Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-13 13:01:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clean OAuth feature

Browse Source
This commit is contained in:
Laurent Destailleur
2022-01-19 18:23:31 +01:00
parent 4f533c3f9d
commit ff1037634b
4 changed files with 45 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
htdocs/admin/oauth.php
View File

@@ -27,6 +27,7 @@ require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php';
// $supportedoauth2array is defined into oauth.lib.php
// Define $urlwithroot // Define $urlwithroot
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
@@ -96,10 +97,12 @@ print '<table class="noborder centpercent">';
$i = 0; $i = 0;
// $list is defined into oauth.lib.php // $list is defined into oauth.lib.php to the list of supporter OAuth providers.
foreach ($list as $key) { foreach ($list as $key) {
$supported = 0; $supported = 0;
if (in_array($key[0], array_keys($supportedoauth2array))) { $keyforsupportedoauth2array = $key[0];
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
$supported = 1; $supported = 1;
} }
if (!$supported) { if (!$supported) {
@@ -110,20 +113,23 @@ foreach ($list as $key) {
print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">'; print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">';
// Api Name // Api Name
$label = $langs->trans($key[0]); $label = $langs->trans($keyforsupportedoauth2array);
print '<td>'.$label.'</td>';
print '<td>'; print '<td>';
if (!empty($key[3])) { print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
print $langs->trans($key[3]); print $label;
print '</td>';
print '<td>';
if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp'])) {
print $langs->trans($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp']);
} }
print '</td>'; print '</td>';
print '</tr>'; print '</tr>';
if ($supported) { if ($supported) {
$redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$key[0]].'_oauthcallback.php'; $redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php';
print '<tr class="oddeven value">'; print '<tr class="oddeven value">';
print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>'; print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
print '<td><input style="width: 80%" type"text" name="uri'.$key[0].'" value="'.$redirect_uri.'">'; print '<td><input style="width: 80%" type"text" name="uri'.$keyforsupportedoauth2array.'" value="'.$redirect_uri.'">';
print '</td></tr>'; print '</td></tr>';
} else { } else {
print '<tr class="oddeven value">'; print '<tr class="oddeven value">';

44
htdocs/admin/oauthlogintokens.php
View File

@@ -25,17 +25,13 @@
require '../main.inc.php'; require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list and $supportedoauth2array
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
use OAuth\Common\Storage\DoliStorage; use OAuth\Common\Storage\DoliStorage;
// Load translation files required by the page // Load translation files required by the page
$langs->loadLangs(array('admin', 'printing', 'oauth')); $langs->loadLangs(array('admin', 'printing', 'oauth'));
if (!$user->admin) {
accessforbidden();
}
$action = GETPOST('action', 'aZ09'); $action = GETPOST('action', 'aZ09');
$mode = GETPOST('mode', 'alpha'); $mode = GETPOST('mode', 'alpha');
$value = GETPOST('value', 'alpha'); $value = GETPOST('value', 'alpha');
@@ -50,6 +46,10 @@ if (!$mode) {
$mode = 'setup'; $mode = 'setup';
} }
if (!$user->admin) {
accessforbidden();
}
/* /*
* Action * Action
@@ -140,7 +140,9 @@ if ($mode == 'setup' && $user->admin) {
foreach ($list as $key) { foreach ($list as $key) {
$supported = 0; $supported = 0;
if (in_array($key[0], array_keys($supportedoauth2array))) { $keyforsupportedoauth2array = $key[0];
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
$supported = 1; $supported = 1;
} }
if (!$supported) { if (!$supported) {
@@ -148,17 +150,18 @@ if ($mode == 'setup' && $user->admin) {
} }
$OAUTH_SERVICENAME = 'Unknown'; $OAUTH_SERVICENAME = empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'];
if ($key[0] == 'OAUTH_GITHUB_NAME') {
$OAUTH_SERVICENAME = 'GitHub'; // Define $shortscope, $urltorenew, $urltodelete, $urltocheckperms
// TODO Use array $supportedoauth2array
if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service). // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect. // We pass this param list in to 'state' because we need it before and after the redirect.
$shortscope = 'user,public_repo'; $shortscope = 'user,public_repo';
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/'; $urltocheckperms = 'https://github.com/settings/applications/';
} elseif ($key[0] == 'OAUTH_GOOGLE_NAME') { } elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') {
$OAUTH_SERVICENAME = 'Google';
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service). // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect. // We pass this param list in to 'state' because we need it before and after the redirect.
$shortscope = 'userinfo_email,userinfo_profile,cloud_print'; $shortscope = 'userinfo_email,userinfo_profile,cloud_print';
@@ -169,13 +172,11 @@ if ($mode == 'setup' && $user->admin) {
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions'; $urltocheckperms = 'https://security.google.com/settings/security/permissions';
} elseif ($key[0] == 'OAUTH_STRIPE_TEST_NAME') { } elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_TEST_NAME') {
$OAUTH_SERVICENAME = 'StripeTest';
$urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = ''; $urltodelete = '';
$urltocheckperms = ''; $urltocheckperms = '';
} elseif ($key[0] == 'OAUTH_STRIPE_LIVE_NAME') { } elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_LIVE_NAME') {
$OAUTH_SERVICENAME = 'StripeLive';
$urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = ''; $urltodelete = '';
$urltocheckperms = ''; $urltocheckperms = '';
@@ -230,11 +231,14 @@ if ($mode == 'setup' && $user->admin) {
print '<input type="hidden" name="token" value="'.newToken().'">'; print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="setconst">'; print '<input type="hidden" name="action" value="setconst">';
print '<div class="div-table-responsive">'; print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">'."\n"; print '<table class="noborder centpercent">'."\n";
print '<tr class="liste_titre">'; print '<tr class="liste_titre">';
print '<th class="titlefieldcreate">'.$langs->trans($key[0]).'</th>'; print '<th class="titlefieldcreate">';
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
print $langs->trans($keyforsupportedoauth2array);
print '</th>';
print '<th></th>'; print '<th></th>';
print '<th></th>'; print '<th></th>';
print "</tr>\n"; print "</tr>\n";
@@ -244,7 +248,7 @@ if ($mode == 'setup' && $user->admin) {
//var_dump($key); //var_dump($key);
print $langs->trans("OAuthIDSecret").'</td>'; print $langs->trans("OAuthIDSecret").'</td>';
print '<td>'; print '<td>';
print $langs->trans("SeePreviousTab"); print '<span class="opacitymedium">'.$langs->trans("SeePreviousTab").'</span>';
print '</td>'; print '</td>';
print '<td>'; print '<td>';
print '</td>'; print '</td>';
@@ -259,7 +263,7 @@ if ($mode == 'setup' && $user->admin) {
if (is_object($tokenobj)) { if (is_object($tokenobj)) {
print $langs->trans("HasAccessToken"); print $langs->trans("HasAccessToken");
} else { } else {
print $langs->trans("NoAccessToken"); print '<span class="opacitymedium">'.$langs->trans("NoAccessToken").'</span>';
} }
print '</td>'; print '</td>';
print '<td width="50%">'; print '<td width="50%">';
@@ -346,7 +350,7 @@ if ($mode == 'setup' && $user->admin) {
if ($mode == 'test' && $user->admin) { if ($mode == 'test' && $user->admin) {
print $langs->trans('PrintTestDesc'.$driver)."<br><br>\n"; print $langs->trans('PrintTestDesc'.$driver)."<br><br>\n";
print '<div class="div-table-responsive">'; print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">'; print '<table class="noborder centpercent">';
if (!empty($driver)) { if (!empty($driver)) {
require_once DOL_DOCUMENT_ROOT.'/core/modules/printing/'.$driver.'.modules.php'; require_once DOL_DOCUMENT_ROOT.'/core/modules/printing/'.$driver.'.modules.php';

