From 0f41fa349e710b7f713aabf8f9534cbde036b686 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 12:12:37 +0900 Subject: [PATCH 01/21] . --- Controller/OAuthController.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index 5ea5558..021ff67 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -18,7 +18,7 @@ */ class OAuthController extends OAuthAppController { - public $components = array('OAuth.OAuth', 'Auth', 'Session', 'Security'); + public $components = array('OAuth.OAuth', 'Auth', 'Session', 'Security'); // if 'Auth' is loaded from app/AppController, reject 'Auth' public $uses = array('Users'); @@ -32,6 +32,8 @@ class OAuthController extends OAuthAppController { */ public function beforeFilter() { parent::beforeFilter(); + + // for Resource Owner Password Credentials Grant $this->OAuth->authenticate = array('fields' => array('username' => 'email')); $this->Auth->allow($this->OAuth->allowedActions); $this->Security->blackHoleCallback = 'blackHole'; From b92775fc36a21eecd833b7620ea3c00db53d2fcd Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 12:16:35 +0900 Subject: [PATCH 02/21] . --- View/OAuth/login.ctp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/View/OAuth/login.ctp b/View/OAuth/login.ctp index 6d6832a..95eedc3 100644 --- a/View/OAuth/login.ctp +++ b/View/OAuth/login.ctp @@ -13,8 +13,8 @@ Please login Form->input('email'); - echo $this->Form->input('password'); + echo $this->Form->input('email'); // if Users.login_id is Auth data, change to 'login_id' + echo $this->Form->input('password'); // if Users.login_pw is Auth data, change to 'login_pw' (hased in database) echo $this->Form->end('submit'); From eda19e7f501c7854774e0e04f57bb1a1570a9d3a Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 12:25:10 +0900 Subject: [PATCH 03/21] . --- README.markdown | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/README.markdown b/README.markdown index 335b44c..c6042d9 100644 --- a/README.markdown +++ b/README.markdown @@ -155,3 +155,33 @@ There is quite a bit of documentation through the code, so dive in, get your han [1]: https://github.com/quizlet/oauth2-php [2]: https://github.com/CakeDC/migrations + + +*** +add 'OAuth.OAuth' into app/XxxController's load components + +``` + public $components = [ + 'OAuth.OAuth', + ]; +``` + +add this function (required: Restrict it so that it can be used only for system_user) +``` + public function publish_client() + { + if(!isset($this->request->query['redirect_url'])){ + $this->_errorLog(__METHOD__, __LINE__, $this->request->query, 'parameter error'); + $this->response->statusCode(200); + $this->response->body(json_encode([ + 'result' => $this->RESULT_400, + 'message' => $this->RESULT_400_MSG, + ])); + $this->response->send(); + $this->_stop(); + return; + } + return $this->_rtnJson($this->RESULT_200, $this->OAuth->Client->add($this->request->query['redirect_url']), ''); + } +``` + From 244221196e14ea3842990c1fa19bcc12a717b90e Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 12:37:20 +0900 Subject: [PATCH 04/21] . --- README.markdown | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.markdown b/README.markdown index c6042d9..eaf1db1 100644 --- a/README.markdown +++ b/README.markdown @@ -64,6 +64,14 @@ CakePlugin::loadAll(); // Loads all plugins at once CakePlugin::load('OAuth'); //Just load OAuth ``` +>>> +app/Config/bootstrap.php +``` +CakePlugin::loadAll(array( + 'OAuth' => array('routes' => true) +)); +``` + ### Include component in controller And include the component in your controller: From 14f31a8553f66821afe3b10e92ae9ca7a70f926a Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 12:37:56 +0900 Subject: [PATCH 05/21] . --- README.markdown | 6 ------ 1 file changed, 6 deletions(-) diff --git a/README.markdown b/README.markdown index eaf1db1..61e8987 100644 --- a/README.markdown +++ b/README.markdown @@ -59,12 +59,6 @@ $ git submodule add git://github.com/thomseddon/cakephp-oauth-server.git Plugin/ ### Loading the Plugin Load the plugin -```PHP -CakePlugin::loadAll(); // Loads all plugins at once -CakePlugin::load('OAuth'); //Just load OAuth -``` - ->>> app/Config/bootstrap.php ``` CakePlugin::loadAll(array( From 317ecf4001672d86723bd7e1a1f05967e8d80c19 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Thu, 28 Dec 2017 15:38:26 +0900 Subject: [PATCH 06/21] . --- Controller/Component/OAuthComponent.php | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/Controller/Component/OAuthComponent.php b/Controller/Component/OAuthComponent.php index df1fd6e..fefc8ea 100644 --- a/Controller/Component/OAuthComponent.php +++ b/Controller/Component/OAuthComponent.php @@ -552,18 +552,19 @@ public function unsetRefreshToken($refresh_token) { * @param type $username * @param type $password */ - public function checkUserCredentials($client_id, $username, $password) { - $user = $this->User->find('first', array( - 'conditions' => array( - $this->authenticate['fields']['username'] => $username, - $this->authenticate['fields']['password'] => AuthComponent::password($password) - ), - 'recursive' => -1 + public function checkUserCredentials($client_id, $username, $password) { + $result = $this->User->find('first', array( + 'conditions' => array( + $this->authenticate['fields']['username'] => $username, + ), + 'recursive' => -1 )); - if ($user) { - return array('user_id' => $user['User'][$this->User->primaryKey]); + + $user = $result['User']; + if (!$user || !BlowfishPasswordHasher::check($password, $user[$this->authenticate['fields']['password']])) { + return false; } - return false; + return array('user_id' => $user[$this->User->primaryKey]); } /** From fdeecd6aedd171098769497e35b1b6294718ea6d Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:16:20 +0900 Subject: [PATCH 07/21] cliant_credentials --- Controller/Component/OAuthComponent.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/Controller/Component/OAuthComponent.php b/Controller/Component/OAuthComponent.php index fefc8ea..74a42fe 100644 --- a/Controller/Component/OAuthComponent.php +++ b/Controller/Component/OAuthComponent.php @@ -26,9 +26,10 @@ App::import('Vendor', 'oauth2-php/lib/IOAuth2Storage'); App::import('Vendor', 'oauth2-php/lib/IOAuth2RefreshTokens'); App::import('Vendor', 'oauth2-php/lib/IOAuth2GrantUser'); +App::import('Vendor', 'oauth2-php/lib/IOAuth2GrantClient'); App::import('Vendor', 'oauth2-php/lib/IOAuth2GrantCode'); -class OAuthComponent extends Component implements IOAuth2Storage, IOAuth2RefreshTokens, IOAuth2GrantUser, IOAuth2GrantCode { +class OAuthComponent extends Component implements IOAuth2Storage, IOAuth2RefreshTokens, IOAuth2GrantUser, IOAuth2GrantClient, IOAuth2GrantCode { /** * AccessToken object. @@ -104,7 +105,7 @@ class OAuthComponent extends Component implements IOAuth2Storage, IOAuth2Refresh * * @var array */ - public $grantTypes = array('authorization_code', 'refresh_token', 'password'); + public $grantTypes = array('authorization_code', 'refresh_token', 'password', 'client_credentials'); /** * OAuth2 Object @@ -423,7 +424,7 @@ public function checkClientCredentials($client_id, $client_secret = null) { public function getClientDetails($client_id) { $client = $this->Client->find('first', array( 'conditions' => array('client_id' => $client_id), - 'fields' => array('client_id', 'redirect_uri'), + 'fields' => array('client_id', 'redirect_uri', 'user_id'), 'recursive' => -1 )); if ($client) { @@ -567,6 +568,10 @@ public function checkUserCredentials($client_id, $username, $password) { return array('user_id' => $user[$this->User->primaryKey]); } + public function checkClientCredentialsGrant($client_id, $client_secret) { + return []; + } + /** * Grant type: authorization_code * From 0d9ec9f6a9424f65bc9049845e9846ecd45edca5 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:19:10 +0900 Subject: [PATCH 08/21] cliant_credentials --- Model/Client.