diff --git a/.gitignore b/.gitignore index f6867537..1d4942fc 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,6 @@ app/config/packages/greggilbert/recaptcha/dev/* app/config/packages/greggilbert/recaptcha/local/* app/config/packages/greggilbert/recaptcha/production/* app/config/packages/greggilbert/recaptcha/staging/* +bootstrap/start.php + + diff --git a/app/config/app.php b/app/config/app.php index e2e6c7c1..0609a999 100644 --- a/app/config/app.php +++ b/app/config/app.php @@ -79,13 +79,11 @@ return array( */ 'providers' => array( - 'Illuminate\Foundation\Providers\ArtisanServiceProvider', 'Illuminate\Auth\AuthServiceProvider', 'Illuminate\Cache\CacheServiceProvider', - 'Illuminate\Foundation\Providers\CommandCreatorServiceProvider', 'Illuminate\Session\CommandsServiceProvider', - 'Illuminate\Foundation\Providers\ComposerServiceProvider', + 'Illuminate\Foundation\Providers\ConsoleSupportServiceProvider', 'Illuminate\Routing\ControllerServiceProvider', 'Illuminate\Cookie\CookieServiceProvider', 'Illuminate\Database\DatabaseServiceProvider', @@ -93,21 +91,15 @@ return array( 'Illuminate\Filesystem\FilesystemServiceProvider', 'Illuminate\Hashing\HashServiceProvider', 'Illuminate\Html\HtmlServiceProvider', - 'Illuminate\Foundation\Providers\KeyGeneratorServiceProvider', 'Illuminate\Log\LogServiceProvider', 'Illuminate\Mail\MailServiceProvider', - 'Illuminate\Foundation\Providers\MaintenanceServiceProvider', 'Illuminate\Database\MigrationServiceProvider', - 'Illuminate\Foundation\Providers\OptimizeServiceProvider', 'Illuminate\Pagination\PaginationServiceProvider', - 'Illuminate\Foundation\Providers\PublisherServiceProvider', 'Illuminate\Queue\QueueServiceProvider', + 'Illuminate\Remote\RemoteServiceProvider', 'Illuminate\Auth\Reminders\ReminderServiceProvider', - 'Illuminate\Foundation\Providers\RouteListServiceProvider', 'Illuminate\Database\SeedServiceProvider', - 'Illuminate\Foundation\Providers\ServerServiceProvider', 'Illuminate\Session\SessionServiceProvider', - 'Illuminate\Foundation\Providers\TinkerServiceProvider', 'Illuminate\Translation\TranslationServiceProvider', 'Illuminate\Validation\ValidationServiceProvider', 'Illuminate\View\ViewServiceProvider', @@ -147,43 +139,43 @@ return array( 'aliases' => array( - 'App' => 'Illuminate\Support\Facades\App', - 'Artisan' => 'Illuminate\Support\Facades\Artisan', - 'Auth' => 'Illuminate\Support\Facades\Auth', - 'Blade' => 'Illuminate\Support\Facades\Blade', - 'Cache' => 'Illuminate\Support\Facades\Cache', - 'ClassLoader' => 'Illuminate\Support\ClassLoader', - 'Config' => 'Illuminate\Support\Facades\Config', - 'Controller' => 'Illuminate\Routing\Controllers\Controller', - 'Cookie' => 'Illuminate\Support\Facades\Cookie', - 'Crypt' => 'Illuminate\Support\Facades\Crypt', - 'DB' => 'Illuminate\Support\Facades\DB', - 'Eloquent' => 'Illuminate\Database\Eloquent\Model', - 'Event' => 'Illuminate\Support\Facades\Event', - 'File' => 'Illuminate\Support\Facades\File', - 'Form' => 'Illuminate\Support\Facades\Form', - 'Hash' => 'Illuminate\Support\Facades\Hash', - 'HTML' => 'Illuminate\Support\Facades\HTML', - 'Input' => 'Illuminate\Support\Facades\Input', - 'Lang' => 'Illuminate\Support\Facades\Lang', - 'Log' => 'Illuminate\Support\Facades\Log', - 'Mail' => 'Illuminate\Support\Facades\Mail', - 'Paginator' => 'Illuminate\Support\Facades\Paginator', - 'Password' => 'Illuminate\Support\Facades\Password', - 'Queue' => 'Illuminate\Support\Facades\Queue', - 'Redirect' => 'Illuminate\Support\Facades\Redirect', + 'App' => 'Illuminate\Support\Facades\App', + 'Artisan' => 'Illuminate\Support\Facades\Artisan', + 'Auth' => 'Illuminate\Support\Facades\Auth', + 'Blade' => 'Illuminate\Support\Facades\Blade', + 'Cache' => 'Illuminate\Support\Facades\Cache', + 'ClassLoader' => 'Illuminate\Support\ClassLoader', + 'Config' => 'Illuminate\Support\Facades\Config', + 'Controller' => 'Illuminate\Routing\Controller', + 'Cookie' => 'Illuminate\Support\Facades\Cookie', + 'Crypt' => 'Illuminate\Support\Facades\Crypt', + 'DB' => 'Illuminate\Support\Facades\DB', + 'Eloquent' => 'Illuminate\Database\Eloquent\Model', + 'Event' => 'Illuminate\Support\Facades\Event', + 'File' => 'Illuminate\Support\Facades\File', + 'Form' => 'Illuminate\Support\Facades\Form', + 'Hash' => 'Illuminate\Support\Facades\Hash', + 'HTML' => 'Illuminate\Support\Facades\HTML', + 'Input' => 'Illuminate\Support\Facades\Input', + 'Lang' => 'Illuminate\Support\Facades\Lang', + 'Log' => 'Illuminate\Support\Facades\Log', + 'Mail' => 'Illuminate\Support\Facades\Mail', + 'Paginator' => 'Illuminate\Support\Facades\Paginator', + 'Password' => 'Illuminate\Support\Facades\Password', + 'Queue' => 'Illuminate\Support\Facades\Queue', + 'Redirect' => 'Illuminate\Support\Facades\Redirect', + 'Request' => 'Illuminate\Support\Facades\Request', + 'Response' => 'Illuminate\Support\Facades\Response', + 'Route' => 'Illuminate\Support\Facades\Route', + 'Schema' => 'Illuminate\Support\Facades\Schema', + 'Seeder' => 'Illuminate\Database\Seeder', + 'Session' => 'Illuminate\Support\Facades\Session', + 'SSH' => 'Illuminate\Support\Facades\SSH', + 'Str' => 'Illuminate\Support\Str', + 'URL' => 'Illuminate\Support\Facades\URL', + 'Validator' => 'Illuminate\Support\Facades\Validator', + 'View' => 'Illuminate\Support\Facades\View', 'RedisLV4' => 'Illuminate\Support\Facades\Redis', - 'Request' => 'Illuminate\Support\Facades\Request', - 'Response' => 'Illuminate\Support\Facades\Response', - 'Route' => 'Illuminate\Support\Facades\Route', - 'Schema' => 'Illuminate\Support\Facades\Schema', - 'Seeder' => 'Illuminate\Database\Seeder', - 'Session' => 'Illuminate\Support\Facades\Session', - 'Str' => 'Illuminate\Support\Str', - 'URL' => 'Illuminate\Support\Facades\URL', - 'Validator' => 'Illuminate\Support\Facades\Validator', - 'View' => 'Illuminate\Support\Facades\View', - ), ); diff --git a/app/config/database.php b/app/config/database.php index 6be6e7a8..4ec6849d 100644 --- a/app/config/database.php +++ b/app/config/database.php @@ -26,7 +26,7 @@ return array( | */ - 'default' => 'mysql', + 'default' => 'openstackid', /* |-------------------------------------------------------------------------- @@ -45,9 +45,8 @@ return array( */ 'connections' => array( - - - 'mysql' => array( + //primary DB + 'openstackid' => array( 'driver' => 'mysql', 'host' => 'localhost', 'database' => 'database', @@ -57,9 +56,8 @@ return array( 'collation' => 'utf8_unicode_ci', 'prefix' => '', ), - - - 'mysql_external' => array( + //secondary DB (OS Membership) + 'os_members' => array( 'driver' => 'mysql', 'host' => 'localhost', 'database' => 'database', @@ -69,8 +67,7 @@ return array( 'collation' => 'utf8_unicode_ci', 'prefix' => '', ), - - ), + ), /* |-------------------------------------------------------------------------- @@ -96,24 +93,15 @@ return array( | */ - 'redis' => array( - /** - * http://laravel.com/docs/redis - * The cluster option will tell the Laravel Redis client to perform client-side sharding - * across your Redis nodes, allowing you to pool nodes and create - * a large amount of available RAM. However, note that client-side sharding does not handle - * failover; therefore, is primarily suited for cached data that is available from another - * primary data store. - */ + 'redis' => array( + 'cluster' => false, - 'default' => array( - 'host' => '127.0.0.1', - 'port' => 6379, + 'default' => array( + 'host' => '127.0.0.1', + 'port' => 6379, 'database' => 0, - 'password' => '' - ), - - ), + ), + ), ); diff --git a/app/config/local/app.php b/app/config/local/app.php index 6b103614..e01af6fa 100644 --- a/app/config/local/app.php +++ b/app/config/local/app.php @@ -79,39 +79,31 @@ return array( */ 'providers' => array( - - 'Illuminate\Foundation\Providers\ArtisanServiceProvider', - 'Illuminate\Auth\AuthServiceProvider', - 'Illuminate\Cache\CacheServiceProvider', - 'Illuminate\Foundation\Providers\CommandCreatorServiceProvider', - 'Illuminate\Session\CommandsServiceProvider', - 'Illuminate\Foundation\Providers\ComposerServiceProvider', - 'Illuminate\Routing\ControllerServiceProvider', - 'Illuminate\Cookie\CookieServiceProvider', - 'Illuminate\Database\DatabaseServiceProvider', - 'Illuminate\Encryption\EncryptionServiceProvider', - 'Illuminate\Filesystem\FilesystemServiceProvider', - 'Illuminate\Hashing\HashServiceProvider', - 'Illuminate\Html\HtmlServiceProvider', - 'Illuminate\Foundation\Providers\KeyGeneratorServiceProvider', - 'Illuminate\Log\LogServiceProvider', - 'Illuminate\Mail\MailServiceProvider', - 'Illuminate\Foundation\Providers\MaintenanceServiceProvider', - 'Illuminate\Database\MigrationServiceProvider', - 'Illuminate\Foundation\Providers\OptimizeServiceProvider', - 'Illuminate\Pagination\PaginationServiceProvider', - 'Illuminate\Foundation\Providers\PublisherServiceProvider', - 'Illuminate\Queue\QueueServiceProvider', - 'Illuminate\Auth\Reminders\ReminderServiceProvider', - 'Illuminate\Foundation\Providers\RouteListServiceProvider', - 'Illuminate\Database\SeedServiceProvider', - 'Illuminate\Foundation\Providers\ServerServiceProvider', - 'Illuminate\Session\SessionServiceProvider', - 'Illuminate\Foundation\Providers\TinkerServiceProvider', - 'Illuminate\Translation\TranslationServiceProvider', - 'Illuminate\Validation\ValidationServiceProvider', - 'Illuminate\View\ViewServiceProvider', - 'Illuminate\Workbench\WorkbenchServiceProvider', + 'Illuminate\Foundation\Providers\ArtisanServiceProvider', + 'Illuminate\Auth\AuthServiceProvider', + 'Illuminate\Cache\CacheServiceProvider', + 'Illuminate\Session\CommandsServiceProvider', + 'Illuminate\Foundation\Providers\ConsoleSupportServiceProvider', + 'Illuminate\Routing\ControllerServiceProvider', + 'Illuminate\Cookie\CookieServiceProvider', + 'Illuminate\Database\DatabaseServiceProvider', + 'Illuminate\Encryption\EncryptionServiceProvider', + 'Illuminate\Filesystem\FilesystemServiceProvider', + 'Illuminate\Hashing\HashServiceProvider', + 'Illuminate\Html\HtmlServiceProvider', + 'Illuminate\Log\LogServiceProvider', + 'Illuminate\Mail\MailServiceProvider', + 'Illuminate\Database\MigrationServiceProvider', + 'Illuminate\Pagination\PaginationServiceProvider', + 'Illuminate\Queue\QueueServiceProvider', + 'Illuminate\Remote\RemoteServiceProvider', + 'Illuminate\Auth\Reminders\ReminderServiceProvider', + 'Illuminate\Database\SeedServiceProvider', + 'Illuminate\Session\SessionServiceProvider', + 'Illuminate\Translation\TranslationServiceProvider', + 'Illuminate\Validation\ValidationServiceProvider', + 'Illuminate\View\ViewServiceProvider', + 'Illuminate\Workbench\WorkbenchServiceProvider', 'Illuminate\Redis\RedisServiceProvider', 'auth\AuthenticationServiceProvider', 'services\ServicesProvider', @@ -147,42 +139,43 @@ return array( 'aliases' => array( - 'App' => 'Illuminate\Support\Facades\App', - 'Artisan' => 'Illuminate\Support\Facades\Artisan', - 'Auth' => 'Illuminate\Support\Facades\Auth', - 'Blade' => 'Illuminate\Support\Facades\Blade', - 'Cache' => 'Illuminate\Support\Facades\Cache', - 'ClassLoader' => 'Illuminate\Support\ClassLoader', - 'Config' => 'Illuminate\Support\Facades\Config', - 'Controller' => 'Illuminate\Routing\Controllers\Controller', - 'Cookie' => 'Illuminate\Support\Facades\Cookie', - 'Crypt' => 'Illuminate\Support\Facades\Crypt', - 'DB' => 'Illuminate\Support\Facades\DB', - 'Eloquent' => 'Illuminate\Database\Eloquent\Model', - 'Event' => 'Illuminate\Support\Facades\Event', - 'File' => 'Illuminate\Support\Facades\File', - 'Form' => 'Illuminate\Support\Facades\Form', - 'Hash' => 'Illuminate\Support\Facades\Hash', - 'HTML' => 'Illuminate\Support\Facades\HTML', - 'Input' => 'Illuminate\Support\Facades\Input', - 'Lang' => 'Illuminate\Support\Facades\Lang', - 'Log' => 'Illuminate\Support\Facades\Log', - 'Mail' => 'Illuminate\Support\Facades\Mail', - 'Paginator' => 'Illuminate\Support\Facades\Paginator', - 'Password' => 'Illuminate\Support\Facades\Password', - 'Queue' => 'Illuminate\Support\Facades\Queue', - 'Redirect' => 'Illuminate\Support\Facades\Redirect', - 'RedisLV4' => 'Illuminate\Support\Facades\Redis', - 'Request' => 'Illuminate\Support\Facades\Request', - 'Response' => 'Illuminate\Support\Facades\Response', - 'Route' => 'Illuminate\Support\Facades\Route', - 'Schema' => 'Illuminate\Support\Facades\Schema', - 'Seeder' => 'Illuminate\Database\Seeder', - 'Session' => 'Illuminate\Support\Facades\Session', - 'Str' => 'Illuminate\Support\Str', - 'URL' => 'Illuminate\Support\Facades\URL', - 'Validator' => 'Illuminate\Support\Facades\Validator', - 'View' => 'Illuminate\Support\Facades\View', + 'App' => 'Illuminate\Support\Facades\App', + 'Artisan' => 'Illuminate\Support\Facades\Artisan', + 'Auth' => 'Illuminate\Support\Facades\Auth', + 'Blade' => 'Illuminate\Support\Facades\Blade', + 'Cache' => 'Illuminate\Support\Facades\Cache', + 'ClassLoader' => 'Illuminate\Support\ClassLoader', + 'Config' => 'Illuminate\Support\Facades\Config', + 'Controller' => 'Illuminate\Routing\Controller', + 'Cookie' => 'Illuminate\Support\Facades\Cookie', + 'Crypt' => 'Illuminate\Support\Facades\Crypt', + 'DB' => 'Illuminate\Support\Facades\DB', + 'Eloquent' => 'Illuminate\Database\Eloquent\Model', + 'Event' => 'Illuminate\Support\Facades\Event', + 'File' => 'Illuminate\Support\Facades\File', + 'Form' => 'Illuminate\Support\Facades\Form', + 'Hash' => 'Illuminate\Support\Facades\Hash', + 'HTML' => 'Illuminate\Support\Facades\HTML', + 'Input' => 'Illuminate\Support\Facades\Input', + 'Lang' => 'Illuminate\Support\Facades\Lang', + 'Log' => 'Illuminate\Support\Facades\Log', + 'Mail' => 'Illuminate\Support\Facades\Mail', + 'Paginator' => 'Illuminate\Support\Facades\Paginator', + 'Password' => 'Illuminate\Support\Facades\Password', + 'Queue' => 'Illuminate\Support\Facades\Queue', + 'Redirect' => 'Illuminate\Support\Facades\Redirect', + 'Request' => 'Illuminate\Support\Facades\Request', + 'Response' => 'Illuminate\Support\Facades\Response', + 'Route' => 'Illuminate\Support\Facades\Route', + 'Schema' => 'Illuminate\Support\Facades\Schema', + 'Seeder' => 'Illuminate\Database\Seeder', + 'Session' => 'Illuminate\Support\Facades\Session', + 'SSH' => 'Illuminate\Support\Facades\SSH', + 'Str' => 'Illuminate\Support\Str', + 'URL' => 'Illuminate\Support\Facades\URL', + 'Validator' => 'Illuminate\Support\Facades\Validator', + 'View' => 'Illuminate\Support\Facades\View', + 'RedisLV4' => 'Illuminate\Support\Facades\Redis', ), diff --git a/app/config/log.php b/app/config/log.php new file mode 100644 index 00000000..4ce8a2a3 --- /dev/null +++ b/app/config/log.php @@ -0,0 +1,11 @@ + '', + //The sender of the mail + 'from_email' => '', +); \ No newline at end of file diff --git a/app/config/queue.php b/app/config/queue.php index 220998cb..6d01e569 100644 --- a/app/config/queue.php +++ b/app/config/queue.php @@ -56,5 +56,8 @@ return array( ), ), + 'failed' => array( + 'database' => 'mysql', 'table' => 'failed_jobs', + ), ); diff --git a/app/config/remote.php b/app/config/remote.php new file mode 100644 index 00000000..c8bc303b --- /dev/null +++ b/app/config/remote.php @@ -0,0 +1,59 @@ + 'production', + + /* + |-------------------------------------------------------------------------- + | Remote Server Connections + |-------------------------------------------------------------------------- + | + | These are the servers that will be accessible via the SSH task runner + | facilities of Laravel. This feature radically simplifies executing + | tasks on your servers, such as deploying out these applications. + | + */ + + 'connections' => array( + + 'production' => array( + 'host' => '', + 'username' => '', + 'password' => '', + 'key' => '', + 'keyphrase' => '', + 'root' => '/var/www', + ), + + ), + + /* + |-------------------------------------------------------------------------- + | Remote Server Groups + |-------------------------------------------------------------------------- + | + | Here