | 8 - .../PostmanYahooAuthenticationManager.php | 136 ---------------- 8 files changed, 666 deletions(-) delete mode 100644 Postman/Postman-Auth/PostmanAbstractAuthenticationManager.php delete mode 100644 Postman/Postman-Auth/PostmanAuthenticationManager.php delete mode 100644 Postman/Postman-Auth/PostmanAuthenticationManagerFactory.php delete mode 100644 Postman/Postman-Auth/PostmanGoogleAuthenticationManager.php delete mode 100644 Postman/Postman-Auth/PostmanMicrosoftAuthenticationManager.php delete mode 100644 Postman/Postman-Auth/PostmanNonOAuthAuthenticationManager.php delete mode 100644 Postman/Postman-Auth/PostmanStateIdMissingException.php delete mode 100644 Postman/Postman-Auth/PostmanYahooAuthenticationManager.php (limited to 'Postman/Postman-Auth') diff --git a/Postman/Postman-Auth/PostmanAbstractAuthenticationManager.php b/Postman/Postman-Auth/PostmanAbstractAuthenticationManager.php deleted file mode 100644 index 7402ba7..0000000 --- a/Postman/Postman-Auth/PostmanAbstractAuthenticationManager.php +++ /dev/null @@ -1,171 +0,0 @@ -logger = $logger; - $this->clientId = $clientId; - $this->clientSecret = $clientSecret; - $this->authorizationToken = $authorizationToken; - $this->callbackUri = $callbackUri; - } - protected function getLogger() { - return $this->logger; - } - protected function getClientId() { - return $this->clientId; - } - protected function getClientSecret() { - return $this->clientSecret; - } - protected function getAuthorizationToken() { - return $this->authorizationToken; - } - - /** - * Create a state token to prevent request forgery. - * Store it in the session for later validation. - */ - public function generateRequestTransactionId() { - return $state = md5 ( rand () ); - } - - /** - */ - public function isAccessTokenExpired() { - $expireTime = ($this->authorizationToken->getExpiryTime () - self::FORCE_REFRESH_X_SECONDS_BEFORE_EXPIRE); - $tokenHasExpired = time () > $expireTime; - $this->logger->debug ( 'Access Token Expiry Time is ' . $expireTime . ', expires_in=' . ($expireTime - time ()) . ', expired=' . ($tokenHasExpired ? 'yes' : 'no') ); - return $tokenHasExpired; - } - - /** - * Decoded the received token - * This code is identical for Google and Hotmail - * - * @param mixed $response - * @throws Exception - */ - protected function processResponse($response) { - $authToken = json_decode ( stripslashes ( $response ) ); - if ($authToken === NULL) { - $this->getLogger ()->error ( $response ); - throw new Exception ( $response ); - } else if (isset ( $authToken->{'error'} )) { - if (isset ( $authToken->{'error_description'} )) { - $this->getLogger ()->error ( $authToken->{'error'} . ' processing response: ' . $authToken->{'error_description'} ); - throw new Exception ( $authToken->{'error_description'} . '(' . $authToken->{'error'} . ')' ); - } else { - // Yahoo doesn't give descriptions - $this->getLogger ()->error ( $authToken->{'error'} . ' processing response' ); - throw new Exception ( $authToken->{'error'} ); - } - } else { - $this->getLogger ()->trace ( 'Processing response:' ); - $this->getLogger ()->trace ( $response ); - $this->decodeReceivedAuthorizationToken ( $authToken ); - } - } - - /** - * Parses the authorization token and extracts the expiry time, accessToken, - * and if this is a first-time authorization, a refresh token. - * - * This code is identical for Google and Hotmail - * - * @param mixed $client - */ - protected function decodeReceivedAuthorizationToken($newtoken) { - assert ( ! empty ( $newtoken ) ); - assert ( ! empty ( $newtoken->{self::EXPIRES} ) ); - assert ( ! empty ( $newtoken->{self::ACCESS_TOKEN} ) ); - - // update expiry time - if (empty ( $newtoken->{self::EXPIRES} )) { - throw new Exception ( '[expires_in] value is missing from the authentication token' ); - } - $newExpiryTime = time () + $newtoken->{self::EXPIRES}; - $this->getAuthorizationToken ()->setExpiryTime ( $newExpiryTime ); - $this->getLogger ()->debug ( 'Updating Access Token Expiry Time ' ); - - // update acccess token - if (empty ( $newtoken->{self::ACCESS_TOKEN} )) { - throw new Exception ( '[access_token] value is missing from the authentication