hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-15 22:13:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Store UNIX timestamp for token expiration

Browse Source
This commit is contained in:
Nicolas Le Goff
2014-03-17 00:29:38 +01:00
parent dce9269d86
commit bf3f870a91
8 changed files with 27 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/Alchemy/Phrasea/Model/Entities/ApiOauthCode.php
View File

@@ -35,9 +35,7 @@ class ApiOauthCode
private $redirectUri; private $redirectUri;
/** /**
* @var \DateTime * @ORM\Column(type="integer")
*
* @ORM\Column(type="datetime", nullable=true)
*/ */
private $expires; private $expires;
@@ -121,19 +119,19 @@ class ApiOauthCode
} }
/** /**
* @param \DateTime $expires * @param integer $timestamp
* *
* @return ApiOauthCode * @return ApiOauthCode
*/ */
public function setExpires(\DateTime $expires = null) public function setExpires($timestamp)
{ {
$this->expires = $expires; $this->expires = $timestamp;
return $this; return $this;
} }
/** /**
* @return \DateTime * @return $timestamp
*/ */
public function getExpires() public function getExpires()
{ {

10
lib/Alchemy/Phrasea/Model/Entities/ApiOauthRefreshToken.php
View File

@@ -28,9 +28,7 @@ class ApiOauthRefreshToken
private $account; private $account;
/** /**
* @var \DateTime * @ORM\Column(type="integer", nullable=false)
*
* @ORM\Column(type="datetime", nullable=false)
*/ */
private $expires; private $expires;
@@ -94,11 +92,11 @@ class ApiOauthRefreshToken
} }
/** /**
* @param \DateTime $expires * @param integer $expires
* *
* @return ApiOauthRefreshToken * @return ApiOauthRefreshToken
*/ */
public function setExpires(\DateTime $expires) public function setExpires($expires)
{ {
$this->expires = $expires; $this->expires = $expires;
@@ -106,7 +104,7 @@ class ApiOauthRefreshToken
} }
/** /**
* @return \DateTime * @return integer
*/ */
public function getExpires() public function getExpires()
{ {

10
lib/Alchemy/Phrasea/Model/Entities/ApiOauthToken.php
View File

@@ -36,9 +36,7 @@ class ApiOauthToken
private $account; private $account;
/** /**
* @var \DateTime * @ORM\Column(type="integer", nullable=true)
*
* @ORM\Column(type="datetime", nullable=true)
*/ */
private $expires; private $expires;
@@ -110,11 +108,11 @@ class ApiOauthToken
} }
/** /**
* @param \DateTime $expires * @param integer $expires
* *
* @return ApiOauthTokens * @return ApiOauthTokens
*/ */
public function setExpires(\DateTime $expires = null) public function setExpires($expires = null)
{ {
$this->expires = $expires; $this->expires = $expires;
@@ -122,7 +120,7 @@ class ApiOauthToken
} }
/** /**
* @return \DateTime * @return integer
*/ */
public function getExpires() public function getExpires()
{ {

2
lib/Alchemy/Phrasea/Model/Manipulator/ApiOauthCodeManipulator.php
View File

@@ -36,7 +36,7 @@ class ApiOauthCodeManipulator implements ManipulatorInterface
$this->randomGenerator = $random; $this->randomGenerator = $random;
} }
public function create(ApiAccount $account, $redirectUri, \DateTime $expire = null, $scope = null) public function create(ApiAccount $account, $redirectUri, $expire, $scope = null)
{ {
$code = new ApiOauthCode(); $code = new ApiOauthCode();

2
lib/Alchemy/Phrasea/Model/Manipulator/ApiOauthRefreshTokenManipulator.php
View File

@@ -34,7 +34,7 @@ class ApiOauthRefreshTokenManipulator implements ManipulatorInterface
$this->randomGenerator = $random; $this->randomGenerator = $random;
} }
public function create(ApiAccount $account, \DateTime $expire, $scope = null) public function create(ApiAccount $account, $expire, $scope = null)
{ {
$refreshToken = new ApiOauthRefreshtoken(); $refreshToken = new ApiOauthRefreshtoken();

