Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Working on OAuth. (#3688)

Browse Source 
* Working on OAuth

* Fixes for gmail transport

* Working on oauth
This commit is contained in:
David Bomba 2020-05-13 14:51:16 +10:00 committed by GitHub
parent 6d0d6c10cd
commit 1e323a5770
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 149 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Helpers/Mail/GmailTransport.php
View File

@ -49,6 +49,8 @@ class GmailTransport extends Transport
public function send(Swift_Mime_SimpleMessage $message, &$failedRecipients = null)
{
/*We should nest the token in the message and then discard it as needed*/
$this->beforeSendPerformed($message);
$this->gmail->using($this->token);

118
app/Http/Controllers/Auth/LoginController.php
View File

@ -257,7 +257,7 @@ class LoginController extends BaseController
if (request()->has('code')) {
return $this->handleProviderCallback($provider);
} else {
return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send')->redirect();
return Socialite::driver($provider)->scopes(['https://www.googleapis.com/auth/gmail.send','email','profile','openid'])->redirect();
}
}
@ -269,7 +269,7 @@ class LoginController extends BaseController
if (request()->has('code')) {
return $this->handleProviderCallbackAndCreate($provider);
} else {
return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send')->redirectUrl($redirect_url)->redirect();
return Socialite::driver($provider)->scopes(['https://www.googleapis.com/auth/gmail.send','email','profile','openid'])->redirectUrl($redirect_url)->redirect();
}
}
@ -386,19 +386,119 @@ class LoginController extends BaseController
* return User $user
*/
public function oauthApiLogin()
{
if(request()->input('provider') == 'google')
return $this->handleGoogleOauth();
// $user = false;
// $oauth = new OAuth();
// $user = $oauth->getProvider(request()->input('provider'))->getTokenResponse(request()->input('id_token'));
// // server_auth_code
// // access_token
// // id_token
// if ($user = OAuth::handleAuth($socialite_user, $provider)) {
// $user->oauth_user_token = $socialite_user->token;
// $user->save();
// Auth::login($user, true);
// return redirect($this->redirectTo);
// } elseif (MultiDB::checkUserEmailExists($socialite_user->getEmail())) {
// Session::flash('error', 'User exists in system, but not with this authentication method'); //todo add translations
// return view('auth.login');
// }
// * 3. Automagically creating a new account here.
// else {
// //todo
// $name = OAuth::splitName($socialite_user->getName());
// $new_account = [
// 'first_name' => $name[0],
// 'last_name' => $name[1],
// 'password' => '',
// 'email' => $socialite_user->getEmail(),
// 'oauth_user_id' => $socialite_user->getId(),
// 'oauth_user_token' => $socialite_user->token,
// 'oauth_provider_id' => $provider
// ];
// $account = CreateAccount::dispatchNow($new_account);
// Auth::login($account->default_company->owner(), true);
// $cookie = cookie('db', $account->default_company->db);
// return redirect($this->redirectTo)->withCookie($cookie);
// }
// if ($user) {
// $ct = CompanyUser::whereUserId($user);
// return $this->listResponse($ct);
// // return $this->itemResponse($user);
// } else {
// return $this->errorResponse(['message' => 'Invalid credentials'], 401);
// }
}
private function handleGoogleOauth()
{
$user = false;
$oauth = new OAuth();
$user = $oauth->getProvider(request()->input('provider'))->getTokenResponse(request()->input('token'));
$user = $oauth->getProvider(request()->input('provider'))->getTokenResponse(request()->input('id_token'));
if ($user) {
$ct = CompanyUser::whereUserId($user);
return $this->listResponse($ct);
// return $this->itemResponse($user);
} else {
return $this->errorResponse(['message' => 'Invalid credentials'], 401);
if(is_array($user))
{
$query = [
'oauth_user_id' =>$oauth->getProvider(request()->input('provider'))->harvestSubField($user),
'oauth_provider_id'=>$provider
];
if ($user = MultiDB::hasUser($query))
{
Auth::login($user, true);
$ct = CompanyUser::whereUserId(auth()->user()->id);
return $this->listResponse($ct);
}
}
else if($user && request()->input('create') == 'true') {
//server_auth_code
$client = new \Google_Client();
$accessToken = $client->fetchAccessTokenWithAuthCode(request()->input('server_auth_code'));
$refresh_token = $client->getRefreshToken();
$name = OAuth::splitName($oauth->getProvider(request()->input('provider'))->harvestName($user));
$new_account = [
'first_name' => $name[0],
'last_name' => $name[1],
'password' => '',
'email' => $oauth->getProvider(request()->input('provider'))->harvestEmail($user),
'oauth_user_id' => $oauth->getProvider(request()->input('provider'))->harvestSubField($user),
'oauth_user_token' => request()->input('access_token'),
'oauth_user_refresh_token' => $refresh_token,
'oauth_provider_id' => $provider
];
MultiDB::setDefaultDatabase();
$account = CreateAccount::dispatchNow($new_account);
Auth::login($account->default_company->owner(), true);
$ct = CompanyUser::whereUserId(auth()->user()->id);
return $this->listResponse($ct);
}
}
}

