From 133aecbe7a7fb733dc202240ec7de844e2baf425 Mon Sep 17 00:00:00 2001 From: Robert Kaiser Date: Sun, 23 Oct 2016 21:04:55 +0200 Subject: [PATCH] some steps to get an actual authentication going, consolidate includes, put DB configuration into /etc to not expose password --- authorize.php | 4 +-- authsystem.css | 5 +++ authsystem.inc.php | 17 +++++++++++ index.php | 59 ++++++++++++++++++++++++++++++++++++ resource.php | 4 +-- server.php => server.inc.php | 9 ++---- token.php | 4 +-- 7 files changed, 89 insertions(+), 13 deletions(-) create mode 100644 authsystem.css create mode 100644 authsystem.inc.php create mode 100644 index.php rename server.php => server.inc.php (75%) diff --git a/authorize.php b/authorize.php index 23c9308..33d7d5e 100644 --- a/authorize.php +++ b/authorize.php @@ -5,8 +5,8 @@ // Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook -// include our OAuth2 Server object -require_once __DIR__.'/server.php'; +// Include the common auth system files (including the OAuth2 Server object). +require_once(__DIR__.'/authsystem.inc.php'); $request = OAuth2\Request::createFromGlobals(); $response = new OAuth2\Response(); diff --git a/authsystem.css b/authsystem.css new file mode 100644 index 0000000..21514d3 --- /dev/null +++ b/authsystem.css @@ -0,0 +1,5 @@ +body { + font-family: sans-serif; +/* margin: 0; */ + background-color: #FFFFEE; +} diff --git a/authsystem.inc.php b/authsystem.inc.php new file mode 100644 index 0000000..f209d60 --- /dev/null +++ b/authsystem.inc.php @@ -0,0 +1,17 @@ + diff --git a/index.php b/index.php new file mode 100644 index 0000000..12ad92d --- /dev/null +++ b/index.php @@ -0,0 +1,59 @@ +formatOutput = true; // we want a nice output + +$style = $head->appendElement('link'); +$style->setAttribute('rel', 'stylesheet'); +$style->setAttribute('href', 'authsystem.css'); + +$title->appendText('KaiRo.at Authentication Server'); +$h1 = $body->appendElement('h1', 'KaiRo.at Authentication Server'); + +$logged_in = false; +$user_id = 0; +$user_email = ''; + +if ($logged_in) { + $div = $body->appendElement('div', $user_email); + $div->setAttribute('class', 'loginheader'); + $div = $body->appendElement('div'); + $div->setAttribute('class', 'loginlinks'); + $link = $div->appendLink('?logout', _('Log out')); + $link->setAttribute('title', _('Log out user of the system')); +} +else { // not logged in + $form = $body->appendForm('#', 'POST', 'loginform'); + $form->setAttribute('class', 'loginarea'); + $label = $form->appendLabel('login_email', _('Email').':'); + $label->setAttribute('id', 'emailprompt'); + $label->setAttribute('class', 'loginprompt'); + $inptxt = $form->appendInputText('form[email]', 30, 20, 'login_email', (intval($user_id)?$user_email:'')); + $inptxt->setAttribute('class', 'login'); + $form->appendElement('br'); + $label = $form->appendLabel('login_pwd', _('Password').':'); + $label->setAttribute('id', 'pwdprompt'); + $label->setAttribute('class', 'loginprompt'); + $inptxt = $form->appendInputPassword('form[pwd]', 20, 20, 'login_pwd', ''); + $inptxt->setAttribute('class', 'login'); + $form->appendElement('br'); + $cbox = $form->appendInputCheckbox('form[remember]', 'login_remember', 'true', false); + $cbox->setAttribute('class', 'logincheck'); + $label = $form->appendLabel('login_remember', _('Remember me')); + $label->setAttribute('id', 'rememprompt'); + $label->setAttribute('class', 'loginprompt'); + $form->appendElement('br'); + $submit = $form->appendInputSubmit(_('Log in')); + $submit->setAttribute('class', 'loginbutton'); +} + +// Send HTML to client. +print($document->saveHTML()); +?> diff --git a/resource.php b/resource.php index fdd5a91..436f415 100644 --- a/resource.php +++ b/resource.php @@ -5,8 +5,8 @@ // Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook -// include our OAuth2 Server object -require_once __DIR__.'/server.php'; +// Include the common auth system files (including the OAuth2 Server object). +require_once(__DIR__.'/authsystem.inc.php'); // Handle a request to a resource and authenticate the access token if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) { diff --git a/server.php b/server.inc.php similarity index 75% rename from server.php rename to server.inc.php index 20f22b0..6a82b50 100644 --- a/server.php +++ b/server.inc.php @@ -5,19 +5,14 @@ // Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook -$dsn = 'mysql:dbname=kairo_at_auth;host=localhost'; -$username = 'kairo_at_auth'; -$password = '6z0KIuUsHJhgD5rB'; - -// error reporting (this is a demo, after all!) -ini_set('display_errors',1);error_reporting(E_ALL); +// $dbata needs to be set and be an associative array with the members 'dsn', 'username', and 'password'. // Autoloading (composer is preferred, but for this example let's just do this) require_once('../oauth2-server-php/src/OAuth2/Autoloader.php'); OAuth2\Autoloader::register(); // $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost" -$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password)); +$storage = new OAuth2\Storage\Pdo($dbdata); // Pass a storage object or array of storage objects to the OAuth2 server class $server = new OAuth2\Server($storage); diff --git a/token.php b/token.php index 31bb0cc..44fcdc8 100644 --- a/token.php +++ b/token.php @@ -5,8 +5,8 @@ // Simple server based on https://bshaffer.github.io/oauth2-server-php-docs/cookbook -// include our OAuth2 Server object -require_once __DIR__.'/server.php'; +// Include the common auth system files (including the OAuth2 Server object). +require_once(__DIR__.'/authsystem.inc.php'); // Handle a request for an OAuth2.0 Access Token and send the response to the client $server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send(); -- 2.43.0