[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  final class PhabricatorOAuthServerScope {
   4  
   5    const SCOPE_OFFLINE_ACCESS = 'offline_access';
   6    const SCOPE_WHOAMI         = 'whoami';
   7    const SCOPE_NOT_ACCESSIBLE = 'not_accessible';
   8  
   9    /*
  10     * Note this does not contain SCOPE_NOT_ACCESSIBLE which is magic
  11     * used to simplify code for data that is not currently accessible
  12     * via OAuth.
  13     */
  14    static public function getScopesDict() {
  15      return array(
  16        self::SCOPE_OFFLINE_ACCESS => 1,
  17        self::SCOPE_WHOAMI         => 1,
  18      );
  19    }
  20  
  21    static public function getCheckboxControl($current_scopes) {
  22      $scopes = self::getScopesDict();
  23      $scope_keys = array_keys($scopes);
  24      sort($scope_keys);
  25  
  26      $checkboxes = new AphrontFormCheckboxControl();
  27      foreach ($scope_keys as $scope) {
  28        $checkboxes->addCheckbox(
  29          $name = $scope,
  30          $value = 1,
  31          $label = self::getCheckboxLabel($scope),
  32          $checked = isset($current_scopes[$scope]));
  33      }
  34      $checkboxes->setLabel('Scope');
  35  
  36      return $checkboxes;
  37    }
  38  
  39    static private function getCheckboxLabel($scope) {
  40      $label = null;
  41      switch ($scope) {
  42        case self::SCOPE_OFFLINE_ACCESS:
  43          $label = 'Make access tokens granted to this client never expire.';
  44          break;
  45        case self::SCOPE_WHOAMI:
  46          $label = 'Read access to Conduit method user.whoami.';
  47          break;
  48      }
  49  
  50      return $label;
  51    }
  52  
  53    static public function getScopesFromRequest(AphrontRequest $request) {
  54      $scopes = self::getScopesDict();
  55      $requested_scopes = array();
  56      foreach ($scopes as $scope => $bit) {
  57        if ($request->getBool($scope)) {
  58          $requested_scopes[$scope] = 1;
  59        }
  60      }
  61      return $requested_scopes;
  62    }
  63  
  64    /**
  65     * A scopes list is considered valid if each scope is a known scope
  66     * and each scope is seen only once. Otherwise, the list is invalid.
  67     */
  68    static public function validateScopesList($scope_list) {
  69      $scopes       = explode(' ', $scope_list);
  70      $known_scopes = self::getScopesDict();
  71      $seen_scopes  = array();
  72      foreach ($scopes as $scope) {
  73        if (!isset($known_scopes[$scope])) {
  74          return false;
  75        }
  76        if (isset($seen_scopes[$scope])) {
  77          return false;
  78        }
  79        $seen_scopes[$scope] = 1;
  80      }
  81  
  82      return true;
  83    }
  84  
  85    /**
  86     * A scopes dictionary is considered valid if each key is a known scope.
  87     * Otherwise, the dictionary is invalid.
  88     */
  89    static public function validateScopesDict($scope_dict) {
  90      $known_scopes   = self::getScopesDict();
  91      $unknown_scopes = array_diff_key($scope_dict,
  92                                       $known_scopes);
  93      return empty($unknown_scopes);
  94    }
  95  
  96    /**
  97     * Transforms a space-delimited scopes list into a scopes dict. The list
  98     * should be validated by @{method:validateScopesList} before
  99     * transformation.
 100     */
 101     static public function scopesListToDict($scope_list) {
 102      $scopes = explode(' ', $scope_list);
 103      return array_fill_keys($scopes, 1);
 104    }
 105  
 106  }