SuiteCRM/SuiteCRM-Core
2
0
Fork 0
mirror of https://github.com/SuiteCRM/SuiteCRM-Core.git synced 2025-08-29 17:46:02 +08:00
Code Issues Projects Packages Activity Actions

SuiteCRM 8 initial commit

Browse source
This commit is contained in:
Dillon-Brown 2021-03-30 19:12:01 +01:00
commit c895877b7e
547 changed files with 40449 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

37
core/modules/Users/Config/orm/OAuthAccessToken.orm.yml Normal file
View file

@ -0,0 +1,37 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthAccessToken:
type: entity
table: oauth_access_tokens
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthAccessTokenStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
token:
type: string
max_length: 40
unique: true
client_id:
type: integer
user_id:
type: integer
nullable: true
expires:
type: datetime
#columnDefinition: TIMESTAMP
scope:
type: string
max_length: 50
nullable: true
manyToOne:
client:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthClient
joinColumn:
name: client_id
referencedColumnName: id
user:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthUser
joinColumn:
name: user_id
referencedColumnName: id

42
core/modules/Users/Config/orm/OAuthAuthorizationCode.orm.yml Normal file
View file

@ -0,0 +1,42 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthAuthorizationCode:
type: entity
table: oauth_authorisation_codes
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthAuthorizationCodeStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
code:
type: string
max_length: 40
unique: true
client_id:
type: integer
user_id:
type: integer
nullable: true
expires:
type: datetime
redirect_uri:
type: string
max_length: 200
scope:
type: string
max_length: 50
nullable: true
id_token:
type: string
length: 1000
manyToOne:
client:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthClient
joinColumn:
name: client_id
referencedColumnName: id
user:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthUser
joinColumn:
name: user_id
referencedColumnName: id

22
core/modules/Users/Config/orm/OAuthClient.orm.yml Normal file
View file

@ -0,0 +1,22 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthClient:
type: entity
table: oauth_client
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthClientStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
client_identifier:
type: string
max_length: 50
unique: true
client_secret:
type: string
max_length: 20
default: ""
redirect_uri:
type: string
max_length: 255
default: ""

22
core/modules/Users/Config/orm/OAuthPublicKey.orm.yml Normal file
View file

@ -0,0 +1,22 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthPublicKey:
type: entity
table: oauth_public_key
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthPublicKeyStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
public_key:
type: string
length: 2000
private_key:
type: string
length: 2000
manyToOne:
client:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthClient
joinColumn:
name: client_id
referencedColumnName: id

37
core/modules/Users/Config/orm/OAuthRefreshToken.orm.yml Normal file
View file

@ -0,0 +1,37 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthRefreshToken:
type: entity
table: oauth_refresh_tokens
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthRefreshTokenStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
refresh_token:
refresh_token: string
max_length: 40
unique: true
client_id:
type: integer
user_id:
type: integer
nullable: true
expires:
type: datetime
column: expires
scope:
type: string
max_length: 50
nullable: true
manyToOne:
client:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthClient
joinColumn:
name: client_id
referencedColumnName: id
user:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthUser
joinColumn:
name: user_id
referencedColumnName: id

20
core/modules/Users/Config/orm/OAuthUser.orm.yml Normal file
View file

@ -0,0 +1,20 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthUser:
type: entity
table: oauth_users
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthUserStorage
id:
id:
type: integer
generator:
strategy: AUTO
fields:
username:
unique: true
type: string
column: user_name
password:
type: string
column: user_hash
indexes:
user_name_index:
columns: [ user_name ]

15
core/modules/Users/Config/orm/OAuthUserClaims.orm.yml Normal file
View file

@ -0,0 +1,15 @@
SuiteCRM\Core\Modules\Users\Entity\OAuthUserClaims:
type: entity
table: oauth_user_claims
repositoryClass: SuiteCRM\Core\Modules\Users\Storage\OAuthUserClaimsStorage
id:
id:
type: integer
generator:
strategy: AUTO
manyToOne:
user:
targetEntity: SuiteCRM\Core\Modules\Users\Entity\OAuthUser
joinColumn:
name: user_id
referencedColumnName: id

