3 * Bacula(R) - The Network Backup Solution
4 * Baculum - Bacula web interface
6 * Copyright (C) 2013-2016 Kern Sibbald
8 * The main author of Baculum is Marcin Haba.
9 * The original author of Bacula is Kern Sibbald, with contributions
10 * from many others, a complete list can be found in the file AUTHORS.
12 * You may use this file and others of this release according to the
13 * license defined in the LICENSE file, which includes the Affero General
14 * Public License, v3.0 ("AGPLv3") and some additional permissions and
15 * terms pursuant to its AGPLv3 Section 7.
17 * This notice must be preserved when any source code is
18 * conveyed and/or propagated.
20 * Bacula(R) is a registered trademark of Kern Sibbald.
23 Prado::using('Application.Web.Class.BaculumWebPage');
25 class OAuth2Redirect extends BaculumWebPage {
28 * Authorization ID (known also as 'authorization_code') regular expression pattern
29 * allow to set hexadecimal value of the authorization ID with length equal 40 chars.
31 * @see http://tools.ietf.org/html/rfc6749#section-1.3.1
33 const AUTHORIZATION_ID_PATTERN = '^[a-fA-F0-9]{40}$';
35 const STATE_PATTERN = '^[a-zA-Z0-9]{16}$';
37 public function onInit($param) {
38 parent::onInit($param);
39 $this->Response->appendHeader('Access-Control-Allow-Origin: *');
40 $this->Response->appendHeader('Access-Control-Allow-Methods: GET, OPTIONS');
41 $this->Response->appendHeader('Access-Control-Allow-Headers: Origin, Content-Type, Location, X-Requested-With');
44 public function onPreRender($param) {
45 parent::onPreRender($param);
46 if (array_key_exists('code', $_GET) && $this->validateAuthId($_GET['code']) === true && array_key_exists('state', $_GET) && $this->validateState($_GET['state']) === true) {
47 $this->getModule('api')->getTokens($_GET['code'], $_GET['state']);
51 private function validateAuthId($auth_id) {
52 return (preg_match('/' . self::AUTHORIZATION_ID_PATTERN . '/', $auth_id) === 1);
55 private function validateState($state) {
56 return (preg_match('/' . self::STATE_PATTERN . '/', $state) === 1);