Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-08 09:01:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX avoid php warning

Browse Source
This commit is contained in:
Regis Houssin
2024-03-19 19:50:28 +01:00
parent b705dd8094
commit ce3171a722
1 changed files with 228 additions and 226 deletions
Download Patch File Download Diff File Expand all files Collapse all files

454
htdocs/admin/oauthlogintokens.php
View File

@@ -156,253 +156,255 @@ if ($mode == 'setup' && $user->admin) {
$oauthstateanticsrf = bin2hex(random_bytes(128/8));
// $list is defined into oauth.lib.php to the list of supporter OAuth providers.
foreach ($listinsetup as $key) {
$supported = 0;
$keyforsupportedoauth2array = $key[0]; // May be OAUTH_GOOGLE_NAME or OAUTH_GOOGLE_xxx_NAME
$keyforsupportedoauth2array = preg_replace('/^OAUTH_/', '', $keyforsupportedoauth2array);
$keyforsupportedoauth2array = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
$keybeforeprovider = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
$keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
} else {
$keybeforeprovider = $keyforsupportedoauth2array;
$keyforprovider = '';
}
$keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
$keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
if (!empty($listinsetup)) {
foreach ($listinsetup as $key) {
$supported = 0;
$keyforsupportedoauth2array = $key[0]; // May be OAUTH_GOOGLE_NAME or OAUTH_GOOGLE_xxx_NAME
$keyforsupportedoauth2array = preg_replace('/^OAUTH_/', '', $keyforsupportedoauth2array);
$keyforsupportedoauth2array = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
$keybeforeprovider = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
$keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
} else {
$keybeforeprovider = $keyforsupportedoauth2array;
$keyforprovider = '';
}
$keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
$keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
$shortscope = '';
if (getDolGlobalString($key[4])) {
$shortscope = getDolGlobalString($key[4]);
}
$state = $shortscope; // TODO USe a better state
$shortscope = '';
if (getDolGlobalString($key[4])) {
$shortscope = getDolGlobalString($key[4]);
}
$state = $shortscope; // TODO USe a better state
// Define $urltorenew, $urltodelete, $urltocheckperms
if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect.
// Define $urltorenew, $urltodelete, $urltocheckperms
if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect.
// Note: github does not accept csrf key inside the state parameter (only known values)
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($shortscope).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/';
} elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// List of scopes for Google are here: https://developers.google.com/identity/protocols/oauth2/scopes
// We pass this key list into the param 'state' because we need it before and after the redirect.
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'-'.$oauthstateanticsrf.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
} elseif (!empty($supportedoauth2array[$keyforsupportedoauth2array]['returnurl'])) {
$urltorenew = $urlwithroot.$supportedoauth2array[$keyforsupportedoauth2array]['returnurl'].'?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.$supportedoauth2array[$keyforsupportedoauth2array]['returnurl'].'?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = '';
} else {
$urltorenew = '';
$urltodelete = '';
$urltocheckperms = '';
}
// Note: github does not accept csrf key inside the state parameter (only known values)
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($shortscope).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/';
} elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// List of scopes for Google are here: https://developers.google.com/identity/protocols/oauth2/scopes
// We pass this key list into the param 'state' because we need it before and after the redirect.