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Model/Client.php b/Model/Client.php index 89b7d28..74bec7f 100644 --- a/Model/Client.php +++ b/Model/Client.php @@ -120,7 +120,10 @@ class Client extends OAuthAppModel { public function add($data = null) { $this->data['Client'] = array(); - if (is_array($data) && is_array($data['Client']) && array_key_exists('redirect_uri', $data['Client'])) { + if (is_array($data) && is_array($data['Client']) && array_key_exists('redirect_uri', $data['Client']) && array_key_exists('user_id', $data['Client'])) { + $this->data['Client']['redirect_uri'] = $data['Client']['redirect_uri']; + $this->data['Client']['user_id'] = $data['Client']['user_id']; + } elseif (is_array($data) && is_array($data['Client']) && array_key_exists('redirect_uri', $data['Client'])) { $this->data['Client']['redirect_uri'] = $data['Client']['redirect_uri']; } elseif (is_string($data)) { $this->data['Client']['redirect_uri'] = $data; @@ -171,4 +174,4 @@ public function afterSave($created, $options = array()) { return true; } -} \ No newline at end of file +} From 95cdb96cb3d1bf05469bca3e4bc4459228d61656 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:22:56 +0900 Subject: [PATCH 09/21] . --- Controller/Component/OAuthComponent.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Controller/Component/OAuthComponent.php b/Controller/Component/OAuthComponent.php index 74a42fe..5e9141a 100644 --- a/Controller/Component/OAuthComponent.php +++ b/Controller/Component/OAuthComponent.php @@ -433,6 +433,12 @@ public function getClientDetails($client_id) { return false; } + public function getUserId(){ + $accessToken = $this->getAccessToken($this->getBearerToken()); + $client = $this->getClientDetails($accessToken['client_id']); + return $client['user_id']; + } + /** * Retrieve access token * From ccda5b5f6157ee4e45702185acf865bcd67f7b5a Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:25:37 +0900 Subject: [PATCH 10/21] . --- Controller/OAuthController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index 021ff67..12236d4 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -18,7 +18,7 @@ */ class OAuthController extends OAuthAppController { - public $components = array('OAuth.OAuth', 'Auth', 'Session', 'Security'); // if 'Auth' is loaded from app/AppController, reject 'Auth' + public $components = array('OAuth.OAuth', 'Auth', 'Session', 'Security'); // if 'Auth' is loaded from app/AppController, reject 'Auth' fron here. public $uses = array('Users'); From 469f57caa820d07c8310e20750f5e65dfe58734e Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:29:37 +0900 Subject: [PATCH 11/21] cliant_credentials --- Model/AccessToken.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Model/AccessToken.php b/Model/AccessToken.php index 9a313f5..0c7a34b 100644 --- a/Model/AccessToken.php +++ b/Model/AccessToken.php @@ -43,11 +43,11 @@ class AccessToken extends OAuthAppModel { 'rule' => array('notempty'), ), ), - 'user_id' => array( - 'notempty' => array( - 'rule' => array('notempty'), - ), - ), +// 'user_id' => array( +// 'notempty' => array( +// 'rule' => array('notempty'), +// ), +// ), 'expires' => array( 'numeric' => array( 'rule' => array('numeric'), From 510a87f97962f8eb7e5f2e356fb62a9931bb3c4b Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:31:39 +0900 Subject: [PATCH 12/21] . --- Model/Client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Model/Client.php b/Model/Client.php index 74bec7f..2e13dfa 100644 --- a/Model/Client.php +++ b/Model/Client.php @@ -122,7 +122,7 @@ public function add($data = null) { if (is_array($data) && is_array($data['Client']) && array_key_exists('redirect_uri', $data['Client']) && array_key_exists('user_id', $data['Client'])) { $this->data['Client']['redirect_uri'] = $data['Client']['redirect_uri']; - $this->data['Client']['user_id'] = $data['Client']['user_id']; + $this->data['Client']['user_id'] = $data['Client']['user_id']; // for client credentials } elseif (is_array($data) && is_array($data['Client']) && array_key_exists('redirect_uri', $data['Client'])) { $this->data['Client']['redirect_uri'] = $data['Client']['redirect_uri']; } elseif (is_string($data)) { From ffed01549a989989787e1c7fdac08881f2f8f70c Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:33:50 +0900 Subject: [PATCH 13/21] cliant credentials --- Model/Client.