From fd982bcdee0fde68f746d58b7ce7f0cb72f39f71 Mon Sep 17 00:00:00 2001 From: Ozan Seymen Date: Fri, 9 Jun 2017 18:05:44 +0100 Subject: [PATCH 1/3] putting grant_type in form parameters for client credentials grant --- smartdocs_oauth_additions.module | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/smartdocs_oauth_additions.module b/smartdocs_oauth_additions.module index 9e9e4af..1edc6e1 100644 --- a/smartdocs_oauth_additions.module +++ b/smartdocs_oauth_additions.module @@ -160,6 +160,7 @@ function smartdocs_oauth_additions_form_generate_token($form, $form_state){ ) ); + $postBody['grant_type'] = 'client_credentials'; } else if($grant_type == 'password') { $postBody['client_id'] = $client_id; $postBody['client_secret'] = $client_secret; @@ -174,7 +175,7 @@ function smartdocs_oauth_additions_form_generate_token($form, $form_state){ ); } $client = new \Guzzle\Http\Client($scheme->getAccessTokenUrl(), $client_config); - $request = $client->post('' ,array(), drupal_http_build_query($postBody)); + $request = $client->post('', array('Content-Type'=>'application/x-www-form-urlencoded'), drupal_http_build_query($postBody)); try { $response = $request->send(); $oauth_res = json_decode($response->getBody(true)); From c9ab264abb5810f25bda2dbe718b9965293a47dc Mon Sep 17 00:00:00 2001 From: Ozan Seymen Date: Mon, 3 Jul 2017 12:39:54 +0100 Subject: [PATCH 2/3] remove 'default application' option from apps dropdown --- smartdocs_oauth_additions.module | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/smartdocs_oauth_additions.module b/smartdocs_oauth_additions.module index 1edc6e1..5cde9e3 100644 --- a/smartdocs_oauth_additions.module +++ b/smartdocs_oauth_additions.module @@ -72,7 +72,7 @@ function smartdocs_oauth_additions_form($form, $form_state, $node, $oauth_scheme $form['user_app'] = array( '#title' => 'API Key to use for the API call', '#type' => 'select', - '#options' => array('default' => 'Default Credentials') + $options, + '#options' => $options, '#description' => 'Choose one of your apps to use. You can request an app to be created by clicking ' . l('here', 'user/me/apps'), ); if(in_array('password', $oauth_schemes)){ From 1082d900b18c0c313f3c0e44febf59ba6cdcc2e2 Mon Sep 17 00:00:00 2001 From: Ozan Seymen Date: Mon, 3 Jul 2017 14:14:36 +0100 Subject: [PATCH 3/3] remove dependency to client credentials setup in template auth --- smartdocs_oauth_additions.module | 314 +++++++++++++++---------------- 1 file changed, 155 insertions(+), 159 deletions(-) diff --git a/smartdocs_oauth_additions.module b/smartdocs_oauth_additions.module index 5cde9e3..e3dd87f 100644 --- a/smartdocs_oauth_additions.module +++ b/smartdocs_oauth_additions.module @@ -10,37 +10,37 @@ * @param $vars */ function smartdocs_oauth_additions_preprocess_page(&$vars){ - $item = menu_get_item(); - if($item['map'][0] == 'node' && $item['map'][1]->type == 'smart_method'){ - $oauth_schemes = array(); - $config = devconnect_default_org_config(); - $node = $item['map'][1]; + $item = menu_get_item(); + if($item['map'][0] == 'node' && $item['map'][1]->type == 'smart_method'){ + $oauth_schemes = array(); + $config = devconnect_default_org_config(); + $node = $item['map'][1]; - // Try to load the model taxonomy term. - if (!empty($node->field_smart_method_model[LANGUAGE_NONE][0]['taxonomy_term'])) { - $model_term = &$node->field_smart_method_model[LANGUAGE_NONE][0]['taxonomy_term']; - } - elseif (!empty($node->field_smart_method_model[LANGUAGE_NONE][0]['tid'])) { - $model_term = taxonomy_term_load($node->field_smart_method_model[LANGUAGE_NONE][0]['tid']); - } + // Try to load the model taxonomy term. + if (!empty($node->field_smart_method_model[LANGUAGE_NONE][0]['taxonomy_term'])) { + $model_term = &$node->field_smart_method_model[LANGUAGE_NONE][0]['taxonomy_term']; + } + elseif (!empty($node->field_smart_method_model[LANGUAGE_NONE][0]['tid'])) { + $model_term = taxonomy_term_load($node->field_smart_method_model[LANGUAGE_NONE][0]['tid']); + } - if (!empty($model_term)) { - $security = new \Apigee\SmartDocs\Security($config, $model_term->name, $node->field_smart_method_revision_num[LANGUAGE_NONE][0]['value']); - foreach($node->field_smart_method_security[LANGUAGE_NONE] as $row){ - $scheme = $security->load($row['value']); - if($scheme