213
core/modules/Users/Controller/Oauth.php Normal file
View file

@ -0,0 +1,213 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Controller;
use SuiteCRM\Core\Base\Module\Controller as SuiteController;
use \OAuth2\Server as OAuth2Server;
use \OAuth2\Response as OAuth2Response;
use \OAuth2\GrantType\UserCredentials as OAuth2GrantTypeUserCredentials;
use \OAuth2\GrantType\RefreshToken as OAuth2GrantTypeRefreshToken;
use \OAuth2\ResponseType\AccessToken as OAuth2ResponseTypeAccessToken;
use SuiteCRM\Core\Modules\Users\Entity\OAuthAuthorizationCode;
class Oauth extends SuiteController
{
/**
* @return \SuiteCRM\Core\Base\Http\Response
* @throws \Exception
*/
public function actionLogin()
{
$request = \OAuth2\HttpFoundationBridge\Request::createFromRequest($this->requestObj);
$response = new OAuth2Response();
// Load authentication service
$authenticationService = $this->getService('users.authentication');
// Load config parameters
$authenticationService->setConfig($this->config);
// Get params
$username = $this->requestObj->request->get('username');
$password = $this->requestObj->request->get('password');
if ($authenticationService->login($username, $password)) {
// Get storage classes
$clientStorage = $this->getStorage('users.oAuthClient');
$userStorage = $this->getStorage('users.oAuthUser');
$accessTokenStorage = $this->getStorage('users.oAuthAccessToken');
$authorizationCodeStorage = $this->getStorage('users.oAuthAuthorizationCode');
$refreshTokenStorage = $this->getStorage('users.oAuthRefreshToken');
$storage = [
'client_credentials' => $clientStorage,
'user_credentials' => $userStorage,
'access_token' => $accessTokenStorage,
'authorization_code' => $authorizationCodeStorage,
'refresh_token' => $refreshTokenStorage,
];
$config = [];
// Set up oauth2 server
$server = new OAuth2Server(
$storage,
$config
);
// Grant token with client details are in system
if (!$token = $server->grantAccessToken($request, $response)) {
$response->send();
die();
}
// Output token in json format
$this->responseObj->headers->set('Content-Type', 'application/json');
return $this->responseObj
->setContent(
json_encode($token)
)
->send();
}
// Response with unauthorised.
$this->responseObj->headers->set('Content-Type', 'application/json');
return $this->responseObj
->setContent(
json_encode(
[
'message' => 'Authentication: Unauthorised',
'code' => '401',
]
)
)
->setStatusCode(401)
->send();
}
public function actionLogout(): void
{
$request = \OAuth2\HttpFoundationBridge\Request::createFromRequest($this->requestObj);
$clientStorage = $this->getStorage('users.oAuthClient');
$userStorage = $this->getStorage('users.oAuthUser');
$accessTokenStorage = $this->getStorage('users.oAuthAccessToken');
$authorizationCodeStorage = $this->getStorage('users.oAuthAuthorizationCode');
$refreshTokenStorage = $this->getStorage('users.oAuthRefreshToken');
$storage = [
'client_credentials' => $clientStorage,
'user_credentials' => $userStorage,
'access_token' => $accessTokenStorage,
'authorization_code' => $authorizationCodeStorage,
'refresh_token' => $refreshTokenStorage,
];
$config = [];
$server = new OAuth2Server(
$storage,
$config
);
// Handle a request to a resource and authenticate the access token
if (!$server->verifyResourceRequest($request)) {
var_dump($server->getResponse());
die();
}
$accessToken = $this->requestObj->request->get('access_token');
$refreshAccessToken = $this->requestObj->request->get('refresh_token');
$accessTokenStorage->expireToken($accessToken);
$refreshTokenStorage->expireToken($refreshAccessToken);
echo json_encode(['success' => true, 'message' => 'Logout Success']);
}
public function refreshToken(): void
{
}
public function actionAccessToken(): void
{
// $config = array();
//
// $requestObj = \OAuth2\HttpFoundationBridge\Request::createFromRequest($this->requestObj);
//
// $clientStorage = $this->getStorage('users.oAuthClient');
// $userStorage = $this->getStorage('users.oAuthUser');
// $accessTokenStorage = $this->getStorage('users.oAuthAccessToken');
// $authorizationCodeStorage = $this->getStorage('users.oAuthAuthorizationCode');
// $refreshTokenStorage = $this->getStorage('users.oAuthRefreshToken');
// $publicKeyStorage = $this->getStorage('users.oAuthPublicKey');
//
// $storage = array(
// 'client_credentials' => $clientStorage,
// 'user_credentials' => $userStorage,
// 'access_token' => $accessTokenStorage,
// 'authorization_code' => $authorizationCodeStorage,
// 'refresh_token' => $refreshTokenStorage
// );
//
// $grantType = $requestObj->request->get('grant_type');
//
// if ($grantType == 'refresh_token') {
// // Set default refresh token parameters
// $refreshTokenLifetime = 10;
// $alwaysIssueNewRefreshToken = false;
//
// // Get config refresh token parameters if set
// if ($this->config->has('app.refresh_token_lifetime')) {
// $refreshAccessToken = (int) $this->config->get('app.refresh_token_lifetime');
// }
//
// if ($this->config->has('app.always_issue_new_refresh_token')) {
// $alwaysIssueNewRefreshToken = (boolean) $this->config->get('app.always_issue_new_refresh_token');
// }
//
// $config = array(
// 'always_issue_new_refresh_token' => $alwaysIssueNewRefreshToken,
// 'refresh_token_lifetime' => $refreshTokenLifetime,
// );
// }
//
// $server = new OAuth2Server($storage, $config);
//
// if ($grantType == 'password') {
//// $username = $params['user_name'];
//// $password = $params['user_hash'];
//
// // Add the grant type to your OAuth server
// $server->addGrantType(new OAuth2GrantTypeUserCredentials($userStorage));
//
// $config = array();
// } elseif ($grantType == "refresh_token") {
// // Add the grant type to your OAuth server
//
// $objectGrantType = new OAuth2GrantTypeRefreshToken($refreshTokenStorage);
//
// $server->addGrantType($objectGrantType);
//
// // The refresh token
// $accessToken = new OAuth2ResponseTypeAccessToken($accessTokenStorage, $refreshTokenStorage, array(
// 'refresh_token_lifetime' => $refreshTokenLifetime,
// ));
//
// $server = new OAuth2Server($storage, $config, [$objectGrantType], array($accessToken));
// } else {
// throw new \Exception('Grant type - not supported.');
// }
//
// $tokenResponse = $server->handleTokenRequest($requestObj);
//
// $statusCode = $tokenResponse->getStatusCode();
// $parameters = $tokenResponse->getParameters();
//
// return $tokenResponse->send();
}
}

