diff --git a/src/applications/auth/oauth/provider/phabricator/PhabricatorOAuthProviderPhabricator.php b/src/applications/auth/oauth/provider/phabricator/PhabricatorOAuthProviderPhabricator.php index 94a162e54f..1d011a64b3 100644 --- a/src/applications/auth/oauth/provider/phabricator/PhabricatorOAuthProviderPhabricator.php +++ b/src/applications/auth/oauth/provider/phabricator/PhabricatorOAuthProviderPhabricator.php @@ -81,7 +81,7 @@ extends PhabricatorOAuthProvider { } public function getUserInfoURI() { - return $this->getURI('/api/user.whoami/'); + return $this->getURI('/api/user.whoami'); } public function getMinimumScope() { @@ -89,7 +89,12 @@ extends PhabricatorOAuthProvider { } public function setUserData($data) { + // need to strip the javascript shield from conduit + $data = substr($data, 8); $data = json_decode($data, true); + if (!is_array($data)) { + throw new Exception('Invalid user data.'); + } $this->userData = $data['result']; return $this; } diff --git a/src/applications/conduit/controller/api/PhabricatorConduitAPIController.php b/src/applications/conduit/controller/api/PhabricatorConduitAPIController.php index e5be6eaf0a..0a9bec59c0 100644 --- a/src/applications/conduit/controller/api/PhabricatorConduitAPIController.php +++ b/src/applications/conduit/controller/api/PhabricatorConduitAPIController.php @@ -247,6 +247,27 @@ class PhabricatorConduitAPIController return null; } + // handle oauth + $access_token = $request->getStr('access_token'); + if ($access_token) { + $token = id(new PhabricatorOAuthServerAccessToken()) + ->loadOneWhere('token = %s', + $access_token); + if ($token) { + // TODO - T888 -- add expiration date and refresh tokens to oauth + $user_phid = $token->getUserPHID(); + if ($user_phid) { + $user = id(new PhabricatorUser()) + ->loadOneWhere('phid = %s', + $user_phid); + if ($user) { + $api_request->setUser($user); + return null; + } + } + } + } + // Handle sessionless auth. TOOD: This is super messy. if (isset($metadata['authUser'])) { $user = id(new PhabricatorUser())->loadOneWhere( diff --git a/src/applications/conduit/controller/api/__init__.php b/src/applications/conduit/controller/api/__init__.php index 912ea00381..ccb5a219ec 100644 --- a/src/applications/conduit/controller/api/__init__.php +++ b/src/applications/conduit/controller/api/__init__.php @@ -13,6 +13,7 @@ phutil_require_module('phabricator', 'applications/conduit/method/base'); phutil_require_module('phabricator', 'applications/conduit/protocol/request'); phutil_require_module('phabricator', 'applications/conduit/protocol/response'); phutil_require_module('phabricator', 'applications/conduit/storage/methodcalllog'); +phutil_require_module('phabricator', 'applications/oauthserver/storage/accesstoken'); phutil_require_module('phabricator', 'applications/people/storage/user'); phutil_require_module('phabricator', 'storage/queryfx'); phutil_require_module('phabricator', 'view/control/table');