forked from openemr/openemr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TrustedUserService.php
62 lines (52 loc) · 2.41 KB
/
TrustedUserService.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
/**
* TrustedUserService handles CRUD operations for OAUTH2 Trusted Users. A Trusted User represents an authorized
* oauth2 connection that we use to validate against inside of OpenEMR. Trusted User's can be revoked / removed which
* prevents the associated client / user app from using their access tokens.
* @package openemr
* @link http://www.open-emr.org
* @author Stephen Nielson <[email protected]>
* @copyright Copyright (c) 2021 Stephen Nielson <[email protected]>
* @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
*/
namespace OpenEMR\Services;
use OpenEMR\Common\Database\QueryUtils;
class TrustedUserService
{
public function isTrustedUser($clientId, $userId)
{
$trusted = $this->getTrustedUser($clientId, $userId);
$isTrusted = !empty($trusted['session_cache']);
return $isTrusted;
}
public function getTrustedUsersForClient($clientId)
{
$records = QueryUtils::fetchRecords("SELECT * FROM `oauth_trusted_user` WHERE `client_id`= ?", array($clientId));
return $records;
}
public function getTrustedUser($clientId, $userId)
{
$trusted = sqlQueryNoLog("SELECT * FROM `oauth_trusted_user` WHERE `client_id`= ? AND `user_id`= ?", array($clientId, $userId));
return $trusted;
}
public function getTrustedUserByCode($code)
{
return sqlQueryNoLog("SELECT * FROM `oauth_trusted_user` WHERE `code`= ?", array($code));
}
public function saveTrustedUser($clientId, $userId, $scope, $persist, $code = '', $session = '', $grant = 'authorization_code')
{
if (\is_array($scope)) {
$scope = implode(" ", $scope);
}
if (empty($userId)) {
throw new \InvalidArgumentException("userId cannot be null unless this is a client_credentials grant");
}
$id = $this->getTrustedUser($clientId, $userId)['id'] ?? '';
$sql = "REPLACE INTO `oauth_trusted_user` (`id`, `user_id`, `client_id`, `scope`, `persist_login`, `time`, `code`, session_cache, `grant_type`) VALUES (?, ?, ?, ?, ?, Now(), ?, ?, ?)";
return sqlQueryNoLog($sql, array($id, $userId, $clientId, $scope, $persist, $code, $session, $grant));
}
public function deleteTrustedUserById($id)
{
return sqlQueryNoLog("DELETE FROM `oauth_trusted_user` WHERE `oauth_trusted_user`.`id` = ?", array($id));
}
}