31
core/modules/Users/Entity/EncryptableField.php Normal file
View file

@ -0,0 +1,31 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
class EncryptableField
{
protected $hashOptions = ['cost' => 11];
/**
* @param $value
* @return mixed
*/
protected function encryptField($value)
{
return $value;
// return password_hash(
// $value, PASSWORD_BCRYPT, $this->hashOptions);
}
/**
* @param $encryptedValue
* @param $value
* @return bool
*/
protected function verifyEncryptedFieldValue($encryptedValue, $value): bool
{
return ($encryptedValue == $value);
//return password_verify($value, $encryptedValue);
}
}

248
core/modules/Users/Entity/OAuthAccessToken.php Normal file
View file

@ -0,0 +1,248 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
/**
* OAuthAccessToken
*/
class OAuthAccessToken
{
/**
* @var int
*/
private $id;
/**
* @var string
*/
private $token;
/**
* @var string
*/
private $client_id;
/**
* @var string
*/
private $user_id;
/**
* @var timestamp
*/
private $expires;
/**
* @var string
*/
private $scope;
/**
* @var \YourNamespace\Entity\OAuthClient
*/
private $client;
/**
* @var \YourNamespace\Entity\OAuthUser
*/
private $user;
/**
* Get id
*
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* Set token
*
* @param string $token
* @return OAuthAccessToken
*/
public function setToken($token): OAuthAccessToken
{
$this->token = $token;
return $this;
}
/**
* Get token
*
* @return string
*/
public function getToken(): string
{
return $this->token;
}
/**
* Set client_id
*
* @param string $clientId
* @return OAuthAccessToken
*/
public function setClientId($clientId): OAuthAccessToken
{
$this->client_id = $clientId;
return $this;
}
/**
* Get client_id
*
* @return string
*/
public function getClientId(): string
{
return $this->client_id;
}
/**
* Set user_id
*
* @param $userId
* @return OAuthAccessToken
*/
public function setUserId($userId): OAuthAccessToken
{
$this->user_id = $userId;
return $this;
}
/**
* Get user_identifier
*
* @return string
*/
public function getUserId(): string
{
return $this->user_id;
}
/**
* Set expires
*
* @param \DateTime $expires
* @return OAuthAccessToken
*/
public function setExpires($expires): OAuthAccessToken
{
$this->expires = $expires;
return $this;
}
/**
* Get expires
*
* @return \DateTime
*/
public function getExpires(): \DateTime
{
return $this->expires;
}
/**
* Set scope
*
* @param string $scope
* @return OAuthAccessToken
*/
public function setScope($scope): OAuthAccessToken
{
$this->scope = $scope;
return $this;
}
/**
* Get scope
*
* @return string
*/
public function getScope(): string
{
return $this->scope;
}
/**
* Set client
*
* @param SuiteCRM\Core\Modules\Users\Entity\OAuthClient $client
* @return OAuthAccessToken
*/
public function setClient(SuiteCRM\Core\Modules\Users\Entity\OAuthClient $client = null): OAuthAccessToken
{
$this->client = $client;
return $this;
}
/**
* Get client
*
* @return SuiteCRM\Core\Modules\Users\Entity\OAuthClient
*/
public function getClient(): SuiteCRM\Core\Modules\Users\Entity\OAuthClient
{
return $this->client;
}
/**
* @param $params
* @return OAuthAccessToken
*/
public static function fromArray($params): OAuthAccessToken
{
$token = new self();
foreach ($params as $property => $value) {
$token->$property = $value;
}
return $token;
}
/**
* Set user
*
* @param SuiteCRM\Core\Modules\Users\Entity\OAuthUser $user
* @return OAuthRefreshToken
*/
public function setUser(SuiteCRM\Core\Modules\Users\Entity\OAuthUser $user = null): OAuthRefreshToken
{
$this->user = $user;
return $this;
}
/**
* Get user
*
* @return SuiteCRM\Core\Modules\Users\Entity\OAuthUser
*/
public function getUser(): SuiteCRM\Core\Modules\Users\Entity\OAuthUser
{
return $this->client;
}
/**
* @return array
*/
public function toArray(): array
{
return [
'token' => $this->token,
'client_id' => $this->client_id,
'user_id' => $this->user_id,
'expires' => $this->expires,
'scope' => $this->scope,
];
}
}

