mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-18 21:02:41 +01:00
Make conduit read access_token and login the pertinent $user
Summary: This makes the oauth server a bunch more useful. Test Plan: - used /oauth/phabricator/diagnose/ and it actually passed! - played around with conduit via hacking URL to include access_token on a logged out browser - linked my account to itself by going to /settings/page/phabricator/, clicking "link" account, then cutting and pasting the pertinent ?code=X into /oauth/phabricator/login/. Reviewers: epriestley Reviewed By: epriestley CC: aran, epriestley Maniphest Tasks: T852 Differential Revision: https://secure.phabricator.com/D1644
This commit is contained in:
parent
92f3ffd811
commit
be66a52050
3 changed files with 28 additions and 1 deletions
|
@ -81,7 +81,7 @@ extends PhabricatorOAuthProvider {
|
|||
}
|
||||
|
||||
public function getUserInfoURI() {
|
||||
return $this->getURI('/api/user.whoami/');
|
||||
return $this->getURI('/api/user.whoami');
|
||||
}
|
||||
|
||||
public function getMinimumScope() {
|
||||
|
@ -89,7 +89,12 @@ extends PhabricatorOAuthProvider {
|
|||
}
|
||||
|
||||
public function setUserData($data) {
|
||||
// need to strip the javascript shield from conduit
|
||||
$data = substr($data, 8);
|
||||
$data = json_decode($data, true);
|
||||
if (!is_array($data)) {
|
||||
throw new Exception('Invalid user data.');
|
||||
}
|
||||
$this->userData = $data['result'];
|
||||
return $this;
|
||||
}
|
||||
|
|
|
@ -247,6 +247,27 @@ class PhabricatorConduitAPIController
|
|||
return null;
|
||||
}
|
||||
|
||||
// handle oauth
|
||||
$access_token = $request->getStr('access_token');
|
||||
if ($access_token) {
|
||||
$token = id(new PhabricatorOAuthServerAccessToken())
|
||||
->loadOneWhere('token = %s',
|
||||
$access_token);
|
||||
if ($token) {
|
||||
// TODO - T888 -- add expiration date and refresh tokens to oauth
|
||||
$user_phid = $token->getUserPHID();
|
||||
if ($user_phid) {
|
||||
$user = id(new PhabricatorUser())
|
||||
->loadOneWhere('phid = %s',
|
||||
$user_phid);
|
||||
if ($user) {
|
||||
$api_request->setUser($user);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Handle sessionless auth. TOOD: This is super messy.
|
||||
if (isset($metadata['authUser'])) {
|
||||
$user = id(new PhabricatorUser())->loadOneWhere(
|
||||
|
|
|
@ -13,6 +13,7 @@ phutil_require_module('phabricator', 'applications/conduit/method/base');
|
|||
phutil_require_module('phabricator', 'applications/conduit/protocol/request');
|
||||
phutil_require_module('phabricator', 'applications/conduit/protocol/response');
|
||||
phutil_require_module('phabricator', 'applications/conduit/storage/methodcalllog');
|
||||
phutil_require_module('phabricator', 'applications/oauthserver/storage/accesstoken');
|
||||
phutil_require_module('phabricator', 'applications/people/storage/user');
|
||||
phutil_require_module('phabricator', 'storage/queryfx');
|
||||
phutil_require_module('phabricator', 'view/control/table');
|
||||
|
|
Loading…
Reference in a new issue