you may list connections under a single group name, which allows + | you to easily access all of the servers at once using a short name + | that is extremely easy to remember, such as "web" or "database". + | + */ + + 'groups' => array( + + 'web' => array('production') + + ), + +); \ No newline at end of file diff --git a/app/config/session.php b/app/config/session.php index a23a894c..a362693b 100644 --- a/app/config/session.php +++ b/app/config/session.php @@ -31,6 +31,8 @@ return array( 'lifetime' => 120, + 'expire_on_close' => false, + /* |-------------------------------------------------------------------------- | Session File Location @@ -122,4 +124,6 @@ return array( 'domain' => null, + + ); diff --git a/app/config/view.php b/app/config/view.php index eba10a4c..34b8f387 100644 --- a/app/config/view.php +++ b/app/config/view.php @@ -26,6 +26,6 @@ return array( | */ - 'pagination' => 'pagination::slider', + 'pagination' => 'pagination::slider-3', ); diff --git a/app/controllers/BaseController.php b/app/controllers/BaseController.php index 7247dd95..eded4ddb 100644 --- a/app/controllers/BaseController.php +++ b/app/controllers/BaseController.php @@ -1,5 +1,7 @@ getClientRegisteredUris(); + $allowed_uris = $client->getClientRegisteredUris(); $selected_scopes = $client->getClientScopes(); - $aux_scopes = array(); + $aux_scopes = array(); foreach ($selected_scopes as $scope) { array_push($aux_scopes, $scope->id); } diff --git a/app/controllers/apis/ApiController.php b/app/controllers/apis/ApiController.php new file mode 100644 index 00000000..0df75383 --- /dev/null +++ b/app/controllers/apis/ApiController.php @@ -0,0 +1,149 @@ +api_service = $api_service; + } + + public function get($id) + { + try { + $api = $this->api_service->get($id); + if(is_null($api)){ + return $this->error404(array('error' => 'api not found')); + } + $data = $api->toArray(); + return $this->ok($data); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function getByPage($page_nbr, $page_size) + { + try { + $list = $this->api_service->getAll($page_size, $page_nbr); + $items = array(); + foreach ($list->getItems() as $api) { + array_push($items, $api->toArray()); + } + return $this->ok( array( + 'page' => $items, + 'total_items' => $list->getTotal() + )); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function create() + { + try { + $new_api = Input::all(); + + $rules = array( + 'name' => 'required|alpha_dash|max:255', + 'description' => 'required|text', + 'active' => 'required|boolean', + 'resource_server_id' => 'required|integer', + ); + + // Creates a Validator instance and validates the data. + $validation = Validator::make($new_api, $rules); + + if ($validation->fails()) { + $messages = $validation->messages()->toArray(); + return $this->error400(array('error' => $messages)); + } + + $new_api_model = $this->api_service->add( + $new_api['name'], + $new_api['description'], + $new_api['active'], + $new_api['resource_server_id'] + ); + + return $this->ok(array('api_id' => $new_api_model->id)); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function delete($id) + { + try { + $res = $this->api_service->delete($id); + return $res?Response::json('ok',200):$this->error404(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function update(){ + try { + + $values = Input::all(); + + $rules = array( + 'id' => 'required|integer', + 'name' => 'sometimes|required|alpha_dash|max:255', + 'description' => 'sometimes|required|text', + 'active' => 'sometimes|required|boolean', + ); + + // Creates a Validator instance and validates the data. + $validation = Validator::make($values, $rules); + + if ($validation->fails()) { + $messages = $validation->messages()->toArray(); + return $this->error400(array('error' => $messages)); + } + + $res = $this->api_service->update(intval($values['id']),$values); + + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + + } + catch(InvalidApi $ex1){ + $this->log_service->error($ex1); + return $this->error404(array('error'=>'api not found')); + } + catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function updateStatus($id, $active){ + try { + $active = is_string($active)?( strtoupper(trim($active))==='TRUE'?true:false ):$active; + $res = $this->api_service->setStatus($id,$active); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + +} \ No newline at end of file diff --git a/app/controllers/apis/ApiEndpointController.php b/app/controllers/apis/ApiEndpointController.php new file mode 100644 index 00000000..a84cc8d5 --- /dev/null +++ b/app/controllers/apis/ApiEndpointController.php @@ -0,0 +1,176 @@ +api_endpoint_service = $api_endpoint_service; + } + + public function get($id) + { + try { + $api_endpoint = $this->api_endpoint_service->get($id); + if(is_null($api_endpoint)){ + return $this->error404(array('error' => 'api endpoint not found')); + } + $scopes = $api_endpoint->scopes()->get(array('id','name')); + $data = $api_endpoint->toArray(); + $data['scopes'] = $scopes->toArray(); + return $this->ok($data); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function getByPage($page_nbr, $page_size) + { + try { + $list = $this->api_endpoint_service->getAll($page_size, $page_nbr); + $items = array(); + foreach ($list->getItems() as $api_endpoint) { + array_push($items, $api_endpoint->toArray()); + } + return $this->ok( array( + 'page' => $items, + 'total_items' => $list->getTotal() + )); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function create() + { + try { + $new_api_endpoint = Input::all(); + + $rules = array( + 'name' => 'required|alpha_dash|max:255', + 'description' => 'required|text', + 'active' => 'required|boolean', + 'route' => 'required|route', + 'http_method' => 'required|httpmethod', + 'api_id' => 'required|integer', + ); + + // Creates a Validator instance and validates the data. + $validation = Validator::make($new_api_endpoint, $rules); + + if ($validation->fails()) { + $messages = $validation->messages()->toArray(); + return $this->error400(array('error' => $messages)); + } + + $new_api_endpoint_model = $this->api_endpoint_service->add( + $new_api_endpoint['name'], + $new_api_endpoint['description'], + $new_api_endpoint['active'], + $new_api_endpoint['route'], + $new_api_endpoint['http_method'], + $new_api_endpoint['api_id'] + ); + + return $this->ok(array('api_endpoint_id' => $new_api_endpoint_model->id)); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function delete($id) + { + try { + $res = $this->api_endpoint_service->delete($id); + return $res?Response::json('ok',200):$this->error404(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function update() + { + try { + $values = Input::all(); + + $rules = array( + 'id' => 'required|integer', + 'name' => 'sometimes|required|alpha_dash|max:255', + 'description' => 'sometimes|required|text', + 'active' => 'sometimes|required|boolean', + 'route' => 'sometimes|required|route', + 'http_method' => 'sometimes|required|httpmethod', + ); + + // Creates a Validator instance and validates the data. + $validation = Validator::make($values, $rules); + + if ($validation->fails()) { + $messages = $validation->messages()->toArray(); + return $this->error400(array('error' => $messages)); + } + + $res = $this->api_endpoint_service->update(intval($values['id']),$values); + + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + + } + catch(InvalidApiEndpoint $ex1){ + $this->log_service->error($ex1); + return $this->error404(array('error'=>'api endpoint does not exist!.')); + } + catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function updateStatus($id, $active){ + try { + $active = is_string($active)?( strtoupper(trim($active))==='TRUE'?true:false ):$active; + $res = $this->api_endpoint_service->setStatus($id,$active); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function addRequiredScope($id, $scope_id){ + try { + $res = $this->api_endpoint_service->addRequiredScope($id,$scope_id); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } + + public function removeRequiredScope($id, $scope_id){ + try { + $res = $this->api_endpoint_service->removeRequiredScope($id,$scope_id); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); + } catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } +} \ No newline at end of file diff --git a/app/controllers/apis/ApiResourceServerController.php b/app/controllers/apis/ApiResourceServerController.php index f7e5f8dd..8fc3d49c 100644 --- a/app/controllers/apis/ApiResourceServerController.php +++ b/app/controllers/apis/ApiResourceServerController.php @@ -3,24 +3,21 @@ use oauth2\services\IResourceServerService; use oauth2\IResourceServerContext; use utils\services\ILogService; - +use oauth2\exceptions\InvalidResourceServer; /** * Class ApiResourceServerController */ -class ApiResourceServerController extends BaseController +class ApiResourceServerController extends OAuth2ProtectedController implements IRESTController { /** * @var IResourceServerService $resource_service */ private $resource_server_service; - private $log_service; - private $resource_server_context; public function __construct(IResourceServerContext $resource_server_context, IResourceServerService $resource_server_service, ILogService $log_service) { - $this->resource_server_context = $resource_server_context; + parent::__construct($resource_server_context,$log_service); $this->resource_server_service = $resource_server_service; - $this->log_service = $log_service; } public function get($id) @@ -28,27 +25,19 @@ class ApiResourceServerController extends BaseController try { $resource_server = $this->resource_server_service->get($id); if (is_null($resource_server)) { - return Response::json(array( - 'error' => 'resource server not found' - ), 404); + return $this->error404(array('error' => 'resource server not found')); + } - } else { - $data = $resource_server->toArray(); - $client = $resource_server->getClient(); - if(!is_null($client)){ + $data = $resource_server->toArray(); + $client = $resource_server->getClient(); + if(!is_null($client)){ $data['client_id'] = $client->getClientId(); $data['client_secret'] = $client->getClientSecret(); - } - return Response::json( - $data, - 200); } + return $this->ok($data); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } @@ -60,17 +49,13 @@ class ApiResourceServerController extends BaseController foreach ($list->getItems() as $rs) { array_push($items, $rs->toArray()); } - return Response::json( - array( - 'page' => $items, - 'total_items' => $list->getTotal() - ), 200); + return $this->ok( array( + 'page' => $items, + 'total_items' => $list->getTotal() + )); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } @@ -80,19 +65,17 @@ class ApiResourceServerController extends BaseController $new_resource_server = Input::all(); $rules = array( - 'host' => 'required|max:255', - 'ip' => 'required|max:16', - 'friendly_name' => 'required|max:512', - 'active' => 'required', + 'host' => 'required|host|max:255', + 'ip' => 'required|ip|max:16', + 'friendly_name' => 'required|text|max:512', + 'active' => 'required|boolean', ); // Creates a Validator instance and validates the data. $validation = Validator::make($new_resource_server, $rules); if ($validation->fails()) { $messages = $validation->messages()->toArray(); - return Response::json( - array( - 'error' => $messages), 400); + return $this->error400(array('error' => $messages)); } $new_resource_server_model = $this->resource_server_service->addResourceServer($new_resource_server['host'], @@ -100,17 +83,10 @@ class ApiResourceServerController extends BaseController $new_resource_server['friendly_name'], $new_resource_server['active']); - return Response::json( - array( - 'resource_server_id' => $new_resource_server_model->id - ) - , 200); + return $this->ok(array('resource_server_id' => $new_resource_server_model->id)); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } @@ -118,13 +94,10 @@ class ApiResourceServerController extends BaseController { try { $res = $this->resource_server_service->delete($id); - return Response::json('ok',$res?200:404); + return $res?Response::json('ok',200):$this->error404(array('error'=>'operation failed')); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } @@ -132,13 +105,10 @@ class ApiResourceServerController extends BaseController { try { $res = $this->resource_server_service->regenerateResourceServerClientSecret($id); - return Response::json(array('new_secret'=>$res),$res?200:404); + return !is_null($res)?Response::json(array('new_secret'=>$res),200):$this->error404(array('error'=>'operation failed')); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } @@ -149,51 +119,42 @@ class ApiResourceServerController extends BaseController $values = Input::all(); $rules = array( - 'id' => 'required', - 'host' => 'required|max:255', - 'ip' => 'required|max:16', - 'friendly_name' => 'required|max:512', + 'id' => 'required|integer', + 'host' => 'sometimes|required|host|max:255', + 'ip' => 'sometimes|required|ip|max:16', + 'friendly_name' => 'sometimes|required|text|max:512', ); // Creates a Validator instance and validates the data. $validation = Validator::make($values, $rules); if ($validation->fails()) { $messages = $validation->messages()->toArray(); - return Response::json( - array( - 'error' => $messages), 400); + return $this->error400(array('error' => $messages)); } - $rs = $this->resource_server_service->get($values['id']); + $res = $this->resource_server_service->update(intval($values['id']),$values); - $rs->setFriendlyName($values['friendly_name']); - $rs->setHost($values['host']); - $rs->setIp($values['ip']); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); - $this->resource_server_service->save($rs); - - return Response::json('ok',200); - - } catch (Exception $ex) { + } + catch(InvalidResourceServer $ex1){ + $this->log_service->error($ex1); + return $this->error404(array('error'=>'resource server not found')); + } + catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } public function updateStatus($id, $active){ try { $active = is_string($active)?