303
core/modules/Users/Entity/OAuthAuthorizationCode.php Normal file
View file

@ -0,0 +1,303 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
class OAuthAuthorizationCode
{
/**
* @var int
*/
private $id;
/**
* @var string
*/
private $code;
/**
* @var string
*/
private $client_id;
/**
* @var string
*/
private $user_id;
/**
* @var \DateTime
*/
private $expires;
/**
* @var string
*/
private $redirect_uri;
/**
* @var string
*/
private $scope;
/**
* @var string
*/
private $id_token;
/**
* @var OAuthClient
*/
private $client;
/**
* @var OAuthUser
*/
private $user;
/**
* Get id
*
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* Set code
*
* @param string $code
* @return OAuthAuthorizationCode
*/
public function setCode($code): OAuthAuthorizationCode
{
$this->code = $code;
return $this;
}
/**
* Get code
*
* @return string
*/
public function getCode(): string
{
return $this->code;
}
/**
* Set client_id
*
* @param string $clientId
* @return OAuthAuthorizationCode
*/
public function setClientId($clientId): OAuthAuthorizationCode
{
$this->client_id = $clientId;
return $this;
}
/**
* Get client_id
*
* @return string
*/
public function getClientId(): string
{
return $this->client_id;
}
/**
* Set user_id
*
* @param $userId
* @return OAuthAuthorizationCode
*/
public function setUserId($userId): OAuthAuthorizationCode
{
$this->user_id = $userId;
return $this;
}
/**
* Get user_identifier
*
* @return string
*/
public function getUserId(): string
{
return $this->user_id;
}
/**
* Set expires
*
* @param \DateTime $expires
* @return OAuthAuthorizationCode
*/
public function setExpires($expires): OAuthAuthorizationCode
{
$this->expires = $expires;
return $this;
}
/**
* Get expires
*
* @return \DateTime
*/
public function getExpires(): \DateTime
{
return $this->expires;
}
/**
* Set redirect_uri
*
* @param string $redirectUri
* @return OAuthAuthorizationCode
*/
public function setRedirectUri($redirectUri): OAuthAuthorizationCode
{
$this->redirect_uri = $redirectUri;
return $this;
}
/**
* Get redirect_uri
*
* @return string
*/
public function getRedirectUri(): string
{
return $this->redirect_uri;
}
/**
* Set scope
*
* @param string $scope
* @return OAuthAuthorizationCode
*/
public function setScope($scope): OAuthAuthorizationCode
{
$this->scope = $scope;
return $this;
}
/**
* Get scope
*
* @return string
*/
public function getScope(): string
{
return $this->scope;
}
/**
* Set client
*
* @param OAuthClient $client
* @return OAuthAuthorizationCode
*/
public function setClient(OAuthClient $client = null): OAuthAuthorizationCode
{
$this->client = $client;
return $this;
}
/**
* Get client
*
* @return OAuthClient
*/
public function getClient(): OAuthClient
{
return $this->client;
}
/**
* Set user
*
* @param OAuthUser $user
* @return OAuthRefreshToken
*/
public function setUser(OAuthUser $user = null): OAuthRefreshToken
{
$this->user = $user;
return $this;
}
/**
* Get user
*
* @return \YourNamespace\Entity\OAuthUser
*/
public function getUser(): \YourNamespace\Entity\OAuthUser
{
return $this->client;
}
/**
* @return array
*/
public function toArray(): array
{
return [
'code' => $this->code,
'client_id' => $this->client_id,
'user_id' => $this->user_id,
'expires' => $this->expires,
'scope' => $this->scope,
];
}
/**
* @param $params
* @return OAuthAuthorizationCode
*/
public static function fromArray($params): OAuthAuthorizationCode
{
$code = new self();
foreach ($params as $property => $value) {
$code->$property = $value;
}
return $code;
}
/**
* Get the value of Id Token
*
* @return string
*/
public function getIdToken(): string
{
return $this->id_token;
}
/**
* Set the value of Id Token
*
* @param string id_token
*
* @return self
*/
public function setIdToken($id_token): self
{
$this->id_token = $id_token;
return $this;
}
}

195
core/modules/Users/Entity/OAuthClient.php Normal file
View file

@ -0,0 +1,195 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
use SuiteCRM\Core\Modules\Users\Entity\EncryptableField;
class OAuthClient extends EncryptableField
{
/**
* @var int
*/
private $id;
/**
* @var string
*/
private $client_identifier;
/**
* @var string
*/
private $client_secret;
/**
* @var string
*/
private $redirect_uri = '';
/**
* dds
* @var [type]
*/
private $status;
/**
* OAuthClient constructor.
* @param array $row
* @throws \Exception
*/
public function __construct($row = [])
{
foreach ($row as $key => $val) {
if (property_exists($this, $key)) {
$this->{$key} = $val;
}
}
if ($this->id == 0) {
$this->created_date = new \DateTime();
}
$this->modified_date = new \DateTime();
}
/**
* Get id
*
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* Set client_identifier
*
* @param string $clientIdentifier
* @return OAuthClient
*/
public function setClientIdentifier($clientIdentifier): OAuthClient
{
$this->client_identifier = $clientIdentifier;
return $this;
}
/**
* Get client_identifier
*
* @return string
*/
public function getClientIdentifier(): string
{
return $this->client_identifier;
}
/**
* Set client_secret
*
* @param string $clientSecret
* @return OAuthClient
*/
public function setClientSecret($clientSecret): OAuthClient
{
$this->client_secret = $this->encryptField($clientSecret);
return $this;
}
/**
* Get client_secret
*
* @return string
*/
public function getClientSecret(): string
{
return $this->client_secret;
}
/**
* Verify client's secret
*
* @param $clientSecret
* @return Boolean
*/
public function verifyClientSecret($clientSecret): bool
{
return $this->verifyEncryptedFieldValue($this->getClientSecret(), $clientSecret);
}
/**
* Set redirect_uri
*
* @param string $redirectUri
* @return OAuthClient
*/
public function setRedirectUri($redirectUri): OAuthClient
{
$this->redirect_uri = $redirectUri;
return $this;
}
/**
* Get redirect_uri
*
* @return string
*/
public function getRedirectUri(): string
{
return $this->redirect_uri;
}
/**
* @return array
*/
public function toArray(): array
{
return [
'client_id' => $this->client_identifier,
'client_secret' => $this->client_secret,
'redirect_uri' => $this->redirect_uri,
];
}
/**
* Set the value of Id
*
* @param int id
*
* @return self
*/
public function setId($id): self
{
$this->id = $id;
return $this;
}
/**
* Get the value of Status
*
* @return mixed
*/
public function getStatus()
{
return $this->status;
}
/**
* Set the value of Status
*
* @param mixed status
*
* @return self
*/
public function setStatus($status): self
{
$this->status = $status;
return $this;
}
}

