From 364df6bfe23e19bfb4eca8f4dd70faaabf52ffb5 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Thu, 23 May 2019 10:25:55 +1000 Subject: [PATCH] Cleaning up OAuth --- app/Http/Controllers/Auth/LoginController.php | 24 +++++++++++++++---- app/Libraries/OAuth.php | 16 +++++++------ 2 files changed, 29 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 7ccfacb14635..821a37f7b837 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -69,12 +69,21 @@ class LoginController extends BaseController * the default company into a session variable * * @return void + * deprecated .1 API ONLY we don't need to set any session variables */ public function authenticated(Request $request, User $user) : void { //$this->setCurrentCompanyId($user->companies()->first()->account->default_company_id); } + + /** + * Login via API + * + * @param \Illuminate\Http\Request $request The request + * + * @return Response|User Process user login. + */ public function apiLogin(Request $request) { $this->validateLogin($request); @@ -103,21 +112,26 @@ class LoginController extends BaseController */ public function redirectToProvider(string $provider) { + //'https://www.googleapis.com/auth/gmail.send','email','profile','openid' + // if(request()->has('code')) return $this->handleProviderCallback($provider); else - return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send','email','profile','openid')->redirect(); + return Socialite::driver($provider)->scopes()->redirect(); } public function redirectToProviderAndCreate(string $provider) { + + $redirect_url = config('services.' . $provider . '.redirect') . '/create'; + if(request()->has('code')) return $this->handleProviderCallbackAndCreate($provider); else - return Socialite::driver($provider)->scopes('https://www.googleapis.com/auth/gmail.send','email','profile','openid')->redirect(); + return Socialite::driver($provider)->redirectUrl($redirect_url)->redirect(); - //config('services.google.redirect') + } @@ -174,7 +188,6 @@ class LoginController extends BaseController public function handleProviderCallback(string $provider) { $socialite_user = Socialite::driver($provider) - ->scopes('https://www.googleapis.com/auth/gmail.send','email','profile','openid') ->stateless() ->user(); @@ -223,6 +236,9 @@ class LoginController extends BaseController * is returned to us here and we send back the correct * user object payload - or error. * + * This can be extended to a create route also - need to pass a ?create query parameter and + * then process the signup + * * return User $user */ public function oauthApiLogin() diff --git a/app/Libraries/OAuth.php b/app/Libraries/OAuth.php index 13cfac42f627..66d32a002d41 100644 --- a/app/Libraries/OAuth.php +++ b/app/Libraries/OAuth.php @@ -123,19 +123,21 @@ class OAuth public function getTokenResponse($token) { - $user = null; + $user = false; $payload = $this->provider_instance->getTokenResponse($token); - $oauthUserId = $this->provider_instance->harvestSubField($payload); - LookupUser::setServerByField('oauth_user_key', $this->providerId . '-' . $oauthUserId); + $oauth_user_id = $this->provider_instance->harvestSubField($payload); - if($this->provider_instance) - $user = User::where('oauth_user_id', $oauthUserId)->where('oauth_provider_id', $this->provider_id)->first(); + $query = [ + 'oauth_user_id' => oauth_user_id, + 'oauth_provider_id'=> $this->provider_id + ]; - - if ($user) + if($user = MultiDB::hasUser($query)) + { return $user; + } else return false;