Skip to content

Commit

Permalink
Merge branch 'main' into next
Browse files Browse the repository at this point in the history
  • Loading branch information
fballiano committed Sep 5, 2023
2 parents 6e42c67 + 0f032f3 commit fdb003a
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 44 deletions.
60 changes: 25 additions & 35 deletions app/code/core/Mage/Api/Model/Server/Handler/Abstract.php
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,21 @@ protected function _startSession($sessionId = null)
return $this;
}

/**
* Allow insta-login via HTTP Basic Auth
*
* @param string $sessionId
* @return $this
*/
protected function _instaLogin(&$sessionId)
{
if ($sessionId === null && !empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$this->_getSession()->setIsInstaLogin();
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
return $this;
}

/**
* Check current user permission on resource and privilege
*
Expand All @@ -100,16 +115,6 @@ protected function _isAllowed($resource, $privilege = null)
return $this->_getSession()->isAllowed($resource, $privilege);
}

/**
* Check session expiration
*
* @return bool
*/
protected function _isSessionExpired()
{
return $this->_getSession()->isSessionExpired();
}

/**
* Dispatch webservice fault
*
Expand Down Expand Up @@ -225,11 +230,8 @@ public function login($username, $apiKey = null)
*/
public function call($sessionId, $apiPath, $args = [])
{
// Allow insta-login via HTTP Basic Auth
if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->_startSession($sessionId);
$this->_instaLogin($sessionId)
->_startSession($sessionId);

if (!$this->_getSession()->isLoggedIn($sessionId)) {
return $this->_fault('session_expired');
Expand Down Expand Up @@ -313,11 +315,8 @@ public function call($sessionId, $apiPath, $args = [])
*/
public function multiCall($sessionId, array $calls = [], $options = [])
{
// Allow insta-login via HTTP Basic Auth
if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->_startSession($sessionId);
$this->_instaLogin($sessionId)
->_startSession($sessionId);

if (!$this->_getSession()->isLoggedIn($sessionId)) {
return $this->_fault('session_expired');
Expand Down Expand Up @@ -445,11 +444,8 @@ public function multiCall($sessionId, array $calls = [], $options = [])
*/
public function resources($sessionId)
{
// Allow insta-login via HTTP Basic Auth
if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->_startSession($sessionId);
$this->_instaLogin($sessionId)
->_startSession($sessionId);

if (!$this->_getSession()->isLoggedIn($sessionId)) {
return $this->_fault('session_expired');
Expand Down Expand Up @@ -513,11 +509,8 @@ public function resources($sessionId)
*/
public function resourceFaults($sessionId, $resourceName)
{
// Allow insta-login via HTTP Basic Auth
if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->_startSession($sessionId);
$this->_instaLogin($sessionId)
->_startSession($sessionId);

if (!$this->_getSession()->isLoggedIn($sessionId)) {
return $this->_fault('session_expired');
Expand Down Expand Up @@ -553,11 +546,8 @@ public function resourceFaults($sessionId, $resourceName)
*/
public function globalFaults($sessionId)
{
// Allow insta-login via HTTP Basic Auth
if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
$sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->_startSession($sessionId);
$this->_instaLogin($sessionId)
->_startSession($sessionId);
return array_values($this->_getConfig()->getFaults());
}

Expand Down
33 changes: 31 additions & 2 deletions app/code/core/Mage/Api/Model/Session.php
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,28 @@ public function clear()
return true;
}

/**
* Flag login as HTTP Basic Auth.
*
* @param bool $isInstaLogin
* @return $this
*/
public function setIsInstaLogin(bool $isInstaLogin = true)
{
$this->setData('is_insta_login', $isInstaLogin);
return $this;
}

/**
* Is insta-login?
*
* @return bool
*/
public function getIsInstaLogin(): bool
{
return (bool) $this->getData('is_insta_login');
}

/**
* @param string $username
* @param string $apiKey
Expand All @@ -105,8 +127,15 @@ public function clear()
public function login($username, $apiKey)
{
$user = Mage::getModel('api/user')
->setSessid($this->getSessionId())
->login($username, $apiKey);
->setSessid($this->getSessionId());
if ($this->getIsInstaLogin() && $user->authenticate($username, $apiKey)) {
Mage::dispatchEvent('api_user_authenticated', [
'model' => $user,
'api_key' => $apiKey,
]);
} else {
$user->login($username, $apiKey);
}

if ($user->getId() && $user->getIsActive() != '1') {
Mage::throwException(Mage::helper('api')->__('Your account has been deactivated.'));
Expand Down
14 changes: 12 additions & 2 deletions get.php
Original file line number Diff line number Diff line change
Expand Up @@ -28,20 +28,30 @@
/**
* Set include path
*/

$paths = [];
$paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'local';
$paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'community';
$paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'core';
$paths[] = $bp . $ds . 'lib';

$appPath = implode($ps, $paths);
set_include_path($appPath . $ps . get_include_path());

include_once 'Mage/Core/functions.php';
include_once 'Varien/Autoload.php';

Varien_Autoload::register();

/** AUTOLOADER PATCH **/
$autoloaderPath = getenv('COMPOSER_VENDOR_PATH');
if (!$autoloaderPath) {
$autoloaderPath = dirname($bp) . $ds . 'vendor';
if (!is_dir($autoloaderPath)) {
$autoloaderPath = $bp . $ds . 'vendor';
}
}
require $autoloaderPath . $ds . 'autoload.php';
/** AUTOLOADER PATCH **/

$varDirectory = $bp . $ds . Mage_Core_Model_Config_Options::VAR_DIRECTORY;

$configCacheFile = $varDirectory . $ds . 'resource_config.json';
Expand Down
5 changes: 0 additions & 5 deletions phpstan.dist.baseline.neon
Original file line number Diff line number Diff line change
Expand Up @@ -765,11 +765,6 @@ parameters:
count: 2
path: app/code/core/Mage/Api/Model/Server/Handler/Abstract.php

-
message: "#^Method Mage_Api_Model_Session\\:\\:isSessionExpired\\(\\) invoked with 0 parameters, 1 required\\.$#"
count: 1
path: app/code/core/Mage/Api/Model/Server/Handler/Abstract.php

-
message: "#^Result of method SoapServer\\:\\:handle\\(\\) \\(void\\) is used\\.$#"
count: 1
Expand Down

0 comments on commit fdb003a

Please sign in to comment.