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Model/Client.php b/Model/Client.php index 2e13dfa..a13c58e 100644 --- a/Model/Client.php +++ b/Model/Client.php @@ -113,6 +113,8 @@ class Client extends OAuthAppModel { * AddClient * * Convinience function for adding client, will create a uuid client_id and random secret + * + * if client credentials grant, connect client-user at adding client timing. * * @param mixed $data Either an array (e.g. $controller->request->data) or string redirect_uri * @return booleen Success of failure From ba8cbc9faab59e8a7106f20241921fb90a28e9c9 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:49:22 +0900 Subject: [PATCH 14/21] client_credentials --- Controller/OAuthController.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index 12236d4..d83cf24 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -139,6 +139,10 @@ public function login () { * - client_id * - client_secret * + * 4) client_credentials + * - client_id + * - client_secret + * */ public function token() { $this->autoRender = false; From 0f04f2706982b09e1fa4d1d7fa471dcb9434b732 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:54:01 +0900 Subject: [PATCH 15/21] . --- Controller/OAuthController.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index d83cf24..7e62ac1 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -123,7 +123,7 @@ public function login () { * Example Token Endpoint - this is where clients can retrieve an access token * * Grant types and parameters: - * 1) authorization_code - exchange code for token + * 1) authorization_code - exchange code for token : use when resource_owner != client * - code * - client_id * - client_secret @@ -133,13 +133,13 @@ public function login () { * - client_id * - client_secret * - * 3) password - exchange raw details for token + * 3) password - exchange raw details for token : this is dangerous when client is bad -> use client_credentials * - username * - password * - client_id * - client_secret * - * 4) client_credentials + * 4) client_credentials (connect resource_owner-client at adding client timing) : user when requested from batch && resource_owner == client * - client_id * - client_secret * From 9c0309b88ea521b173f702c6193d8f2420fffa15 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:54:37 +0900 Subject: [PATCH 16/21] client_credentials --- Model/Client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Model/Client.php b/Model/Client.php index a13c58e..1ed18f7 100644 --- a/Model/Client.php +++ b/Model/Client.php @@ -114,7 +114,7 @@ class Client extends OAuthAppModel { * * Convinience function for adding client, will create a uuid client_id and random secret * - * if client credentials grant, connect client-user at adding client timing. + * if client credentials grant, connect client-resource_owner at adding client timing. * * @param mixed $data Either an array (e.g. $controller->request->data) or string redirect_uri * @return booleen Success of failure From 7acb507bc9d060ae1cc87a3d2929c03b7c150ee9 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:55:04 +0900 Subject: [PATCH 17/21] . --- Controller/OAuthController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index 7e62ac1..b52b08d 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -139,7 +139,7 @@ public function login () { * - client_id * - client_secret * - * 4) client_credentials (connect resource_owner-client at adding client timing) : user when requested from batch && resource_owner == client + * 4) client_credentials (connect resource_owner-client at adding client timing) : use when requested from batch && resource_owner == client * - client_id * - client_secret * From 5a62db39790004d88d6402f2ce1c11e8840f4fa9 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:55:59 +0900 Subject: [PATCH 18/21] client_credentials --- Controller/OAuthController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index b52b08d..fca647d 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -133,7 +133,7 @@ public function login () { * - client_id * - client_secret * - * 3) password - exchange raw details for token : this is dangerous when client is bad -> use client_credentials + * 3) password - exchange raw details for token : this is dangerous (when client is bad) -> use client_credentials * - username * - password * - client_id From 6b461edf3492032e72ec8c0d64922e882c9653a7 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 13:58:20 +0900 Subject: [PATCH 19/21] debug token --- Controller/OAuthController.