1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-18 21:02:41 +01:00

Make conduit read access_token and login the pertinent $user

Summary: This makes the oauth server a bunch more useful.

Test Plan:
- used /oauth/phabricator/diagnose/ and it actually passed!
- played around with conduit via hacking URL to include access_token on a logged
out browser
- linked my account to itself by going to /settings/page/phabricator/, clicking
"link" account, then cutting and pasting the pertinent ?code=X into
/oauth/phabricator/login/.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T852

Differential Revision: https://secure.phabricator.com/D1644
This commit is contained in:
Bob Trahan 2012-02-19 14:23:30 -08:00
parent 92f3ffd811
commit be66a52050
3 changed files with 28 additions and 1 deletions

View file

@ -81,7 +81,7 @@ extends PhabricatorOAuthProvider {
}
public function getUserInfoURI() {
return $this->getURI('/api/user.whoami/');
return $this->getURI('/api/user.whoami');
}
public function getMinimumScope() {
@ -89,7 +89,12 @@ extends PhabricatorOAuthProvider {
}
public function setUserData($data) {
// need to strip the javascript shield from conduit
$data = substr($data, 8);
$data = json_decode($data, true);
if (!is_array($data)) {
throw new Exception('Invalid user data.');
}
$this->userData = $data['result'];
return $this;
}

View file

@ -247,6 +247,27 @@ class PhabricatorConduitAPIController
return null;
}
// handle oauth
$access_token = $request->getStr('access_token');
if ($access_token) {
$token = id(new PhabricatorOAuthServerAccessToken())
->loadOneWhere('token = %s',
$access_token);
if ($token) {
// TODO - T888 -- add expiration date and refresh tokens to oauth
$user_phid = $token->getUserPHID();
if ($user_phid) {
$user = id(new PhabricatorUser())
->loadOneWhere('phid = %s',
$user_phid);
if ($user) {
$api_request->setUser($user);
return null;
}
}
}
}
// Handle sessionless auth. TOOD: This is super messy.
if (isset($metadata['authUser'])) {
$user = id(new PhabricatorUser())->loadOneWhere(

View file

@ -13,6 +13,7 @@ phutil_require_module('phabricator', 'applications/conduit/method/base');
phutil_require_module('phabricator', 'applications/conduit/protocol/request');
phutil_require_module('phabricator', 'applications/conduit/protocol/response');
phutil_require_module('phabricator', 'applications/conduit/storage/methodcalllog');
phutil_require_module('phabricator', 'applications/oauthserver/storage/accesstoken');
phutil_require_module('phabricator', 'applications/people/storage/user');
phutil_require_module('phabricator', 'storage/queryfx');
phutil_require_module('phabricator', 'view/control/table');