Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F12485355
D3844.id.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
19 KB
Referenced Files
None
Subscribers
None
D3844.id.diff
View Options
diff --git a/workspaces/src/includes/auth/AddToGroupUserAction.php b/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
rename from workspaces/src/includes/auth/AddToGroupUserAction.php
rename to workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
--- a/workspaces/src/includes/auth/AddToGroupUserAction.php
+++ b/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
@@ -16,19 +16,28 @@
*
*/
+namespace Waystone\Workspaces\Engines\Auth\Actions;
+
+use Waystone\Workspaces\Engines\Auth\UserAction;
use Waystone\Workspaces\Engines\Serialization\ArrayDeserializable;
+use Exception;
+
+use UserGroup;
+
/**
* User action to add a user into a group
*/
class AddToGroupUserAction extends UserAction implements ArrayDeserializable {
+
/**
* @var UserGroup The group to add the user to
*/
public $group;
/**
- * @var boolean Determines if the target user has to be added to the group in the quality of admin
+ * @var boolean Determines if the target user has to be added to the group
+ * in the quality of admin
*/
public $isAdmin;
diff --git a/workspaces/src/includes/auth/GivePermissionUserAction.php b/workspaces/src/Engines/Auth/Actions/GivePermissionUserAction.php
rename from workspaces/src/includes/auth/GivePermissionUserAction.php
rename to workspaces/src/Engines/Auth/Actions/GivePermissionUserAction.php
--- a/workspaces/src/includes/auth/GivePermissionUserAction.php
+++ b/workspaces/src/Engines/Auth/Actions/GivePermissionUserAction.php
@@ -16,12 +16,22 @@
*
*/
+namespace Waystone\Workspaces\Engines\Auth\Actions;
+
+use Waystone\Workspaces\Engines\Auth\Permission;
+use Waystone\Workspaces\Engines\Auth\UserAction;
use Waystone\Workspaces\Engines\Serialization\ArrayDeserializable;
+use Exception;
+use InvalidArgumentException;
+use JsonSerializable;
+
/**
* User action to grant user a permission
*/
-class GivePermissionUserAction extends UserAction implements ArrayDeserializable, JsonSerializable {
+class GivePermissionUserAction extends UserAction
+ implements ArrayDeserializable, JsonSerializable {
+
/**
* @var string The permission name
*/
@@ -46,12 +56,14 @@
* Executes the user action
*/
public function run () {
- if (!$id = resolve_resource_id($this->resourceType, $this->resourceIdentifier)) {
- throw new Exception("Can't get identifier from resource " . $this->resourceType . " " . $this->resourceIdentifier);
+ if (!$id = resolve_resource_id($this->resourceType,
+ $this->resourceIdentifier)) {
+ throw new Exception("Can't get identifier from resource "
+ . $this->resourceType . " " . $this->resourceIdentifier);
}
$this->targetUser->setPermission(
$this->resourceType, $id,
- $this->permissionName, $this->permissionFlag
+ $this->permissionName, $this->permissionFlag,
);
}
@@ -59,9 +71,10 @@
* Loads a GivePermissionUserAction instance from an associative array.
*
* @param object $data The associative array to deserialize
+ *
* @return GivePermissionUserAction The deserialized instance
*/
- public static function loadFromArray (mixed $data) : self {
+ public static function loadFromArray (mixed $data) : self {
// Validate mandatory data
if (!array_key_exists("resource", $data)) {
throw new InvalidArgumentException("A resource property, with two mandatory type and id property is required.");
@@ -86,7 +99,8 @@
// Build instance
$instance = new GivePermissionUserAction();
- $instance->resourceType = Permission::getResourceTypeLetterFromCode($resource["type"]);
+ $instance->resourceType =
+ Permission::getResourceTypeLetterFromCode($resource["type"]);
$instance->resourceIdentifier = $resource["id"];
$instance->permissionName = $permission["name"];
@@ -99,16 +113,19 @@
/**
- * Serializes the object to a value that can be serialized natively by json_encode().
+ * Serializes the object to a value that can be serialized natively by
+ * json_encode().
*
* @return object The serializable value
*/
- public function jsonSerialize() {
+ public function jsonSerialize () {
//TODO: if you wish strict code here, we need such a class.