127
core/modules/Users/Entity/OAuthPublicKey.php Normal file
View file

@ -0,0 +1,127 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
class OAuthPublicKey
{
/**
* @var integar
*/
private $id;
/**
* @var string
*/
private $public_key;
/**
* @var string
*/
private $private_key;
/**
* @var string
*/
private $client_id;
/**
* @var SuiteCRM\Core\Modules\Users\Entity\OAuthClient
*/
private $client;
/**
* Get the value of Id
*
* @return integar
*/
public function getId(): integar
{
return $this->id;
}
/**
* Set the value of Id
*
* @param integar id
*
* @return self
*/
public function setId(integar $id): self
{
$this->id = $id;
return $this;
}
/**
* Get the value of Public Key
*
* @return string
*/
public function getPublicKey(): string
{
return $this->public_key;
}
/**
* Set the value of Public Key
*
* @param string public_key
*
* @return self
*/
public function setPublicKey($public_key): self
{
$this->public_key = $public_key;
return $this;
}
/**
* Get the value of Private Key
*
* @return string
*/
public function getPrivateKey(): string
{
return $this->private_key;
}
/**
* Set the value of Private Key
*
* @param string private_key
*
* @return self
*/
public function setPrivateKey($private_key): self
{
$this->private_key = $private_key;
return $this;
}
/**
* Set client
*
* @param OAuthClient $client
* @return OAuthAuthorizationCode
*/
public function setClient(OAuthClient $client = null): OAuthAuthorizationCode
{
$this->client = $client;
return $this;
}
/**
* Get client
*
* @return \YourNamespace\Entity\OAuthClient
*/
public function getClient(): \YourNamespace\Entity\OAuthClient
{
return $this->client;
}
}

245
core/modules/Users/Entity/OAuthRefreshToken.php Normal file
View file

@ -0,0 +1,245 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
class OAuthRefreshToken
{
/**
* @var int
*/
private $id;
/**
* @var string
*/
private $refresh_token;
/**
* @var string
*/
private $client_id;
/**
* @var string
*/
private $user_id;
/**
* @var timestamp
*/
private $expires;
/**
* @var string
*/
private $scope;
/**
* @var SuiteCRM\Core\Modules\Users\Entity\OAuthClient
*/
private $client;
/**
* @var SuiteCRM\Core\Modules\Users\Entity\OAuthUser
*/
private $user;
/**
* Get id
*
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* Set refresh_token
*
* @param string $refresh_token
* @return OAuthRefreshToken
*/
public function setRefreshToken($refresh_token): OAuthRefreshToken
{
$this->refresh_token = $refresh_token;
return $this;
}
/**
* Get refresh_token
*
* @return string
*/
public function getRefreshToken(): string
{
return $this->refresh_token;
}
/**
* Set client_id
*
* @param string $clientId
* @return OAuthRefreshToken
*/
public function setClientId($clientId): OAuthRefreshToken
{
$this->client_id = $clientId;
return $this;
}
/**
* Get client_id
*
* @return string
*/
public function getClientId(): string
{
return $this->client_id;
}
/**
* Set user_id
*
* @param $userId
* @return OAuthRefreshToken
*/
public function setUserId($userId): OAuthRefreshToken
{
$this->user_id = $userId;
return $this;
}
/**
* Get user_identifier
*
* @return string
*/
public function getUserId(): string
{
return $this->user_id;
}
/**
* Set expires
*
* @param \DateTime $expires
* @return OAuthRefreshToken
*/
public function setExpires($expires): OAuthRefreshToken
{
$this->expires = $expires;
return $this;
}
/**
* Get expires
*
* @return \DateTime
*/
public function getExpires(): \DateTime
{
return $this->expires;
}
/**
* Set scope
*
* @param string $scope
* @return OAuthRefreshToken
*/
public function setScope($scope): OAuthRefreshToken
{
$this->scope = $scope;
return $this;
}
/**
* Get scope
*
* @return string
*/
public function getScope(): string
{
return $this->scope;
}
/**
* Set client
*
* @param SuiteCRM\Core\Modules\Users\Entity\OAuthClient $client
* @return OAuthRefreshToken
*/
public function setClient(SuiteCRM\Core\Modules\Users\Entity\OAuthClient $client = null): OAuthRefreshToken
{
$this->client = $client;
return $this;
}
/**
* Get client
*
* @return SuiteCRM\Core\Modules\Users\Entity\OAuthClient
*/
public function getClient(): SuiteCRM\Core\Modules\Users\Entity\OAuthClient
{
return $this->client;
}
/**
* Set user
*
* @param SuiteCRM\Core\Modules\Users\Entity\OAuthUser $user
* @return OAuthRefreshToken
*/
public function setUser(SuiteCRM\Core\Modules\Users\Entity\OAuthUser $user = null): OAuthRefreshToken
{
$this->user = $user;
return $this;
}
/**
* Get user
*
* @return SuiteCRM\Core\Modules\Users\Entity\OAuthUser
*/
public function getUser(): SuiteCRM\Core\Modules\Users\Entity\OAuthUser
{
return $this->client;
}
/**
* @return array
*/
public function toArray(): array
{
return [
'refresh_token' => $this->refresh_token,
'client_id' => $this->client_id,
'user_id' => $this->user_id,
'expires' => $this->expires,
'scope' => $this->scope,
];
}
/**
* @param $params
* @return OAuthRefreshToken
*/
public static function fromArray($params): OAuthRefreshToken
{
$token = new self();
foreach ($params as $property => $value) {
$token->$property = $value;
}
return $token;
}
}