( strtoupper(trim($active))==='TRUE'?true:false ):$active; - $this->resource_server_service->setStatus($id,$active); - return Response::json('ok',200); + $res = $this->resource_server_service->setStatus($id,$active); + return $res?Response::json('ok',200):$this->error400(array('error'=>'operation failed')); } catch (Exception $ex) { $this->log_service->error($ex); - return Response::json( - array( - 'error' => 'server error' - ), 500); + return $this->error500($ex); } } diff --git a/app/controllers/apis/IRESTController.php b/app/controllers/apis/IRESTController.php new file mode 100644 index 00000000..6c17773f --- /dev/null +++ b/app/controllers/apis/IRESTController.php @@ -0,0 +1,12 @@ +log_service = $log_service; + } + + protected function error500(Exception $ex){ + $this->log_service->error($ex); + return Response::json(array('error' => 'server error'), 500); + } + + protected function ok($data){ + return Response::json($data, 200); + } + + protected function error400($data){ + return Response::json($data, 400); + } + + protected function error404($data){ + return Response::json($data, 404); + } +} \ No newline at end of file diff --git a/app/controllers/apis/OAuth2ProtectedController.php b/app/controllers/apis/OAuth2ProtectedController.php new file mode 100644 index 00000000..5eac5869 --- /dev/null +++ b/app/controllers/apis/OAuth2ProtectedController.php @@ -0,0 +1,19 @@ +resource_server_context = $resource_server_context; + } + +} \ No newline at end of file diff --git a/app/database/migrations/2013_12_04_183247_create_oauth2_api_scope.php b/app/database/migrations/2013_12_04_183247_create_oauth2_api_scope.php index 26e1a000..64941648 100644 --- a/app/database/migrations/2013_12_04_183247_create_oauth2_api_scope.php +++ b/app/database/migrations/2013_12_04_183247_create_oauth2_api_scope.php @@ -24,7 +24,11 @@ class CreateOauth2ApiScope extends Migration { //an scope may or not may have an api associated with it $table->bigInteger("api_id")->unsigned()->nullable(); $table->index('api_id'); - $table->foreign('api_id')->references('id')->on('oauth2_api'); + $table->foreign('api_id') + ->references('id') + ->on('oauth2_api') + ->onDelete('cascade') + ->onUpdate('no action'); }); } diff --git a/app/database/migrations/2013_12_04_183522_create_oauth2_client_api_scope.php b/app/database/migrations/2013_12_04_183522_create_oauth2_client_api_scope.php index 5f2adc94..d525214c 100644 --- a/app/database/migrations/2013_12_04_183522_create_oauth2_client_api_scope.php +++ b/app/database/migrations/2013_12_04_183522_create_oauth2_client_api_scope.php @@ -17,11 +17,19 @@ class CreateOauth2ClientApiScope extends Migration { $table->bigInteger("client_id")->unsigned(); $table->index('client_id'); - $table->foreign('client_id')->references('id')->on('oauth2_client'); + $table->foreign('client_id') + ->references('id') + ->on('oauth2_client') + ->onDelete('cascade') + ->onUpdate('no action'); ; $table->bigInteger("scope_id")->unsigned(); $table->index('scope_id'); - $table->foreign('scope_id')->references('id')->on('oauth2_api_scope'); + $table->foreign('scope_id') + ->references('id') + ->on('oauth2_api_scope') + ->onDelete('cascade') + ->onUpdate('no action');; }); } diff --git a/app/database/migrations/2014_01_10_174847_alter_table_oauth2_api.php b/app/database/migrations/2014_01_10_174847_alter_table_oauth2_api.php deleted file mode 100644 index 8b5af133..00000000 --- a/app/database/migrations/2014_01_10_174847_alter_table_oauth2_api.php +++ /dev/null @@ -1,35 +0,0 @@ -text("route"); - $table->enum('http_method', array('GET', 'HEAD','POST','PUT','DELETE','TRACE','CONNECT','OPTIONS')); - }); - } - - /** - * Reverse the migrations. - * - * @return void - */ - public function down() - { - Schema::table('oauth2_api', function($table) - { - $table->dropColumn('route'); - $table->dropColumn('http_method'); - }); - } - -} \ No newline at end of file diff --git a/app/database/migrations/2014_01_22_191553_create_table_oauth2_api_endpoints.php b/app/database/migrations/2014_01_22_191553_create_table_oauth2_api_endpoints.php new file mode 100644 index 00000000..ac398172 --- /dev/null +++ b/app/database/migrations/2014_01_22_191553_create_table_oauth2_api_endpoints.php @@ -0,0 +1,49 @@ +bigIncrements('id')->unsigned(); + $table->boolean('active')->default(true); + $table->text('description')->nullable(); + $table->string('name',255)->unique(); + $table->timestamps(); + $table->text("route"); + $table->enum('http_method', array('GET', 'HEAD','POST','PUT','DELETE','TRACE','CONNECT','OPTIONS')); + $table->bigInteger("api_id")->unsigned(); + $table->index('api_id'); + + $table->foreign('api_id') + ->references('id') + ->on('oauth2_api') + ->onDelete('cascade') + ->onUpdate('no action'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('oauth2_api_endpoints', function($table) + { + $table->dropForeign('api_id'); + }); + + Schema::dropIfExists('oauth2_api_endpoints'); + } + +} \ No newline at end of file diff --git a/app/database/migrations/2014_01_22_191614_create_table_oauth2_api_endpoints_api_scopes.php b/app/database/migrations/2014_01_22_191614_create_table_oauth2_api_endpoints_api_scopes.php new file mode 100644 index 00000000..547984d7 --- /dev/null +++ b/app/database/migrations/2014_01_22_191614_create_table_oauth2_api_endpoints_api_scopes.php @@ -0,0 +1,56 @@ +timestamps(); + + $table->bigInteger("api_endpoint_id")->unsigned(); + $table->index('api_endpoint_id'); + $table->foreign('api_endpoint_id') + ->references('id') + ->on('oauth2_api_endpoint') + ->onDelete('cascade') + ->onUpdate('no action');; + + $table->bigInteger("scope_id")->unsigned(); + $table->index('scope_id'); + $table->foreign('scope_id') + ->references('id') + ->on('oauth2_api_scope') + ->onDelete('cascade') + ->onUpdate('no action');; + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('oauth2_api_endpoint_api_scope', function($table) + { + $table->dropForeign('api_endpoint_id'); + }); + + Schema::table('oauth2_api_endpoint_api_scope', function($table) + { + $table->dropForeign('scope_id'); + }); + + Schema::dropIfExists('oauth2_api_endpoints_api_scopes'); + } + +} \ No newline at end of file diff --git a/app/database/seeds/ApiEndpointSeeder.php b/app/database/seeds/ApiEndpointSeeder.php new file mode 100644 index 00000000..c0a0afaf --- /dev/null +++ b/app/database/seeds/ApiEndpointSeeder.php @@ -0,0 +1,229 @@ +delete(); + DB::table('oauth2_api_endpoint')->delete(); + + $current_realm = Config::get('app.url'); + + $resource_server_api = Api::where('name','=','resource server')->first(); + $api_api = Api::where('name','=','api')->first(); + + ApiEndpoint::create( + array( + 'name' => 'create resource server', + 'description' => 'Creates a new Resource Server Instance', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server', + 'http_method' => 'POST' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'get resource server', + 'description' => 'Gets Resource Server Instance', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server/{id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource server regenerate secret', + 'description' => 'Regenerate client secret of confidential application associated with a given Resource Server instance', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server/regenerate-client-secret/{id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource server get page', + 'description' => 'Gets a paginated list of available resource servers', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server/{page_nbr}/{page_size}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource server delete', + 'description' => 'Hard deletes a given resource server and all related entities (apis, endpoints, scopes)', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server/{id}', + 'http_method' => 'DELETE' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource server update', + 'active' => true, + 'description' => 'Updates attributes of given resource server', + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server', + 'http_method' => 'PUT' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource server update status', + 'active' => true, + 'description' => 'Updates status (active/inactive) of a given resource server', + 'api_id' => $resource_server_api->id, + 'route' => '/api/v1/resource-server/status/{id}/{active}', + 'http_method' => 'GET' + ) + ); + + // endpoints api + + ApiEndpoint::create( + array( + 'name' => 'get api', + 'active' => true, + 'description' => 'Gets a given Api by its id', + 'api_id' => $api_api->id, + 'route' => '/api/v1/api/{id}', + 'http_method' => 'GET' + ) + ); + + + ApiEndpoint::create( + array( + 'name' => 'delete api', + 'active' => true, + 'description' => 'Hard deletes a given Api and all related entities (endpoints, scopes)', + 'api_id' => $api_api->id, + 'route' => '/api/v1/api/{id}', + 'http_method' => 'DELETE' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'create api', + 'active' => true, + 'description' => 'Creates a new Api instance', + 'api_id' => $api_api->id, + 'route' => '/api/v1/api', + 'http_method' => 'POST' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update api', + 'description' => 'Updates all attributes of a given api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => '/api/v1/api', + 'http_method' => 'PUT' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update api status', + 'active' => true, + 'description' => 'Updates status (active/inactive) of given Api', + 'api_id' => $api_api->id, + 'route' => '/api/v1/api/status/{id}/{active}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'api get page', + 'description' => 'Gets a paginated list of available Api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => '/api/v1/api/{page_nbr}/{page_size}', + 'http_method' => 'GET' + ) + ); + + //attach scopes to endpoints + + //resource server api scopes + + $resource_server_read_scope = ApiScope::where('name','=',sprintf('%s/resource-server/read',$current_realm))->first(); + $resource_server_write_scope = ApiScope::where('name','=',sprintf('%s/resource-server/write',$current_realm))->first(); + $resource_server_read_page_scope = ApiScope::where('name','=',sprintf('%s/resource-server/read.page',$current_realm))->first(); + $resource_server_regenerate_secret_scope = ApiScope::where('name','=',sprintf('%s/resource-server/regenerate.secret',$current_realm))->first(); + $resource_server_delete_scope = ApiScope::where('name','=',sprintf('%s/resource-server/delete',$current_realm))->first(); + $resource_server_update_scope = ApiScope::where('name','=',sprintf('%s/resource-server/update',$current_realm))->first(); + $resource_server_update_status_scope = ApiScope::where('name','=',sprintf('%s/resource-server/update.status',$current_realm))->first(); + + $resource_server_api_create = ApiEndpoint::where('name','=','create resource server')->first(); + $resource_server_api_create->scopes()->attach($resource_server_write_scope->id); + + $resource_server_api_get = ApiEndpoint::where('name','=','get resource server')->first(); + $resource_server_api_get->scopes()->attach($resource_server_read_scope->id); + + $resource_server_api_get_page = ApiEndpoint::where('name','=','resource server get page')->first(); + $resource_server_api_get_page->scopes()->attach($resource_server_read_scope->id); + $resource_server_api_get_page->scopes()->attach($resource_server_read_page_scope->id); + + $resource_server_api_regenerate = ApiEndpoint::where('name','=','resource server regenerate secret')->first(); + $resource_server_api_regenerate->scopes()->attach($resource_server_write_scope->id); + $resource_server_api_regenerate->scopes()->attach($resource_server_regenerate_secret_scope->id); + + $resource_server_api_delete = ApiEndpoint::where('name','=','resource server delete')->first(); + $resource_server_api_delete->scopes()->attach($resource_server_delete_scope->id); + + + $resource_server_api_update = ApiEndpoint::where('name','=','resource server update')->first(); + $resource_server_api_update->scopes()->attach($resource_server_update_scope->id); + + $resource_server_api_update_status = ApiEndpoint::where('name','=','resource server update status')->first(); + $resource_server_api_update_status->scopes()->attach($resource_server_update_scope->id); + $resource_server_api_update_status->scopes()->attach($resource_server_update_status_scope->id); + + //endpoint api scopes + + $api_read_scope = ApiScope::where('name','=',sprintf('%s/api/read',$current_realm))->first(); + $api_write_scope = ApiScope::where('name','=',sprintf('%s/api/write',$current_realm))->first(); + $api_read_page_scope = ApiScope::where('name','=',sprintf('%s/api/read.page',$current_realm))->first(); + $api_delete_scope = ApiScope::where('name','=',sprintf('%s/api/delete',$current_realm))->first(); + $api_update_scope = ApiScope::where('name','=',sprintf('%s/api/update',$current_realm))->first(); + $api_update_status_scope = ApiScope::where('name','=',sprintf('%s/api/update.status',$current_realm))->first(); + + $endpoint_api_get = ApiEndpoint::where('name','=','get api')->first(); + $endpoint_api_get->scopes()->attach($api_read_scope->id); + + $endpoint_api_get_page = ApiEndpoint::where('name','=','api get page')->first(); + $endpoint_api_get_page->scopes()->attach($api_read_scope->id); + $endpoint_api_get_page->scopes()->attach($api_read_page_scope->id); + + $endpoint_api_delete = ApiEndpoint::where('name','=','delete api')->first(); + $endpoint_api_delete->scopes()->attach($api_delete_scope->id); + + $endpoint_api_create = ApiEndpoint::where('name','=','create api')->first(); + $endpoint_api_create->scopes()->attach($api_write_scope->id); + + $endpoint_api_update = ApiEndpoint::where('name','=','update api')->first(); + $endpoint_api_update->scopes()->attach($api_update_scope->id); + + $endpoint_api_update_status = ApiEndpoint::where('name','=','update api status')->first(); + $endpoint_api_update_status->scopes()->attach($api_update_scope->id); + $endpoint_api_update_status->scopes()->attach($api_update_status_scope->id); + } +} \ No newline at end of file diff --git a/app/database/seeds/ApiScopeSeeder.php b/app/database/seeds/ApiScopeSeeder.php index bcc7deb2..8a7df9ac 100644 --- a/app/database/seeds/ApiScopeSeeder.php +++ b/app/database/seeds/ApiScopeSeeder.php @@ -6,84 +6,175 @@ class ApiScopeSeeder extends Seeder { { DB::table('oauth2_api_scope')->delete(); - $resource_server_api_create = Api::where('name','=','create resource server')->first(); - $resource_server_api_get = Api::where('name','=','get resource server')->first(); - $resource_server_api_get_page = Api::where('name','=','resource server get page')->first(); - $resource_server_api_regenerate = Api::where('name','=','resource server regenerate secret')->first(); - $resource_server_api_delete = Api::where('name','=','resource server delete')->first(); - $resource_server_api_update = Api::where('name','=','resource server update')->first(); - $resource_server_api_update_status = Api::where('name','=','resource server update status')->first(); - $current_realm = Config::get('app.url'); + $resource_server_api = Api::where('name','=','resource server')->first(); + $api_api = Api::where('name','=','api')->first(); + // create api scopes ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/read',$current_realm), + 'name' => sprintf('%s/resource-server/read',$current_realm), 'short_description' => 'Resource Server Read Access', 'description' => 'Resource Server Read Access', - 'api_id' => $resource_server_api_get->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); - ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/read.page',$current_realm), + 'name' => sprintf('%s/resource-server/read.page',$current_realm), 'short_description' => 'Resource Server Page Read Access', 'description' => 'Resource Server Page Read Access', - 'api_id' => $resource_server_api_get_page->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/write',$current_realm), + 'name' => sprintf('%s/resource-server/write',$current_realm), 'short_description' => 'Resource Server Write Access', 'description' => 'Resource Server Write Access', - 'api_id' => $resource_server_api_create->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/delete',$current_realm), + 'name' => sprintf('%s/resource-server/delete',$current_realm), 'short_description' => 'Resource Server Delete Access', 'description' => 'Resource Server Delete Access', - 'api_id' => $resource_server_api_delete->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/update',$current_realm), + 'name' => sprintf('%s/resource-server/update',$current_realm), 'short_description' => 'Resource Server Update Access', 'description' => 'Resource Server Update Access', - 'api_id' => $resource_server_api_update->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/update.status',$current_realm), + 'name' => sprintf('%s/resource-server/update.status',$current_realm), 'short_description' => 'Resource Server Update Status', 'description' => 'Resource Server Update Status', - 'api_id' => $resource_server_api_update_status->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/regenerate.secret',$current_realm), + 'name' => sprintf('%s/resource-server/regenerate.secret',$current_realm), 'short_description' => 'Resource Server Regenerate Client Secret', 'description' => 'Resource Server Regenerate Client Secret', - 'api_id' => $resource_server_api_regenerate->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); + // api