4
htdocs/core/lib/functions.lib.php
View File

@@ -3658,7 +3658,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'puce', 'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'puce',
'stock', 'resize', 'service', 'stats', 'trip', 'stock', 'resize', 'service', 'stats', 'trip',
'security', 'setup', 'share-alt', 'sign-out', 'split', 'stripe', 'stripe-s', 'switch_off', 'switch_on', 'switch_on_red', 'tools', 'unlink', 'uparrow', 'user', 'vcard', 'wrench', 'security', 'setup', 'share-alt', 'sign-out', 'split', 'stripe', 'stripe-s', 'switch_off', 'switch_on', 'switch_on_red', 'tools', 'unlink', 'uparrow', 'user', 'vcard', 'wrench',
'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp', 'github', 'google', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies', 'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies',
'generic', 'home', 'hrm', 'members', 'products', 'invoicing', 'generic', 'home', 'hrm', 'members', 'products', 'invoicing',
'partnership', 'payment', 'payment_vat', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'region', 'partnership', 'payment', 'payment_vat', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'region',
@@ -3678,7 +3678,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
if (in_array($pictowithouttext, array('card', 'bell', 'clock', 'establishment', 'generic', 'minus-square', 'object_generic', 'pdf', 'plus-square', 'timespent', 'note', 'off', 'on', 'object_bookmark', 'bookmark', 'vcard'))) { if (in_array($pictowithouttext, array('card', 'bell', 'clock', 'establishment', 'generic', 'minus-square', 'object_generic', 'pdf', 'plus-square', 'timespent', 'note', 'off', 'on', 'object_bookmark', 'bookmark', 'vcard'))) {
$fa = 'far'; $fa = 'far';
} }
if (in_array($pictowithouttext, array('black-tie', 'github', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) { if (in_array($pictowithouttext, array('black-tie', 'github', 'google', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) {
$fa = 'fab'; $fa = 'fab';
} }

10
htdocs/core/lib/oauth.lib.php
View File

@@ -25,13 +25,13 @@
// Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth) // Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth)
$supportedoauth2array = array( $supportedoauth2array = array(
'OAUTH_GOOGLE_NAME'=>'google', 'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google'),
); );
if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { if (!empty($conf->stripe->enabled)) {
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = 'stripetest'; $supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest');
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = 'stripelive'; $supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive');
} }
$supportedoauth2array['OAUTH_GITHUB_NAME'] = 'github'; $supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub');