Bug 28490: Add DBIx schema changes for testing

[koha-ffzg.git] / Koha / OAuth.pm

diff --git a/Koha/OAuth.pm b/Koha/OAuth.pm
index 6966570..29a7011 100644 (file)
--- a/Koha/OAuth.pm
+++ b/Koha/OAuth.pm
@@ -1,8 +1,40 @@
 package Koha::OAuth;
 
+# This file is part of Koha.
+#
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
+
 use Modern::Perl;
+
+use Koha::ApiKeys;
 use Koha::OAuthAccessTokens;
-use Koha::OAuthAccessToken;
+
+=head1 NAME
+
+Koha::OAuth - Koha library for OAuth2 callbacks
+
+=head1 API
+
+=head2 Class methods
+
+=head3 config
+
+    my $config = Koha::OAuth->config;
+
+Returns a hashref containing the callbacks Net::OAuth2::AuthorizationServer requires
+
+=cut
 
 sub config {
     return {
@@ -12,24 +44,38 @@ sub config {
     };
 }
 
+=head3 _verify_client_cb
+
+A callback to verify if the client asking for authorization is known to the authorization server
+and allowed to get authorization.
+
+=cut
+
 sub _verify_client_cb {
     my (%args) = @_;
 
-    my ($client_id, $client_secret)
-        = @args{ qw/ client_id client_secret / };
+    my ($client_id, $client_secret) = @args{ qw/ client_id client_secret / };
 
-    return (0, 'unauthorized_client') unless $client_id;
+    my $api_key;
 
-    my $clients = C4::Context->config('api_client');
-    $clients = [ $clients ] unless ref $clients eq 'ARRAY';
-    my ($client) = grep { $_->{client_id} eq $client_id } @$clients;
-    return (0, 'unauthorized_client') unless $client;
+    if ($client_id) {
+        $api_key = Koha::ApiKeys->find( $client_id );
+    }
 
-    return (0, 'access_denied') unless $client_secret eq $client->{client_secret};
+    # client_id mandatory and exists on the DB
+    return (0, 'unauthorized_client') unless $api_key && $api_key->active;
+
+    return (0, 'access_denied') unless $api_key->secret eq $client_secret;
 
     return (1, undef, []);
 }
 
+=head3 _store_access_token_cb
+
+A callback to store the generated access tokens.
+
+=cut
+
 sub _store_access_token_cb {
     my ( %args ) = @_;
 
@@ -46,6 +92,12 @@ sub _store_access_token_cb {
     return;
 }
 
+=head3 _verify_access_token_cb
+
+A callback to verify the access token.
+
+=cut
+
 sub _verify_access_token_cb {
     my (%args) = @_;