- $data->resource->type = Permission::getResourceTypeCodeFromLetter($this->resourceType);
+ $data->resource->type =
+ Permission::getResourceTypeCodeFromLetter($this->resourceType);
$data->resource->id = $this->resourceIdentifier;
$data->permission->name = $this->permissionName;
$data->permission->flag = $this->permissionFlag;
+
return $data;
}
}
diff --git a/workspaces/src/includes/auth/AuthenticationMethod.php b/workspaces/src/Engines/Auth/AuthenticationMethod.php
rename from workspaces/src/includes/auth/AuthenticationMethod.php
rename to workspaces/src/Engines/Auth/AuthenticationMethod.php
--- a/workspaces/src/includes/auth/AuthenticationMethod.php
+++ b/workspaces/src/Engines/Auth/AuthenticationMethod.php
@@ -15,16 +15,27 @@
* @filesource
*/
+namespace Waystone\Workspaces\Engines\Auth;
+
+use Waystone\Workspaces\Engines\Auth\Actions\AddToGroupUserAction;
+use Waystone\Workspaces\Engines\Auth\Actions\GivePermissionUserAction;
use Waystone\Workspaces\Engines\Framework\Context;
use Waystone\Workspaces\Engines\Serialization\ArrayDeserializable;
-/**
- * Authentication method class
- *
- * This class has to be extended to implement custom authentication methods.
- */
+use Language;
+use Message;
+use User;
+use Exception;
+use InvalidArgumentException;
+
+/**
+ * Authentication method class
+ *
+ * This class has to be extended to implement custom authentication methods.
+ */
abstract class AuthenticationMethod implements ArrayDeserializable {
+
/**
* @var User The local user matching the authentication
*/
@@ -56,12 +67,14 @@
public $loginMessage;
/**
- * @var boolean Determines if the authentication method could be used to register new users
+ * @var boolean Determines if the authentication method could be used to
+ * register new users
*/
public $canCreateUser = false;
/**
- * @var Array Actions to execute if a user is created, each instance a member of UserAction
+ * @var Array Actions to execute if a user is created, each instance a
+ * member of UserAction
*/
public $createUserActions = [];
@@ -78,12 +91,12 @@
/**
* Gets authentication link for this method
*/
- public abstract function getAuthenticationLink();
+ public abstract function getAuthenticationLink ();
/**
* Handles request
*/
- public abstract function handleRequest();
+ public abstract function handleRequest ();
/**
* Runs actions planned on user create
@@ -103,15 +116,19 @@
private function findUser () {
if ($this->remoteUserId != '') {
$user = User::getUserFromRemoteIdentity(
- $this->id, $this->remoteUserId
+ $this->id, $this->remoteUserId,
);
- if ($user !== null) return $user;
+ if ($user !== null) {
+ return $user;
+ }
}
if ($this->email != '') {
$user = User::get_user_from_email($this->email);
- if ($user !== null) return $user;
+ if ($user !== null) {
+ return $user;
+ }
}
return null;
@@ -120,7 +137,8 @@
/**
* Signs in or creates a new user
*
- * @return boolean true if user has been successfully logged in; otherwise, false.
+ * @return boolean true if user has been successfully logged in; otherwise,
+ * false.
*/
public function signInOrCreateUser () {
// At this stage, if we don't already have a user instance,
@@ -136,7 +154,9 @@
if ($this->localUser === null) {
if (!$this->canCreateUser) {
- $this->loginError = Language::get("ExternalLoginCantCreateAccount");
+ $this->loginError =
+ Language::get("ExternalLoginCantCreateAccount");
+
return false;
} else {
$this->createUser();
@@ -147,6 +167,7 @@
}
$this->signIn($this->localUser);
+
return true;
}
@@ -155,7 +176,7 @@
*
* @param User The user to log in
*/
- public function signIn(User $user) {
+ public function signIn (User $user) {
$this->context->session->user_login($user->id);
}
@@ -175,7 +196,7 @@
$user->save_to_database();
$user->setRemoteIdentity(
- $this->id, $this->remoteUserId
+ $this->id, $this->remoteUserId,
);
$this->localUser = $user;
@@ -188,16 +209,21 @@
*
* @param string $id The authentication method id
* @param Context $context The site context
+ *
* @return AuthenticationMethod The authentication method matching the id
*/
public static function getFromId ($id, $context) {
if ($context->workspace != null) {
- foreach ($context->workspace->configuration->authenticationMethods as $authenticationMethod) {
+ foreach (
+ $context->workspace->configuration->authenticationMethods as
+ $authenticationMethod
+ ) {
if ($authenticationMethod->id == $id) {
return $authenticationMethod;
}
}
}
+
return null;
}
@@ -210,7 +236,7 @@
* @return AuthenticationMethod The deserialized instance
* @throws InvalidArgumentException|Exception
*/
- public static function loadFromArray(array $data) : self {
+ public static function loadFromArray (array $data) : self {
$instance = new static;
if (!array_key_exists("id", $data)) {
@@ -230,12 +256,14 @@
$addToGroups = $createUser["addToGroups"] ?? [];
foreach ($addToGroups as $actionData) {
- $instance->createUserActions[] = AddToGroupUserAction::loadFromArray($actionData);
+ $instance->createUserActions[] =
+ AddToGroupUserAction::loadFromArray($actionData);
}
$givePermissions = $createUser["givePermissions"] ?? [];
foreach ($createUser["givePermissions"] as $actionData) {
- $instance->createUserActions[] = GivePermissionUserAction::loadFromArray($actionData);
+ $instance->createUserActions[] =
+ GivePermissionUserAction::loadFromArray($actionData);
}
}
diff --git a/workspaces/src/includes/auth/AzharProvider.php b/workspaces/src/Engines/Auth/Methods/AzharProvider.php
rename from workspaces/src/includes/auth/AzharProvider.php
rename to workspaces/src/Engines/Auth/Methods/AzharProvider.php
--- a/workspaces/src/includes/auth/AzharProvider.php
+++ b/workspaces/src/Engines/Auth/Methods/AzharProvider.php
@@ -15,13 +15,22 @@
* @filesource
*/
- /**
- * Azhàr provider authentication method class
- *
- * Azhàr sends a document providing authentication and registration of new users.