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'-'.$oauthstateanticsrf.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
} elseif (!empty($supportedoauth2array[$keyforsupportedoauth2array]['returnurl'])) {
$urltorenew = $urlwithroot.$supportedoauth2array[$keyforsupportedoauth2array]['returnurl'].'?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.$supportedoauth2array[$keyforsupportedoauth2array]['returnurl'].'?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = '';
} else {
$urltorenew = '';
$urltodelete = '';
$urltocheckperms = '';
}
if ($urltorenew) {
$urltorenew .= '&keyforprovider='.urlencode($keyforprovider);
}
if ($urltodelete) {
$urltodelete .= '&keyforprovider='.urlencode($keyforprovider);
}
if ($urltorenew) {
$urltorenew .= '&keyforprovider='.urlencode($keyforprovider);
}
if ($urltodelete) {
$urltodelete .= '&keyforprovider='.urlencode($keyforprovider);
}
// Show value of token
$tokenobj = null;
// Token
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
// Dolibarr storage
$storage = new DoliStorage($db, $conf, $keyforprovider);
try {
// $OAUTH_SERVICENAME is for example 'Google-keyforprovider'
print '<!-- '.$OAUTH_SERVICENAME.' -->'."\n";
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
//print $storage->token.'<br>';
//print $tokenobj->getExtraParams()['id_token'].'<br>';
//print $tokenobj->getAccessToken().'<br>';
} catch (Exception $e) {
// Return an error if token not found
//print $e->getMessage();
}
// Show value of token
$tokenobj = null;
// Token
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
// Dolibarr storage
$storage = new DoliStorage($db, $conf, $keyforprovider);
try {
// $OAUTH_SERVICENAME is for example 'Google-keyforprovider'
print '<!-- '.$OAUTH_SERVICENAME.' -->'."\n";
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
//print $storage->token.'<br>';
//print $tokenobj->getExtraParams()['id_token'].'<br>';
//print $tokenobj->getAccessToken().'<br>';
} catch (Exception $e) {
// Return an error if token not found
//print $e->getMessage();
}
// Set other properties
$refreshtoken = false;
$expiredat = '';
// Set other properties
$refreshtoken = false;
$expiredat = '';
$expire = false;
// Is token expired or will token expire in the next 30 seconds
if (is_object($tokenobj)) {
$expire = ($tokenobj->getEndOfLife() !== $tokenobj::EOL_NEVER_EXPIRES && $tokenobj->getEndOfLife() !== $tokenobj::EOL_UNKNOWN && time() > ($tokenobj->getEndOfLife() - 30));
}
if ($key[1] != '' && $key[2] != '') {
$expire = false;
// Is token expired or will token expire in the next 30 seconds
if (is_object($tokenobj)) {
$refreshtoken = $tokenobj->getRefreshToken();
$expire = ($tokenobj->getEndOfLife() !== $tokenobj::EOL_NEVER_EXPIRES && $tokenobj->getEndOfLife() !== $tokenobj::EOL_UNKNOWN && time() > ($tokenobj->getEndOfLife() - 30));
}
if ($key[1] != '' && $key[2] != '') {
if (is_object($tokenobj)) {
$refreshtoken = $tokenobj->getRefreshToken();
$endoflife = $tokenobj->getEndOfLife();
if ($endoflife == $tokenobj::EOL_NEVER_EXPIRES) {
$expiredat = $langs->trans("Never");
} elseif ($endoflife == $tokenobj::EOL_UNKNOWN) {
$expiredat = $langs->trans("Unknown");
} else {
$expiredat = dol_print_date($endoflife, "dayhour", 'tzuserrel');
$endoflife = $tokenobj->getEndOfLife();
if ($endoflife == $tokenobj::EOL_NEVER_EXPIRES) {
$expiredat = $langs->trans("Never");
} elseif ($endoflife == $tokenobj::EOL_UNKNOWN) {
$expiredat = $langs->trans("Unknown");
} else {
$expiredat = dol_print_date($endoflife, "dayhour", 'tzuserrel');
}
}
}
}
$submit_enabled = 0;
$submit_enabled = 0;
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?mode=setup&amp;driver='.$driver.'" autocomplete="off">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="setconst">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?mode=setup&amp;driver='.$driver.'" autocomplete="off">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="setconst">';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">'."\n";
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">'."\n";
// Api Name
$label = $langs->trans($keyforsupportedoauth2array);
print '<tr class="liste_titre">';
print '<th class="titlefieldcreate">';
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
if ($label == $keyforsupportedoauth2array) {
print $supportedoauth2array[$keyforsupportedoauth2array]['name'];
} else {
print $label;
}
if ($keyforprovider) {
print ' (<b>'.$keyforprovider.'</b>)';
} else {
print ' (<b>'.$langs->trans("NoName").'</b>)';
}
print '</th>';
print '<th></th>';
print '<th></th>';
print "</tr>\n";
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("OAuthIDSecret").'</td>';
print '<td>';
print '<span class="opacitymedium">'.$langs->trans("SeePreviousTab").'</span>';
print '</td>';
print '<td>';
print '</td>';
print '</tr>'."\n";
// Scopes
print '<tr class="oddeven">';
print '<td>'.$langs->trans("Scopes").'</td>';
print '<td colspan="2">';
$currentscopes = getDolGlobalString($key[4]);
print $currentscopes;
print '</td></tr>';
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("IsTokenGenerated");
print '</td>';
print '<td>';
if (is_object($tokenobj)) {
print $form->textwithpicto(yn(1), $langs->trans("HasAccessToken").' : '.dol_print_date($storage->date_modification, 'dayhour').' state='.dol_escape_htmltag($storage->state));
} else {
print '<span class="opacitymedium">'.$langs->trans("NoAccessToken").'</span>';
}
print '</td>';
print '<td width="50%">';
// Links to delete/checks token
if (is_object($tokenobj)) {
//test on $storage->hasAccessToken($OAUTH_SERVICENAME) ?
if ($urltodelete) {
print '<a class="button smallpaddingimp" href="'.$urltodelete.'">'.$langs->trans('DeleteAccess').'</a><br>';
// Api Name
$label = $langs->trans($keyforsupportedoauth2array);
print '<tr class="liste_titre">';
print '<th class="titlefieldcreate">';
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
if ($label == $keyforsupportedoauth2array) {
print $supportedoauth2array[$keyforsupportedoauth2array]['name'];
} else {
print '<span class="opacitymedium">'.$langs->trans('GoOnTokenProviderToDeleteToken').'</span><br>';
print $label;
}
}
// Request remote token
if ($urltorenew) {
print '<a class="button smallpaddingimp" href="'.$urltorenew.'">'.$langs->trans('GetAccess').'</a>';
print $form->textwithpicto('', $langs->trans('RequestAccess'));
if ($keyforprovider) {
print ' (<b>'.$keyforprovider.'</b>)';
} else {
print ' (<b>'.$langs->trans("NoName").'</b>)';
}
print '</th>';
print '<th></th>';
print '<th></th>';
print "</tr>\n";
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("OAuthIDSecret").'</td>';
print '<td>';
print '<span class="opacitymedium">'.$langs->trans("SeePreviousTab").'</span>';
print '</td>';
print '<td>';
print '</td>';
print '</tr>'."\n";
// Scopes
print '<tr class="oddeven">';
print '<td>'.$langs->trans("Scopes").'</td>';
print '<td colspan="2">';
$currentscopes = getDolGlobalString($key[4]);
print $currentscopes;
print '</td></tr>';
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("IsTokenGenerated");
print '</td>';
print '<td>';
if (is_object($tokenobj)) {
print $form->textwithpicto(yn(1), $langs->trans("HasAccessToken").' : '.dol_print_date($storage->date_modification, 'dayhour').' state='.dol_escape_htmltag($storage->state));
} else {
print '<span class="opacitymedium">'.$langs->trans("NoAccessToken").'</span>';
}
print '</td>';
print '<td width="50%">';
// Links to delete/checks token
if (is_object($tokenobj)) {
//test on $storage->hasAccessToken($OAUTH_SERVICENAME) ?