4
lib/Alchemy/Phrasea/Model/Manipulator/ApiOauthTokenManipulator.php
View File

@@ -35,7 +35,7 @@ class ApiOauthTokenManipulator implements ManipulatorInterface
$this->randomGenerator = $random; $this->randomGenerator = $random;
} }
public function create(ApiAccount $account, \DateTime $expire = null, $scope = null) public function create(ApiAccount $account, $expire = null, $scope = null)
{ {
$token = new ApiOauthToken(); $token = new ApiOauthToken();
$token->setOauthToken($this->getNewToken()); $token->setOauthToken($this->getNewToken());
@@ -73,7 +73,7 @@ class ApiOauthTokenManipulator implements ManipulatorInterface
$this->update($token); $this->update($token);
} }
public function renew(ApiOauthToken $token, \DateTime $expire = null) public function renew(ApiOauthToken $token, $expire = null)
{ {
$token->setOauthToken($this->getNewToken()); $token->setOauthToken($this->getNewToken());
$token->setExpires($expire); $token->setExpires($expire);

22
lib/classes/API/OAuth2/Adapter.php
View File

@@ -200,7 +200,7 @@ class API_OAuth2_Adapter extends OAuth2
return [ return [
'scope' => $token->getScope(), 'scope' => $token->getScope(),
'expires' => null !== $token->getExpires() ? $token->getExpires()->getTimestamp() : null, 'expires' => $token->getExpires(),
'client_id' => $token->getAccount()->getApplication()->getClientId(), 'client_id' => $token->getAccount()->getApplication()->getClientId(),
'session_id' => $token->getSessionId(), 'session_id' => $token->getSessionId(),
'revoked' => (int) $token->getAccount()->isRevoked(), 'revoked' => (int) $token->getAccount()->isRevoked(),
@@ -224,12 +224,6 @@ class API_OAuth2_Adapter extends OAuth2
if (null === $account = $this->app['repo.api-accounts']->find($accountId)) { if (null === $account = $this->app['repo.api-accounts']->find($accountId)) {
throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId)); throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId));
} }
$expires = null !== $expires ? \DateTime::createFromFormat('U', $expires) : null;
// @note stored date time are not UTC ... and expires parameter is a UNIX timestamp which is timezone independent
if ($expires instanceof \DateTime) {
$dtz = new \DateTimeZone(date_default_timezone_get());
$expires->add(new \DateInterval('PT' . $dtz->getOffset($expires) . 'S'));
}
$token = $this->app['manipulator.api-oauth-token']->create($account, $expires, $scope); $token = $this->app['manipulator.api-oauth-token']->create($account, $expires, $scope);
$this->app['manipulator.api-oauth-token']->setOauthToken($token, $oauthToken); $this->app['manipulator.api-oauth-token']->setOauthToken($token, $oauthToken);
@@ -277,7 +271,7 @@ class API_OAuth2_Adapter extends OAuth2
return [ return [
'redirect_uri' => $code->getRedirectUri(), 'redirect_uri' => $code->getRedirectUri(),
'client_id' => $code->getAccount()->getApplication()->getClientId(), 'client_id' => $code->getAccount()->getApplication()->getClientId(),
'expires' => null !== $code->getExpires() ? $code->getExpires()->getTimestamp() : null, 'expires' => $code->getExpires(),
'account_id' => $code->getAccount()->getId(), 'account_id' => $code->getAccount()->getId(),
]; ];
} }
@@ -300,13 +294,6 @@ class API_OAuth2_Adapter extends OAuth2
if (null === $account = $this->app['repo.api-accounts']->find($accountId)) { if (null === $account = $this->app['repo.api-accounts']->find($accountId)) {
throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId)); throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId));
} }
$expires = null !== $expires ? \DateTime::createFromFormat('U', $expires) : null;
// @note stored date time are not UTC ... and expires parameter is a UNIX timestamp which is timezone independent
if ($expires instanceof \DateTime) {
$dtz = new \DateTimeZone(date_default_timezone_get());
$expires->add(new \DateInterval('PT' . $dtz->getOffset($expires) . 'S'));
}
$code = $this->app['manipulator.api-oauth-code']->create($account, $redirectUri, $expires, $scope); $code = $this->app['manipulator.api-oauth-code']->create($account, $redirectUri, $expires, $scope);
$this->app['manipulator.api-oauth-code']->setCode($code, $oauthCode); $this->app['manipulator.api-oauth-code']->setCode($code, $oauthCode);
@@ -329,8 +316,7 @@ class API_OAuth2_Adapter extends OAuth2
if (null === $account = $this->app['repo.api-accounts']->find($accountId)) { if (null === $account = $this->app['repo.api-accounts']->find($accountId)) {
throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId)); throw new RuntimeException(sprintf('Account with id %s is not valid', $accountId));
} }
$token = $this->app['manipulator.api-oauth-refresh-token']->create($account, $expires, $scope);
$token = $this->app['manipulator.api-oauth-refresh-token']->create($account, \DateTime::createFromFormat('U', $expires), $scope);
$this->app['manipulator.api-oauth-refresh-token']->setRefreshToken($token, $refreshToken); $this->app['manipulator.api-oauth-refresh-token']->setRefreshToken($token, $refreshToken);
return $this; return $this;
@@ -351,7 +337,7 @@ class API_OAuth2_Adapter extends OAuth2
return [ return [
'token' => $token->getRefreshToken(), 'token' => $token->getRefreshToken(),
'expires' => null !== $token->getExpires() ? $token->getExpires()->getTimestamp() : null, 'expires' => $token->getExpires(),
'client_id' => $token->getAccount()->getApplication()->getClientId() 'client_id' => $token->getAccount()->getApplication()->getClientId()
]; ];
} }