instanceof \Apigee\SmartDocs\Security\Oauth2Scheme) { - $accessTokenUrl = drupal_parse_url($scheme->getAccessTokenUrl()); - $oauth_schemes[$row['value']] = $accessTokenUrl['query']['grant_type']; + if (!empty($model_term)) { + $security = new \Apigee\SmartDocs\Security($config, $model_term->name, $node->field_smart_method_revision_num[LANGUAGE_NONE][0]['value']); + foreach($node->field_smart_method_security[LANGUAGE_NONE] as $row){ + $scheme = $security->load($row['value']); + if($scheme instanceof \Apigee\SmartDocs\Security\Oauth2Scheme) { + $accessTokenUrl = drupal_parse_url($scheme->getAccessTokenUrl()); + $oauth_schemes[$row['value']] = $accessTokenUrl['query']['grant_type']; + } + } + if(!empty($oauth_schemes)){ + $form = drupal_get_form('smartdocs_oauth_additions_form', $node, $oauth_schemes); + drupal_add_js(array('apigee_oauth_additions_form' => drupal_render($form)), 'setting'); + drupal_add_library("system", "drupal.ajax"); + drupal_add_js(drupal_get_path('module', 'smartdocs_oauth_additions') ."/smartdocs_oauth_additions.js"); + } } - } - if(!empty($oauth_schemes)){ - $form = drupal_get_form('smartdocs_oauth_additions_form', $node, $oauth_schemes); - drupal_add_js(array('apigee_oauth_additions_form' => drupal_render($form)), 'setting'); - drupal_add_library("system", "drupal.ajax"); - drupal_add_js(drupal_get_path('module', 'smartdocs_oauth_additions') ."/smartdocs_oauth_additions.js"); - } } - } } /** @@ -53,63 +53,63 @@ function smartdocs_oauth_additions_preprocess_page(&$vars){ * @return mixed */ function smartdocs_oauth_additions_form($form, $form_state, $node, $oauth_schemes){ - if(empty($oauth_schemes)) { - return $form; - } - $options = array(); - if (user_is_logged_in()) { - global $user; - $app_entities = entity_load('developer_app', FALSE, array('mail' => $user->mail)); - array_walk($app_entities, function ($app) use (&$options, $api_products) { - // TODO Each Developer app status should be stored in constants on - // the Drupal side. Ex.: DEVELOPER_APP_STATUS_APPROVED. - if ($app->credentialStatus == 'approved' && !array_intersect($api_products, $app->apiProducts)) { - $options[$app->name] = $app->attributes['DisplayName']; - } - }); - asort($options); - } - $form['user_app'] = array( - '#title' => 'API Key to use for the API call', - '#type' => 'select', - '#options' => $options, - '#description' => 'Choose one of your apps to use. You can request an app to be created by clicking ' . l('here', 'user/me/apps'), - ); - if(in_array('password', $oauth_schemes)){ - $form['client_username'] = array( - '#title' => 'Username', - '#type' => 'textfield', - '#description' => 'Please enter the username', + if(empty($oauth_schemes)) { + return $form; + } + $options = array(); + if (user_is_logged_in()) { + global $user; + $app_entities = entity_load('developer_app', FALSE, array('mail' => $user->mail)); + array_walk($app_entities, function ($app) use (&$options, $api_products) { + // TODO Each Developer app status should be stored in constants on + // the Drupal side. Ex.: DEVELOPER_APP_STATUS_APPROVED. + if ($app->credentialStatus == 'approved' && !array_intersect($api_products, $app->apiProducts)) { + $options[$app->name] = $app->attributes['DisplayName']; + } + }); + asort($options); + } + $form['user_app'] = array( + '#title' => 'API Key to use for the API call', + '#type' => 'select', + '#options' => $options, + '#description' => 'Choose one of your apps to use. You can request an app to be created by clicking ' . l('here', 'user/me/apps'), ); - $form['client_password'] = array( - '#title' => 'Password', - '#type' => 'password', - '#description' => 'Please enter the password', + if(in_array('password', $oauth_schemes)){ + $form['client_username'] = array( + '#title' => 'Username', + '#type' => 'textfield', + '#description' => 'Please enter the username', + ); + $form['client_password'] = array( + '#title' => 'Password', + '#type' => 'password', + '#description' => 'Please enter the password', + ); + } + $model_term = taxonomy_term_load($node->field_smart_method_model[LANGUAGE_NONE][0]['tid']); + $form['model'] = array( + '#type' => 'value', + '#value' => $model_term->name, + ); + $form['revision'] = array( + '#type' => 