diff --git a/com_oauthserver/administrator/src/Model/ClientModel.php b/com_oauthserver/administrator/src/Model/ClientModel.php index b9967bf..5de527d 100644 --- a/com_oauthserver/administrator/src/Model/ClientModel.php +++ b/com_oauthserver/administrator/src/Model/ClientModel.php @@ -68,12 +68,14 @@ class ClientModel extends AdminModel $data = $this->getItem(); } - $root = Uri::root(); - $uri = new Uri($root); + if ($data) + { + $uri = new Uri(Uri::root()); - $data->def('authorize_url', (string) $uri->setPath('login/oauth/authorize')); - $data->def('token_url', (string) $uri->setPath('login/oauth/token')); - $data->def('profile_url', (string) $uri->setPath('login/oauth/profile')); + $data->def('authorize_url', (string) $uri->setPath('login/oauth/authorize')); + $data->def('token_url', (string) $uri->setPath('login/oauth/token')); + $data->def('profile_url', (string) $uri->setPath('login/oauth/profile')); + } $this->preprocessData('com_oauthserver.client', $data); @@ -82,17 +84,14 @@ class ClientModel extends AdminModel public function validate($form, $data, $group = null): bool|array { + // Since the client’s identifier and secret key are created on the server and completely + // exclude the user’s influence on their value, we remove them from the request to eliminate + // any possibility of substitution of this data. unset($data['identifier'], $data['secret']); - unset($data['authorize_url'], $data['token_url'], $data['profile_url']); return parent::validate($form, $data, $group); } - public function save($data) - { - return parent::save($data); // TODO: Change the autogenerated stub - } - /** * @param ClientTable $table * @@ -102,38 +101,42 @@ class ClientModel extends AdminModel */ protected function prepareTable($table): void { - $app = Factory::getApplication(); - $input = $app->getInput(); - $task = strtolower($input->getCmd('task', '')); + $app = Factory::getApplication(); - if (empty($table->id)) + if ($table->id > 0) { $table->identifier = $this->generateNewIdentifier(); } - if ($task === 'save2reset' || empty($table->id)) + if (empty($table->secret) + && !$table->public + && ($table->id > 0 || $app->getInput()->get('task') == 'save2reset')) { - $table->secret = ''; + $table->secret = $this->generateNewSecret(); } - if (!!$table->public) + if ($table->public) { $table->secret = ''; } - else - { - if (empty($table->secret)) - { - $table->secret = $this->generateNewSecret(); - } - } $table->name = htmlspecialchars_decode($table->name, ENT_QUOTES); parent::prepareTable($table); } - protected function generateNewHash($field, $algo = 'sha256', $length = 16) + /** + * Generate a hash value of string for table field and check it unique + * + * @param string $field + * @param string $algo + * @param int $length + * + * @return string + * @throws \Exception + * @since version + */ + protected function generateNewHash(string $field, string $algo = 'sha256', int $length = 16): string { $hash = hash($algo, Crypt::genRandomBytes($length)); $table = $this->getTable(); @@ -146,11 +149,25 @@ class ClientModel extends AdminModel return $hash; } + /** + * Generate unique hash value for client identifier + * + * @return string + * @throws \Exception + * @since version + */ protected function generateNewIdentifier(): string { return $this->generateNewHash('identifier', 'md5'); } + /** + * Generate unique hash value for client secret key + * + * @return string + * @throws \Exception + * @since version + */ protected function generateNewSecret(): string { return $this->generateNewHash('secret', 'sha512', 32);