Merge branch 'main' into issue-3911issue-3911

author: Philipp Schüttlöffel <schuettloeffel@zqs.uni-hannover.de> 2024-09-24 10:53:31 +0200
committer: Philipp Schüttlöffel <schuettloeffel@zqs.uni-hannover.de> 2024-09-24 10:53:31 +0200
commit: 4459dd7917f4d1c34f40bb68f0e991e9c3d53e4c (patch)
tree: 5c07151ae61276d334e88f6309c30d439a85c12e /app/controllers/api
parent: da0022e5c1abbf9825ae76debaabdff7e8623bb4 (diff)
parent: 97a188592c679890a25c37ab78463add76a52ff7 (diff)
6 files changed, 7 insertions, 178 deletions
diff --git a/app/controllers/api/authorizations.php b/app/controllers/api/authorizations.php
deleted file mode 100644
index 543bc79..0000000
--- a/app/controllers/api/authorizations.php
+++ /dev/null
@@ -1,58 +0,0 @@
-<?php
-
-require_once 'lib/bootstrap-api.php';
-
-/**
-* @deprecated Since Stud.IP 5.0. Will be removed in Stud.IP 6.0.
- **/
-class Api_AuthorizationsController extends AuthenticatedController
-{
-    /**
-     *
-     **/
-    public function before_filter(&$action, &$args)
-    {
-        parent::before_filter($action, $args);
-
-        $GLOBALS['perm']->check('autor');
-
-        Navigation::activateItem('/profile/settings/api');
-        PageLayout::setTitle(_('Applikationen'));
-
-        $this->types = [
-            'website' => _('Website'),
-            'program' => _('Herkömmliches Desktopprogramm'),
-            'app'     => _('Mobile App')
-        ];
-    }
-
-    /**
-     *
-     **/
-    public function index_action()
-    {
-        $this->consumers = RESTAPI\UserPermissions::get($GLOBALS['user']->id)->getConsumers();
-        $this->types = [
-            'website' => _('Website'),
-            'program' => _('Herkömmliches Desktopprogramm'),
-            'app'     => _('Mobile App')
-        ];
-
-        $widget = new SidebarWidget();
-        $widget->setTitle(_('Informationen'));
-        $widget->addElement(new WidgetElement(_('Dies sind die Apps, die Zugriff auf Ihren Account haben.')));
-        Sidebar::Get()->addWidget($widget);
-    }
-
-    /**
-     *
-     **/
-    public function revoke_action($id)
-    {
-        $consumer = new RESTAPI\Consumer\OAuth($id);
-        $consumer->revokeAccess($GLOBALS['user']->id);
-
-        PageLayout::postMessage(MessageBox::success(_('Der Applikation wurde der Zugriff auf Ihre Daten untersagt.')));
-        $this->redirect('api/authorizations');
-    }
-}
diff --git a/app/controllers/api/oauth.php b/app/controllers/api/oauth.php
deleted file mode 100644
index bc80c90..0000000
--- a/app/controllers/api/oauth.php
+++ /dev/null
@@ -1,113 +0,0 @@
-<?php
-
-require_once 'lib/bootstrap-api.php';
-
-/**
- * @deprecated Since Stud.IP 5.0. Will be removed in Stud.IP 6.0.
- **/
-class Api_OauthController extends StudipController
-{
-    /**
-     *
-     **/
-    public function before_filter(&$action, &$args)
-    {
-        parent::before_filter($action, $args);
-
-        # initialize Stud.IP-Session
-        page_open(['sess' => 'Seminar_Session',
-                        'auth' => 'Seminar_Default_Auth',
-                        'perm' => 'Seminar_Perm',
-                        'user' => 'Seminar_User']);
-
-        $this->set_layout(null);
-    }
-
-    /**
-     *
-     **/
-    public function index_action()
-    {
-        $this->render_text('TODO');
-    }
-
-    /**
-     *
-     **/
-    public function request_token_action()
-    {
-        $server = new OAuthServer();
-        $token = $server->requestToken();
-
-        $this->response->headers = [];
-        $this->render_nothing();
-    }
-
-    /**
-     *
-     **/
-    public function authorize_action()
-    {
-        global $user, $auth;
-
-        $auth_plugin = Config::get()->API_OAUTH_AUTH_PLUGIN;
-        if ($GLOBALS['user']->id === 'nobody' && $auth_plugin !== 'Standard' && !Request::option('sso')) {
-            $params = $_GET;
-            $params['sso'] = strtolower($auth_plugin);
-            $this->redirect($this->url_for('api/oauth/authorize?' . http_build_query($params)));
-            return;
-        } else {
-            $auth->login_if($user->id === 'nobody');
-        }
-
-        $user_id = RESTAPI\Consumer\OAuth::getOAuthId($GLOBALS['user']->id);
-
-        try {
-            $consumer = RESTAPI\Consumer\Base::detectConsumer('oauth', 'request');
-            if (!$consumer) {
-                $this->response->set_status(400, 'No consumer detected');
-                $this->render_nothing();
-                return;
-            }
-
-            if (Request::submitted('allow')) {
-                $result = $consumer->grantAccess($GLOBALS['user']->id);
-
-                $redirect_uri = Request::get('oauth_callback', $consumer->callback);
-
-                if ($redirect_uri) {
-                    $this->redirect($redirect_uri);
-                } else {
-                    // No oauth_callback, show the user the result of the authorization
-                    // ** your code here **
-                    PageLayout::postMessage(MessageBox::success(_('Sie haben der Applikation Zugriff auf Ihre Daten gewährt.')));
-                    $this->redirect('api/authorizations#' . $consumer->auth_key);
-                }
-                return;
-           }
-        } catch (OAuthException2 $e) {
-            // No token to be verified in the request, show a page where the user can enter the token to be verified
-            // **your code here**
-            die('invalid');
-        }
-
-        PageLayout::disableHeader();
-        PageLayout::setTitle(sprintf(_('"%s" bittet um Zugriff'), $consumer->title));
-        $this->set_layout($GLOBALS['template_factory']->open('layouts/base.php'));
-        $this->consumer = $consumer;
-        $this->token    = Request::option('oauth_token');
-        $this->oauth_callback = Request::get('oauth_callback');
-    }
-
-    /**
-     *
-     **/
-    public function access_token_action()
-    {
-        $server = new OAuthServer();
-        $server->accessToken();
-
-        $this->response->headers = [];
-        $this->render_nothing();
-    }
-}
diff --git a/app/controllers/api/oauth2/applications.php b/app/controllers/api/oauth2/applications.php
index d08ec1e..fd6a1bb 100644
--- a/app/controllers/api/oauth2/applications.php
+++ b/app/controllers/api/oauth2/applications.php
@@ -31,7 +31,7 @@ class Api_Oauth2_ApplicationsController extends AuthenticatedController
         $this->application = $this->formatApplication($accessToken);
 
