d3/dae/AjaxManageToken_8php_source.html

 <?php
 /***********************************************************
  * Copyright (C) 2019 Siemens AG
  * Author: Gaurav Mishra <mishra.gaurav@siemens.com>
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
  * version 2 as published by the Free Software Foundation.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License along
  * with this program; if not, write to the Free Software Foundation, Inc.,
  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  **********************************************************/
 namespace Fossology\UI\Ajax;

 use Fossology\Lib\Db\DbManager;
 use Fossology\Lib\Plugin\DefaultPlugin;
 use Fossology\Lib\Auth\Auth;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Fossology\UI\Api\Helper\RestHelper;

 class AjaxManageToken extends DefaultPlugin
 {

   const NAME = "manage-token";

   private $dbManager;

   function __construct()
   {
     parent::__construct(self::NAME,
       array(
         self::PERMISSION => Auth::PERM_WRITE
       ));
     $this->dbManager = $this->getObject('db.manager');
   }

   protected function handle(Request $request)
   {
     $task = GetParm('task', PARM_STRING);
     $tokenId = GetParm('token-id', PARM_STRING);
     $response = null;

     list($tokenPk, $userId) = explode(".", $tokenId);
     if (Auth::getUserId() != $userId) {
       $task = "invalid";
     } else {
       $verifySql = "SELECT user_fk FROM personal_access_tokens " .
                    "WHERE pat_pk = $1 LIMIT 1;";

       $row = $this->dbManager->getSingleRow($verifySql, [$tokenPk],
         __METHOD__ . ".verifyToken");
       if (empty($row) || $row['user_fk'] != $userId) {
         $task = "invalid";
       }
     }
     switch ($task) {
       case "reveal":
         $response = new JsonResponse($this->revealToken($tokenPk,
           $request->getHost()));
         break;
       case "revoke":
         $response = new JsonResponse($this->invalidateToken($tokenPk));
         break;
       default:
         $response = new JsonResponse(["status" => false], 400);
     }
     return $response;
   }

   private function revealToken($tokenPk, $hostname)
   {
     global $container;
     $restDbHelper = $container->get("helper.dbHelper");
     $authHelper = $container->get('helper.authHelper');
     $user_pk = Auth::getUserId();
     $jti = "$tokenPk.$user_pk";

     $tokenInfo = $restDbHelper->getTokenKey($tokenPk);
     $tokenScope = array_search($tokenInfo['token_scope'], RestHelper::SCOPE_DB_MAP);

     $jwtToken = $authHelper->generateJwtToken($tokenInfo['expire_on'],
       $tokenInfo['created_on'], $jti, $tokenScope, $tokenInfo['token_key']);
     return array(
       "status" => true,
       "token" => $jwtToken
     );
   }

   private function invalidateToken($tokenPk)
   {
     global $container;
     $restDbHelper = $container->get("helper.dbHelper");
     $restDbHelper->invalidateToken($tokenPk);
     return array(
       "status" => true
     );
   }
 }

 register_plugin(new AjaxManageToken());
Fossology\Lib\Auth\Auth\PERM_WRITE
const PERM_WRITE
Definition: Auth.php:57

Request

Fossology\UI\Ajax\AjaxManageToken\revealToken
revealToken($tokenPk, $hostname)
Definition: AjaxManageToken.php:95

Fossology\Lib\Auth\Auth\getUserId
static getUserId()
Get the current user&#39;s id.
Definition: Auth.php:69

Fossology\UI\Api\Helper\RestHelper\SCOPE_DB_MAP
const SCOPE_DB_MAP
Definition: RestHelper.php:51

RestHelper

Fossology\UI\Ajax\AjaxManageToken\$dbManager
$dbManager
Definition: AjaxManageToken.php:39

Fossology\Lib\Plugin\DefaultPlugin
Definition: DefaultPlugin.php:32

Fossology\Lib\Plugin\DefaultPlugin\getObject
getObject($name)
Definition: DefaultPlugin.php:249

Fossology\UI\Ajax
Definition: AjaxAdminScheduler.php:20

GetParm
GetParm($parameterName, $parameterType)
This function will retrieve the variables and check data types.
Definition: common-parm.php:57

Fossology\UI\Ajax\AjaxManageToken\invalidateToken
invalidateToken($tokenPk)
Definition: AjaxManageToken.php:120

Auth

PARM_STRING
const PARM_STRING
Definition: common-parm.php:29

Fossology\UI\Ajax\AjaxManageToken
Class to handle ajax calls to revoke an API token.
Definition: AjaxManageToken.php:32

dbManager
fo_dbManager * dbManager
fo_dbManager object
Definition: process.c:28

list
list_t type structure used to keep various lists. (e.g. there are multiple lists).
Definition: nomos.h:321

DbManager

Fossology\UI\Ajax\AjaxManageToken\handle
handle(Request $request)
Revoke an active API token.
Definition: AjaxManageToken.php:55

JsonResponse

DefaultPlugin