endpoint scopes + + + ApiScope::create( + array( + 'name' => sprintf('%s/api/read',$current_realm), + 'short_description' => 'Get Api Endpoint', + 'description' => 'Get Api Endpoint', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/delete',$current_realm), + 'short_description' => 'Deletes Api Endpoint', + 'description' => 'Deletes Api Endpoint', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/write',$current_realm), + 'short_description' => 'Create Api Endpoint', + 'description' => 'Create Api Endpoint', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/update',$current_realm), + 'short_description' => 'Update Api Endpoint', + 'description' => 'Update Api Endpoint', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/update.status',$current_realm), + 'short_description' => 'Update Api Endpoint Status', + 'description' => 'Update Api Endpoint Status', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/read.page',$current_realm), + 'short_description' => 'Get Api Endpoints By Page', + 'description' => 'Get Api Endpoints By Page', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + //non system ones + + ApiScope::create( + array( + 'name' => 'email', + 'short_description' => 'This scope value requests access to the email and email_verified Claims. ', + 'description' => 'This scope value requests access to the email and email_verified Claims. ', + 'system' => false, + ) + ); + + ApiScope::create( + array( + 'name' => 'profile', + 'short_description' => 'This scope value requests access to the End-Users default profile Claims', + 'description' => 'This scope value requests access to the End-Users default profile Claims', + 'system' => false, + ) + ); + + ApiScope::create( + array( + 'name' => 'Address', + 'short_description' => 'This scope value requests access to the address Claim.', + 'description' => 'This scope value requests access to the address Claim.', + 'system' => false, + ) + ); } - -} \ No newline at end of file +} \ No newline at end of file diff --git a/app/database/seeds/ApiSeeder.php b/app/database/seeds/ApiSeeder.php index 96b63e47..d5870fb3 100644 --- a/app/database/seeds/ApiSeeder.php +++ b/app/database/seeds/ApiSeeder.php @@ -6,82 +6,26 @@ class ApiSeeder extends Seeder { DB::table('oauth2_api')->delete(); $resource_server = ResourceServer::first(); - //create api endpoints Api::create( array( - 'name' => 'create resource server', - 'logo' => null, - 'active' => true, + 'name' => 'resource server', + 'logo' => null, + 'active' => true, + 'Description' => 'Resource Server CRUD operations', 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server', - 'http_method' => 'POST' + 'logo' => asset('img/apis/server.png') ) ); Api::create( array( - 'name' => 'get resource server', + 'name' => 'api', 'logo' => null, 'active' => true, + 'Description' => 'Api CRUD operations', 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{id}', - 'http_method' => 'GET' - ) - ); - - Api::create( - array( - 'name' => 'resource server regenerate secret', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/regenerate-client-secret/{id}', - 'http_method' => 'GET' - ) - ); - - Api::create( - array( - 'name' => 'resource server get page', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{page_nbr}/{page_size}', - 'http_method' => 'GET' - ) - ); - - Api::create( - array( - 'name' => 'resource server delete', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{id}', - 'http_method' => 'DELETE' - ) - ); - - Api::create( - array( - 'name' => 'resource server update', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server', - 'http_method' => 'PUT' - ) - ); - - Api::create( - array( - 'name' => 'resource server update status', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/status/{id}/{active}', - 'http_method' => 'GET' + 'logo' => asset('img/apis/server.png') ) ); diff --git a/app/database/seeds/DatabaseSeeder.php b/app/database/seeds/DatabaseSeeder.php index 8426ad37..bc5456d2 100644 --- a/app/database/seeds/DatabaseSeeder.php +++ b/app/database/seeds/DatabaseSeeder.php @@ -14,6 +14,8 @@ class DatabaseSeeder extends Seeder { $this->call('OpenIdExtensionsSeeder'); $this->call('ServerConfigurationSeeder'); + DB::table('oauth2_api_endpoint_api_scope')->delete(); + DB::table('oauth2_api_endpoint')->delete(); DB::table('oauth2_api_scope')->delete(); DB::table('oauth2_api')->delete(); DB::table('oauth2_resource_server')->delete(); @@ -21,6 +23,7 @@ class DatabaseSeeder extends Seeder { $this->call('ResourceServerSeeder'); $this->call('ApiSeeder'); $this->call('ApiScopeSeeder'); + $this->call('ApiEndpointSeeder'); } } diff --git a/app/database/seeds/TestSeeder.php b/app/database/seeds/TestSeeder.php index 02a9ff5c..74644e01 100644 --- a/app/database/seeds/TestSeeder.php +++ b/app/database/seeds/TestSeeder.php @@ -18,18 +18,24 @@ class TestSeeder extends Seeder { DB::table('user_exceptions_trail')->delete(); DB::table('server_configuration')->delete(); DB::table('server_extensions')->delete(); + DB::table('oauth2_client_api_scope')->delete(); - DB::table('oauth2_api_scope')->delete(); - DB::table('oauth2_api')->delete(); DB::table('oauth2_client_authorized_uri')->delete(); DB::table('oauth2_access_token')->delete(); DB::table('oauth2_refresh_token')->delete(); DB::table('oauth2_client')->delete(); + DB::table('openid_trusted_sites')->delete(); DB::table('openid_associations')->delete(); DB::table('openid_users')->delete(); + + DB::table('oauth2_api_endpoint_api_scope')->delete(); + DB::table('oauth2_api_endpoint')->delete(); + DB::table('oauth2_api_scope')->delete(); + DB::table('oauth2_api')->delete(); DB::table('oauth2_resource_server')->delete(); + ServerConfiguration::create( array( 'key' => 'Private.Association.Lifetime', @@ -261,162 +267,635 @@ class TestSeeder extends Seeder { $resource_server = ResourceServer::first(); - //create api endpoints + // create api Api::create( array( - 'name' => 'create resource server', + 'name' => 'resource-server', 'logo' => null, 'active' => true, 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server', - 'http_method' => 'POST' ) ); Api::create( array( - 'name' => 'get resource server', + 'name' => 'api', 'logo' => null, 'active' => true, 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{id}', - 'http_method' => 'GET' ) ); Api::create( array( - 'name' => 'resource server regenerate secret', + 'name' => 'api-endpoint', 'logo' => null, 'active' => true, 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/regenerate-client-secret/{id}', - 'http_method' => 'GET' ) ); - Api::create( - array( - 'name' => 'resource server get page', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{page_nbr}/{page_size}', - 'http_method' => 'GET' - ) - ); + //create scopes - Api::create( - array( - 'name' => 'resource server delete', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/{id}', - 'http_method' => 'DELETE' - ) - ); - - Api::create( - array( - 'name' => 'resource server update', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server', - 'http_method' => 'PUT' - ) - ); - - Api::create( - array( - 'name' => 'resource server update status', - 'logo' => null, - 'active' => true, - 'resource_server_id' => $resource_server->id, - 'route' => '/api/v1/resource-server/status/{id}/{active}', - 'http_method' => 'GET' - ) - ); - - $resource_server_api_create = Api::where('name','=','create resource server')->first(); - $resource_server_api_get = Api::where('name','=','get resource server')->first(); - $resource_server_api_get_page = Api::where('name','=','resource server get page')->first(); - $resource_server_api_regenerate = Api::where('name','=','resource server regenerate secret')->first(); - $resource_server_api_delete = Api::where('name','=','resource server delete')->first(); - $resource_server_api_update = Api::where('name','=','resource server update')->first(); - $resource_server_api_update_status = Api::where('name','=','resource server update status')->first(); $current_realm = Config::get('app.url'); + $resource_server_api = Api::where('name','=','resource-server')->first(); + $api_api = Api::where('name','=','api')->first(); + $api_api_endpoint = Api::where('name','=','api-endpoint')->first(); + // create api scopes ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/read',$current_realm), + 'name' => sprintf('%s/resource-server/read',$current_realm), 'short_description' => 'Resource Server Read Access', 'description' => 'Resource Server Read Access', - 'api_id' => $resource_server_api_get->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); - ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/read.page',$current_realm), + 'name' => sprintf('%s/resource-server/read.page',$current_realm), 'short_description' => 'Resource Server Page Read Access', 'description' => 'Resource Server Page Read Access', - 'api_id' => $resource_server_api_get_page->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/write',$current_realm), + 'name' => sprintf('%s/resource-server/write',$current_realm), 'short_description' => 'Resource Server Write Access', 'description' => 'Resource Server Write Access', - 'api_id' => $resource_server_api_create->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/delete',$current_realm), + 'name' => sprintf('%s/resource-server/delete',$current_realm), 'short_description' => 'Resource Server Delete Access', 'description' => 'Resource Server Delete Access', - 'api_id' => $resource_server_api_delete->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/update',$current_realm), + 'name' => sprintf('%s/resource-server/update',$current_realm), 'short_description' => 'Resource Server Update Access', 'description' => 'Resource Server Update Access', - 'api_id' => $resource_server_api_update->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/update.status',$current_realm), + 'name' => sprintf('%s/resource-server/update.status',$current_realm), 'short_description' => 'Resource Server Update Status', 'description' => 'Resource Server Update Status', - 'api_id' => $resource_server_api_update_status->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); ApiScope::create( array( - 'name' => sprintf('%s/api/resource-server/regenerate.secret',$current_realm), + 'name' => sprintf('%s/resource-server/regenerate.secret',$current_realm), 'short_description' => 'Resource Server Regenerate Client Secret', 'description' => 'Resource Server Regenerate Client Secret', - 'api_id' => $resource_server_api_regenerate->id, + 'api_id' => $resource_server_api->id, + 'system' => true, ) ); + // api scopes + + + ApiScope::create( + array( + 'name' => sprintf('%s/api/read',$current_realm), + 'short_description' => 'Get Api', + 'description' => 'Get Api', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/delete',$current_realm), + 'short_description' => 'Deletes Api', + 'description' => 'Deletes Api', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/write',$current_realm), + 'short_description' => 'Create Api', + 'description' => 'Create Api', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/update',$current_realm), + 'short_description' => 'Update Api', + 'description' => 'Update Api', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/update.status',$current_realm), + 'short_description' => 'Update Api Status', + 'description' => 'Update Api Status', + 'api_id' => $api_api->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api/read.page',$current_realm), + 'short_description' => 'Get Api By Page', + 'description' => 'Get Api By Page', + 'api_id' => $api_api->id, + 'system' => false, + ) + ); + + + // api endpoint scopes + + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/read',$current_realm), + 'short_description' => 'Get Api Endpoint', + 'description' => 'Get Api Endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/delete',$current_realm), + 'short_description' => 'Deletes Api Endpoint', + 'description' => 'Deletes Api Endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/write',$current_realm), + 'short_description' => 'Create Api Endpoint', + 'description' => 'Create Api Endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/update',$current_realm), + 'short_description' => 'Update Api Endpoint', + 'description' => 'Update Api Endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/update.status',$current_realm), + 'short_description' => 'Update Api Endpoint Status', + 'description' => 'Update Api Endpoint Status', + 'api_id' => $api_api_endpoint->id, + 'system' => true, + ) + ); + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/read.page',$current_realm), + 'short_description' => 'Get Api Endpoints By Page', + 'description' => 'Get Api Endpoints By Page', + 'api_id' => $api_api_endpoint->id, + 'system' => false, + ) + ); + + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/add.scope',$current_realm), + 'short_description' => 'Add required scope to endpoint', + 'description' => 'Add required scope to endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => false, + ) + ); + + + ApiScope::create( + array( + 'name' => sprintf('%s/api-endpoint/remove.scope',$current_realm), + 'short_description' => 'Remove required scope to endpoint', + 'description' => 'Remove required scope to endpoint', + 'api_id' => $api_api_endpoint->id, + 'system' => false, + ) + ); + + //non system ones + + ApiScope::create( + array( + 'name' => 'email', + 'short_description' => 'This scope value requests access to the email and email_verified Claims. ', + 'description' => 'This scope value requests access to the email and email_verified Claims. ', + 'system' => false, + ) + ); + + ApiScope::create( + array( + 'name' => 'profile', + 'short_description' => 'This scope value requests access to the End-Users default profile Claims', + 'description' => 'This scope value requests access to the End-Users default profile Claims', + 'system' => false, + ) + ); + + ApiScope::create( + array( + 'name' => 'Address', + 'short_description' => 'This scope value requests access to the address Claim.', + 'description' => 'This scope value requests access to the address Claim.', + 'system' => false, + ) + ); + + //create endpoints + + $resource_server_api = Api::where('name','=','resource-server')->first(); + $api_api = Api::where('name','=','api')->first(); + $api_api_endpoint = Api::where('name','=','api-endpoint')->first(); + + //resource server + + ApiEndpoint::create( + array( + 'name' => 'create-resource-server', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server', + 'http_method' => 'POST' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'get-resource-server', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server/{id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource-server-regenerate-secret', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server/regenerate-client-secret/{id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource-server-get-page', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server/{page_nbr}/{page_size}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource-server-delete', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server/{id}', + 'http_method' => 'DELETE' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource-server-update', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server', + 'http_method' => 'PUT' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'resource-server-update-status', + 'active' => true, + 'api_id' => $resource_server_api->id, + 'route' => 'api/v1/resource-server/status/{id}/{active}', + 'http_method' => 'GET' + ) + ); + + // endpoints api endpoint + + ApiEndpoint::create( + array( + 'name' => 'get-api-endpoint', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/{id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'delete-api-endpoint', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/{id}', + 