'value', + '#value' => $node->field_smart_method_revision_num[LANGUAGE_NONE][0]['value'], + ); + $form['security'] = array( + '#type' => 'value', + '#value' => $oauth_schemes, + ); + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Generate OAuth Token'), + '#ajax' => array( + 'callback' => 'smartdocs_oauth_additions_form_generate_token', + ) ); - } - $model_term = taxonomy_term_load($node->field_smart_method_model[LANGUAGE_NONE][0]['tid']); - $form['model'] = array( - '#type' => 'value', - '#value' => $model_term->name, - ); - $form['revision'] = array( - '#type' => 'value', - '#value' => $node->field_smart_method_revision_num[LANGUAGE_NONE][0]['value'], - ); - $form['security'] = array( - '#type' => 'value', - '#value' => $oauth_schemes, - ); - $form['submit'] = array( - '#type' => 'submit', - '#value' => t('Generate OAuth Token'), - '#ajax' => array( - 'callback' => 'smartdocs_oauth_additions_form_generate_token', - ) - ); - $form['#attached']['js'][] = drupal_get_path('module', 'smartdocs_oauth_additions') . "/smartdocs_oauth_additions.js"; - return $form; + $form['#attached']['js'][] = drupal_get_path('module', 'smartdocs_oauth_additions') . "/smartdocs_oauth_additions.js"; + return $form; } /** @@ -120,83 +120,79 @@ function smartdocs_oauth_additions_form($form, $form_state, $node, $oauth_scheme * @return array */ function smartdocs_oauth_additions_form_generate_token($form, $form_state){ - $config = devconnect_default_org_config(); - $security = new \Apigee\SmartDocs\Security($config, $form_state['values']['model'], $form_state['values']['revision']); - foreach($form_state['values']['security'] as $scheme_name => $grant_type) { - $scheme = $security->load($scheme_name); - if($scheme instanceof \Apigee\SmartDocs\Security\Oauth2Scheme) { - $template_auth = new \Apigee\SmartDocs\TemplateAuth($config, $form_state['values']['model']); - $template_auth_scheme = $template_auth->load($scheme_name); - if($template_auth_scheme instanceof \Apigee\SmartDocs\Security\Oauth2TemplateAuthScheme){ - $oauth2Credentials = array(); - $oauth2Credentials['ERRORCODE'] = ''; - $oauth2Credentials['ERRORMESSAGE'] = ''; - $oauth2Credentials['ACCESSTOKEN'] = ''; - $oauth2Credentials['ACCESSTOKENTYPE'] = 'bearer'; - $oauth2Credentials['ACCESSTOKENPARAMNAME'] = 'access_token'; - $oauth2Credentials['PROXYURL'] = ''; + $config = devconnect_default_org_config(); + $security = new \Apigee\SmartDocs\Security($config, $form_state['values']['model'], $form_state['values']['revision']); + foreach($form_state['values']['security'] as $scheme_name => $grant_type) { + $scheme = $security->load($scheme_name); + if($scheme instanceof \Apigee\SmartDocs\Security\Oauth2Scheme) { + $oauth2Credentials = array(); + $oauth2Credentials['ERRORCODE'] = ''; + $oauth2Credentials['ERRORMESSAGE'] = ''; + $oauth2Credentials['ACCESSTOKEN'] = ''; + $oauth2Credentials['ACCESSTOKENTYPE'] = 'bearer'; + $oauth2Credentials['ACCESSTOKENPARAMNAME'] = 'access_token'; + $oauth2Credentials['PROXYURL'] = ''; - $client_id = $template_auth_scheme->getClientId(); - $client_secret = $template_auth_scheme->getClientSecret(); - $postBody = array(); + $client_id = ''; + $client_secret = ''; + $postBody = array(); - if($form_state['values']['user_app'] !== 'default' && user_is_logged_in()){ - global $user; - $entity = entity_load('developer_app',array(), array('mail' => $user->mail, 'name' => $form_state['values']['user_app'])); - $entity = reset($entity); - $client_id = $entity->consumerKey; - $client_secret = $entity->consumerSecret; - } + if($form_state['values']['user_app'] !== 'default' && user_is_logged_in()){ + global $user; + $entity = entity_load('developer_app',array(), array('mail' => $user->mail, 'name' => $form_state['values']['user_app'])); + $entity = reset($entity); + $client_id = $entity->consumerKey; + $client_secret = $entity->consumerSecret; + } - if($grant_type == 'client_credentials') { - $client_config = array( - 'request.options' => - array( - 'auth' => array( - $client_id, - $client_secret, - 'basic', - ) - ) - ); + if($grant_type == 'client_credentials') { + $client_config = array( + 'request.options' => + array( + 'auth' => array( + $client_id, + $client_secret, + 'basic', + ) + ) + ); - $postBody['grant_type'] = 'client_credentials'; - } else if($grant_type == 