friendica/src/Security/FKOAuth1.php

<?php
/**
 * @copyright Copyright (C) 2020, Friendica
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 *
 */

namespace Friendica\Security;

use Friendica\Core\Logger;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Security\OAuth1\OAuthServer;
use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_HMAC_SHA1;
use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_PLAINTEXT;

/**
 * OAuth protocol
 */
class FKOAuth1 extends OAuthServer
{
	/**
	 * Constructor
	 */
	public function __construct()
	{
		parent::__construct(new FKOAuthDataStore());
		$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
		$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
	}

	/**
	 * @param string $uid user id
	 * @return void
	 * @throws HTTPException\ForbiddenException
	 * @throws HTTPException\InternalServerErrorException
	 */
	public function loginUser($uid)
	{
		Logger::notice("FKOAuth1::loginUser $uid");
		$a = DI::app();
		$record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);

		if (!DBA::isResult($record) || empty($uid)) {
			Logger::info('FKOAuth1::loginUser failure', ['server' => $_SERVER]);
			header('HTTP/1.0 401 Unauthorized');
			die('This api requires login');
		}

		DI::auth()->setForUser($a, $record, true);
	}
}
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`<?php`
			`/**`
Add license info at Friendica PHP files 2020-02-09 16:18:46 +01:00			`* @copyright Copyright (C) 2020, Friendica`
			`*`
			`* @license GNU AGPL version 3 or any later version`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`*/`
Add license info at Friendica PHP files 2020-02-09 16:18:46 +01:00
Move library\OAuth1.php to class structure Friendica\Security\OAuth1 2020-09-30 11:21:58 +02:00			`namespace Friendica\Security;`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00
Log function implement log() function. 2018-10-29 22:20:46 +01:00			`use Friendica\Core\Logger;`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 14:19:26 +02:00			`use Friendica\Database\DBA;`
Introduce new DI container - Adding Friendica\DI class for getting dynamic classes - Replacing BaseObject::getApp() with this class 2019-12-15 22:34:11 +01:00			`use Friendica\DI;`
Move library\OAuth1.php to class structure Friendica\Security\OAuth1 2020-09-30 11:21:58 +02:00			`use Friendica\Security\OAuth1\OAuthServer;`
Cleanup OAuth1 library 2020-09-30 11:26:52 +02:00			`use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_HMAC_SHA1;`
			`use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_PLAINTEXT;`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00
			`/**`
@brief is removed completely 2020-01-19 07:05:23 +01:00			`* OAuth protocol`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`*/`
			`class FKOAuth1 extends OAuthServer`
			`{`
			`/**`
@brief is removed completely 2020-01-19 07:05:23 +01:00			`* Constructor`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`*/`
			`public function __construct()`
			`{`
			`parent::__construct(new FKOAuthDataStore());`
			`$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());`
			`$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());`
			`}`

Functions and Standards Standards and convert to dba functions where possible. 2017-12-04 20:52:04 +01:00			`/**`
			`* @param string $uid user id`
			`* @return void`
Replace duplicated authentication code in FKOAuth1 with Session::setAuthenticatedForUser 2019-10-06 17:17:30 +02:00			`* @throws HTTPException\ForbiddenException`
Fix PHPDoc comments project-wide 2019-01-06 22:06:53 +01:00			`* @throws HTTPException\InternalServerErrorException`
Functions and Standards Standards and convert to dba functions where possible. 2017-12-04 20:52:04 +01:00			`*/`
Static 2017-12-05 03:03:39 +01:00			`public function loginUser($uid)`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`{`
"print_r" in logging replaced / obsolete stuff removed 2020-06-29 22:22:00 +02:00			`Logger::notice("FKOAuth1::loginUser $uid");`
Introduce new DI container - Adding Friendica\DI class for getting dynamic classes - Replacing BaseObject::getApp() with this class 2019-12-15 22:34:11 +01:00			`$a = DI::app();`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 14:19:26 +02:00			`$record = DBA::selectFirst('user', [], ['uid' => $uid, 'blocked' => 0, 'account_expired' => 0, 'account_removed' => 0, 'verified' => 1]);`
Functions and Standards Standards and convert to dba functions where possible. 2017-12-04 20:52:04 +01:00
Avoid problems with uid=0 2020-11-19 18:19:14 +01:00			`if (!DBA::isResult($record) \|\| empty($uid)) {`
"print_r" in logging replaced / obsolete stuff removed 2020-06-29 22:22:00 +02:00			`Logger::info('FKOAuth1::loginUser failure', ['server' => $_SERVER]);`
Functions and Standards Standards and convert to dba functions where possible. 2017-12-04 20:52:04 +01:00			`header('HTTP/1.0 401 Unauthorized');`
			`die('This api requires login');`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`}`

Replace BaseObject class with DI::* calls 2019-12-15 23:28:01 +01:00			`DI::auth()->setForUser($a, $record, true);`
Separate and move classes OAuth to src 2017-12-04 20:09:23 +01:00			`}`
			`}`