- * It's signed by a shared secret key.
- */
+namespace Waystone\Workspaces\Engines\Auth\Methods;
+
+use Waystone\Workspaces\Engines\Auth\AuthenticationMethod;
+
+use Language;
+
+use stdClass;
+
+/**
+ * Azhàr provider authentication method class
+ *
+ * Azhàr sends a document providing authentication and registration of new
+ * users. It's signed by a shared secret key.
+ */
class AzharProvider extends AuthenticationMethod {
+
/**
* @var string Shared secret key
*/
@@ -42,15 +51,18 @@
*/
public function handleRequest () {
$action = array_key_exists('action', $_GET) ? $_GET['action'] : '';
- $sessionKey = array_key_exists('sessionKey', $_GET) ? $_GET['sessionKey'] : '';
+ $sessionKey =
+ array_key_exists('sessionKey', $_GET) ? $_GET['sessionKey'] : '';
if ($action == "user.login.azhar.initialize") {
//Redirects user to Azhàr SSO service
- $callbackUrl = get_server_url() . get_url($this->context->workspace->code)
- . '?action=user.login.azhar.success&authenticationMethodId=' . $this->id;
+ $callbackUrl =
+ get_server_url() . get_url($this->context->workspace->code)
+ . '?action=user.login.azhar.success&authenticationMethodId='
+ . $this->id;
$url = $this->url . '?mode=provider&key=' . $this->clientKey
- . '&sessionKey=' . $this->getSessionKey()
- . '&url=' . urlencode($callbackUrl);
+ . '&sessionKey=' . $this->getSessionKey()
+ . '&url=' . urlencode($callbackUrl);
header('Location: ' . $url);
exit;
} elseif ($action == "user.login.azhar.success") {
@@ -58,7 +70,8 @@
$reply = $this->fetchInformation();
if (!$this->isDocumentLegit($reply)) {
- $this ->loginError = Language::get('ExternalLoginNotLegitReply');
+ $this->loginError = Language::get('ExternalLoginNotLegitReply');
+
return;
}
@@ -68,6 +81,7 @@
$this->email = $reply->email;
$this->remoteUserId = $reply->localUserId;
$this->signInOrCreateUser();
+
return;
} elseif ($reply->status == "ERROR_USER_SIDE") {
switch ($reply->code) {
@@ -86,7 +100,7 @@
$this->loginError = '<p>An unknown error has been received:</p><pre>' . print_r($reply, true) . '</pre><p>Please notify technical support about this new error message, so we can handle it in the future.</p>';
} else {
- $this ->loginError = '<p>Unknown action: $action</p>';
+ $this->loginError = '<p>Unknown action: $action</p>';
}
}
@@ -106,6 +120,7 @@
$this->setSessionSecret($reply->sessionSecret);
$_SESSION['Auth-$hash']['SessionKey'] = $reply->sessionKey;
}
+
return $_SESSION['Auth-$hash']['SessionKey'];
}
@@ -116,6 +131,7 @@
*/
private function getSessionSecret () {
$hash = md5($this->id);
+
return $_SESSION['Auth-$hash']['SessionSecret'];
}
@@ -134,7 +150,7 @@
*
* @retrun string the login link
*/
- public function getAuthenticationLink() {
+ public function getAuthenticationLink () {
$url = get_server_url() . get_url($this->context->workspace->code)
. '?action=user.login.azhar.initialize&authenticationMethodId=' . $this->id;
return $url;
@@ -147,7 +163,7 @@
*/
function isDocumentLegit ($document) {
$hash = '';
- $claimedHash = NULL;
+ $claimedHash = null;
foreach ($document as $key => $value) {
if ($key == 'hash') {
$claimedHash = $value;
@@ -180,10 +196,12 @@
* Gets the contents of the specified URL and decode the JSON reply
*
* @param string $url The URL to the JSON document to query.