'http_method' => 'DELETE' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'create-api-endpoint', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint', + 'http_method' => 'POST' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update-api-endpoint', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint', + 'http_method' => 'PUT' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update-api-endpoint-status', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/status/{id}/{active}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'api-endpoint-get-page', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/{page_nbr}/{page_size}', + 'http_method' => 'GET' + ) + ); + + + ApiEndpoint::create( + array( + 'name' => 'add-api-endpoint-scope', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/scope/add/{id}/{scope_id}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'remove-api-endpoint-scope', + 'active' => true, + 'api_id' => $api_api_endpoint->id, + 'route' => 'api/v1/api-endpoint/scope/remove/{id}/{scope_id}', + 'http_method' => 'GET' + ) + ); + + + // endpoints api + + ApiEndpoint::create( + array( + 'name' => 'get-api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api/{id}', + 'http_method' => 'GET' + ) + ); + + + ApiEndpoint::create( + array( + 'name' => 'delete-api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api/{id}', + 'http_method' => 'DELETE' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'create-api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api', + 'http_method' => 'POST' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update-api', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api', + 'http_method' => 'PUT' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'update-api-status', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api/status/{id}/{active}', + 'http_method' => 'GET' + ) + ); + + ApiEndpoint::create( + array( + 'name' => 'api-get-page', + 'active' => true, + 'api_id' => $api_api->id, + 'route' => 'api/v1/api/{page_nbr}/{page_size}', + 'http_method' => 'GET' + ) + ); + + //attach scopes to endpoints + + //resource server api scopes + + $resource_server_read_scope = ApiScope::where('name','=',sprintf('%s/resource-server/read',$current_realm))->first(); + $resource_server_write_scope = ApiScope::where('name','=',sprintf('%s/resource-server/write',$current_realm))->first(); + $resource_server_read_page_scope = ApiScope::where('name','=',sprintf('%s/resource-server/read.page',$current_realm))->first(); + $resource_server_regenerate_secret_scope = ApiScope::where('name','=',sprintf('%s/resource-server/regenerate.secret',$current_realm))->first(); + $resource_server_delete_scope = ApiScope::where('name','=',sprintf('%s/resource-server/delete',$current_realm))->first(); + $resource_server_update_scope = ApiScope::where('name','=',sprintf('%s/resource-server/update',$current_realm))->first(); + $resource_server_update_status_scope = ApiScope::where('name','=',sprintf('%s/resource-server/update.status',$current_realm))->first(); + + + // create needs write access + $resource_server_api_create = ApiEndpoint::where('name','=','create-resource-server')->first(); + $resource_server_api_create->scopes()->attach($resource_server_write_scope->id); + + //get needs read access + $resource_server_api_get = ApiEndpoint::where('name','=','get-resource-server')->first(); + $resource_server_api_get->scopes()->attach($resource_server_read_scope->id); + + // get page needs read access or read page access + $resource_server_api_get_page = ApiEndpoint::where('name','=','resource-server-get-page')->first(); + $resource_server_api_get_page->scopes()->attach($resource_server_read_scope->id); + $resource_server_api_get_page->scopes()->attach($resource_server_read_page_scope->id); + + //regenerate secret needs write access or specific access + $resource_server_api_regenerate = ApiEndpoint::where('name','=','resource-server-regenerate-secret')->first(); + $resource_server_api_regenerate->scopes()->attach($resource_server_write_scope->id); + $resource_server_api_regenerate->scopes()->attach($resource_server_regenerate_secret_scope->id); + + //deletes needs delete access + $resource_server_api_delete = ApiEndpoint::where('name','=','resource-server-delete')->first(); + $resource_server_api_delete->scopes()->attach($resource_server_delete_scope->id); + + //update needs update access + $resource_server_api_update = ApiEndpoint::where('name','=','resource-server-update')->first(); + $resource_server_api_update->scopes()->attach($resource_server_update_scope->id); + + //update status needs update access or specific access + $resource_server_api_update_status = ApiEndpoint::where('name','=','resource-server-update-status')->first(); + $resource_server_api_update_status->scopes()->attach($resource_server_update_scope->id); + $resource_server_api_update_status->scopes()->attach($resource_server_update_status_scope->id); + + + //endpoint api scopes + + $api_read_scope = ApiScope::where('name','=',sprintf('%s/api/read',$current_realm))->first(); + $api_write_scope = ApiScope::where('name','=',sprintf('%s/api/write',$current_realm))->first(); + $api_read_page_scope = ApiScope::where('name','=',sprintf('%s/api/read.page',$current_realm))->first(); + $api_delete_scope = ApiScope::where('name','=',sprintf('%s/api/delete',$current_realm))->first(); + $api_update_scope = ApiScope::where('name','=',sprintf('%s/api/update',$current_realm))->first(); + $api_update_status_scope = ApiScope::where('name','=',sprintf('%s/api/update.status',$current_realm))->first(); + + $endpoint_api_get = ApiEndpoint::where('name','=','get-api')->first(); + $endpoint_api_get->scopes()->attach($api_read_scope->id); + + $endpoint_api_get_page = ApiEndpoint::where('name','=','api-get-page')->first(); + $endpoint_api_get_page->scopes()->attach($api_read_scope->id); + $endpoint_api_get_page->scopes()->attach($api_read_page_scope->id); + + $endpoint_api_delete = ApiEndpoint::where('name','=','delete-api')->first(); + $endpoint_api_delete->scopes()->attach($api_delete_scope->id); + + $endpoint_api_create = ApiEndpoint::where('name','=','create-api')->first(); + $endpoint_api_create->scopes()->attach($api_write_scope->id); + + $endpoint_api_update = ApiEndpoint::where('name','=','update-api')->first(); + $endpoint_api_update->scopes()->attach($api_update_scope->id); + + $endpoint_api_update_status = ApiEndpoint::where('name','=','update-api-status')->first(); + $endpoint_api_update_status->scopes()->attach($api_update_scope->id); + $endpoint_api_update_status->scopes()->attach($api_update_status_scope->id); + + + //endpoint api endpoint scopes + + $api_endpoint_read_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/read',$current_realm))->first(); + $api_endpoint_write_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/write',$current_realm))->first(); + $api_endpoint_read_page_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/read.page',$current_realm))->first(); + $api_endpoint_delete_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/delete',$current_realm))->first(); + $api_endpoint_update_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/update',$current_realm))->first(); + $api_endpoint_update_status_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/update.status',$current_realm))->first(); + $api_endpoint_add_scope_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/add.scope',$current_realm))->first(); + $api_endpoint_remove_scope_scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/remove.scope',$current_realm))->first(); + + $endpoint_api_endpoint_get = ApiEndpoint::where('name','=','get-api-endpoint')->first(); + $endpoint_api_endpoint_get->scopes()->attach($api_endpoint_read_scope->id); + + $endpoint_api_endpoint_get_page = ApiEndpoint::where('name','=','api-endpoint-get-page')->first(); + $endpoint_api_endpoint_get_page->scopes()->attach($api_endpoint_read_scope->id); + $endpoint_api_endpoint_get_page->scopes()->attach($api_endpoint_read_page_scope->id); + + $endpoint_api_endpoint_delete = ApiEndpoint::where('name','=','delete-api-endpoint')->first(); + $endpoint_api_endpoint_delete->scopes()->attach($api_endpoint_delete_scope->id); + + $endpoint_api_endpoint_create = ApiEndpoint::where('name','=','create-api-endpoint')->first(); + $endpoint_api_endpoint_create->scopes()->attach($api_endpoint_write_scope->id); + + $endpoint_api_endpoint_update = ApiEndpoint::where('name','=','update-api-endpoint')->first(); + $endpoint_api_endpoint_update->scopes()->attach($api_endpoint_update_scope->id); + + $endpoint_api_add_api_endpoint_scope = ApiEndpoint::where('name','=','add-api-endpoint-scope')->first(); + $endpoint_api_add_api_endpoint_scope->scopes()->attach($api_endpoint_write_scope->id); + $endpoint_api_add_api_endpoint_scope->scopes()->attach($api_endpoint_add_scope_scope->id); + + $endpoint_api_remove_api_endpoint_scope = ApiEndpoint::where('name','=','remove-api-endpoint-scope')->first(); + $endpoint_api_remove_api_endpoint_scope->scopes()->attach($api_endpoint_write_scope->id); + $endpoint_api_remove_api_endpoint_scope->scopes()->attach($api_endpoint_remove_scope_scope->id); + + + $endpoint_api_endpoint_update_status = ApiEndpoint::where('name','=','update-api-endpoint-status')->first(); + $endpoint_api_endpoint_update_status->scopes()->attach($api_endpoint_update_scope->id); + $endpoint_api_endpoint_update_status->scopes()->attach($api_endpoint_update_status_scope->id); + // create users and clients ... User::create( array( diff --git a/app/filters/OAuth2RequestAccessTokenValidator.php b/app/filters/OAuth2RequestAccessTokenValidator.php index 0bb4d9d5..e031a770 100644 --- a/app/filters/OAuth2RequestAccessTokenValidator.php +++ b/app/filters/OAuth2RequestAccessTokenValidator.php @@ -1,6 +1,6 @@ api_service = $api_service; + public function __construct(IResourceServerContext $resource_server_context,IApiEndpointService $api_endpoint_service, ITokenService $token_service, ILogService $log_service, ICheckPointService $checkpoint_service){ + $this->api_endpoint_service = $api_endpoint_service; $this->token_service = $token_service; $this->log_service = $log_service; $this->checkpoint_service = $checkpoint_service; @@ -43,12 +43,12 @@ class OAuth2BearerAccessTokenRequestValidator { $url = $route->getPath(); $method = $request->getMethod(); - $api = $this->api_service->getApiByUrlAndMethod($url, $method); + $endpoint = $this->api_endpoint_service->getApiEndpointByUrlAndMethod($url, $method); $realm = $request->getHost(); - //api endpoint must be registered on db - if(is_null($api)){ - throw new OAuth2ResourceServerException(400,OAuth2Protocol::OAuth2Protocol_Error_InvalidRequest,'API endpoint does not exits!'); + //api endpoint must be registered on db and active + if(is_null($endpoint) || !$endpoint->isActive()){ + throw new OAuth2ResourceServerException(400,OAuth2Protocol::OAuth2Protocol_Error_InvalidRequest,sprintf('API endpoint does not exits! (%s:%s)',$url,$method)); } //check first http basic auth header @@ -76,12 +76,12 @@ class OAuth2BearerAccessTokenRequestValidator { throw new OAuth2ResourceServerException(401,OAuth2Protocol::OAuth2Protocol_Error_InvalidToken,'access token audience does not match'); //check scopes - $endpoint_scopes = explode(' ',$api->getScope()); - $token_scopes = explode(' ',$access_token->getScope()); + $endpoint_scopes = explode(' ',$endpoint->getScope()); + $token_scopes = explode(' ',$access_token->getScope()); //check token available scopes vs. endpoint scopes - if (count(array_diff($endpoint_scopes, $token_scopes)) !== 0) + if (count(array_intersect($endpoint_scopes, $token_scopes)) === 0) { - $this->log_service->error_msg(sprintf('access token scopes (%s) does not allow to access to api url %s , needed scopes %s',$access_token->getScope(),$url,$api->getScope())); + $this->log_service->error_msg(sprintf('access token scopes (%s) does not allow to access to api url %s , needed scopes %s',$access_token->getScope(),$url,implode(' OR ',$endpoint_scopes) )); throw new OAuth2ResourceServerException(403,OAuth2Protocol::OAuth2Protocol_Error_InsufficientScope, 'the request requires higher privileges than provided by the access token', diff --git a/app/lang/en/reminders.php b/app/lang/en/reminders.php index 4a9f1766..b35b56e9 100644 --- a/app/lang/en/reminders.php +++ b/app/lang/en/reminders.php @@ -2,21 +2,23 @@ return array( - /* - |-------------------------------------------------------------------------- - | Password Reminder Language Lines - |-------------------------------------------------------------------------- - | - | The following language lines are the default lines which match reasons - | that are given by the password broker for a password update attempt - | has failed, such as for an invalid token or invalid new password. - | - */ + /* + |-------------------------------------------------------------------------- + | Password Reminder Language Lines + |-------------------------------------------------------------------------- + | + | The following language lines are the default lines which match reasons + | that are given by the password broker for a password update attempt + | has failed, such as for an invalid token or invalid new password. + | + */ - "password" => "Passwords must be six characters and match the confirmation.", + "password" => "Passwords must be at least six characters and match the confirmation.", - "user" => "We can't find a user with that e-mail address.", + "user" => "We can't find a user with that e-mail address.", - "token" => "This password reset token is invalid.", + "token" => "This password reset token is invalid.", -); \ No newline at end of file + "sent" => "Password reminder sent!", + +); diff --git a/app/lang/en/validation.php b/app/lang/en/validation.php index 5a24a40c..a681928a 100644 --- a/app/lang/en/validation.php +++ b/app/lang/en/validation.php @@ -94,5 +94,10 @@ return array( */ 'attributes' => array(), - + //custom messages + 'boolean' => "The :attribute must be a boolean.", + 'text' => "The :attribute may only contain text.", + 'httpmethod' => "The :attribute must be one of the following values 'GET', 'HEAD','POST','PUT','DELETE','TRACE','CONNECT' OR 'OPTIONS'.", + 'route' => "The :attribute may be a valid http route.", + 'host' => "The :attribute may be a valid host name.", ); diff --git a/app/libs/auth/CustomAuthProvider.php b/app/libs/auth/CustomAuthProvider.php index f852b8cc..6320ae84 100644 --- a/app/libs/auth/CustomAuthProvider.php +++ b/app/libs/auth/CustomAuthProvider.php @@ -91,8 +91,8 @@ class CustomAuthProvider implements UserProviderInterface if (is_null($user)) { //create user $user = new User(); - $user->external_id = $member->Email; - $user->identifier = $member->Email; + $user->external_id = $member->Email; + $user->identifier = $member->Email; $user->last_login_date = gmdate("Y-m-d H:i:s", time()); $user->Save(); $user = User::where('external_id', '=', $identifier)->first(); diff --git a/app/libs/auth/User.php b/app/libs/auth/User.php index 882e35b3..c313ad47 100644 --- a/app/libs/auth/User.php +++ b/app/libs/auth/User.php @@ -15,6 +15,7 @@ class User extends Eloquent implements UserInterface, IOpenIdUser, IOAuth2User { protected $table = 'openid_users'; + private $member; public function trusted_sites() @@ -188,15 +189,18 @@ class User extends Eloquent implements UserInterface, IOpenIdUser, IOAuth2User if (is_null($this->member)) { $this->member = Member::where('Email', '=', $this->external_id)->first(); } + $url = asset('img/generic-profile-photo.png'); $photoId = $this->member->PhotoID; + if (!is_null($photoId) && is_numeric($photoId) && $photoId > 0) { - $photo = MemberPhoto::where('ID', '=', $photoId)->first(); - $server_configuration_service = Registry::getInstance()->get(OpenIdServiceCatalog::ServerConfigurationService); - $url = $server_configuration_service->getConfigValue("Assets.Url").