Imported code from old repository

2022-11-17 11:48:29 +01:00
parent 14dfa45240
commit 0e4ab60d77
31 changed files with 6486 additions and 253 deletions
--- a/CloudObjects/SDK/Helpers/SDKLoader.php
+++ b/CloudObjects/SDK/Helpers/SDKLoader.php
@@ -0,0 +1,85 @@
+<?php
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+namespace CloudObjects\SDK\Helpers;
+
+use Exception;
+use CloudObjects\SDK\NodeReader, CloudObjects\SDK\ObjectRetriever;
+
+/**
+ * The SDKLoader helper allows developers to quickly load common PHP SDKs
+ * from API providers and apply configuration stored in CloudObjects.
+ */
+class SDKLoader {
+
+    private $objectRetriever;
+    private $reader;
+    private $classes = [];
+
+    /**
+     * @param ObjectRetriever $objectRetriever An initialized and authenticated object retriever.
+     */
+    public function __construct(ObjectRetriever $objectRetriever) {
+        $this->objectRetriever = $objectRetriever;
+        $this->reader = new NodeReader;
+    }
+
+    /**
+     * Initialize and return the SDK with the given classname.
+     * Throws Exception if the SDK is not supported.
+     * 
+     * @param $classname Classname for the SDK's main class
+     * @param array $options Additional options for the SDK (if necessary)
+     */
+    public function get($classname, array $options) {
+        if (!class_exists($classname))
+            throw new Exception("<".$classname."> is not a valid classname.");
+
+        $hashkey = md5($classname.serialize($options));
+        if (!isset($this->classes[$hashkey])) {
+            $nsNode = $this->objectRetriever->getAuthenticatingNamespaceObject();
+
+            // --- Amazon Web Services (https://aws.amazon.com/) ---
+            // has multiple classnames, so check for common superclass
+            if (is_a($classname, 'Aws\AwsClient', true)) {
+                $class = new $classname(array_merge($options, [
+                    'credentials' => [
+                        'key' => $this->reader->getFirstValueString($nsNode, 'coid://aws.3rd-party.co/accessKeyId'),
+                        'secret' => $this->reader->getFirstValueString($nsNode, 'coid://aws.3rd-party.co/secretAccessKey')
+                    ]
+                ]));
+            } else {
+                switch ($classname) {
+
+                    // --- stream (https://getstream.io/) ---
+                    case "GetStream\Stream\Client":
+                        $class = new $classname(
+                            $this->reader->getFirstValueString($nsNode, 'coid://getstreamio.3rd-party.co/key'),
+                            $this->reader->getFirstValueString($nsNode, 'coid://getstreamio.3rd-party.co/secret')
+                        );
+                        break;
+
+                    // --- Pusher (https://pusher.com/) ---
+                    case "Pusher":
+                        $class = new $classname(
+                            $this->reader->getFirstValueString($nsNode, 'coid://pusher.3rd-party.co/key'),
+                            $this->reader->getFirstValueString($nsNode, 'coid://pusher.3rd-party.co/secret'),
+                            $this->reader->getFirstValueString($nsNode, 'coid://pusher.3rd-party.co/appId'),
+                            $options
+                    );
+                    break;
+                }
+            }
+        }
+
+        if (!isset($class))
+            throw new Exception("No rules defined to initialize <".$classname.">.");
+
+        $this->classes[$hashkey] = $class;
+        return $this->classes[$hashkey];
+    }
+
+}
--- a/CloudObjects/SDK/Helpers/SharedSecretAuthentication.php
+++ b/CloudObjects/SDK/Helpers/SharedSecretAuthentication.php
@@ -0,0 +1,110 @@
+<?php
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+namespace CloudObjects\SDK\Helpers;
+
+use ML\IRI\IRI;
+use CloudObjects\SDK\COIDParser, CloudObjects\SDK\NodeReader, CloudObjects\SDK\ObjectRetriever;
+
+/**
+ * The SharedSecretAuthentication helper allows developers to quickly
+ * implement authentication based on CloudObjects shared secrets.