108
core/modules/Users/Entity/OAuthUser.php Normal file
View file

@ -0,0 +1,108 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
use SuiteCRM\Core\Modules\Users\Entity\EncryptableField;
class OAuthUser extends EncryptableField
{
/**
* @var int
*/
private $id;
/**
* @var string
*/
private $username;
/**
* @var string
*/
private $password;
/**
* @var string
*/
private $session_id;
/**
* Get id
*
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* Set username
*
* @param $username
* @return User
*/
public function setUsername($username): User
{
$this->username = $username;
return $this;
}
/**
* Get username
*
* @return string
*/
public function getUsername(): string
{
return $this->username;
}
/**
* Set password
*
* @param string $password
* @return User
*/
public function setPassword($password): User
{
$this->password = $this->encryptField($password);
return $this;
}
/**
* Get password
*
* @return string
*/
public function getPassword(): string
{
return $this->password;
}
/**
* Verify user's password
*
* @param string $password
* @return Boolean
*/
public function verifyPassword($password): bool
{
return $this->verifyEncryptedFieldValue($this->getPassword(), $password);
}
/**
* Get OAuthUser object in array format
*
* @return array
*/
public function toArray(): array
{
return [
'user_id' => $this->id,
'scope' => null,
];
}
}

99
core/modules/Users/Entity/OAuthUserClaims.php Normal file
View file

@ -0,0 +1,99 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
class OAuthUserClaims
{
/**
* @var string
*/
private $id;
/**
* @var string
*/
private $id_token;
/**
* @var string
*/
private $user_id;
/**
* @var string
*/
private $user;
/**
* Get the value of Id
*
* @return string
*/
public function getId(): string
{
return $this->id;
}
/**
* Set the value of Id
*
* @param string id
*
* @return self
*/
public function setId($id): self
{
$this->id = $id;
return $this;
}
/**
* Get the value of Id Token
*
* @return string
*/
public function getIdToken(): string
{
return $this->id_token;
}
/**
* Set the value of Id Token
*
* @param string id_token
*
* @return self
*/
public function setIdToken($id_token): self
{
$this->id_token = $id_token;
return $this;
}
/**
* Get the value of User Id
*
* @return string
*/
public function getUserId(): string
{
return $this->user_id;
}
/**
* Set the value of User Id
*
* @param string user_id
*
* @return self
*/
public function setUserId($user_id): self
{
$this->user_id = $user_id;
return $this;
}
}

13
core/modules/Users/Entity/UserProfile.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Entity;
use SuiteCRM\Core\Module\Controller as SuiteController;
class UserProfile
{
/**
* @var int
*/
private $id;
}

11
core/modules/Users/Helper/Authentication.php Normal file
View file

@ -0,0 +1,11 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Helper;
class Authentication
{
public function login(): void
{
// Authentication stub
}
}

34
core/modules/Users/Service/AuthenticationService.php Normal file
View file

@ -0,0 +1,34 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Service;
use SuiteCRM\Core\Module\Service\ServiceFactoryInterface;
use SuiteCRM\Core\Modules\Users\Helper\Authentication;
class AuthenticationService implements ServiceFactoryInterface
{
/**
* @return string
*/
public function getName(): string
{
return 'users.authentication';
}
/**
* @return string
*/
public function getDescription(): string
{
return 'This service will deal with legacy authentication';
}
/**
* @return Authentication
*/
public function createService(): Authentication
{
return new Authentication();
}
}

91
core/modules/Users/Storage/OAuthAccessTokenStorage.php Normal file
View file

@ -0,0 +1,91 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use SuiteCRM\Core\Modules\Users\Entity\OAuthAccessToken;
use Doctrine\ORM\EntityRepository;
use OAuth2\Storage\AccessTokenInterface;
class OAuthAccessTokenStorage extends EntityRepository implements AccessTokenInterface
{
/**
* @param string $oauthToken
* @return array|object|null
*/
public function getAccessToken($oauthToken)
{
$token = $this->findOneBy(['token' => $oauthToken]);
if ($token) {
$token = $token->toArray();
$token['expires'] = $token['expires']->getTimestamp();
}
return $token;
}
/**
* @param string $oauthToken
* @param mixed $clientIdentifier
* @param mixed $user_id
* @param int $expires
* @param null $scope
* @throws \Doctrine\ORM\ORMException
* @throws \Doctrine\ORM\OptimisticLockException
*/
public function setAccessToken($oauthToken, $clientIdentifier, $user_id, $expires, $scope = null)
{
$client = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthClient')
->findOneBy(['client_identifier' => $clientIdentifier]);
$user = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthUser')
->findOneBy(['id' => $user_id]);
$client_id = $client->getId();
$token = OAuthAccessToken::fromArray(
[
'token' => $oauthToken,
'client_id' => $client_id,
'user_id' => $user_id,
'expires' => (new \DateTime())->setTimestamp($expires),
'scope' => $scope,
'user' => $user,
'client' => $client,
]
);
$this->_em->persist($token);
$this->_em->flush();
}
/**
* Delete a row
*
* @param string $token
* @return bool
* @throws \Doctrine\ORM\ORMException
* @throws \Doctrine\ORM\OptimisticLockException
*/
public function expireToken($token): bool
{
$token = $this->findOneBy(['token' => $token]);
if (!empty($token)) {
$ts = time();
$datetime = new \DateTime();
$datetime->setTimestamp($ts);
$token->setExpires($datetime);
$this->_em->merge($token);
return $this->_em->flush();
}
throw new \RuntimeException('No Token Found.');
}
}

82
core/modules/Users/Storage/OAuthAuthorizationCodeStorage.php Normal file
View file

