Checkout oauth
Backend for oauth
Sets up a redirect that refers users to /checkout with a session token
Sets up a new implicit grant in oauth. If the session token is set, it will issue a implicit grant and jwt for the logged in user
Added an api that writes sendwyre user accounts to a cassandra table that uses the user's guid as a primary key.
We'll need to set the "checkout_url" to the base hostname of the checkout site.
Merge request reports
Activity
changed milestone to %sprint: Wire
37 38 * ) 38 39 * @SWG\Info(title="Minds Public API", version="1.0") 39 40 */ 41 40 42 namespace Minds\Controllers\api; 41 43 42 use Minds\Core; 43 44 use Minds\Interfaces; 44 45 use Minds\Api\Factory; 45 46 46 47 class api implements Interfaces\Api 47 48 { 48 49 /** @var Request $request **/ 49 /** @var Request $request * */ changed this line in version 4 of the diff
- Controllers/checkout.php 0 → 100644
9 use Minds\Common\Cookie; 10 11 class checkout implements Interfaces\Api 12 { 13 public function get($pages) 14 { 15 $checkoutKey = ['checkout_key' => base64_encode(openssl_random_pseudo_bytes(8))]; 16 $cookie = new Cookie(); 17 $cookie 18 ->setName('checkout_key') 19 ->setValue($checkoutKey['checkout_key']) 20 ->setExpire(time() + 300) 21 ->setPath('/') 22 ->setHttpOnly(true) 23 ->create(); 24 forward(Di::_()->get('Config')->get('checkout_url').'/authorize?'.http_build_query($checkoutKey)); 
I'll change the reference, but does the rest of our app know that? All the other references to forward (except for the one in Page) seem to point back to elgglib.php
Also they are the exact same function https://gitlab.com/minds/engine/blob/master/Core/page.php#L80
https://gitlab.com/minds/engine/blob/master/lib/elgglib.php#L116
But I am assuming it's because of the comments at the top about moving them to tighter-scoped packages
changed this line in version 4 of the diff
28 * TODO: Implement clients for 3rd party apps. 30 29 */ 31 30 public function getClientEntity($clientIdentifier, $grantType = null, $clientSecret = null, $mustValidateSecret = true) 32 31 { 33 32 $clients = [ 34 33 'mobile' => [ 35 'secret' => $this->config->get('oauth')['clients']['mobile']['secret'], 36 'name' => 'Mobile', 37 'redirect_uri' => '', 34 'secret' => $this->config->get('oauth')['clients']['mobile']['secret'], 35 'name' => 'Mobile', 36 'redirect_uri' => '', 38 37 'is_confidential' => $grantType === 'password' || $grantType === 'refresh_token' ? false : true, 39 38 ], 39 'checkout' => [ 40 'redirect_uri' => $this->config->get('checkout_url'), -
That's a nope.
League's implicit grant hard codes a false in the getClientEntity. That only looks necessary for client authorization where we provide a secret (versus client using it to validate tokens)
$client = $this->clientRepository->getClientEntity( $clientId, $this->getIdentifier(), null, false );
47 47 */ 48 48 public function route($uri = null, $method = null) 49 49 { 50 error_log('Route'); changed this line in version 7 of the diff
added 9 commits
-
9c431b2b...fe328ecf - 7 commits from branch
minds:master - a2942119 - Merge branch 'master' of gitlab.com:minds/engine into checkout-oauth
- 84a7e0ac - CR changes
-
9c431b2b...fe328ecf - 7 commits from branch
added 1 commit
- 20dabd31 - Removing passing in the user's guid because we need to look up their account...
added 45 commits
-
20dabd31...8bc2b151 - 44 commits from branch
minds:master - 8dd5cd38 - Merge branch 'master' of gitlab.com:minds/engine into checkout-oauth
-
20dabd31...8bc2b151 - 44 commits from branch
added 50 commits
-
8dd5cd38...95b30fc7 - 49 commits from branch
minds:master - 84604953 - Merge branch 'master' of gitlab.com:minds/engine into checkout-oauth
-
8dd5cd38...95b30fc7 - 49 commits from branch
added 20 commits
-
84604953...56bb5682 - 18 commits from branch
minds:master - d35518b9 - Merge branch 'master' of gitlab.com:minds/engine into checkout-oauth
- 0f61a658 - (chore): add usd to checkout key
-
84604953...56bb5682 - 18 commits from branch
mentioned in commit c710bdef