token' ); - } - $newAccessToken = $newtoken->{self::ACCESS_TOKEN}; - $this->getAuthorizationToken ()->setAccessToken ( $newAccessToken ); - $this->getLogger ()->debug ( 'Updating Access Token' ); - - // update refresh token, if there is one - if (isset ( $newtoken->{self::REFRESH_TOKEN} )) { - $newRefreshToken = $newtoken->{self::REFRESH_TOKEN}; - $this->getAuthorizationToken ()->setRefreshToken ( $newRefreshToken ); - $this->getLogger ()->debug ( 'Updating Refresh Token ' ); - } - } - - /** - * Given an OAuth provider-specific URL and redirectUri, - * issue an HttpRequest to refresh the access token - * - * This code is identical for Google and Hotmail - */ - public function refreshToken() { - $this->getLogger ()->debug ( 'Refreshing Token' ); - $refreshUrl = $this->getTokenUrl (); - $callbackUrl = $this->getCallbackUri (); - assert ( ! empty ( $refreshUrl ) ); - assert ( ! empty ( $callbackUrl ) ); - // the format of the URL is - // client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=REDIRECT_URI&grant_type=refresh_token&refresh_token=REFRESH_TOKEN - $postvals = array ( - 'client_id' => $this->getClientId (), - 'client_secret' => $this->getClientSecret (), - 'redirect_uri' => $callbackUrl, - 'grant_type' => 'refresh_token', - 'refresh_token' => $this->getAuthorizationToken ()->getRefreshToken () - ); - // example request string - // client_id=0000000603DB0F&redirect_uri=http%3A%2F%2Fwww.contoso.com%2Fcallback.php&client_secret=LWILlT555GicSrIATma5qgyBXebRI&refresh_token=*LA9...//refresh token string shortened for example//...xRoX&grant_type=refresh_token - $response = PostmanUtils::remotePostGetBodyOnly ( $refreshUrl, $postvals ); - $this->processResponse ( $response ); - } - /** - * (non-PHPdoc) - * - * @see PostmanAuthenticationManager::getCallbackUri() - */ - public function getCallbackUri() { - return $this->callbackUri; - } - } -} diff --git a/Postman/Postman-Auth/PostmanAuthenticationManager.php b/Postman/Postman-Auth/PostmanAuthenticationManager.php deleted file mode 100644 index c405459..0000000 --- a/Postman/Postman-Auth/PostmanAuthenticationManager.php +++ /dev/null @@ -1,18 +0,0 @@ -logger = new PostmanLogger ( get_class ( $this ) ); - } - public function createAuthenticationManager() { - $transport = PostmanTransportRegistry::getInstance ()->getSelectedTransport (); - return $this->createManager ( $transport ); - } - private function createManager(PostmanZendModuleTransport $transport) { - $options = PostmanOptions::getInstance (); - $authorizationToken = PostmanOAuthToken::getInstance (); - $authenticationType = $options->getAuthenticationType (); - $hostname = $options->getHostname (); - $clientId = $options->getClientId (); - $clientSecret = $options->getClientSecret (); - $senderEmail = $options->getMessageSenderEmail (); - $scribe = $transport->getScribe (); - $redirectUrl = $scribe->getCallbackUrl (); - if ($transport->isOAuthUsed ( $options->getAuthenticationType () )) { - if ($transport->isServiceProviderGoogle ( $hostname )) { - $authenticationManager = new PostmanGoogleAuthenticationManager ( $clientId, $clientSecret, $authorizationToken, $redirectUrl, $senderEmail ); - } else if ($transport->isServiceProviderMicrosoft ( $hostname )) { - $authenticationManager = new PostmanMicrosoftAuthenticationManager ( $clientId, $clientSecret, $authorizationToken, $redirectUrl ); - } else if ($transport->isServiceProviderYahoo ( $hostname )) { - $authenticationManager = new PostmanYahooAuthenticationManager ( $clientId, $clientSecret, $authorizationToken, $redirectUrl ); - } else { - assert ( false ); - } - } else { - $authenticationManager = new PostmanNonOAuthAuthenticationManager (); - } - $this->logger->debug ( 'Created ' . get_class ( $authenticationManager ) ); - return $authenticationManager; - } - } -} \ No newline at end of file diff --git a/Postman/Postman-Auth/PostmanGoogleAuthenticationManager.php b/Postman/Postman-Auth/PostmanGoogleAuthenticationManager.php deleted file mode 100644 index c00afba..0000000 --- a/Postman/Postman-Auth/PostmanGoogleAuthenticationManager.php +++ /dev/null @@ -1,122 +0,0 @@ -senderEmail = $senderEmail; - parent::__construct ( $logger, $clientId, $clientSecret, $authorizationToken, $callbackUri ); - } - - /** - * The authorization sequence begins when your application redirects a browser to a Google URL; - * the URL includes query parameters that indicate the type of access being requested. - * - * As in other scenarios, Google handles user authentication, session selection, and user consent. - * The result is an authorization code, which Google returns to your application in a query string. - * - * (non-PHPdoc) - * - * @see PostmanAuthenticationManager::requestVerificationCode() - */ - public function requestVerificationCode($transactionId) { - $params = array ( - 'response_type' => 'code', - 'redirect_uri' => urlencode ( $this->getCallbackUri () ), - 'client_id' => $this->getClientId (), - 'scope' => urlencode ( self::SCOPE_FULL_ACCESS ), - 'access_type' => 'offline', - 'approval_prompt' => 'force', - 'state' => $transactionId, - 'login_hint' => $this->senderEmail - ); - - $authUrl = $this->getAuthorizationUrl () . '?' . build_query ( $params ); - - $this->getLogger ()->debug ( 'Requesting verification code from Google' ); - PostmanUtils::redirect ( $authUrl ); - } - - /** - * After receiving the authorization code, your application can exchange the code - * (along with a client ID and client secret) for an access token and, in some cases, - * a refresh token. - * - * This code is identical for Google and Hotmail - * - * @see PostmanAuthenticationManager::processAuthorizationGrantCode() - */ - public function processAuthorizationGrantCode($transactionId) { - if (isset ( $_GET ['code'] )) { - $this->getLogger ()->debug ( 'Found authorization code in request header' ); - $code = filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING ); - if (isset ( $_GET ['state'] ) && $_GET ['state'] == $transactionId) { - $this->getLogger ()->debug ( 'Found valid state in request header' ); - } else { - $this->getLogger ()->error ( 'The grant code from Google had no accompanying state and may be a forgery' ); - throw new PostmanStateIdMissingException (); - } - $postvals = array ( - 'client_id' => $this->getClientId (), - 'client_secret' => $this->getClientSecret (), - 'grant_type' => 'authorization_code', - 'redirect_uri' => $this->getCallbackUri (), - 'code' => $code - ); - $response = PostmanUtils::remotePostGetBodyOnly ( $this->getTokenUrl (), $postvals ); - $this->processResponse ( $response ); - $this->getAuthorizationToken ()->setVendorName ( self::VENDOR_NAME ); - return true; - } else { - $this->getLogger ()->debug ( 'Expected code in the request header but found none - user probably denied request' ); - return false; - } - } - public function getAuthorizationUrl() { - return self::GOOGLE_ENDPOINT; - } - public function getTokenUrl() { - return self::GOOGLE_REFRESH; - } - } -} diff --git a/Postman/Postman-Auth/PostmanMicrosoftAuthenticationManager.php b/Postman/Postman-Auth/PostmanMicrosoftAuthenticationManager.php deleted file mode 100644 index 96fb529..0000000 --- a/Postman/Postman-Auth/PostmanMicrosoftAuthenticationManager.php +++ /dev/null @@ -1,107 +0,0 @@ - 'code', - 'redirect_uri' => urlencode ( $this->getCallbackUri () ), - 'client_id' => $this->getClientId (), - 'client_secret' => $this->getClientSecret (), - 'scope' => urlencode ( self::SCOPE ), - 'access_type' => 'offline', - 'approval_prompt' => 'force' - ); - - $authUrl = $this->getAuthorizationUrl () . '?' . build_query ( $params ); - - $this->getLogger ()->debug ( 'Requesting verification code from Microsoft' ); - PostmanUtils::redirect ( $authUrl ); - } - - /** - * ********************************************** - * If we have a code back from the OAuth 2.0 flow, - * we need to exchange that for an access token. - * We store the resultant access token - * bundle in the session, and redirect to ourself. - * ********************************************** - */ - public function processAuthorizationGrantCode($transactionId) { - if (isset ( $_GET ['code'] )) { - $code = filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING ); - $this->getLogger ()->debug ( 'Found authorization code in request header' ); - $postvals = array ( - 'client_id' => $this->getClientId (), - 