@ -0,0 +1,82 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use SuiteCRM\Core\Modules\Users\Entity\OAuthAuthorizationCode;
use Doctrine\ORM\EntityRepository;
use OAuth2\OpenID\Storage\AuthorizationCodeInterface;
class OAuthAuthorizationCodeStorage extends EntityRepository implements AuthorizationCodeInterface
{
/**
* @param $code
* @return object|null
*/
public function getAuthorizationCode($code)
{
$authCode = $this->findOneBy(['code' => $code]);
if ($authCode) {
$authCode = $authCode->toArray();
$authCode['expires'] = $authCode['expires']->getTimestamp();
}
return $authCode;
}
/**
* @param string $code
* @param mixed $client_id
* @param mixed $user_id
* @param string $redirect_uri
* @param int $expires
* @param null $scope
* @param null $id_token
* @throws \Doctrine\ORM\ORMException
* @throws \Doctrine\ORM\OptimisticLockException
*/
public function setAuthorizationCode(
$code,
$client_id,
$user_id,
$redirect_uri,
$expires,
$scope = null,
$id_token = null
) {
$client = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthClient')
->findOneBy(['client_identifier' => $client_id]);
$user = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthUser')
->findOneBy(['user_name' => $user_id]);
$authCode = OAuthAuthorizationCode::fromArray(
[
'code' => $code,
'client' => $client,
'user' => $user,
'redirect_uri' => $redirect_uri,
'expires' => (new \DateTime())->setTimestamp($expires),
'scope' => $scope,
'id_token' => $id_token
]
);
$this->_em->persist($authCode);
$this->_em->flush();
}
/**
* @param $code
* @throws \Doctrine\ORM\ORMException
* @throws \Doctrine\ORM\OptimisticLockException
*/
public function expireAuthorizationCode($code)
{
$authCode = $this->findOneBy(['code' => $code]);
$this->_em->remove($authCode);
$this->_em->flush();
}
}

102
core/modules/Users/Storage/OAuthClientStorage.php Normal file
View file

@ -0,0 +1,102 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use Doctrine\ORM\EntityRepository;
use OAuth2\Storage\ClientCredentialsInterface;
use SuiteCRM\Core\Modules\Users\Entity\OAuthClient;
class OAuthClientStorage extends EntityRepository implements ClientCredentialsInterface
{
/**
* Save function
*
* @param $client
* @return void
* @throws \Doctrine\ORM\ORMException
* @throws \Doctrine\ORM\OptimisticLockException
*/
public function save($client)
{
$clientEntity = $this->getEntity($client);
if (empty($clientEntity->getId())) {
$this->_em->persist($clientEntity);
} else {
$this->_em->merge($clientEntity);
}
$this->_em->flush();
}
/**
* @param $clientIdentifier
* @return array|object|null
*/
public function getClientDetails($clientIdentifier)
{
$client = $this->findOneBy(['client_identifier' => $clientIdentifier]);
if ($client) {
$client = $client->toArray();
}
return $client;
}
/**
* @param $clientIdentifier
* @param null $clientSecret
* @return bool
*/
public function checkClientCredentials($clientIdentifier, $clientSecret = null)
{
$client = $this->findOneBy(['client_identifier' => $clientIdentifier]);
if ($client) {
return $client->verifyClientSecret($clientSecret);
}
return false;
}
/**
* @param $clientId
* @param $grantType
* @return bool
*/
public function checkRestrictedGrantType($clientId, $grantType)
{
// we do not support different grant types per client in this example
return true;
}
/**
* @param $clientId
* @return bool
*/
public function isPublicClient($clientId)
{
return false;
}
/**
* @param $clientId
* @return null |null
*/
public function getClientScope($clientId)
{
return null;
}
/**
* Get Contact Entity
*
* @param array $entityData
* @return \Mvc\Entity\Contact
* @throws \Exception
*/
public function getEntity($entityData = []): \Mvc\Entity\Contact
{
return new OAuthClient($entityData);
}
}

33
core/modules/Users/Storage/OAuthPublicKeyStorage.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use Doctrine\ORM\EntityRepository;
use OAuth2\Storage\PublicKeyInterface;
class OAuthPublicKeyStorage extends EntityRepository implements PublicKeyInterface
{
/**
* @param mixed $client_id
* @return mixed
*/
public function getPublicKey($client_id = null)
{
}
/**
* @param mixed $client_id
* @return mixed
*/
public function getPrivateKey($client_id = null)
{
}
/**
* @param mixed $client_id
* @return mixed
*/
public function getEncryptionAlgorithm($client_id = null)
{
}
}

104
core/modules/Users/Storage/OAuthRefreshTokenStorage.php Normal file
View file

@ -0,0 +1,104 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use SuiteCRM\Core\Modules\Users\Entity\OAuthRefreshToken;
use Doctrine\ORM\OptimisticLockException;
use Doctrine\ORM\ORMException;
use Doctrine\ORM\EntityRepository;
use OAuth2\Storage\RefreshTokenInterface;
class OAuthRefreshTokenStorage extends EntityRepository implements RefreshTokenInterface
{
/**
* @param $refreshToken
* @return object|null
*/
public function getRefreshToken($refreshToken)
{
$refreshToken = $this->findOneBy(['refresh_token' => $refreshToken]);
if ($refreshToken) {
$refreshToken = $refreshToken->toArray();
$refreshToken['expires'] = $refreshToken['expires']->getTimestamp();
}
return $refreshToken;
}
/**
* @param $refreshToken
* @param $clientIdentifier
* @param $user_id
* @param $expires
* @param null $scope
* @throws ORMException
* @throws OptimisticLockException
*/
public function setRefreshToken($refreshToken, $clientIdentifier, $user_id, $expires, $scope = null)
{
$client = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthClient')
->findOneBy(['client_identifier' => $clientIdentifier]);
$client_id = $client->getId();
$user = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\OAuthUser')
->findOneBy(['id' => $user_id]);
$refreshToken = OAuthRefreshToken::fromArray(
[
'refresh_token' => $refreshToken,
'client' => $client,
'user' => $user,
'expires' => (new \DateTime())->setTimestamp($expires),
'scope' => $scope,
'client_id' => $client_id,
'user_id' => $user_id,
]
);
$this->_em->persist($refreshToken);
$this->_em->flush();
}
/**
* @param $refreshToken
* @throws ORMException
* @throws OptimisticLockException
*/
public function unsetRefreshToken($refreshToken)
{
$refreshToken = $this->findOneBy(['refresh_token' => $refreshToken]);
$this->_em->remove($refreshToken);
$this->_em->flush();
}
/**
* Delete a row
*
* @param string $token
* @return bool
* @throws ORMException
* @throws OptimisticLockException
*/
public function expireToken($token): bool
{
$token = $this->findOneBy(['refresh_token' => $token]);
if (!empty($token)) {
$ts = time();
$datetime = new \DateTime();
$datetime->setTimestamp($ts);
$token->setExpires($datetime);
$this->_em->merge($token);
return $this->_em->flush();
}
throw new \RuntimeException('No Token Found.');
}
}