$photo->Filename; - return $url; + $photo = MemberPhoto::where('ID', '=', $photoId)->first(); + if(!is_null($photo)){ + $server_configuration_service = Registry::getInstance()->get(OpenIdServiceCatalog::ServerConfigurationService); + $url = $server_configuration_service->getConfigValue("Assets.Url").$photo->Filename; + } } - return ''; + return $url; } public function getClients() diff --git a/app/libs/oauth2/exceptions/InvalidApi.php b/app/libs/oauth2/exceptions/InvalidApi.php new file mode 100644 index 00000000..0efcd6d5 --- /dev/null +++ b/app/libs/oauth2/exceptions/InvalidApi.php @@ -0,0 +1,16 @@ +belongsTo('ResourceServer'); } + public function endpoints() + { + return $this->hasMany('ApiEndpoint','api_id'); + } + /** * @return \oauth2\models\IResourceServer */ @@ -34,10 +39,6 @@ class Api extends Eloquent implements IApi { return $this->logo; } - public function getRoute() - { - return $this->route; - } public function getDescription() { @@ -60,7 +61,21 @@ class Api extends Eloquent implements IApi { return $this->active; } - public function getHttpMethod(){ - return $this->http_method; + + public function setName($name) + { + $this->name = $name; + } + + + + public function setDescription($description) + { + $this->description = $description; + } + + public function setStatus($active) + { + $this->active = $active; } } \ No newline at end of file diff --git a/app/models/oauth2/ApiEndpoint.php b/app/models/oauth2/ApiEndpoint.php new file mode 100644 index 00000000..b7379ac3 --- /dev/null +++ b/app/models/oauth2/ApiEndpoint.php @@ -0,0 +1,77 @@ +belongsTo('Api'); + } + + public function getRoute() + { + return $this->route; + } + + public function scopes() + { + return $this->belongsToMany('ApiScope','oauth2_api_endpoint_api_scope','api_endpoint_id','scope_id'); + } + + public function getHttpMethod(){ + return $this->http_method; + } + + public function setRoute($route) + { + $this->route = $route; + } + + public function setHttpMethod($http_method) + { + $this->http_method = $http_method; + } + + /** + * @return \oauth2\models\IApi + */ + public function getApi() + { + return $this->api()->first(); + } + + public function getScope() + { + $scope = ''; + foreach($this->scopes()->get() as $s){ + if(!$s->active) continue; + $scope = $scope .$s->name.' '; + } + $scope = trim($scope); + return $scope; + } + + public function isActive() + { + return $this->active; + } + + public function setStatus($active) + { + $this->active = $active; + } + + public function getName() + { + return $this->name; + } + + public function setName($name) + { + $this->name= $name; + } +} \ No newline at end of file diff --git a/app/models/oauth2/ApiScope.php b/app/models/oauth2/ApiScope.php index 6a32d0ed..89773c33 100644 --- a/app/models/oauth2/ApiScope.php +++ b/app/models/oauth2/ApiScope.php @@ -6,6 +6,8 @@ class ApiScope extends Eloquent implements IApiScope { protected $table = 'oauth2_api_scope'; + protected $hidden = array('pivot'); + public function api() { return $this->belongsTo('Api'); @@ -33,10 +35,17 @@ class ApiScope extends Eloquent implements IApiScope { public function getApiName() { - return $this->api()->first()->name; + $api = $this->api()->first(); + return !is_null($api)?$api->name:''; } public function getApiDescription(){ - return $this->api()->first()->description; + $api = $this->api()->first(); + return !is_null($api)? $api->description:''; + } + + public function getApiLogo(){ + $api = $this->api()->first(); + return !is_null($api)? $api->logo:asset('img/apis/server.png'); } } \ No newline at end of file diff --git a/app/models/oauth2/Client.php b/app/models/oauth2/Client.php index 38985b6c..f1994e2d 100644 --- a/app/models/oauth2/Client.php +++ b/app/models/oauth2/Client.php @@ -72,7 +72,6 @@ class Client extends Eloquent implements IClient { $scopes = $this->scopes() ->with('api') ->where('active','=',true) - ->where('system','=',false) ->orderBy('api_id')->get(); $res = array(); foreach($scopes as $scope){ diff --git a/app/models/oauth2/ResourceServer.php b/app/models/oauth2/ResourceServer.php index e5cd8376..3731b210 100644 --- a/app/models/oauth2/ResourceServer.php +++ b/app/models/oauth2/ResourceServer.php @@ -1,7 +1,6 @@ "ssl"), function () { Route::get('/', "HomeController@index"); @@ -82,4 +90,24 @@ Route::group(array('prefix' => 'api/v1', 'before' => 'ssl|oauth2.protected.endpo Route::put('/',"ApiResourceServerController@update"); Route::get('/status/{id}/{active}',"ApiResourceServerController@updateStatus"); }); + + Route::group(array('prefix' => 'api'), function(){ + Route::get('/{id}',"ApiController@get"); + Route::get('/{page_nbr}/{page_size}',"ApiController@getByPage"); + Route::delete('/{id}',"ApiController@delete"); + Route::post('/',"ApiController@create"); + Route::put('/',"ApiController@update"); + Route::get('/status/{id}/{active}',"ApiController@updateStatus"); + }); + + Route::group(array('prefix' => 'api-endpoint'), function(){ + Route::get('/{id}',"ApiEndpointController@get"); + Route::get('/{page_nbr}/{page_size}',"ApiEndpointController@getByPage"); + Route::post('/',"ApiEndpointController@create"); + Route::put('/',"ApiEndpointController@update"); + Route::delete('/{id}',"ApiEndpointController@delete"); + Route::get('/status/{id}/{active}',"ApiEndpointController@updateStatus"); + Route::get('/scope/add/{id}/{scope_id}',"ApiEndpointController@addRequiredScope"); + Route::get('/scope/remove/{id}/{scope_id}',"ApiEndpointController@removeRequiredScope"); + }); }); diff --git a/app/services/ServicesProvider.php b/app/services/ServicesProvider.php index 3715aebf..5134121d 100644 --- a/app/services/ServicesProvider.php +++ b/app/services/ServicesProvider.php @@ -98,6 +98,7 @@ class ServicesProvider extends ServiceProvider $this->app->singleton(OAuth2ServiceCatalog::ScopeService, 'services\\oauth2\\ApiScopeService'); $this->app->singleton(OAuth2ServiceCatalog::ResourceServerService, 'services\\oauth2\\ResourceServerService'); $this->app->singleton(OAuth2ServiceCatalog::ApiService, 'services\\oauth2\\ApiService'); + $this->app->singleton(OAuth2ServiceCatalog::ApiEndpointService, 'services\\oauth2\\ApiEndpointService'); Registry::getInstance()->set(OAuth2ServiceCatalog::MementoService, $this->app->make(OAuth2ServiceCatalog::MementoService)); Registry::getInstance()->set(OAuth2ServiceCatalog::TokenService, $this->app->make(OAuth2ServiceCatalog::TokenService)); @@ -105,6 +106,7 @@ class ServicesProvider extends ServiceProvider Registry::getInstance()->set(OAuth2ServiceCatalog::ClientService, $this->app->make(OAuth2ServiceCatalog::ClientService)); Registry::getInstance()->set(OAuth2ServiceCatalog::ResourceServerService, $this->app->make(OAuth2ServiceCatalog::ResourceServerService)); Registry::getInstance()->set(OAuth2ServiceCatalog::ApiService, $this->app->make(OAuth2ServiceCatalog::ApiService)); + Registry::getInstance()->set(OAuth2ServiceCatalog::ApiEndpointService, $this->app->make(OAuth2ServiceCatalog::ApiEndpointService)); } public function register() diff --git a/app/services/oauth2/ApiEndpointService.php b/app/services/oauth2/ApiEndpointService.php new file mode 100644 index 00000000..d3449fa1 --- /dev/null +++ b/app/services/oauth2/ApiEndpointService.php @@ -0,0 +1,220 @@ +where('http_method','=',$http_method)->first(); + } + + /** + * @param $id + * @return IApiEndpoint + */ + public function get($id){ + return ApiEndpoint::find($id); + } + + /** + * @param int $page_size + * @param int $page_nbr + * @return mixed + */ + public function getAll($page_size=10,$page_nbr=1){ + DB::getPaginator()->setCurrentPage($page_nbr); + return ApiEndpoint::paginate($page_size); + } + + /** + * Adds a new api endpoint to an existent api + * @param string $name + * @param string $description + * @param boolean $active + * @param string $route + * @param string $http_method + * @param integer $api_id + * @return IApiEndpoint + */ + public function add($name, $description, $active, $route, $http_method, $api_id) + { + $instance = null; + + DB::transaction(function () use ($name, $description, $active, $route, $http_method, $api_id, &$instance) { + + $old_endpoint_api = ApiEndpoint::where('http_method','=',$http_method)->where('route','=',$route)->first(); + + if(!is_null($old_endpoint_api)) + throw new InvalidApiEndpoint(sprintf('there is already an endpoint api with route %s and http method %s',$route,$http_method)); + + $instance = new ApiEndpoint( + array( + 'name' => $name, + 'description' => $description, + 'active' => $active, + 'route' => $route, + 'http_method' => $http_method, + 'api_id' => $api_id, + ) + ); + $instance->Save(); + }); + return $instance; + } + + /** + * @param int $id + * @param array $params + * @return bool + * @throws \oauth2\exceptions\InvalidApiEndpoint + */ + public function update($id, array $params){ + + $endpoint = ApiEndpoint::find($id); + if(is_null($endpoint)) + throw new InvalidApiEndpoint(sprintf('api endpoint id %s does not exists!',$id)); + $allowed_update_params = array('name','description','active','route','http_method'); + foreach($allowed_update_params as $param){ + if(array_key_exists($param,$params)){ + $endpoint->{$param} = $params[$param]; + } + } + return $this->save($endpoint); + } + + /** + * Adds a new required scope to a given api endpoint, + * given scope must belongs to owner api of the given endpoint + * @param int $api_endpoint_id + * @param int $scope_id + * @return boolean + * @throws \oauth2\exceptions\InvalidApiScope + * @throws \oauth2\exceptions\InvalidApiEndpoint + */ + public function addRequiredScope($api_endpoint_id, $scope_id) + { + $res = false; + DB::transaction(function () use($api_endpoint_id, $scope_id,&$res){ + + $api_endpoint = ApiEndpoint::find($api_endpoint_id); + + if(is_null($api_endpoint)) + throw new InvalidApiEndpoint(sprintf("api endpoint id %s does not exists!.",$api_endpoint_id)); + + $scope = ApiScope::find($scope_id); + + if(is_null($scope)) + throw new InvalidApiScope(sprintf("api scope id %s does not exists!.",$scope_id)); + + if($scope->api_id!==$api_endpoint->api_id) + throw new InvalidApiScope(sprintf("api scope id %s does not belong to api id %s !.",$scope_id,$api_endpoint->api_id)); + + $res = $api_endpoint->scopes()->where('id','=',$scope_id)->count(); + + if($res>0) + throw new InvalidApiScope(sprintf("api scope id %s already belongs to endpoint id %s!.",$scope_id,$api_endpoint->id)); + + $api_endpoint->scopes()->attach($scope_id); + + $res = true; + }); + return $res; + } + + + /** + * Removes a required scope to a given api endpoint, + * given scope must belongs to owner api of the given endpoint + * @param int $api_endpoint_id + * @param int $scope_id + * @return boolean + * @throws \oauth2\exceptions\InvalidApiScope + * @throws \oauth2\exceptions\InvalidApiEndpoint + */ + public function removeRequiredScope($api_endpoint_id, $scope_id) + { + + $res = false; + DB::transaction(function () use($api_endpoint_id, $scope_id,&$res){ + + $api_endpoint = ApiEndpoint::find($api_endpoint_id); + + if(is_null($api_endpoint)) + throw new InvalidApiEndpoint(sprintf("api endpoint id %s does not exists!.",$api_endpoint_id)); + + $scope = ApiScope::find($scope_id); + + if(is_null($scope)) + throw new InvalidApiScope(sprintf("api scope id %s does not exists!.",$scope_id)); + + if($scope->api_id !== $api_endpoint->api_id) + throw new InvalidApiScope(sprintf("api scope id %s does not belongs to api id %s!.",$scope_id,$api_endpoint->api_id)); + + $res = $api_endpoint->scopes()->where('id','=',$scope_id)->count(); + + if($res===0) + throw new InvalidApiScope(sprintf("api scope id %s does not belongs to endpoint id %s !.",$scope_id,$api_endpoint->id)); + + $api_endpoint->scopes()->detach($scope_id); + + $res = true; + }); + return $res; + } + + /** + * deletes a given api endpoint + * @param int $id + * @return boolean + */ + public function delete($id) + { + $res = false; + DB::transaction(function () use ($id,&$res) { + $endpoint = ApiEndpoint::find($id); + if(!is_null($endpoint)){ + $res = $endpoint->delete(); + } + }); + return $res; + } + + public function save(IApiEndpoint $api_endpoint) + { + if(!$api_endpoint->exists() || count($api_endpoint->getDirty())>0){ + return $api_endpoint->Save(); + } + return false; + } + + /** + * @param int $id + * @param boolean $active + * @return boolean + */ + public function setStatus($id, $active) + { + $endpoint = ApiEndpoint::find($id); + if(is_null($endpoint)) return false; + return $endpoint->update(array('active'=>$active)); + } +} \ No newline at end of file diff --git a/app/services/oauth2/ApiScopeService.php b/app/services/oauth2/ApiScopeService.php index 3b0a9876..b35a5c98 100644 --- a/app/services/oauth2/ApiScopeService.php +++ b/app/services/oauth2/ApiScopeService.php @@ -22,18 +22,22 @@ class ApiScopeService implements IApiScopeService { return DB::table('oauth2_api_scope')->where('active','=',true)->whereIn('name',$scopes_names)->lists('short_description'); } - /** get all active scopes - * @return mixed + /** + * @param bool $system + * @return array|mixed */ - public function getAvailableScopes(){ + public function getAvailableScopes($system=false){ + $scopes = ApiScope::with('api') ->where('active','=',true) - ->where('system','=',false) + ->where('system','=',$system) ->orderBy('api_id')->get(); + $res = array(); + foreach($scopes as $scope){ $api = $scope->api()->first(); - if($api->active && $api->resource_server()->first()->active) + if(is_null($api) ||($api->active && $api->resource_server()->first()->active)) array_push($res,$scope); } return $res; @@ -62,5 +66,4 @@ class ApiScopeService implements IApiScopeService { return $audience; } - } \ No newline at end of file diff --git a/app/services/oauth2/ApiService.php b/app/services/oauth2/ApiService.php index de8d31b5..445d1a28 100644 --- a/app/services/oauth2/ApiService.php +++ b/app/services/oauth2/ApiService.php @@ -4,17 +4,128 @@ namespace services\oauth2; use oauth2\models\IApi; use oauth2\services\IApiService; use Api; +use DB; +use oauth2\exceptions\InvalidApi; +use oauth2\exceptions\InvalidApiEndpoint; +use oauth2\exceptions\InvalidApiScope; class ApiService implements IApiService { /** - * @param $url - * @param $http_method + * @param $api_id * @return IApi */ - public function getApiByUrlAndMethod($url, $http_method) + public function get($api_id) { - return Api::where('route','=',$url)->where('http_method','=',$http_method)->first(); + return Api::find($api_id); + } + + /** + * @param $api_name + * @return IApi + */ + public function getByName($api_name) + { + return Api::where('name','=',$api_name)->first(); + } + + /** + * @param $id + * @return bool + */ + public function delete($id) + { + $res = false; + DB::transaction(function () use ($id,&$res) { + $api = Api::find($id); + if(!is_null($api)){ + $res = $api->delete(); + } + }); + return $res; + } + + /** + * @param $name + * @param $description + * @param $active + * @param $resource_server_id + * @return null|IApi + */ + public function add($name, $description, $active, $resource_server_id) + { + $instance = null; + if(is_string($active)){ + $active = $active==='true'?true:false; + } + + DB::transaction(function () use ($name, $description, $active, $resource_server_id, &$instance) { + $instance = new Api( + array( + 'name' => $name, + 'description' => $description, + 'active' => $active, + 'resource_server_id' => $resource_server_id + ) + ); + + $instance->Save(); + }); + return $instance; + } + + /** + * @param $id + * @param array $params + * @throws \oauth2\exceptions\InvalidApi + */ + public function update($id, array $params){ + + $api = Api::find($id); + if(is_null($api)) + throw new InvalidApi(sprintf('api id %s does not exists!',$id)); + + $allowed_update_params = array('name','description','active'); + foreach($allowed_update_params as $param){ + if(array_key_exists($param,$params)){ + $api->{$param} = $params[$param]; + } + } + return $this->save($api); + } + + /** + * @param IApi $api + * @return void + */ + public function save(IApi $api) + { + if(!