'client_secret' => $this->getClientSecret (), - 'grant_type' => 'authorization_code', - 'redirect_uri' => $this->getCallbackUri (), - 'code' => $code - ); - $response = PostmanUtils::remotePostGetBodyOnly ( $this->getTokenUrl (), $postvals ); - $this->processResponse ( $response ); - $this->getAuthorizationToken ()->setVendorName ( self::VENDOR_NAME ); - return true; - } else { - $this->getLogger ()->debug ( 'Expected code in the request header but found none - user probably denied request' ); - return false; - } - } - public function getAuthorizationUrl() { - return self::WINDOWS_LIVE_ENDPOINT; - } - public function getTokenUrl() { - return self::WINDOWS_LIVE_REFRESH; - } - } -} diff --git a/Postman/Postman-Auth/PostmanNonOAuthAuthenticationManager.php b/Postman/Postman-Auth/PostmanNonOAuthAuthenticationManager.php deleted file mode 100644 index ed4f0c3..0000000 --- a/Postman/Postman-Auth/PostmanNonOAuthAuthenticationManager.php +++ /dev/null @@ -1,46 +0,0 @@ - 'code', - 'redirect_uri' => urlencode ( $this->getCallbackUri () ), - 'client_id' => $this->getClientId (), - 'state' => $transactionId, - 'language' => get_locale () - ); - - $authUrl = $this->getAuthorizationUrl () . '?' . build_query ( $params ); - - $this->getLogger ()->debug ( 'Requesting verification code from Yahoo' ); - PostmanUtils::redirect ( $authUrl ); - } - - /** - * After receiving the authorization code, your application can exchange the code - * (along with a client ID and client secret) for an access token and, in some cases, - * a refresh token. - * - * (non-PHPdoc) - * - * @see PostmanAuthenticationManager::processAuthorizationGrantCode() - */ - public function processAuthorizationGrantCode($transactionId) { - if (isset ( $_GET ['code'] )) { - $code = filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING ); - $this->getLogger ()->debug ( sprintf ( 'Found authorization code %s in request header', $code ) ); - if (isset ( $_GET ['state'] ) && $_GET ['state'] == $transactionId) { - $this->getLogger ()->debug ( 'Found valid state in request header' ); - } else { - $this->getLogger ()->error ( 'The grant code from Yahoo had no accompanying state and may be a forgery' ); - throw new PostmanStateIdMissingException (); - } - // Note: The Authorization: Basic authorization header is generated through a Base64 encoding of client_id:client_secret per RFC 2617. - // header("Authorization: Basic " . base64_encode($username . ":" . $password); - $headers = array ( - 'Authorization' => sprintf ( "Basic %s", base64_encode ( $this->getClientId () . ':' . $this->getClientSecret () ) ) - ); - $postvals = array ( - 'code' => $code, - 'grant_type' => 'authorization_code', - 'redirect_uri' => $this->getCallbackUri () - ); - $response = PostmanUtils::remotePostGetBodyOnly ( $this->getTokenUrl (), $postvals, $headers ); - $this->processResponse ( $response ); - $this->getAuthorizationToken ()->setVendorName ( self::VENDOR_NAME ); - return true; - } else { - $this->getLogger ()->debug ( 'Expected code in the request header but found none - user probably denied request' ); - return false; - } - } - - /** - * Step 5: Exchange refresh token for new access token - * After the access token expires, you can use the refresh token, which has a long lifetime, to get a new access token. - */ - public function refreshToken() { - $this->getLogger ()->debug ( 'Refreshing Token' ); - $refreshUrl = $this->getTokenUrl (); - $callbackUrl = $this->getCallbackUri (); - assert ( ! empty ( $refreshUrl ) ); - assert ( ! empty ( $callbackUrl ) ); - $headers = array ( - 'Authorization' => sprintf ( "Basic %s", base64_encode ( $this->getClientId () . ':' . $this->getClientSecret () ) ) - ); - $postvals = array ( - 'redirect_uri' => $callbackUrl, - 'grant_type' => 'refresh_token', - 'refresh_token' => $this->getAuthorizationToken ()->getRefreshToken () - ); - $response = PostmanUtils::remotePostGetBodyOnly ( $this->getTokenUrl (), $postvals, $headers ); - $this->processResponse ( $response ); - } - public function getAuthorizationUrl() { - return self::AUTHORIZATION_URL; - } - public function getTokenUrl() { - return self::GET_TOKEN_URL; - } - } -} -- cgit v1.2.3