if ($urltodelete) {
print '<a class="button smallpaddingimp" href="'.$urltodelete.'">'.$langs->trans('DeleteAccess').'</a><br>';
} else {
print '<span class="opacitymedium">'.$langs->trans('GoOnTokenProviderToDeleteToken').'</span><br>';
}
}
// Request remote token
if ($urltorenew) {
print '<a class="button smallpaddingimp" href="'.$urltorenew.'">'.$langs->trans('GetAccess').'</a>';
print $form->textwithpicto('', $langs->trans('RequestAccess'));
print '<br>';
}
// Check remote access
if ($urltocheckperms) {
print '<br>'.$langs->trans("ToCheckDeleteTokenOnProvider", $OAUTH_SERVICENAME).': <a href="'.$urltocheckperms.'" target="_'.strtolower($OAUTH_SERVICENAME).'">'.$urltocheckperms.'</a>';
}
print '</td>';
print '</tr>';
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("Token").'</td>';
print '<td colspan="2">';
if (is_object($tokenobj)) {
$tokentoshow = $tokenobj->getAccessToken();
print '<span class="" title="'.dol_escape_htmltag($tokentoshow).'">'.showValueWithClipboardCPButton($tokentoshow, 1, dol_trunc($tokentoshow, 32)).'</span><br>';
//print 'Refresh: '.$tokenobj->getRefreshToken().'<br>';
//print 'EndOfLife: '.$tokenobj->getEndOfLife().'<br>';
//var_dump($tokenobj->getExtraParams());
/*print '<br>Extra: <br><textarea class="quatrevingtpercent">';
print ''.join(',',$tokenobj->getExtraParams());
print '</textarea>';*/
}
print '</td>';
print '</tr>'."\n";
if (is_object($tokenobj)) {
// Token refresh
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_REFRESH");
print '</td>';
print '<td colspan="2">';
print '<span class="" title="'.dol_escape_htmltag($refreshtoken).'">'.showValueWithClipboardCPButton($refreshtoken, 1, dol_trunc($refreshtoken, 32)).'</span>';
print '</td>';
print '</tr>';
// Token expired
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_EXPIRED");
print '</td>';
print '<td colspan="2">';
print yn($expire);
print '</td>';
print '</tr>';
// Token expired at
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_EXPIRE_AT");
print '</td>';
print '<td colspan="2">';
print $expiredat;
print '</td>';
print '</tr>';
}
print '</table>';
print '</div>';
if (!empty($driver)) {
if ($submit_enabled) {
print $form->buttonsSaveCancel("Modify", '');
}
}
print '</form>';
print '<br>';
}
// Check remote access
if ($urltocheckperms) {
print '<br>'.$langs->trans("ToCheckDeleteTokenOnProvider", $OAUTH_SERVICENAME).': <a href="'.$urltocheckperms.'" target="_'.strtolower($OAUTH_SERVICENAME).'">'.$urltocheckperms.'</a>';
}
print '</td>';
print '</tr>';
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("Token").'</td>';
print '<td colspan="2">';
if (is_object($tokenobj)) {
$tokentoshow = $tokenobj->getAccessToken();
print '<span class="" title="'.dol_escape_htmltag($tokentoshow).'">'.showValueWithClipboardCPButton($tokentoshow, 1, dol_trunc($tokentoshow, 32)).'</span><br>';
//print 'Refresh: '.$tokenobj->getRefreshToken().'<br>';
//print 'EndOfLife: '.$tokenobj->getEndOfLife().'<br>';
//var_dump($tokenobj->getExtraParams());
/*print '<br>Extra: <br><textarea class="quatrevingtpercent">';
print ''.join(',',$tokenobj->getExtraParams());
print '</textarea>';*/
}
print '</td>';
print '</tr>'."\n";
if (is_object($tokenobj)) {
// Token refresh
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_REFRESH");
print '</td>';
print '<td colspan="2">';
print '<span class="" title="'.dol_escape_htmltag($refreshtoken).'">'.showValueWithClipboardCPButton($refreshtoken, 1, dol_trunc($refreshtoken, 32)).'</span>';
print '</td>';
print '</tr>';
// Token expired
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_EXPIRED");
print '</td>';
print '<td colspan="2">';
print yn($expire);
print '</td>';
print '</tr>';
// Token expired at
print '<tr class="oddeven">';
print '<td'.(empty($key['required']) ? '' : ' class="required"').'>';
//var_dump($key);
print $langs->trans("TOKEN_EXPIRE_AT");
print '</td>';
print '<td colspan="2">';
print $expiredat;
print '</td>';
print '</tr>';
}
print '</table>';
print '</div>';
if (!empty($driver)) {
if ($submit_enabled) {
print $form->buttonsSaveCancel("Modify", '');
}
}
print '</form>';
print '<br>';
}
}