2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
3 /*********************************************************************************
4 * SugarCRM Community Edition is a customer relationship management program developed by
5 * SugarCRM, Inc. Copyright (C) 2004-2012 SugarCRM Inc.
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU Affero General Public License version 3 as published by the
9 * Free Software Foundation with the addition of the following permission added
10 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
11 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
12 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
19 * You should have received a copy of the GNU Affero General Public License along with
20 * this program; if not, see http://www.gnu.org/licenses or write to the Free
21 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
25 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
27 * The interactive user interfaces in modified source and object code versions
28 * of this program must display Appropriate Legal Notices, as required under
29 * Section 5 of the GNU Affero General Public License version 3.
31 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
32 * these Appropriate Legal Notices must retain the display of the "Powered by
33 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
34 * technical reasons, the Appropriate Legal Notices must display the words
35 * "Powered by SugarCRM".
36 ********************************************************************************/
40 require_once 'Zend/Oauth/Provider.php';
41 require_once 'modules/OAuthKeys/OAuthKey.php';
46 class OAuthToken extends SugarBean
48 public $module_dir = 'OAuthTokens';
49 public $object_name = 'OAuthToken';
50 public $table_name = 'oauth_tokens';
51 public $disable_row_level_security = true;
59 public $assigned_user_id;
62 // authdata is not preserved so far since we don't have any useful data yet
63 // so it's an extension point for the future
70 function __construct($token='', $secret='')
73 $this->token = $token;
74 $this->secret = $secret;
75 $this->setState(self::REQUEST);
83 public function setState($s)
90 * Associate the token with the consumer key
91 * @param OAuthKey $consumer
94 public function setConsumer($consumer)
96 $this->consumer = $consumer->id;
97 $this->consumer_obj = $consumer;
102 * Set callback URL for request token
106 public function setCallbackURL($url)
108 $this->callback_url = $url;
113 * Generate random token
116 protected static function randomValue()
118 return bin2hex(Zend_Oauth_Provider::generateToken(6));
122 * Generate random token/secret pair and create token
125 static function generate()
127 $t = self::randomValue();
128 $s = self::randomValue();
129 return new self($t, $s);
132 public function save()
134 $this->token_ts = time();
135 if(!isset($this->id)) {
136 $this->new_with_id = true;
137 $this->id = $this->token;
144 * @param string $token
147 static function load($token)
149 $ltoken = new self();
150 $ltoken->retrieve($token);
151 if(empty($ltoken->id)) return null;
152 $ltoken->token = $ltoken->id;
153 if(!empty($ltoken->consumer)) {
154 $ltoken->consumer_obj = BeanFactory::getBean("OAuthKeys", $ltoken->consumer);
155 if(empty($ltoken->consumer_obj->id)) {
165 public function invalidate()
167 $this->setState(self::INVALID);
168 $this->verify = false;
169 return $this->save();
173 * Create a new authorized token for specific user
174 * This bypasses normal OAuth process and creates a ready-made access token
175 * @param OAuthKey $consumer
179 public static function createAuthorized($consumer, $user)
181 $token = self::generate();
182 $token->setConsumer($consumer);
183 $token->setState(self::ACCESS);
184 $token->assigned_user_id = $user->id;
190 * Authorize request token
191 * @param mixed $authdata
192 * @return string Validation token
194 public function authorize($authdata)
196 if($this->tstate != self::REQUEST) {
199 $this->verify = self::randomValue();
200 $this->authdata = $authdata;
201 if(isset($authdata['user'])) {
202 $this->assigned_user_id = $authdata['user'];
205 return $this->verify;
209 * Copy auth data between tokens
210 * @param OAuthToken $token
213 public function copyAuthData(OAuthToken $token)
215 $this->authdata = $token->authdata;
216 $this->assigned_user_id = $token->assigned_user_id;
221 * Get query string for the token
223 public function queryString()
225 return "oauth_token={$this->token}&oauth_token_secret={$this->secret}";
229 * Clean up stale tokens
231 static public function cleanup()
234 // delete invalidated tokens older than 1 day
235 $db->query("DELETE FROM oauth_token WHERE status = ".self::INVALID." AND token_ts < ".time()-60*60*24);
236 // delete request tokens older than 1 day
237 $db->query("DELETE FROM oauth_token WHERE status = ".self::REQUEST." AND token_ts < ".time()-60*60*24);
241 * Check if the nonce is valid
243 * @param string $nonce
246 public static function checkNonce($key, $nonce, $ts)
250 $res = $db->query(sprintf("SELECT * FROM oauth_nonce WHERE conskey='%s' AND nonce_ts > %d", $db->quote($key), $ts));
251 if($res && $db->fetchByAssoc($res)) {
253 return Zend_Oauth_Provider::BAD_TIMESTAMP;
256 $res = $db->query(sprintf("SELECT * FROM oauth_nonce WHERE conskey='%s' AND nonce='%s' AND nonce_ts = %d", $db->quote($key), $db->quote($nonce), $ts));
257 if($res && $db->fetchByAssoc($res)) {
258 // Already seen this one
259 return Zend_Oauth_Provider::BAD_NONCE;
261 $db->query(sprintf("DELETE FROM oauth_nonce WHERE conskey='%s' AND nonce_ts < %d", $db->quote($key), $ts));
262 $db->query(sprintf("INSERT INTO oauth_nonce(conskey, nonce, nonce_ts) VALUES('%s', '%s', %d)", $db->quote($key), $db->quote($nonce), $ts));
263 return Zend_Oauth_Provider::OK;
269 * @see SugarBean::mark_deleted($id)
271 public function mark_deleted($id)
273 $this->db->query("DELETE from {$this->table_name} WHERE id='".$this->db->quote($id)."'");
277 * Delete tokens by consumer ID
278 * @param string $user
280 public static function deleteByConsumer($consumer_id)
283 $db->query("DELETE FROM oauth_tokens WHERE consumer='".$db->quote($consumer_id) ."'");
287 * Delete tokens by user ID
288 * @param string $user
290 public static function deleteByUser($user_id)
293 $db->query("DELETE FROM oauth_tokens WHERE assigned_user_id='".$db->quote($user_id) ."'");
299 function displayDateFromTs($focus, $field, $value, $view='ListView')
301 $field = strtoupper($field);
302 if(!isset($focus[$field])) return '';
304 return $timedate->asUser($timedate->fromTimestamp($focus[$field]));