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Controller/OAuthController.php b/Controller/OAuthController.php index fca647d..beabaa8 100644 --- a/Controller/OAuthController.php +++ b/Controller/OAuthController.php @@ -153,6 +153,15 @@ public function token() { } } + public function debug_token() { + $this->autoRender = false; + try { + return $this->OAuth->debugToken(); + } catch (OAuth2ServerException $e) { + $e->sendHttpResponse(); + } + } + /** * Quick and dirty example implementation for protecetd resource * From 74e93bbba5525675400d37d7766aa04145d1399b Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 14:05:36 +0900 Subject: [PATCH 20/21] debug token --- Controller/Component/OAuthComponent.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/Controller/Component/OAuthComponent.php b/Controller/Component/OAuthComponent.php index 5e9141a..23f2c94 100644 --- a/Controller/Component/OAuthComponent.php +++ b/Controller/Component/OAuthComponent.php @@ -438,6 +438,15 @@ public function getUserId(){ $client = $this->getClientDetails($accessToken['client_id']); return $client['user_id']; } + + public function debugToken() { + $accessToken = $this->getAccessToken($this->getBearerToken()); + $client = $this->getClientDetails($accessToken['client_id']); + return [ + 'sub' => $client['user_id'], + 'aud' => $$accessToken['client_id'], //TODO change to aud value + ]; + } /** * Retrieve access token @@ -573,7 +582,7 @@ public function checkUserCredentials($client_id, $username, $password) { } return array('user_id' => $user[$this->User->primaryKey]); } - + public function checkClientCredentialsGrant($client_id, $client_secret) { return []; } From 6426a6f29743a1611f9ef6719d96953838db1940 Mon Sep 17 00:00:00 2001 From: katsudonik <23866351+katsudonik@users.noreply.github.com> Date: Wed, 24 Jan 2018 14:46:44 +0900 Subject: [PATCH 21/21] . --- README.markdown | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 61e8987..7e38c03 100644 --- a/README.markdown +++ b/README.markdown @@ -114,7 +114,8 @@ This plugin ships with all required models, including the "Clients" model for ad You may wish to handle adding clients yourself, see the tables.sql for the schema, or you can use the convenience method included in the model, like so: ```PHP -$client = $this->OAuth->Client->add('http://www.return_url.com') +$userId = 'aaa'; +$client = $this->OAuth->Client->add('http://www.return_url.com', $userId) ``` Which will generate then client_id and client_secret and return something like: @@ -168,7 +169,7 @@ add 'OAuth.OAuth' into app/XxxController's load components ]; ``` -add this function (required: Restrict it so that it can be used only for system_user) +add this function in ApiController (required: Restrict it so that it can be used only for system_user) ``` public function publish_client() { @@ -185,5 +186,25 @@ add this function (required: Restrict it so that it can be used only for system_ } return $this->_rtnJson($this->RESULT_200, $this->OAuth->Client->add($this->request->query['redirect_url']), ''); } + + + public function delete_access_token(){ + try{ + $data = $this->request->query; + //必須パラメータチェック + if (!$this->_paramKeyExistsChk($data, ['prime_contractor_id'])) { + $this->_errorLog(__METHOD__, __LINE__, $data, 'Not Parameter error.'); + return $this->_rtnJson(false, [], 0, $this->RESULT_400, self::RESULT_400_MSG); + } + return $this->OAuth->invalidateUserTokens($data['prime_contractor_id']) ? $this->_rtnJson(true, 'token was deleted!', 0): $this->_rtnJson(true, 'delete token error', 0, $this->RESULT_500, self::RESULT_500_MSG); + }catch(Exception $e){ + $this->_errorLog(__METHOD__, __LINE__, $data, $e->getMessage()); + return $this->_rtnJson(false, [], 0, $this->RESULT_500, self::RESULT_500_MSG); + } + } + + private function fetchUserId(){ + return $this->OAuth->getUserId(); + } ```