+ *
* @return stdClass The reply
*/
public static function query ($url) {
$data = file_get_contents($url);
+
return json_decode($data);
}
@@ -192,6 +210,7 @@
* Typically used to deserialize a configuration.
*
* @param array $data The associative array to deserialize
+ *
* @return AzharProvider The deserialized instance
*/
public static function loadFromArray (array $data) : self {
diff --git a/workspaces/src/includes/objects/Permission.php b/workspaces/src/Engines/Auth/Permission.php
rename from workspaces/src/includes/objects/Permission.php
rename to workspaces/src/Engines/Auth/Permission.php
--- a/workspaces/src/includes/objects/Permission.php
+++ b/workspaces/src/Engines/Auth/Permission.php
@@ -9,21 +9,27 @@
* Permission class
*
* @package ObsidianWorkspaces
- * @subpackage Model
+ * @subpackage Auth
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @filesource
*
*/
+namespace Waystone\Workspaces\Engines\Auth;
+
+use InvalidArgumentException;
+
/**
* Permission class
*/
class Permission {
+
/**
* Gets resource type letter from code
*
* @param string $code The resource type code
+ *
* @return string The resource type letter
*/
public static function getResourceTypeLetterFromCode ($code) {
@@ -41,9 +47,10 @@
* Gets resource type code from letter
*
* @param string $letter The resource type letter
+ *
* @return string The resource type code
*/
- public static function getResourceTypeCodeFromLetter($letter) {
+ public static function getResourceTypeCodeFromLetter ($letter) {
switch ($letter) {
case 'U': return "user";
case 'G': return "group";
diff --git a/workspaces/src/includes/auth/UserAction.php b/workspaces/src/Engines/Auth/UserAction.php
rename from workspaces/src/includes/auth/UserAction.php
rename to workspaces/src/Engines/Auth/UserAction.php
--- a/workspaces/src/includes/auth/UserAction.php
+++ b/workspaces/src/Engines/Auth/UserAction.php
@@ -16,10 +16,15 @@
*
*/
+namespace Waystone\Workspaces\Engines\Auth;
+
+use User;
+
/**
* User action class, to be extended to implement an action related to user
*/
abstract class UserAction {
+
/**
* @var User the target action user
*/
@@ -30,7 +35,7 @@
*
* @param User $targetUser the target action user
*/
- public function __construct ($targetUser = NULL) {
+ public function __construct ($targetUser = null) {
$this->targetUser = $targetUser;
}
diff --git a/workspaces/src/Engines/Workspaces/WorkspaceConfiguration.php b/workspaces/src/Engines/Workspaces/WorkspaceConfiguration.php
--- a/workspaces/src/Engines/Workspaces/WorkspaceConfiguration.php
+++ b/workspaces/src/Engines/Workspaces/WorkspaceConfiguration.php
@@ -17,18 +17,15 @@
namespace Waystone\Workspaces\Engines\Workspaces;
+use Exception;
+use Keruald\Yaml\Parser as YamlParser;
+use Keruald\Yaml\Tags\EnvTag;
use Waystone\Workspaces\Engines\Apps\ApplicationConfiguration;
+use Waystone\Workspaces\Engines\Auth\AuthenticationMethod;
use Waystone\Workspaces\Engines\Exceptions\WorkspaceException;
use Waystone\Workspaces\Engines\Framework\Context;
use Waystone\Workspaces\Engines\Serialization\ArrayDeserializableWithContext;
-use Keruald\Yaml\Parser as YamlParser;
-use Keruald\Yaml\Tags\EnvTag;
-
-use AuthenticationMethod;
-
-use Exception;
-
/**
* Workspace configuration class
*
diff --git a/workspaces/src/includes/login.php b/workspaces/src/includes/login.php
--- a/workspaces/src/includes/login.php
+++ b/workspaces/src/includes/login.php
@@ -16,6 +16,7 @@
*
*/
+use Waystone\Workspaces\Engines\Auth\AuthenticationMethod;
use Waystone\Workspaces\Engines\Errors\ErrorHandling;
global $context;
@@ -53,4 +54,4 @@
if ($auth) {
$auth->handleRequest();
}
-}
\ No newline at end of file
+}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Nov 9, 00:44 (6 h, 20 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3146768
Default Alt Text
D3844.id.diff (19 KB)
Attached To
Mode
D3844: Move Auth and associated classes into Auth namespace
Attached
Detach File
Event Timeline
Log In to Comment