12
tests/Alchemy/Tests/Phrasea/Model/Manipulator/ApiOauthCodeManipulatorTest.php
View File

@@ -15,7 +15,7 @@ class ApiOauthCodeManipulatorTest extends \PhraseanetTestCase
$manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']); $manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']);
$nbCodes = count(self::$DI['app']['repo.api-oauth-codes']->findAll()); $nbCodes = count(self::$DI['app']['repo.api-oauth-codes']->findAll());
$account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']); $account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']);
$manipulator->create($account, 'http://www.redirect.url'); $manipulator->create($account, 'http://www.redirect.url', time() + 30);
$this->assertGreaterThan($nbCodes, count(self::$DI['app']['repo.api-oauth-codes']->findAll())); $this->assertGreaterThan($nbCodes, count(self::$DI['app']['repo.api-oauth-codes']->findAll()));
} }
@@ -23,7 +23,7 @@ class ApiOauthCodeManipulatorTest extends \PhraseanetTestCase
{ {
$manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']); $manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']);
$account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']); $account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']);
$code = $manipulator->create($account, 'http://www.redirect.url'); $code = $manipulator->create($account, 'http://www.redirect.url', time() + 30);
$countBefore = count(self::$DI['app']['repo.api-oauth-codes']->findAll()); $countBefore = count(self::$DI['app']['repo.api-oauth-codes']->findAll());
$manipulator->delete($code); $manipulator->delete($code);
$this->assertGreaterThan(count(self::$DI['app']['repo.api-oauth-codes']->findAll()), $countBefore); $this->assertGreaterThan(count(self::$DI['app']['repo.api-oauth-codes']->findAll()), $countBefore);
@@ -34,11 +34,11 @@ class ApiOauthCodeManipulatorTest extends \PhraseanetTestCase
$manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']); $manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']);
$account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']); $account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']);
$code = $manipulator->create($account, 'http://www.redirect.url'); $code = $manipulator->create($account, 'http://www.redirect.url', $t = time() + 30);
$code->setExpires(new \DateTime()); $code->setExpires(time() + 40);
$manipulator->update($code); $manipulator->update($code);
$code = self::$DI['app']['repo.api-oauth-codes']->find($code->getCode()); $code = self::$DI['app']['repo.api-oauth-codes']->find($code->getCode());
$this->assertNotNull($code->getExpires()); $this->assertGreaterThan($t, $code->getExpires());
} }
/** /**
@@ -48,7 +48,7 @@ class ApiOauthCodeManipulatorTest extends \PhraseanetTestCase
{ {
$manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']); $manipulator = new ApiOauthCodeManipulator(self::$DI['app']['EM'], self::$DI['app']['repo.api-oauth-codes'], self::$DI['app']['random.medium']);
$account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']); $account = self::$DI['app']['manipulator.api-account']->create(self::$DI['oauth2-app-user'], self::$DI['user']);
$code = $manipulator->create($account, 'http://www.redirect.url'); $code = $manipulator->create($account, 'http://www.redirect.url', time() + 30);
try { try {
$manipulator->setRedirectUri($code, 'bad-url'); $manipulator->setRedirectUri($code, 'bad-url');
$this->fail('Invalid argument exception should be raised'); $this->fail('Invalid argument exception should be raised');