Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-01-03 07:32:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

NEW: possibility to select scopes with checkbox for oauth tokens

Browse Source
This commit is contained in:
Faustin
2022-09-18 02:21:46 +02:00
parent 9f6b78b053
commit 0fed5dbb3d
6 changed files with 46 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
htdocs/admin/oauth.php
View File

@@ -24,6 +24,8 @@
* \brief Setup page to configure oauth access api * \brief Setup page to configure oauth access api
*/ */
use Sabre\VObject\Component\Available;
// Load Dolibarr environment // Load Dolibarr environment
require '../main.inc.php'; require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
@@ -85,7 +87,12 @@ if ($action == 'update') {
} }
} }
if (GETPOSTISSET($constvalue.'_SCOPE')) { if (GETPOSTISSET($constvalue.'_SCOPE')) {
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', GETPOST($constvalue.'_SCOPE'), 'chaine', 0, '', $conf->entity)) { $scopestring = implode(',', GETPOST($constvalue.'_SCOPE'));
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', $scopestring, 'chaine', 0, '', $conf->entity)) {
$error++;
}
} else {
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', '', 'chaine', 0, '', $conf->entity)) {
$error++; $error++;
} }
} }
@@ -161,6 +168,7 @@ $i = 0;
// Define $listinsetup // Define $listinsetup
foreach ($conf->global as $key => $val) { foreach ($conf->global as $key => $val) {
if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) {
print '<script>console.log("'.$key.'" + " => " + "'.$val.'" );</script>';
$provider = preg_replace('/_ID$/', '', $key); $provider = preg_replace('/_ID$/', '', $key);
$listinsetup[] = array( $listinsetup[] = array(
$provider.'_NAME', $provider.'_NAME',
@@ -172,6 +180,7 @@ foreach ($conf->global as $key => $val) {
} }
} }
// $list is defined into oauth.lib.php to the list of supporter OAuth providers. // $list is defined into oauth.lib.php to the list of supporter OAuth providers.
foreach ($listinsetup as $key) { foreach ($listinsetup as $key) {
$supported = 0; $supported = 0;
@@ -186,6 +195,8 @@ foreach ($listinsetup as $key) {
$keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array); $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
$keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME'; $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) { if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
$supported = 1; $supported = 1;
} }
@@ -252,20 +263,25 @@ foreach ($listinsetup as $key) {
// TODO Move this into token generation // TODO Move this into token generation
if ($supported) { if ($supported) {
if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') { $availablescopes = array_flip(explode(',', $supportedoauth2array[$keyforsupportedoauth2array]['availablescopes']));
print '<tr class="oddeven value">'; $currentscopes = explode(',', getDolGlobalString($key[4]));
print '<td>'.$langs->trans("Scopes").'</td>'; $scopestodispay = array();
print '<td>'; foreach ($availablescopes as $keyscope => $valscope) {
print '<input style="width: 80%" type"text" name="'.$key[4].'" value="'.getDolGlobalString($key[4]).'" >'; if (in_array($keyscope, $currentscopes)) {
print '</td></tr>'; $scopestodispay[$keyscope] = 1;
} else { } else {
print '<tr class="oddeven value">'; $scopestodispay[$keyscope] = 0;
print '<td>'.$langs->trans("Scopes").'</td>'; }
print '<td>';
//print '<input style="width: 80%" type"text" name="'.$key[4].'" value="'.getDolGlobalString($key[4]).'" >';
print $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope'];
print '</td></tr>';
} }
// Api Scope
print '<tr class="oddeven value">';
print '<td>'.$langs->trans("Scopes").'</td>';
print '<td>';
foreach ($scopestodispay as $scope => $val) {
print '<input type="checkbox" name="'.$key[4].'[]" value="'.$scope.'"'.($val ? ' checked' : '').'>';
print '<label style="margin-right: 10px" for="'.$key[4].'">'.$scope.'</label>';
}
print '</td></tr>';
} }
} }