$api->exists() || count($api->getDirty())>0){ + return $api->Save(); + } + return false; + } + + /** + * @param $id + * @param $active + * @return bool + */ + public function setStatus($id, $active) + { + $api = Api::find($id); + if(is_null($api)) return false; + return $api->update(array('active'=>$active)); + } + + /** + * @param int $page_size + * @param int $page_nbr + * @return mixed + */ + public function getAll($page_size=10,$page_nbr=1){ + DB::getPaginator()->setCurrentPage($page_nbr); + return Api::paginate($page_size); } } \ No newline at end of file diff --git a/app/services/oauth2/ClientService.php b/app/services/oauth2/ClientService.php index df9c6cd4..dfc9a054 100644 --- a/app/services/oauth2/ClientService.php +++ b/app/services/oauth2/ClientService.php @@ -67,7 +67,7 @@ class ClientService implements IClientService return array($auth_header_content[0], $auth_header_content[1]); } //if not get from http input - $client_id = Input::get(OAuth2Protocol::OAuth2Protocol_ClientId, ''); + $client_id = Input::get(OAuth2Protocol::OAuth2Protocol_ClientId, ''); $client_secret = Input::get(OAuth2Protocol::OAuth2Protocol_ClientSecret, ''); return array($client_id, $client_secret); } diff --git a/app/services/oauth2/ResourceServerService.php b/app/services/oauth2/ResourceServerService.php index 52659753..0381e3e9 100644 --- a/app/services/oauth2/ResourceServerService.php +++ b/app/services/oauth2/ResourceServerService.php @@ -10,6 +10,7 @@ use oauth2\services\IResourceServerService; use oauth2\services\IClientService; use ResourceServer; use DB; +use \oauth2\exceptions\InvalidResourceServer; class ResourceServerService implements IResourceServerService { @@ -30,24 +31,48 @@ class ResourceServerService implements IResourceServerService { return ResourceServer::paginate($page_size); } + /** + * @param $id + * @param array $params + * @return bool + * @throws \oauth2\exceptions\InvalidResourceServer + */ + public function update($id, array $params){ + + $resource_server = ResourceServer::find($id); + if(is_null($resource_server)) + throw new InvalidResourceServer(sprintf('resource server id %s does not exists!',$id)); + + $allowed_update_params = array('host','ip','active','friendly_name'); + foreach($allowed_update_params as $param){ + if(array_key_exists($param,$params)){ + $resource_server->{$param} = $params[$param]; + } + } + return $this->save($resource_server); + } + /** * @param IResourceServer $resource_server - * @return void + * @return bool */ public function save(IResourceServer $resource_server) { - $resource_server->Save(); + if(!$resource_server->exists() || count($resource_server->getDirty())>0){ + return $resource_server->Save(); + } + return false; } /** * sets resource server status (active/deactivated) * @param $resource_server_id id of resource server * @param bool $status status (active/non active) - * @return void + * @return bool */ public function setStatus($resource_server_id, $status) { - ResourceServer::find($resource_server_id)->update(array('active'=>$status)); + return ResourceServer::find($resource_server_id)->update(array('active'=>$status)); } /** @@ -120,7 +145,7 @@ class ResourceServerService implements IResourceServerService { * @return bool */ public function regenerateResourceServerClientSecret($resource_server_id){ - $res = ''; + $res = null; DB::transaction(function () use ($resource_server_id,&$res) { $resource_server = ResourceServer::find($resource_server_id); if(!is_null($resource_server)){ diff --git a/app/start/global.php b/app/start/global.php index 47dbbd31..c3eccb85 100644 --- a/app/start/global.php +++ b/app/start/global.php @@ -12,16 +12,17 @@ */ use openid\exceptions\InvalidOpenIdMessageException; use utils\services\Registry; -use \utils\services\UtilsServiceCatalog; +use utils\services\UtilsServiceCatalog; use oauth2\exceptions\InvalidOAuth2Request; +use Monolog\Logger; +use Monolog\Handler\NativeMailerHandler; + ClassLoader::addDirectories(array( - app_path() . '/commands', app_path() . '/controllers', app_path() . '/models', app_path() . '/database/seeds', - )); /* @@ -37,14 +38,17 @@ ClassLoader::addDirectories(array( $logFile = 'log-' . php_sapi_name() . '.txt'; -Log::useDailyFiles(storage_path() . '/logs/' . $logFile); -$admin_email = 'sebastian@tipit.net'; -$from = 'noreply@openstack.org'; -$subject = 'openstackid error'; -$mono_log = Log::getMonolog(); +Log::useDailyFiles(storage_path() . '/logs/' . $logFile,$days = 0, $level = 'debug'); -$handler = new Monolog\Handler\NativeMailerHandler($admin_email, $subject, $from); -$mono_log->pushHandler($handler); +//set email log +$to = Config::get('log.to_email'); +$from = Config::get('log.from_email'); +if(!empty($to) && !empty($from)){ + $subject = 'openstackid error'; + $mono_log = Log::getMonolog(); + $handler = new NativeMailerHandler($to, $subject, $from,$level = Logger::WARNING); + $mono_log->pushHandler($handler); +} /* |-------------------------------------------------------------------------- @@ -116,4 +120,5 @@ App::down(function () { | */ -require app_path() . '/filters.php'; \ No newline at end of file +require app_path() . '/filters.php'; +require app_path() . '/validators.php'; \ No newline at end of file diff --git a/app/tests/ApiEndpointTest.php b/app/tests/ApiEndpointTest.php new file mode 100644 index 00000000..4eb33e33 --- /dev/null +++ b/app/tests/ApiEndpointTest.php @@ -0,0 +1,331 @@ +current_realm = Config::get('app.url'); + $this->client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; + $this->client_secret = 'ITc/6Y5N7kOtGKhg'; + + $scope = array( + sprintf('%s/api-endpoint/read',$this->current_realm), + sprintf('%s/api-endpoint/write',$this->current_realm), + sprintf('%s/api-endpoint/delete',$this->current_realm), + sprintf('%s/api-endpoint/update',$this->current_realm), + sprintf('%s/api-endpoint/update.status',$this->current_realm), + ); + + //do get auth token... + $params = array( + OAuth2Protocol::OAuth2Protocol_GrantType => OAuth2Protocol::OAuth2Protocol_GrantType_ClientCredentials, + OAuth2Protocol::OAuth2Protocol_Scope => implode(' ',$scope) + ); + + //get access token for api ... + + $response = $this->action("POST", "OAuth2ProviderController@token", + $params, + array(), + array(), + // Symfony interally prefixes headers with "HTTP", so + array("HTTP_Authorization" => " Basic " . base64_encode($this->client_id . ':' . $this->client_secret))); + + $this->assertResponseStatus(200); + + $content = $response->getContent(); + + $response = json_decode($content); + + $this->access_token = $response->access_token; + } + + /** + * testGetById + * @covers get api endpoint by id + */ + public function testGetById(){ + + $api_endpoint = ApiEndpoint::where('name','=','get-api')->first(); + $this->assertTrue(!is_null($api_endpoint)); + + $response = $this->action("GET", "ApiEndpointController@get", + $parameters = array('id' =>$api_endpoint->id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue($response_api->id === $api_endpoint->id); + } + + /** + * testGetByPage + * @covers get api endpoint by list (paginated) + */ + public function testGetByPage(){ + $response = $this->action("GET", "ApiEndpointController@getByPage", + $parameters = array('page_nbr' => 1,'page_size'=>10), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $list = json_decode($content); + $this->assertTrue(isset($list->total_items) && intval($list->total_items)>0); + $this->assertResponseStatus(200); + } + + public function testCreate(){ + + $api = Api::where('name','=','api-endpoint')->first(); + $this->assertTrue(!is_null($api)); + + $data = array( + 'name' => 'test-api-endpoint', + 'description' => 'test api endpoint, allows test api endpoints.', + 'active' => true, + 'route' => '/api/v1/api-endpoint/test', + 'http_method' => 'POST', + 'api_id' => $api->id + ); + + $response = $this->action("POST", "ApiEndpointController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_endpoint_id) && !empty($json_response->api_endpoint_id)); + } + + public function testUpdate(){ + + $api = Api::where('name','=','api-endpoint')->first(); + $this->assertTrue(!is_null($api)); + + $data = array( + 'name' => 'test-api-endpoint', + 'description' => 'test api endpoint, allows test api endpoints.', + 'active' => true, + 'route' => '/api/v1/api-endpoint/test', + 'http_method' => 'POST', + 'api_id' => $api->id + ); + + $response = $this->action("POST", "ApiEndpointController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_endpoint_id) && !empty($json_response->api_endpoint_id)); + + //update recently created + + $data_updated = array( + 'id' => $json_response->api_endpoint_id, + 'name' => 'test-api-endpoint-update', + ); + + $response = $this->action("PUT", "ApiEndpointController@update",$parameters = $data_updated, array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + $this->assertTrue($json_response ==="ok"); + $this->assertResponseStatus(200); + + } + + public function testUpdateStatus(){ + + $api = Api::where('name','=','api-endpoint')->first(); + $this->assertTrue(!is_null($api)); + + $data = array( + 'name' => 'test-api-endpoint', + 'description' => 'test api endpoint, allows test api endpoints.', + 'active' => true, + 'route' => '/api/v1/api-endpoint/test', + 'http_method' => 'POST', + 'api_id' => $api->id + ); + + $response = $this->action("POST", "ApiEndpointController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_endpoint_id) && !empty($json_response->api_endpoint_id)); + + $new_id = $json_response->api_endpoint_id; + //update status + + $response = $this->action("GET", "ApiEndpointController@updateStatus",array( + 'id' => $new_id, + 'active' => 'false'), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + $this->assertResponseStatus(200); + + $response = $this->action("GET", "ApiEndpointController@get",$parameters = array('id' => $new_id), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $updated_values = json_decode($content); + $this->assertTrue($updated_values->active === 0); + $this->assertResponseStatus(200); + } + + public function testDeleteExisting(){ + + $api_endpoint = ApiEndpoint::where('name','=','update-api-endpoint-status')->first(); + + $this->assertTrue(!is_null($api_endpoint)); + + $id = $api_endpoint->id; + + $response = $this->action("DELETE", "ApiEndpointController@delete",$parameters = array('id' => $id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + + $this->assertResponseStatus(200); + + $response = $this->action("GET", "ApiEndpointController@get", + $parameters = array('id' => $id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api_endpoint = json_decode($content); + $this->assertTrue(isset($response_api_endpoint->error)); + $this->assertTrue($response_api_endpoint->error==='api endpoint not found'); + $this->assertResponseStatus(404); + } + + public function testAddRequiredScope(){ + + $api_endpoint = ApiEndpoint::where('name','=','update-api-endpoint-status')->first(); + $this->assertTrue(!is_null($api_endpoint)); + $scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/read',$this->current_realm))->first(); + $this->assertTrue(!is_null($scope)); + + $response = $this->action("GET", "ApiEndpointController@addRequiredScope",array( + 'id' => $api_endpoint->id, + 'scope_id' => $scope->id), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $this->assertResponseStatus(200); + $content = $response->getContent(); + $this->assertTrue(json_decode($content)==='ok'); + + $response = $this->action("GET", "ApiEndpointController@get", + $parameters = array('id' =>$api_endpoint->id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api_endpoint = json_decode($content); + $this->assertTrue(is_array($response_api_endpoint->scopes) && count($response_api_endpoint->scopes)>2); + $this->assertResponseStatus(200); + } + + public function testRemoveRequiredScope(){ + + $api_endpoint = ApiEndpoint::where('name','=','update-api-endpoint-status')->first(); + $this->assertTrue(!is_null($api_endpoint)); + $scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/update',$this->current_realm))->first(); + $this->assertTrue(!is_null($scope)); + + $response = $this->action("GET", "ApiEndpointController@removeRequiredScope",array( + 'id' => $api_endpoint->id, + 'scope_id' => $scope->id), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $this->assertResponseStatus(200); + $content = $response->getContent(); + $response = json_decode($content); + $this->assertTrue($response==='ok'); + + $response = $this->action("GET", "ApiEndpointController@get", + $parameters = array('id' =>$api_endpoint->id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api_endpoint = json_decode($content); + $this->assertTrue(is_array($response_api_endpoint->scopes) && count($response_api_endpoint->scopes)==1); + $this->assertResponseStatus(200); + } + + public function testRemoveRequiredScopeMustFail(){ + + $api_endpoint = ApiEndpoint::where('name','=','update-api-endpoint-status')->first(); + $this->assertTrue(!is_null($api_endpoint)); + $scope = ApiScope::where('name','=',sprintf('%s/api-endpoint/read',$this->current_realm))->first(); + $this->assertTrue(!is_null($scope)); + + $response = $this->action("GET", "ApiEndpointController@removeRequiredScope",array( + 'id' => $api_endpoint->id, + 'scope_id' => $scope->id), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $this->assertResponseStatus(500); + $content = $response->getContent(); + $response = json_decode($content); + $this->assertTrue(isset($response->error) && $response->error==='server error'); + } + +} \ No newline at end of file diff --git a/app/tests/ApiTest.php b/app/tests/ApiTest.php new file mode 100644 index 00000000..39ce0a8d --- /dev/null +++ b/app/tests/ApiTest.php @@ -0,0 +1,295 @@ +current_realm = Config::get('app.url'); + $this->client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; + $this->client_secret = 'ITc/6Y5N7kOtGKhg'; + + $scope = array( + sprintf('%s/api/read',$this->current_realm), + sprintf('%s/api/write',$this->current_realm), + sprintf('%s/api/delete',$this->current_realm), + sprintf('%s/api/update',$this->current_realm), + sprintf('%s/api/update.status',$this->current_realm), + ); + + //do get auth token... + $params = array( + OAuth2Protocol::OAuth2Protocol_GrantType => OAuth2Protocol::OAuth2Protocol_GrantType_ClientCredentials, + OAuth2Protocol::OAuth2Protocol_Scope => implode(' ',$scope) + ); + + //get access token for api ... + + $response = $this->action("POST", "OAuth2ProviderController@token", + $params, + array(), + array(), + // Symfony interally prefixes headers with "HTTP", so + array("HTTP_Authorization" => " Basic " . base64_encode($this->client_id . ':' . $this->client_secret))); + + $this->assertResponseStatus(200); + + $content = $response->getContent(); + + $response = json_decode($content); + + $this->access_token = $response->access_token; + } + + public function testGetById(){ + + $api = Api::where('name','=','api')->first(); + + $response = $this->action("GET", "ApiController@get", + $parameters = array('id' => $api->id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue($response_api->id === $api->id); + } + + public function testGetByPage(){ + + $response = $this->action("GET", "ApiController@getByPage", + $parameters = array('page_nbr' => 1,'page_size'=>10), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $list = json_decode($content); + $this->assertTrue(isset($list->total_items) && intval($list->total_items)>0); + $this->assertResponseStatus(200); + } + + public function testCreate(){ + + $resource_server = ResourceServer::where('host','=','dev.openstackid.com')->first(); + + $data = array( + 'name' => 'test-api', + 'description' => 'test api', + 'active' => true, + 'resource_server_id' => $resource_server->id, + ); + + $response = $this->action("POST", "ApiController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_id) && !empty($json_response->api_id)); + } + + public function testDelete(){ + + $resource_server = ResourceServer::where('host','=','dev.openstackid.com')->first(); + + $data = array( + 'name' => 'test-api', + 'description' => 'test api', + 'active' => true, + 'resource_server_id' => $resource_server->id, + ); + + $response = $this->action("POST", "ApiController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_id) && !empty($json_response->api_id)); + + $new_id = $json_response->api_id; + $response = $this->action("DELETE", "ApiController@delete",$parameters = array('id' => $new_id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + + $this->assertResponseStatus(200); + + $response = $this->action("GET", "ApiController@get", + $parameters = array('id' => $new_id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api_endpoint = json_decode($content); + $this->assertResponseStatus(404); + } + + public function testUpdate(){ + + $resource_server = ResourceServer::where('host','=','dev.openstackid.com')->first(); + + $data = array( + 'name' => 'test-api', + 'description' => "test api", + 'active' => true, + 'resource_server_id' => $resource_server->id, + ); + + $response = $this->action("POST", "ApiController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_id) && !empty($json_response->api_id)); + + $new_id = $json_response->api_id; + //update it + + $data_update = array( + 'id' => $new_id, + 'name' => 'test-api-updated', + 'description' => 'test api updated', + ); + + $response = $this->action("PUT", "ApiController@update",$parameters = $data_update, array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + + + $response = $this->action("GET", "ApiController@get", + $parameters = array('id' =>$new_id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $updated_values = json_decode($content); + + $this->assertTrue($updated_values->name === 'test-api-updated'); + $this->assertResponseStatus(200); + } + + public function testUpdateStatus(){ + + $resource_server = ResourceServer::where('host','=','dev.openstackid.com')->first(); + + $data = array( + 'name' => 'test-api', + 'description' => 'test api', + 'active' => true, + 'resource_server_id' => $resource_server->id, + ); + + $response = $this->action("POST", "ApiController@create", + $data, + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + + $this->assertResponseStatus(200); + $this->assertTrue(isset($json_response->api_id) && !empty($json_response->api_id)); + + $new_id = $json_response->api_id; + //update status + + $response = $this->action("GET", "ApiController@updateStatus",array( + 'id' => $new_id, + 'active' => 'false'), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + $this->assertResponseStatus(200); + + $response = $this->action("GET", "ApiController@get",$parameters = array('id' => $new_id), array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $updated_values = json_decode($content); + $this->assertTrue($updated_values->active === 0); + $this->assertResponseStatus(200); + } + + public function testDeleteExisting(){ + + $resource_server_api = Api::where('name','=','resource-server')->first(); + + $id = $resource_server_api->id; + + $response = $this->action("DELETE", "ApiController@delete",$parameters = array('id' => $id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + + $this->assertResponseStatus(200); + + $response = $this->action("GET", "ApiController@get", + $parameters = array('id' => $id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $response_api_endpoint = json_decode($content); + $this->assertResponseStatus(404); + } +} \ No newline at end of file diff --git a/app/tests/OAuth2ProtocolTest.php b/app/tests/OAuth2ProtocolTest.php index 2349598a..038a362a 100644 --- a/app/tests/OAuth2ProtocolTest.php +++ b/app/tests/OAuth2ProtocolTest.php @@ -32,7 +32,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => 'code', - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), ); $user = User::where('external_id', '=', 'smarcet@gmail.com')->first(); @@ -67,7 +67,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Code, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), ); $user = User::where('external_id', '=', 'smarcet@gmail.com')->first(); @@ -148,7 +148,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Code, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), ); $response = $this->action("POST", "OAuth2ProviderController@authorize", @@ -245,7 +245,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Code, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), ); $response = $this->action("POST", "OAuth2ProviderController@authorize", @@ -346,7 +346,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Code, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), ); $response = $this->action("POST", "OAuth2ProviderController@authorize", @@ -449,7 +449,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Token, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), 'state' => '123456' ); @@ -491,7 +491,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Token, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), 'state' => '123456' ); @@ -548,7 +548,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Token, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), 'state' => '123456' ); @@ -606,7 +606,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Token, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), 'state' => '123456' ); @@ -664,7 +664,7 @@ class OAuth2ProtocolTest extends TestCase 'client_id' => $client_id, 'redirect_uri' => 'https://www.test.com/oauth2', 'response_type' => OAuth2Protocol::OAuth2Protocol_ResponseType_Token, - 'scope' => sprintf('%s/api/resource-server/read',$this->current_realm), + 'scope' => sprintf('%s/resource-server/read',$this->current_realm), 'state' => '123456' ); @@ -714,7 +714,7 @@ class OAuth2ProtocolTest extends TestCase //do get auth token... $params = array( OAuth2Protocol::OAuth2Protocol_GrantType => OAuth2Protocol::OAuth2Protocol_GrantType_ClientCredentials, - OAuth2Protocol::OAuth2Protocol_Scope => sprintf('%s/api/resource-server/read',$this->current_realm), + OAuth2Protocol::OAuth2Protocol_Scope => sprintf('%s/resource-server/read',$this->current_realm), ); $response = $this->action("POST", "OAuth2ProviderController@token", diff --git a/app/tests/OpenIdProtocolTest.php b/app/tests/OpenIdProtocolTest.php index a11248f8..575212ee 100644 --- a/app/tests/OpenIdProtocolTest.php +++ b/app/tests/OpenIdProtocolTest.php @@ -452,13 +452,13 @@ class OpenIdProtocolTest extends TestCase Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); $scope = array( - sprintf('%s/api/resource-server/read',$this->current_realm), - sprintf('%s/api/resource-server/read.page',$this->current_realm), - sprintf('%s/api/resource-server/write',$this->current_realm), - sprintf('%s/api/resource-server/delete',$this->current_realm), - sprintf('%s/api/resource-server/update',$this->current_realm), - sprintf('%s/api/resource-server/update.status',$this->current_realm), - sprintf('%s/api/resource-server/regenerate.secret',$this->current_realm), + sprintf('%s/resource-server/read',$this->current_realm), + sprintf('%s/resource-server/read.page',$this->current_realm), + sprintf('%s/resource-server/write',$this->current_realm), + sprintf('%s/resource-server/delete',$this->current_realm), + sprintf('%s/resource-server/update',$this->current_realm), + sprintf('%s/resource-server/update.status',$this->current_realm), + sprintf('%s/resource-server/regenerate.secret',$this->current_realm), ); $params = array( @@ -536,13 +536,13 @@ class OpenIdProtocolTest extends TestCase Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); $scope = array( - sprintf('%s/api/resource-server/read',$this->current_realm), - sprintf('%s/api/resource-server/read.page',$this->current_realm), - sprintf('%s/api/resource-server/write',$this->current_realm), - sprintf('%s/api/resource-server/delete',$this->current_realm), - sprintf('%s/api/resource-server/update',$this->current_realm), - sprintf('%s/api/resource-server/update.status',$this->current_realm), - sprintf('%s/api/resource-server/regenerate.secret',$this->current_realm), + sprintf('%s/resource-server/read',$this->current_realm), + sprintf('%s/resource-server/read.page',$this->current_realm), + sprintf('%s/resource-server/write',$this->current_realm), + sprintf('%s/resource-server/delete',$this->current_realm), + sprintf('%s/resource-server/update',$this->current_realm), + sprintf('%s/resource-server/update.status',$this->current_realm), + sprintf('%s/resource-server/regenerate.secret',$this->current_realm), ); $params = array( @@ -617,13 +617,13 @@ class OpenIdProtocolTest extends TestCase Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); $scope = array( - sprintf('%s/api/resource-server/read',$this->current_realm), - sprintf('%s/api/resource-server/read.page',$this->current_realm), - sprintf('%s/api/resource-server/write',$this->current_realm), - sprintf('%s/api/resource-server/delete',$this->current_realm), - sprintf('%s/api/resource-server/update',$this->current_realm), - sprintf('%s/api/resource-server/update.status',$this->current_realm), - sprintf('%s/api/resource-server/regenerate.secret',$this->current_realm), + sprintf('%s/resource-server/read',$this->current_realm), + sprintf('%s/resource-server/read.page',$this->current_realm), + sprintf('%s/resource-server/write',$this->current_realm), + sprintf('%s/resource-server/delete',$this->current_realm), + sprintf('%s/resource-server/update',$this->current_realm), + sprintf('%s/resource-server/update.status',$this->current_realm), + sprintf('%s/resource-server/regenerate.secret',$this->current_realm), ); $params = array( @@ -698,13 +698,13 @@ class OpenIdProtocolTest extends TestCase Auth::login($user); $scope = array( - sprintf('%s/api/resource-server/read',$this->current_realm), - sprintf('%s/api/resource-server/read.page',$this->current_realm), - sprintf('%s/api/resource-server/write',$this->current_realm), - sprintf('%s/api/resource-server/delete',$this->current_realm), - sprintf('%s/api/resource-server/update',$this->current_realm), - sprintf('%s/api/resource-server/update.status',$this->current_realm), - sprintf('%s/api/resource-server/regenerate.secret',$this->current_realm), + sprintf('%s/resource-server/read',$this->current_realm), + sprintf('%s/resource-server/read.page',$this->current_realm), + sprintf('%s/resource-server/write',$this->current_realm), + sprintf('%s/resource-server/delete',$this->current_realm), + sprintf('%s/resource-server/update',$this->current_realm), + sprintf('%s/resource-server/update.status',$this->current_realm), + sprintf('%s/resource-server/regenerate.secret',$this->current_realm), ); $params = array( diff --git a/app/tests/ResourceServerApiTest.php b/app/tests/ResourceServerApiTest.php index a7f634a0..df0942b6 100644 --- a/app/tests/ResourceServerApiTest.php +++ b/app/tests/ResourceServerApiTest.php @@ -22,13 +22,10 @@ class ResourceServerApiTest extends TestCase { $this->client_secret = 'ITc/6Y5N7kOtGKhg'; $scope = array( - sprintf('%s/api/resource-server/read',$this->current_realm), - sprintf('%s/api/resource-server/read.page',$this->current_realm), - sprintf('%s/api/resource-server/write',$this->current_realm), - sprintf('%s/api/resource-server/delete',$this->current_realm), - sprintf('%s/api/resource-server/update',$this->current_realm), - sprintf('%s/api/resource-server/update.status',$this->current_realm), - sprintf('%s/api/resource-server/regenerate.secret',$this->current_realm), + sprintf('%s/resource-server/read',$this->current_realm), + sprintf('%s/resource-server/write',$this->current_realm), + sprintf('%s/resource-server/delete',$this->current_realm), + sprintf('%s/resource-server/update',$this->current_realm), ); //do get auth token... @@ -72,7 +69,6 @@ class ResourceServerApiTest extends TestCase { $this->assertTrue($response_resource_server->id === $resource_server->id); } - public function testGetByPage(){ $response = $this->action("GET", "ApiResourceServerController@getByPage", @@ -83,7 +79,7 @@ class ResourceServerApiTest extends TestCase { $content = $response->getContent(); $list = json_decode($content); - + $this->assertTrue(isset($list->total_items) && intval($list->total_items)>0); $this->assertResponseStatus(200); } @@ -104,6 +100,8 @@ class ResourceServerApiTest extends TestCase { $content = $response->getContent(); $json_response = json_decode($content); + $this->assertTrue(isset($json_response->resource_server_id)); + $this->assertTrue(!empty($json_response->resource_server_id)); $this->assertResponseStatus(200); } @@ -211,6 +209,38 @@ class ResourceServerApiTest extends TestCase { $this->assertTrue($json_response->error==='resource server not found'); } + public function testDeleteExistingOne(){ + + $resource_server = ResourceServer::where('host','=','dev.openstackid.com')->first(); + + $new_id = $resource_server->id; + + $response = $this->action("DELETE", "ApiResourceServerController@delete",$parameters = array('id' => $new_id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + + $json_response = json_decode($content); + + $this->assertTrue($json_response==='ok'); + + $this->assertResponseStatus(200); + + + $response = $this->action("GET", "ApiResourceServerController@get",$parameters = array('id' => $new_id), + array(), + array(), + array("HTTP_Authorization" => " Bearer " .$this->access_token)); + + $content = $response->getContent(); + $json_response = json_decode($content); + $this->assertResponseStatus(400); + $this->assertTrue(isset($json_response->error)); + $this->assertTrue($json_response->error==='invalid_request'); + } + public function testUpdate(){ $data = array( @@ -307,4 +337,4 @@ class ResourceServerApiTest extends TestCase { } -} +} \ No newline at end of file diff --git a/app/validators.php b/app/validators.php new file mode 100644 index 00000000..edce4da5 --- /dev/null +++ b/app/validators.php @@ -0,0 +1,6 @@ +isImplicit('fail'); + } + + public function validateBoolean($attribute, $value, $parameters) + { + return strtoupper(trim($value))==='TRUE' || strtoupper(trim($value))==='FALSE' || strtoupper(trim($value))==='1' || strtoupper(trim($value))==='0' ; + } + + public function validateText($attribute, $value, $parameters) + { + $value = trim($value); + return preg_match("/^[a-zA-Z0-9\s\-\.\,]+$/", $value) == 1; + } + + public function validateHttpmethod($attribute, $value, $parameters){ + $value = strtoupper(trim($value)); + //'GET', 'HEAD','POST','PUT','DELETE','TRACE','CONNECT','OPTIONS' + $allowed_http_verbs = array( + 'GET'=>'GET', + 'HEAD'=>'HEAD', + 'POST'=>'POST', + 'PUT'=>'PUT', + 'DELETE'=>'DELETE', + 'TRACE'=>'TRACE', + 'CONNECT'=>'CONNECT', + 'OPTIONS'=>'OPTIONS', + ); + + return array_key_exists($value,$allowed_http_verbs); + } + + public function validateRoute($attribute, $value, $parameters){ + return true; + } + + public function validateHost($attribute, $value, $parameters){ + return true; + } +} \ No newline at end of file diff --git a/app/views/identity.blade.php b/app/views/identity.blade.php index 02add5dd..5a400b91 100644 --- a/app/views/identity.blade.php +++ b/app/views/identity.blade.php @@ -19,7 +19,7 @@ @endif @if( $show_email ) -
+
{{ $email }} @@ -47,7 +47,7 @@
@endif @if( $show_email ) -
+