mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-12 12:31:26 +01:00
Merge pull request #22321 from fboitel/NEW-scope-checkbox-oauth
NEW: possibility to select scopes with checkbox for oauth tokens
This commit is contained in:
Laurent Destailleur
@@ -23,6 +23,7 @@
|
||||
* \brief Setup page to configure oauth access api
|
||||
*/
|
||||
|
||||
|
||||
// Load Dolibarr environment
|
||||
require '../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
|
||||
@@ -84,7 +85,12 @@ if ($action == 'update') {
|
||||
}
|
||||
}
|
||||
if (GETPOSTISSET($constvalue.'_SCOPE')) {
|
||||
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', GETPOST($constvalue.'_SCOPE'), 'chaine', 0, '', $conf->entity)) {
|
||||
$scopestring = implode(',', GETPOST($constvalue.'_SCOPE'));
|
||||
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', $scopestring, 'chaine', 0, '', $conf->entity)) {
|
||||
$error++;
|
||||
}
|
||||
} else {
|
||||
if (!dolibarr_set_const($db, $constvalue.'_SCOPE', '', 'chaine', 0, '', $conf->entity)) {
|
||||
$error++;
|
||||
}
|
||||
}
|
||||
@@ -263,13 +269,31 @@ if (count($listinsetup) > 0) {
|
||||
print '<input style="width: 80%" type"text" name="'.$key[4].'" value="'.getDolGlobalString($key[4]).'" >';
|
||||
print '</td></tr>';
|
||||
} else {
|
||||
$availablescopes = array_flip(explode(',', $supportedoauth2array[$keyforsupportedoauth2array]['availablescopes']));
|
||||
$currentscopes = explode(',', getDolGlobalString($key[4]));
|
||||
$scopestodispay = array();
|
||||
foreach ($availablescopes as $keyscope => $valscope) {
|
||||
if (in_array($keyscope, $currentscopes)) {
|
||||
$scopestodispay[$keyscope] = 1;
|
||||
} else {
|
||||
$scopestodispay[$keyscope] = 0;
|
||||
}
|
||||
}
|
||||
// Api Scope
|
||||
print '<tr class="oddeven value">';
|
||||
print '<td>'.$langs->trans("Scopes").'</td>';
|
||||
print '<td>';
|
||||
//print '<input style="width: 80%" type"text" name="'.$key[4].'" value="'.getDolGlobalString($key[4]).'" >';
|
||||
print $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope'];
|
||||
foreach ($scopestodispay as $scope => $val) {
|
||||
print '<input type="checkbox" name="'.$key[4].'[]" value="'.$scope.'"'.($val ? ' checked' : '').'>';
|
||||
print '<label style="margin-right: 10px" for="'.$key[4].'">'.$scope.'</label>';
|
||||
}
|
||||
print '</td></tr>';
|
||||
}
|
||||
} else {
|
||||
print '<tr class="oddeven value">';
|
||||
print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
|
||||
print '<td>'.$langs->trans("FeatureNotYetSupported").'</td>';
|
||||
print '</td></tr>';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -172,7 +172,7 @@ if ($mode == 'setup' && $user->admin) {
|
||||
|
||||
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
|
||||
|
||||
$shortscope = $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope'];
|
||||
$shortscope = '';
|
||||
if (getDolGlobalString($key[4])) {
|
||||
$shortscope = getDolGlobalString($key[4]);
|
||||
}
|
||||
|
||||
@@ -23,29 +23,17 @@
|
||||
*/
|
||||
|
||||
|
||||
$shortscopegoogle = 'userinfo_email,userinfo_profile';
|
||||
$shortscopegoogle .= ',openid,email,profile'; // For openid connect
|
||||
if (!empty($conf->printing->enabled)) {
|
||||
$shortscopegoogle .= ',cloud_print';
|
||||
}
|
||||
if (!empty($conf->global->OAUTH_GOOGLE_GSUITE)) {
|
||||
$shortscopegoogle .= ',admin_directory_user';
|
||||
}
|
||||
if (!empty($conf->global->OAUTH_GOOGLE_GMAIL)) {
|
||||
$shortscopegoogle.=',gmail_full';
|
||||
}
|
||||
|
||||
// Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth)
|
||||
$supportedoauth2array = array(
|
||||
'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google', 'urlforcredentials'=>'https://console.developers.google.com/', 'defaultscope'=>$shortscopegoogle),
|
||||
'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google', 'urlforcredentials'=>'https://console.developers.google.com/', 'availablescopes'=> 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print,admin_directory_user,gmail_full'),
|
||||
);
|
||||
if (!empty($conf->stripe->enabled)) {
|
||||
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest', 'urlforcredentials'=>'', 'defaultscope'=>'read_write');
|
||||
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive', 'urlforcredentials'=>'', 'defaultscope'=>'read_write');
|
||||
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest', 'urlforcredentials'=>'', 'availablescopes'=>'read_write');
|
||||
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive', 'urlforcredentials'=>'', 'availablescopes'=>'read_write');
|
||||
}
|
||||
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub', 'urlforcredentials'=>'https://github.com/settings/developers', 'defaultscope'=>'user,public_repo');
|
||||
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub', 'urlforcredentials'=>'https://github.com/settings/developers', 'availablescopes'=>'user,public_repo');
|
||||
if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
|
||||
$supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'defaultscope'=>'ToComplete');
|
||||
$supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'availablescopes'=>'Standard');
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -89,10 +89,13 @@ if ($state) {
|
||||
$requestedpermissionsarray = explode(',', $statewithscopeonly); // Example: 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print'.
|
||||
$statewithanticsrfonly = preg_replace('/^.*\-/', '', $state);
|
||||
}
|
||||
if ($action != 'delete' && empty($requestedpermissionsarray)) {
|
||||
print 'Error, parameter state is not defined';
|
||||
exit;
|
||||
|
||||
if ($action != 'delete' && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
|
||||
setEventMessages($langs->trans('ScopeUndefined'), null, 'errors');
|
||||
header('Location: '.$backtourl);
|
||||
exit();
|
||||
}
|
||||
|
||||
//var_dump($requestedpermissionsarray);exit;
|
||||
|
||||
|
||||
|
||||
@@ -37,3 +37,4 @@ OAuthProviderAdded=OAuth provider added
|
||||
AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=An OAuth entry for this provider and label already exists
|
||||
URLOfServiceForAuthorization=URL provided by OAuth service for authentication
|
||||
Scopes=Scopes
|
||||
ScopeUndefined=Scope undefined (see previous tab)
|
||||
@@ -34,3 +34,5 @@ OAUTH_ID=ID OAuth
|
||||
OAUTH_SECRET=Code secret OAuth
|
||||
OAuthProviderAdded=Fournisseur OAuth ajouté
|
||||
AOAuthEntryForThisProviderAndLabelAlreadyHasAKey=Une entrée OAuth pour ce fournisseur et ce libellé existe déjà
|
||||
ScopeUndefined=Portée non définie (voir onglet précédent)
|
||||
Scopes=Portées
|
||||
Reference in New Issue
Block a user