2
htdocs/admin/oauthlogintokens.php
View File

@@ -172,7 +172,7 @@ if ($mode == 'setup' && $user->admin) {
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : '')); $OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
$shortscope = $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope']; $shortscope = '';
if (getDolGlobalString($key[4])) { if (getDolGlobalString($key[4])) {
$shortscope = getDolGlobalString($key[4]); $shortscope = getDolGlobalString($key[4]);
} }

22
htdocs/core/lib/oauth.lib.php
View File

@@ -23,29 +23,17 @@
*/ */
$shortscopegoogle = 'userinfo_email,userinfo_profile';
$shortscopegoogle .= ',openid,email,profile'; // For openid connect
if (!empty($conf->printing->enabled)) {
$shortscopegoogle .= ',cloud_print';
}
if (!empty($conf->global->OAUTH_GOOGLE_GSUITE)) {
$shortscopegoogle .= ',admin_directory_user';
}
if (!empty($conf->global->OAUTH_GOOGLE_GMAIL)) {
$shortscopegoogle.=',gmail_full';
}
// Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth) // Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth)
$supportedoauth2array = array( $supportedoauth2array = array(
'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google', 'urlforcredentials'=>'https://console.developers.google.com/', 'defaultscope'=>$shortscopegoogle), 'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google', 'urlforcredentials'=>'https://console.developers.google.com/', 'availablescopes'=> 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print,admin_directory_user,gmail_full'),
); );
if (!empty($conf->stripe->enabled)) { if (!empty($conf->stripe->enabled)) {
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest', 'urlforcredentials'=>'', 'defaultscope'=>'read_write'); $supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest', 'urlforcredentials'=>'', 'availablescopes'=>'read_write');
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive', 'urlforcredentials'=>'', 'defaultscope'=>'read_write'); $supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive', 'urlforcredentials'=>'', 'availablescopes'=>'read_write');
} }
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub', 'urlforcredentials'=>'https://github.com/settings/developers', 'defaultscope'=>'user,public_repo'); $supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub', 'urlforcredentials'=>'https://github.com/settings/developers', 'availablescopes'=>'user,public_repo');
if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) { if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
$supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'defaultscope'=>'ToComplete'); $supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'availablescopes'=>'Standard');
} }

9
htdocs/core/modules/oauth/google_oauthcallback.php
View File

@@ -89,10 +89,13 @@ if ($state) {
$requestedpermissionsarray = explode(',', $statewithscopeonly); // Example: 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print'. $requestedpermissionsarray = explode(',', $statewithscopeonly); // Example: 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print'.
$statewithanticsrfonly = preg_replace('/^.*\-/', '', $state); $statewithanticsrfonly = preg_replace('/^.*\-/', '', $state);
} }
if ($action != 'delete' && empty($requestedpermissionsarray)) {
print 'Error, parameter state is not defined'; if ($action != 'delete' && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
exit; setEventMessages($langs->trans('ScopeUndefined'), null, 'errors');
header('Location: '.$backtourl);
exit();
} }
//var_dump($requestedpermissionsarray);exit; //var_dump($requestedpermissionsarray);exit;

3
htdocs/langs/en_US/oauth.lang
View File

@@ -36,4 +36,5 @@ OAUTH_SECRET=OAuth secret
OAuthProviderAdded=OAuth provider added OAuthProviderAdded=OAuth provider added
AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=An OAuth entry for this provider and label already exists AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=An OAuth entry for this provider and label already exists
URLOfServiceForAuthorization=URL provided by OAuth service for authentication URLOfServiceForAuthorization=URL provided by OAuth service for authentication
Scopes=Scopes Scopes=Scopes
ScopeUndefined=Scope undefined (see previous tab)

2
htdocs/langs/fr_FR/oauth.lang
View File

@@ -34,3 +34,5 @@ OAUTH_ID=ID OAuth
OAUTH_SECRET=Code secret OAuth OAUTH_SECRET=Code secret OAuth
OAuthProviderAdded=Fournisseur OAuth ajouté OAuthProviderAdded=Fournisseur OAuth ajouté
AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=Une entrée OAuth pour ce fournisseur et ce libellé existe déjà AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=Une entrée OAuth pour ce fournisseur et ce libellé existe déjà
ScopeUndefined=Portée non définie (voir onglet précédent)
Scopes=Portées