80
core/modules/Users/Storage/OAuthUserClaimsStorage.php Normal file
View file

@ -0,0 +1,80 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use Doctrine\ORM\EntityRepository;
use OAuth2\OpenID\Storage\UserClaimsInterface;
use SuiteCRM\Core\Modules\Users\Entity\OAuthUserClaims;
class OAuthUserClaimsStorage extends EntityRepository implements UserClaimsInterface
{
/**
* @param mixed $user_id
* @param string $scope
* @return array|bool
*/
public function getUserClaims($user_id, $scope)
{
if (!$userDetails = $this->getUserDetails($user_id)) {
return false;
}
$claims = explode(' ', trim($claims));
$userClaims = [];
// for each requested claim, if the user has the claim, set it in the response
$validClaims = explode(' ', self::VALID_CLAIMS);
foreach ($validClaims as $validClaim) {
if (in_array($validClaim, $claims, true)) {
if ($validClaim == 'address') {
// address is an object with subfields
$userClaims['address'] = $this->getUserClaim($validClaim, $userDetails['address'] ?: $userDetails);
} else {
$userClaims = array_merge($userClaims, $this->getUserClaim($validClaim, $userDetails));
}
}
}
return $userClaims;
}
/**
* @param $claim
* @param $userDetails
* @return array
*/
protected function getUserClaim($claim, $userDetails)
{
$userClaims = [];
$claimValuesString = constant(sprintf('self::%s_CLAIM_VALUES', strtoupper($claim)));
$claimValues = explode(' ', $claimValuesString);
foreach ($claimValues as $value) {
$userClaims[$value] = isset($userDetails[$value]) ? $userDetails[$value] : null;
}
return $userClaims;
}
/**
* @param $username
* @return array|bool
*/
public function getUserDetails($username)
{
if (!isset($this->userCredentials[$username])) {
return false;
}
return array_merge(
[
'user_id' => $username,
'password' => null,
'first_name' => null,
'last_name' => null,
],
$this->userCredentials[$username]
);
}
}

68
core/modules/Users/Storage/OAuthUserStorage.php Normal file
View file

@ -0,0 +1,68 @@
<?php
namespace SuiteCRM\Core\Modules\Users\Storage;
use Doctrine\ORM\EntityRepository;
use OAuth2\Storage\UserCredentialsInterface;
class OAuthUserStorage extends EntityRepository implements UserCredentialsInterface
{
/**
* @param $username
* @param $password
* @return bool
*/
public function checkUserCredentials($username, $password)
{
// $user = $this->findOneBy(['user_name' => $username]);
//
// if ($user) {
// return $user->verifyPassword($password);
// }
//
// return false;
return true;
}
/**
* @param $username
* @return object|null ARRAY the associated "user_id" and optional "scope" values
* ARRAY the associated "user_id" and optional "scope" values
* This function MUST return FALSE if the requested user does not exist or is
* invalid. "scope" is a space-separated list of restricted scopes.
* @code
* return array(
* "user_id" => USER_ID, // REQUIRED user_id to be stored with the authorization code or access token
* "scope" => SCOPE // OPTIONAL space-separated list of restricted scopes
* );
* @endcode
*/
public function getUserDetails($username)
{
$user = $this->findOneBy(['username' => $username]);
if ($user) {
$user = $user->toArray();
}
return $user;
}
// public function setSessionId($accesstoken, $session_id)
// {
// $tokenEntity = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\oAuthAccessToken')
// ->findOneBy(['token' => $accesstoken]);
//
// $userId = $tokenEntity->getUserId();
//
// $userEntity = $this->_em->getRepository('SuiteCRM\Core\Modules\Users\Entity\oAuthUser')
// ->findOneBy(['id' => $userId]);
//
// $userEntity->setSessionId($session_id);
//
// $this->_em->merge($userEntity);
//
// $this->_em->flush();
// }
}

24
core/modules/Users/Users.php Normal file
View file

@ -0,0 +1,24 @@
<?php
namespace SuiteCRM\Core\Modules\Users;
use SuiteCRM\Core\Base\Module\ModuleInterface;
class Users implements ModuleInterface
{
/**
* @return mixed|string
*/
public function getName()
{
return 'Users Module';
}
/**
* @return mixed|string
*/
public function getDescription()
{
return 'This module will allow the user to configurate their user account';
}
}

3
core/modules/Users/View/index.json.php Normal file
View file

@ -0,0 +1,3 @@
<?php
$view->template->get('template/default.json');