hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-10 11:33:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix API password grant type authentication

Browse Source
This commit is contained in:
Nicolas Le Goff
2013-10-03 17:12:46 +02:00
parent 77e37e710a
commit 9fc8fbc194
2 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/Alchemy/Phrasea/Controller/Api/Oauth2.php
View File

@@ -90,9 +90,9 @@ class Oauth2 implements ControllerProviderInterface
} }
$app['authentication']->openAccount(\User_Adapter::getInstance($usr_id, $app)); $app['authentication']->openAccount(\User_Adapter::getInstance($usr_id, $app));
} else {
return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter)));
} }
return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter)));
} }
//check if current client is already authorized by current user //check if current client is already authorized by current user
@@ -128,9 +128,13 @@ class Oauth2 implements ControllerProviderInterface
$params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params); $params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params);
return new Response($app['twig']->render("api/auth/native_app_access_token.html.twig", $params)); return new Response($app['twig']->render("api/auth/native_app_access_token.html.twig", $params));
} else {
$oauth2_adapter->finishClientAuthorization($app_authorized, $params);
} }
$oauth2_adapter->finishClientAuthorization($app_authorized, $params);
// As OAuth2 library already outputs response content, we need to send an empty
// response to avoid breaking silex controller
return '';
}; };
$controllers->match('/authorize', $authorize_func) $controllers->match('/authorize', $authorize_func)
@@ -150,7 +154,9 @@ class Oauth2 implements ControllerProviderInterface
ob_flush(); ob_flush();
flush(); flush();
return; // As OAuth2 library already outputs response content, we need to send an empty
// response to avoid breaking silex controller
return '';
}); });
return $controllers; return $controllers;

4
lib/classes/API/OAuth2/Adapter.php
View File

@@ -258,7 +258,7 @@ class API_OAuth2_Adapter extends OAuth2
protected function setAccessToken($oauth_token, $account_id, $expires, $scope = NULL) protected function setAccessToken($oauth_token, $account_id, $expires, $scope = NULL)
{ {
$account = new API_OAuth2_Account($this->app, $account_id); $account = new API_OAuth2_Account($this->app, $account_id);
$token = API_OAuth2_Token::create($this->app, $account, $scope); $token = API_OAuth2_Token::create($this->app['phraseanet.appbox'], $account, $scope);
$token->set_value($oauth_token)->set_expires($expires); $token->set_value($oauth_token)->set_expires($expires);
return $this; return $this;
@@ -800,7 +800,7 @@ class API_OAuth2_Adapter extends OAuth2
try { try {
$application = API_OAuth2_Application::load_from_client_id($this->app, $client_id); $application = API_OAuth2_Application::load_from_client_id($this->app, $client_id);
$usr_id = $this->app['auth']->isValid($username, $password, Request::createFromGlobals()); $usr_id = $this->app['auth.native']->getUsrId($username, $password, Request::createFromGlobals());
if (!$usr_id) { if (!$usr_id) {
return false; return false;