         if (!$this->application) {
-            throw new Trails_Exception(500, 'Error finding client.');
+            throw new Trails\Exception(500, 'Error finding client.');
         }
     }
 
@@ -42,7 +42,7 @@ class Api_Oauth2_ApplicationsController extends AuthenticatedController
         $user = User::findCurrent();
         $accessToken = AccessToken::find(Request::option('application'));
         if (!$accessToken) {
-            throw new Trails_Exception(404);
+            throw new Trails\Exception(404);
         }
         if ($accessToken['user_id'] !== $user->id) {
             throw new AccessDeniedException();
diff --git a/app/controllers/api/oauth2/authorize.php b/app/controllers/api/oauth2/authorize.php
index 5628d49..6387937 100644
--- a/app/controllers/api/oauth2/authorize.php
+++ b/app/controllers/api/oauth2/authorize.php
@@ -13,7 +13,7 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller
         parent::before_filter($action, $args);
 
         if ('index' !== $action) {
-            throw new Trails_Exception(404);
+            throw new Trails\Exception(404);
         }
 
         $action = $this->determineAction();
@@ -55,7 +55,7 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller
         if ('nobody' === $GLOBALS['user']->id && 'Standard' !== $authPlugin && !Request::option('sso')) {
             $queryParams = $psrRequest->getQueryParams();
             $queryParams['sso'] = strtolower($authPlugin);
-            $this->redirect($this->authorizeURL($queryParams));
+            $this->redirect($this->url_for('api/oauth2/authorize', $queryParams));
 
             return;
         } else {
diff --git a/app/controllers/api/oauth2/oauth2_controller.php b/app/controllers/api/oauth2/oauth2_controller.php
index fd02ea9..6b3dacd 100644
--- a/app/controllers/api/oauth2/oauth2_controller.php
+++ b/app/controllers/api/oauth2/oauth2_controller.php
@@ -42,7 +42,7 @@ abstract class OAuth2Controller extends StudipController
             return $this->convertPsrResponse($psrResponse);
         }
 
-        return new Trails_Response($exception->getMessage(), [], 500);
+        return new Trails\Response($exception->getMessage(), [], 500);
     }
 
     protected function getAuthorizationServer(): AuthorizationServer
diff --git a/app/controllers/api/oauth2/token.php b/app/controllers/api/oauth2/token.php
index 0ae7ffb..755d6b7 100644
--- a/app/controllers/api/oauth2/token.php
+++ b/app/controllers/api/oauth2/token.php
@@ -8,11 +8,11 @@ class Api_Oauth2_TokenController extends OAuth2Controller
         parent::before_filter($action, $args);
 
         if ('index' !== $action) {
-            throw new Trails_Exception(404);
+            throw new Trails\Exception(404);
         }
 
         if (!Request::isPost()) {
-            throw new Trails_Exception(405);
+            throw new Trails\Exception(405);
         }
 
         $action = 'issue_token';
author	Philipp Schüttlöffel <schuettloeffel@zqs.uni-hannover.de>	2024-09-24 10:53:31 +0200
committer	Philipp Schüttlöffel <schuettloeffel@zqs.uni-hannover.de>	2024-09-24 10:53:31 +0200
commit	4459dd7917f4d1c34f40bb68f0e991e9c3d53e4c (patch)
tree	5c07151ae61276d334e88f6309c30d439a85c12e /app/controllers/api
parent	da0022e5c1abbf9825ae76debaabdff7e8623bb4 (diff)
parent	97a188592c679890a25c37ab78463add76a52ff7 (diff)