+ */
+class SharedSecretAuthentication {
+
+    const RESULT_OK = 0;
+    const RESULT_INVALID_USERNAME = 1;
+    const RESULT_INVALID_PASSWORD = 2;
+    const RESULT_NAMESPACE_NOT_FOUND = 3;
+    const RESULT_SHARED_SECRET_NOT_RETRIEVABLE = 4;
+    const RESULT_SHARED_SECRET_INCORRECT = 5;
+
+    private $objectRetriever;
+
+    /**
+     * @param ObjectRetriever $objectRetriever An initialized and authenticated object retriever.
+     */
+    public function __construct(ObjectRetriever $objectRetriever) {
+        $this->objectRetriever = $objectRetriever;
+    }
+
+    /**
+     * Verifies credentials.
+     * @deprecated
+     * 
+     * @param ObjectRetriever $retriever Provides access to CloudObjects.
+     * @param string $username Username; a domain.
+     * @param string $password Password; a shared secret.
+     * 
+     * @return integer A result constant, RESULT_OK if successful.
+     */
+    public static function verifyCredentials(ObjectRetriever $retriever, $username, $password) {
+        // Validate input
+        $namespaceCoid = new IRI('coid://'.$username);
+        if (COIDParser::getType($namespaceCoid) != COIDParser::COID_ROOT)
+            return self::RESULT_INVALID_USERNAME;
+        if (strlen($password) != 40)
+            return self::RESULT_INVALID_PASSWORD;
+
+        // Retrieve namespace
+        $namespace = $retriever->getObject($namespaceCoid);
+        if (!isset($namespace))
+            return self::RESULT_NAMESPACE_NOT_FOUND;
+
+        // Read and validate shared secret
+        $reader = new NodeReader([
+            'prefixes' => [
+                'co' => 'coid://cloudobjects.io/'
+            ]
+        ]);
+        $sharedSecret = $reader->getAllValuesNode($namespace, 'co:hasSharedSecret');
+        if (count($sharedSecret) != 1)
+            return self::RESULT_SHARED_SECRET_NOT_RETRIEVABLE;
+        
+        if ($reader->getFirstValueString($sharedSecret[0], 'co:hasTokenValue') == $password)
+            return self::RESULT_OK;
+        else
+            return self::RESULT_SHARED_SECRET_INCORRECT;        
+    }
+
+    /**
+     * Verifies credentials.
+     *
+     * @param string $username Username; a domain.
+     * @param string $password Password; a shared secret.
+     * 
+     * @return integer A result constant, RESULT_OK if successful.
+     */
+    public function verify($username, $password) {
+        // Validate input
+        $namespaceCoid = new IRI('coid://'.$username);
+        if (COIDParser::getType($namespaceCoid) != COIDParser::COID_ROOT)
+            return self::RESULT_INVALID_USERNAME;
+        if (strlen($password) != 40)
+            return self::RESULT_INVALID_PASSWORD;
+
+        // Retrieve namespace
+        $namespace = $this->objectRetriever->getObject($namespaceCoid);
+        if (!isset($namespace))
+            return self::RESULT_NAMESPACE_NOT_FOUND;
+
+        // Read and validate shared secret
+        $reader = new NodeReader([
+            'prefixes' => [
+                'co' => 'coid://cloudobjects.io/'
+            ]
+        ]);
+        $sharedSecret = $reader->getAllValuesNode($namespace, 'co:hasSharedSecret');
+        if (count($sharedSecret) != 1)
+            return self::RESULT_SHARED_SECRET_NOT_RETRIEVABLE;
+        
+        if ($reader->getFirstValueString($sharedSecret[0], 'co:hasTokenValue') == $password)
+            return self::RESULT_OK;
+        else
+            return self::RESULT_SHARED_SECRET_INCORRECT;        
+    }
+
+}