mirror of
https://github.com/SuiteCRM/SuiteCRM-Core.git
synced 2025-08-29 08:17:18 +08:00
dd455a1c2d
ace35f6573 SuiteCRM 7.11.22 Release 0e1db16cf0 Fix #9297 - V8 API Auth issues on windows 3c3b2c7784 Fix #9293 - Error on audit save 58dd2e9dc6 Fix #9286 - EmailsComposeView.js Formatting a3636f3953 Fix #9269 - edit view jumps to tab with validation error upon save, if hidden 43e9079b0e Fix #9262 - Add the `Overview` label to Security Groups detailview 6503cca0ac Fixes #9257 Adjusting references and tests to reflect updated GoogleAPIalias 4d5baa12ff Implement PDF Selection git-subtree-dir: public/legacy git-subtree-split: ace35f6573ad384e4e7472684262684f5cf195ee
107 lines
3.6 KiB
PHP
107 lines
3.6 KiB
PHP
<?php
|
|
|
|
use Api\Core\Config\ApiConfig;
|
|
use Api\V8\BeanDecorator\BeanManager;
|
|
use Api\V8\OAuth2\Entity\AccessTokenEntity;
|
|
use Api\V8\OAuth2\Entity\ClientEntity;
|
|
use Api\V8\OAuth2\Repository\AccessTokenRepository;
|
|
use Api\V8\OAuth2\Repository\ClientRepository;
|
|
use Api\V8\OAuth2\Repository\RefreshTokenRepository;
|
|
use Api\V8\OAuth2\Repository\ScopeRepository;
|
|
use Api\V8\OAuth2\Repository\UserRepository;
|
|
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
|
|
use Psr\Container\ContainerInterface as Container;
|
|
use League\OAuth2\Server\AuthorizationServer;
|
|
use League\OAuth2\Server\Grant\PasswordGrant;
|
|
use League\OAuth2\Server\Grant\RefreshTokenGrant;
|
|
use League\OAuth2\Server\ResourceServer;
|
|
use Api\Core\Loader\CustomLoader;
|
|
use Api\V8\Helper\OsHelper;
|
|
use League\OAuth2\Server\CryptKey;
|
|
|
|
return CustomLoader::mergeCustomArray([
|
|
AuthorizationServer::class => static function (Container $container) {
|
|
// base dir must exist in entryPoint.php
|
|
$baseDir = $GLOBALS['BASE_DIR'];
|
|
|
|
$shouldCheckPermissions = OsHelper::getOS() !== OsHelper::OS_WINDOWS;
|
|
|
|
$server = new AuthorizationServer(
|
|
new ClientRepository(
|
|
new ClientEntity(),
|
|
$container->get(BeanManager::class)
|
|
),
|
|
new AccessTokenRepository(
|
|
new AccessTokenEntity(),
|
|
$container->get(BeanManager::class)
|
|
),
|
|
new ScopeRepository(),
|
|
new CryptKey(
|
|
sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PRIVATE_KEY),
|
|
null,
|
|
$shouldCheckPermissions
|
|
),
|
|
new CryptKey(
|
|
sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PUBLIC_KEY),
|
|
null,
|
|
$shouldCheckPermissions
|
|
)
|
|
);
|
|
|
|
$oauth2EncKey = isset($GLOBALS['sugar_config']['oauth2_encryption_key'])
|
|
? $GLOBALS['sugar_config']['oauth2_encryption_key'] : '';
|
|
if (empty($oauth2EncKey)) {
|
|
$oauth2EncKey = 'SCRM-DEFK';
|
|
if (isset($GLOBALS['log'])) {
|
|
$GLOBALS['log']->fatal('WARNING: `oauth2_encryption_key` not set in config.php');
|
|
}
|
|
}
|
|
|
|
$server->setEncryptionKey($oauth2EncKey);
|
|
|
|
// Client credentials grant
|
|
$server->enableGrantType(
|
|
new ClientCredentialsGrant(),
|
|
new DateInterval('PT1H')
|
|
);
|
|
|
|
// Password credentials grant
|
|
$server->enableGrantType(
|
|
new PasswordGrant(
|
|
new UserRepository($container->get(BeanManager::class)),
|
|
new RefreshTokenRepository($container->get(BeanManager::class))
|
|
),
|
|
new DateInterval('PT1H')
|
|
);
|
|
|
|
$refreshGrant = new RefreshTokenGrant(
|
|
new RefreshTokenRepository($container->get(BeanManager::class))
|
|
);
|
|
|
|
$refreshGrant->setRefreshTokenTTL(new DateInterval('P1M'));
|
|
|
|
$server->enableGrantType(
|
|
$refreshGrant,
|
|
new DateInterval('PT1H')
|
|
);
|
|
|
|
return $server;
|
|
},
|
|
ResourceServer::class => static function (Container $container) {
|
|
$baseDir = $GLOBALS['BASE_DIR'];
|
|
|
|
$shouldCheckPermissions = OsHelper::getOS() !== OsHelper::OS_WINDOWS;
|
|
|
|
return new ResourceServer(
|
|
new AccessTokenRepository(
|
|
new AccessTokenEntity(),
|
|
$container->get(BeanManager::class)
|
|
),
|
|
new CryptKey(
|
|
sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PUBLIC_KEY),
|
|
null,
|
|
$shouldCheckPermissions
|
|
)
|
|
);
|
|
},
|
|
], basename(__FILE__));
|