'password') { - $postBody['client_id'] = $client_id; - $postBody['client_secret'] = $client_secret; - $client_config = array( - 'request.options' => array( - 'auth' => array( - $form_state['values']['client_username'], - $form_state['values']['client_password'], - 'basic', - ) - ) - ); + $postBody['grant_type'] = 'client_credentials'; + } else if($grant_type == 'password') { + $postBody['client_id'] = $client_id; + $postBody['client_secret'] = $client_secret; + $client_config = array( + 'request.options' => array( + 'auth' => array( + $form_state['values']['client_username'], + $form_state['values']['client_password'], + 'basic', + ) + ) + ); + } + $client = new \Guzzle\Http\Client($scheme->getAccessTokenUrl(), $client_config); + $request = $client->post('', array('Content-Type'=>'application/x-www-form-urlencoded'), drupal_http_build_query($postBody)); + try { + $response = $request->send(); + $oauth_res = json_decode($response->getBody(true)); + $oauth2Credentials['ACCESSTOKEN'] = $oauth_res->access_token; + }catch (\Guzzle\Http\Exception\BadResponseException $e) { + $response = $e->getResponse(); + $error_res = json_decode($response->getBody(true)); + $oauth2Credentials['ERRORCODE'] = $error_res->errorCode; + $oauth2Credentials['ERRORMESSAGE'] = $error_res->remediation ; + }catch(Exception $e){ + $oauth2Credentials['ERRORCODE'] = $e->getCode(); + $oauth2Credentials['ERRORMESSAGE'] = $e->getMessage(); + } + return array('#type' => 'ajax', '#commands' => array( + array('command'=>'setAccessTokenAndLocation', 'data' => $oauth2Credentials), + ajax_command_invoke('[data-dismiss="modal"]', 'click', array()), + )); } - $client = new \Guzzle\Http\Client($scheme->getAccessTokenUrl(), $client_config); - $request = $client->post('', array('Content-Type'=>'application/x-www-form-urlencoded'), drupal_http_build_query($postBody)); - try { - $response = $request->send(); - $oauth_res = json_decode($response->getBody(true)); - $oauth2Credentials['ACCESSTOKEN'] = $oauth_res->access_token; - }catch (\Guzzle\Http\Exception\BadResponseException $e) { - $response = $e->getResponse(); - $error_res = json_decode($response->getBody(true)); - $oauth2Credentials['ERRORCODE'] = $error_res->errorCode; - $oauth2Credentials['ERRORMESSAGE'] = $error_res->remediation ; - }catch(Exception $e){ - $oauth2Credentials['ERRORCODE'] = $e->getCode(); - $oauth2Credentials['ERRORMESSAGE'] = $e->getMessage(); - } - return array('#type' => 'ajax', '#commands' => array( - array('command'=>'setAccessTokenAndLocation', 'data' => $oauth2Credentials), - ajax_command_invoke('[data-dismiss="modal"]', 'click', array()), - )); - } } - } - return array('#type' => 'ajax', '#commands' => array(ajax_command_alert("Something went wrong !!"))); + return array('#type' => 'ajax', '#commands' => array(ajax_command_alert("Something went wrong !!"))); } /** @@ -205,14 +201,14 @@ function smartdocs_oauth_additions_form_generate_token($form, $form_state){ * @param $form_state */ function smartdocs_oauth_additions_form_smartdocs_model_security_scheme_alter(&$form, $form_state){ - $message = <<<__STR__ + $message = <<<__STR__ You have smartdocs_oauth_additions module enabled. You should pass the "grant_type" as a query parameter in the "Access token url" field. This will let the module provide OAuth widgets. __STR__; - drupal_set_message(t($message), "warning"); - $form['#validate'][] = 'smartdocs_oauth_additions_form_smartdocs_model_security_scheme_validate'; + drupal_set_message(t($message), "warning"); + $form['#validate'][] = 'smartdocs_oauth_additions_form_smartdocs_model_security_scheme_validate'; } /** @@ -223,8 +219,8 @@ __STR__; * @param $form_state */ function smartdocs_oauth_additions_form_smartdocs_model_security_scheme_validate($form, $form_state){ - $accesstokenurl = drupal_parse_url($form_state['values']['auth_fields']['accessTokenUrl']); - if(!isset($accesstokenurl['query']['grant_type'])){ - form_set_error('values][auth_fields][accessTokenUrl', "grant_type is not set in the Access Token URL"); - } + $accesstokenurl = drupal_parse_url($form_state['values']['auth_fields']['accessTokenUrl']); + if(!isset($accesstokenurl['query']['grant_type'])){ + form_set_error('values][auth_fields][accessTokenUrl', "grant_type is not set in the Access Token URL"); + } }