mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-17 23:13:15 +00:00
Remove one to one relation beetween account and token & add lastUsed field for token
This commit is contained in:
Nicolas Le Goff
@@ -62,7 +62,10 @@ class V1 implements ControllerProviderInterface
|
||||
});
|
||||
|
||||
$controllers->after(function (Request $request, Response $response) use ($app) {
|
||||
$app['manipulator.api-log']->create($app['session']->get('token')->getAccount(), $request, $response);
|
||||
$token = $app['session']->get('token');
|
||||
$app['manipulator.api-log']->create($token->getAccount(), $request, $response);
|
||||
$token->setLastUsed(new \DateTime());
|
||||
$app['manipulator.api-oauth-token']->update($token);
|
||||
$app['session']->set('token', null);
|
||||
if (null !== $app['authentication']->getUser()) {
|
||||
$app['authentication']->closeAccount();
|
||||
|
||||
@@ -243,9 +243,11 @@ class Account implements ControllerProviderInterface
|
||||
{
|
||||
$data = [];
|
||||
|
||||
foreach($app['repo.api-applications']->findByUser($app['authentication']->getUser()) as $application) {
|
||||
foreach ($app['repo.api-applications']->findByUser($app['authentication']->getUser()) as $application) {
|
||||
$account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application);
|
||||
|
||||
$data[$application->getId()]['application'] = $application;
|
||||
$data[$application->getId()]['user-account'] = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application);
|
||||
$data[$application->getId()]['user-account'] = $account;
|
||||
}
|
||||
|
||||
return $app['twig']->render('account/authorized_apps.html.twig', [
|
||||
|
||||
@@ -130,14 +130,14 @@ class Developers implements ControllerProviderInterface
|
||||
$app->abort(404, sprintf('Account not found for application %s', $application->getName()));
|
||||
}
|
||||
|
||||
$token = $account->getOauthToken();
|
||||
if ($account->hasOauthToken()) {
|
||||
$app['manipulator.api-oauth-token']->renew($token);
|
||||
if(null !== $devToken = $app['repo.api-oauth-tokens']->findDeveloperToken($account)) {
|
||||
$app['manipulator.api-oauth-token']->renew($devToken);
|
||||
} else {
|
||||
$token = $app['manipulator.api-oauth-token']->create($account);
|
||||
// dev tokens do not expires
|
||||
$devToken = $app['manipulator.api-oauth-token']->create($account);
|
||||
}
|
||||
|
||||
return $app->json(['success' => true, 'token' => $token->getOauthToken()]);
|
||||
return $app->json(['success' => true, 'token' => $devToken->getOauthToken()]);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -188,6 +188,9 @@ class Developers implements ControllerProviderInterface
|
||||
sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback())
|
||||
);
|
||||
|
||||
// create an account as well
|
||||
$app['manipulator.api-account']->create($application, $app['authentication']->getUser());
|
||||
|
||||
return $app->redirectPath('developers_application', ['application' => $application->getId()]);
|
||||
}
|
||||
|
||||
@@ -241,9 +244,7 @@ class Developers implements ControllerProviderInterface
|
||||
$token = null;
|
||||
|
||||
if (null !== $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) {
|
||||
if ($account->hasOauthToken()) {
|
||||
$token = $account->getOauthToken()->getOauthToken();
|
||||
}
|
||||
$token = $app['repo.api-oauth-tokens']->findDeveloperToken($account);
|
||||
}
|
||||
|
||||
return $app['twig']->render('developers/application.html.twig', [
|
||||
|
||||
@@ -48,14 +48,6 @@ class ApiAccount
|
||||
**/
|
||||
private $application;
|
||||
|
||||
/**
|
||||
* @ORM\OneToOne(targetEntity="ApiOauthToken", inversedBy="account")
|
||||
* @ORM\JoinColumn(name="oauth_token", referencedColumnName="oauth_token", nullable=true)
|
||||
*
|
||||
* @return ApiApplication
|
||||
**/
|
||||
private $oauthToken;
|
||||
|
||||
/**
|
||||
* @Gedmo\Timestampable(on="create")
|
||||
* @ORM\Column(type="datetime")
|
||||
@@ -169,32 +161,4 @@ class ApiAccount
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ApiOauthToken $oauthToken
|
||||
*
|
||||
* @return ApiAccount
|
||||
*/
|
||||
public function setOauthToken(ApiOauthToken $oauthToken)
|
||||
{
|
||||
$this->oauthToken = $oauthToken;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return ApiOauthToken
|
||||
*/
|
||||
public function getOauthToken()
|
||||
{
|
||||
return $this->oauthToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return boolean
|
||||
*/
|
||||
public function hasOauthToken()
