Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

More log on oauth refresh

Browse Source
This commit is contained in:
Laurent Destailleur
2024-08-13 14:23:49 +02:00
parent eef5cea575
commit 080c1fa41c
3 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
dev/dolibarr_changes.txt
View File

@@ -355,7 +355,9 @@ PHP PARSEDOWN
PHP OAUTH PHP OAUTH
--------- ---------
Add into Class Google of file OAuth2/Service/Google: Restore old OAuth2/Service/Google.php file and OAuth2/Service/Microsoft.php and OAuth2/Service/Microsoft2.php
Or add into Class Google of file OAuth2/Service/Google:
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token" // LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
public $approvalPrompt='auto'; public $approvalPrompt='auto';
@@ -369,6 +371,17 @@ Add into Class Google of file OAuth2/Service/Google:
} }
Modify function
public function getAuthorizationEndpoint()
{
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
//return new Uri('https://accounts.google.com/o/oauth2/auth?access_type='.$this->accessType);
$url = 'https://accounts.google.com/o/oauth2/auth?'.($this->approvalPrompt?'approval_prompt='.$this->approvalPrompt.'&':'').'access_type='.$this->accessType;
return new Uri($url);
}
JS JSGANTT: JS JSGANTT:
----------- -----------

16
htdocs/admin/oauthlogintokens.php
View File

@@ -129,9 +129,12 @@ if ($action == 'refreshtoken' && $user->admin) {
try { try {
// $OAUTH_SERVICENAME is for example 'Google-keyforprovider' // $OAUTH_SERVICENAME is for example 'Google-keyforprovider'
print '<!-- '.$OAUTH_SERVICENAME.' -->'."\n"; print '<!-- '.$OAUTH_SERVICENAME.' -->'."\n";
dol_syslog("oauthlogintokens.php: Read token for service ".$OAUTH_SERVICENAME);
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME); $tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
$expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30)); $expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30));
// We have to save the refresh token because Google give it only once // We have to save the refresh token in a memory variable because Google give it only once
$refreshtoken = $tokenobj->getRefreshToken(); $refreshtoken = $tokenobj->getRefreshToken();
print '<!-- data stored into field token: '.$storage->token.' - expire '.((string) $expire).' -->'; print '<!-- data stored into field token: '.$storage->token.' - expire '.((string) $expire).' -->';
@@ -139,7 +142,6 @@ if ($action == 'refreshtoken' && $user->admin) {
//print $tokenobj->getAccessToken().'<br>'; //print $tokenobj->getAccessToken().'<br>';
//print $tokenobj->getRefreshToken().'<br>'; //print $tokenobj->getRefreshToken().'<br>';
//var_dump($expire); //var_dump($expire);
// We do the refresh even if not expired, this is the goal of action. // We do the refresh even if not expired, this is the goal of action.
@@ -155,9 +157,14 @@ if ($action == 'refreshtoken' && $user->admin) {
if ($apiService instanceof OAuth\OAuth2\Service\AbstractService || $apiService instanceof OAuth\OAuth1\Service\AbstractService) { if ($apiService instanceof OAuth\OAuth2\Service\AbstractService || $apiService instanceof OAuth\OAuth1\Service\AbstractService) {
// ServiceInterface does not provide refreshAccessToekn, AbstractService does // ServiceInterface does not provide refreshAccessToekn, AbstractService does
$tokenobj = $apiService->refreshAccessToken($tokenobj); dol_syslog("oauthlogintokens.php: call refreshAccessToken to get the new access token");
$tokenobj = $apiService->refreshAccessToken($tokenobj); // This call refresh and store the new token (but does not include the refresh token)
dol_syslog("oauthlogintokens.php: call setRefreshToken");
$tokenobj->setRefreshToken($refreshtoken); // Restore the refresh token $tokenobj->setRefreshToken($refreshtoken); // Restore the refresh token
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj);
dol_syslog("oauthlogintokens.php: call storeAccessToken to save the new access token + the old refresh token");
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj); // This save the new token including the refresh token
if ($expire) { if ($expire) {
setEventMessages($langs->trans("OldTokenWasExpiredItHasBeenRefresh"), null, 'mesgs'); setEventMessages($langs->trans("OldTokenWasExpiredItHasBeenRefresh"), null, 'mesgs');
@@ -168,6 +175,7 @@ if ($action == 'refreshtoken' && $user->admin) {
dol_print_error($db, 'apiService is not a correct OAUTH2 Abstract service'); dol_print_error($db, 'apiService is not a correct OAUTH2 Abstract service');
} }
dol_syslog("oauthlogintokens.php: Read token again for service ".$OAUTH_SERVICENAME);
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME); $tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
} catch (Exception $e) { } catch (Exception $e) {
// Return an error if token not found // Return an error if token not found

7
htdocs/includes/OAuth/Common/Http/Client/StreamClient.php
View File

@@ -60,6 +60,13 @@ class StreamClient extends AbstractClient
//var_dump($requestBody); var_dump($extraHeaders);var_dump($method);exit; //var_dump($requestBody); var_dump($extraHeaders);var_dump($method);exit;
$context = $this->generateStreamContext($requestBody, $extraHeaders, $method); $context = $this->generateStreamContext($requestBody, $extraHeaders, $method);
/*
var_dump($endpoint->getAbsoluteUri());
var_dump($requestBody);
var_dump($method);
var_dump($extraHeaders);
*/
$level = error_reporting(0); $level = error_reporting(0);
$response = file_get_contents($endpoint->getAbsoluteUri(), false, $context); $response = file_get_contents($endpoint->getAbsoluteUri(), false, $context);
error_reporting($level); error_reporting($level);