137
app/Libraries/OAuth.php
View File

@ -1,137 +0,0 @@
<?php
/**
* Invoice Ninja (https://invoiceninja.com)
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://opensource.org/licenses/AAL
*/
namespace App\Libraries;
use App\Models\User;
use Illuminate\Support\Facades\Session;
use Laravel\Socialite\Facades\Socialite;
/**
* Class OAuth
* @package App\Libraries
*/
class OAuth
{
protected $provider_instance;
protected $provider_id;
/**
* Socialite Providers
*/
const SOCIAL_GOOGLE = 1;
const SOCIAL_FACEBOOK = 2;
const SOCIAL_GITHUB = 3;
const SOCIAL_LINKEDIN = 4;
const SOCIAL_TWITTER = 5;
const SOCIAL_BITBUCKET = 6;
/**
* @param Socialite $user
*/
public static function handleAuth(object $user, string $provider)
{
/** 1. Ensure user arrives on the correct provider **/
$query = [
'oauth_user_id' =>$user->getId(),
'oauth_provider_id'=>$provider
];
if ($user = MultiDB::hasUser($query)) {
return $user;
} else {
return false;
}
}
/* Splits a socialite user name into first and last names */
public static function splitName($name)
{
$name = trim($name);
$last_name = (strpos($name, ' ') === false) ? '' : preg_replace('#.*\s([\w-]*)$#', '$1', $name);
$first_name = trim(preg_replace('#' . preg_quote($last_name, '/') . '#', '', $name));
return [$first_name, $last_name];
}
public static function providerToString(int $social_provider) : string
{
switch ($social_provider) {
case SOCIAL_GOOGLE:
return 'google';
case SOCIAL_FACEBOOK:
return 'facebook';
case SOCIAL_GITHUB:
return 'github';
case SOCIAL_LINKEDIN:
return 'linkedin';
case SOCIAL_TWITTER:
return 'twitter';
case SOCIAL_BITBUCKET:
return 'bitbucket';
}
}
public static function providerToInt(string $social_provider) : int
{
switch ($social_provider) {
case 'google':
return SOCIAL_GOOGLE;
case 'facebook':
return SOCIAL_FACEBOOK;
case 'github':
return SOCIAL_GITHUB;
case 'linkedin':
return SOCIAL_LINKEDIN;
case 'twitter':
return SOCIAL_TWITTER;
case 'bitbucket':
return SOCIAL_BITBUCKET;
}
}
public function getProvider($provider)
{
switch ($provider) {
case 'google':
$this->provider_instance = new Providers\Google();
$this->provider_id = self::SOCIAL_GOOGLE;
return $this;
default:
return null;
break;
}
}
public function getTokenResponse($token)
{
$user = false;
$payload = $this->provider_instance->getTokenResponse($token);
$oauth_user_id = $this->provider_instance->harvestSubField($payload);
$query = [
'oauth_user_id' => $oauth_user_id,
'oauth_provider_id'=> $this->provider_id
];
if ($user = MultiDB::hasUser($query)) {
return $user;
} else {
return false;
}
}
}

6
app/Libraries/OAuth/Providers/Google.php
View File

@ -19,4 +19,10 @@ class Google implements ProviderInterface
{
return $payload['sub']; // user ID
}
public function havestName($payload)
{
return $payload['name'];
}
}

2
app/Libraries/OAuth/Providers/ProviderInterface.php
View File

@ -7,4 +7,6 @@ interface ProviderInterface
public function getTokenResponse($token);
public function harvestEmail($response);
public function havestName($response);
}

30
database/migrations/2020_05_13_035355_add_google_refresh_token_to_users_table.php Normal file
View File

@ -0,0 +1,30 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddGoogleRefreshTokenToUsersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->string('oauth_user_refresh_token')->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
}
}