|
||||
{
|
||||
return null !== $this->oauthToken;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -39,6 +39,12 @@ class ApiOauthToken
|
||||
*/
|
||||
private $expires;
|
||||
|
||||
/**
|
||||
* @Gedmo\Timestampable(on="create")
|
||||
* @ORM\Column(type="datetime", name="last_used")
|
||||
*/
|
||||
private $lastUsed;
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*
|
||||
@@ -197,4 +203,24 @@ class ApiOauthToken
|
||||
{
|
||||
return $this->updated;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \DateTime $lastUsed
|
||||
*
|
||||
* @return ApiOauthToken
|
||||
*/
|
||||
public function setLastUsed(\DateTime $lastUsed)
|
||||
{
|
||||
$this->lastUsed = $lastUsed;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \DateTime
|
||||
*/
|
||||
public function getLastUsed()
|
||||
{
|
||||
return $this->lastUsed;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -43,8 +43,6 @@ class ApiOauthTokenManipulator implements ManipulatorInterface
|
||||
$token->setScope($scope);
|
||||
$token->setAccount($account);
|
||||
|
||||
$account->setOauthToken($token);
|
||||
|
||||
$this->om->persist($account);
|
||||
$this->update($token);
|
||||
|
||||
|
||||
@@ -2,7 +2,9 @@
|
||||
|
||||
namespace Alchemy\Phrasea\Model\Repositories;
|
||||
|
||||
use Alchemy\Phrasea\Model\Entities\ApiAccount;
|
||||
use Doctrine\ORM\EntityRepository;
|
||||
use Doctrine\ORM\Query\Expr;
|
||||
|
||||
/**
|
||||
* ApiOauthTokenRepository
|
||||
@@ -12,4 +14,16 @@ use Doctrine\ORM\EntityRepository;
|
||||
*/
|
||||
class ApiOauthTokenRepository extends EntityRepository
|
||||
{
|
||||
public function findDeveloperToken(ApiAccount $account)
|
||||
{
|
||||
$qb = $this->createQueryBuilder('tok');
|
||||
$qb->innerJoin('tok.account', 'acc', Expr\Join::WITH, $qb->expr()->eq('acc.id', ':acc_id'));
|
||||
$qb->innerJoin('acc.application', 'app', Expr\Join::WITH, $qb->expr()->orx(
|
||||
$qb->expr()->eq('app.creator', 'acc.user'),
|
||||
$qb->expr()->isNull('app.creator')
|
||||
));
|
||||
$qb->setParameter(':acc_id', $account->getId());
|
||||
|
||||
return $qb->getQuery()->getOneOrNullResult();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -217,13 +217,13 @@ class API_OAuth2_Adapter extends OAuth2
|
||||
* @return $this
|
||||
* @throws RuntimeException
|
||||
*/
|
||||
protected function setAccessToken($oauthToken, $accountId, $expires, $scope = null)
|
||||
protected function setAccessToken($oauthToken, $accountId, $expires = null, $scope = null)
|
||||
{
|
||||
if (null === $account = $this->app['repo.api-accounts']->find($accountId)) {
|
||||
throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId));
|
||||
}
|
||||
|
||||
$token = $this->app['manipulator.api-oauth-token']->create($account, null, \DateTime::createFromFormat('U', $expires), $scope);
|
||||
$expires = null === $expires ? $expires : \DateTime::createFromFormat('U', $expires);
|
||||
$token = $this->app['manipulator.api-oauth-token']->create($account, $expires, $scope);
|
||||
$this->app['manipulator.api-oauth-token']->setOauthToken($token, $oauthToken);
|
||||
|
||||
return $this;
|
||||
@@ -764,11 +764,13 @@ class API_OAuth2_Adapter extends OAuth2
|
||||
"scope" => $scope
|
||||
];
|
||||
|
||||
$expires = null;
|
||||
if ($this->enable_expire) {
|
||||
$token['expires_in'] = $this->getVariable('access_token_lifetime', OAUTH2_DEFAULT_ACCESS_TOKEN_LIFETIME);
|
||||
$expires = time() + $this->getVariable('access_token_lifetime', OAUTH2_DEFAULT_ACCESS_TOKEN_LIFETIME);
|
||||
}
|
||||
|
||||
$this->setAccessToken($token["access_token"], $accountId, time() + $this->getVariable('access_token_lifetime', OAUTH2_DEFAULT_ACCESS_TOKEN_LIFETIME), $scope);
|
||||
$this->setAccessToken($token["access_token"], $accountId, $expires, $scope);
|
||||
|
||||
// Issue a refresh token also, if we support them
|
||||
if (in_array(OAUTH2_GRANT_TYPE_REFRESH_TOKEN, $this->getSupportedGrantTypes())) {
|
||||
|
||||
@@ -82,7 +82,7 @@
|
||||
<td>
|
||||
<span id="my_access_token">
|
||||
{% if not token is none %}
|
||||
{{ token|default("") }}
|
||||
{{ token.getOauthToken()|default("") }}
|
||||
{% else %}
|
||||
{{ "Le token n\'a pas encore ete genere" | trans }}
|
||||
{% endif %}
|
||||
@@ -92,7 +92,7 @@
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<div>
|
||||
<div class="form-actions">
|
||||
<a class="btn btn-primary" href="{{ path("developers_applications") }}">{{ "boutton::retour" | trans }}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user