mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-15 14:01:22 +01:00
Clean OAuth feature
This commit is contained in:
Laurent Destailleur
@@ -27,6 +27,7 @@ require '../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php';
|
||||
|
||||
// $supportedoauth2array is defined into oauth.lib.php
|
||||
|
||||
// Define $urlwithroot
|
||||
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
|
||||
@@ -96,10 +97,12 @@ print '<table class="noborder centpercent">';
|
||||
|
||||
$i = 0;
|
||||
|
||||
// $list is defined into oauth.lib.php
|
||||
// $list is defined into oauth.lib.php to the list of supporter OAuth providers.
|
||||
foreach ($list as $key) {
|
||||
$supported = 0;
|
||||
if (in_array($key[0], array_keys($supportedoauth2array))) {
|
||||
$keyforsupportedoauth2array = $key[0];
|
||||
|
||||
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
|
||||
$supported = 1;
|
||||
}
|
||||
if (!$supported) {
|
||||
@@ -110,20 +113,23 @@ foreach ($list as $key) {
|
||||
|
||||
print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">';
|
||||
// Api Name
|
||||
$label = $langs->trans($key[0]);
|
||||
print '<td>'.$label.'</td>';
|
||||
$label = $langs->trans($keyforsupportedoauth2array);
|
||||
print '<td>';
|
||||
if (!empty($key[3])) {
|
||||
print $langs->trans($key[3]);
|
||||
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
|
||||
print $label;
|
||||
print '</td>';
|
||||
print '<td>';
|
||||
if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp'])) {
|
||||
print $langs->trans($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp']);
|
||||
}
|
||||
print '</td>';
|
||||
print '</tr>';
|
||||
|
||||
if ($supported) {
|
||||
$redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$key[0]].'_oauthcallback.php';
|
||||
$redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php';
|
||||
print '<tr class="oddeven value">';
|
||||
print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
|
||||
print '<td><input style="width: 80%" type"text" name="uri'.$key[0].'" value="'.$redirect_uri.'">';
|
||||
print '<td><input style="width: 80%" type"text" name="uri'.$keyforsupportedoauth2array.'" value="'.$redirect_uri.'">';
|
||||
print '</td></tr>';
|
||||
} else {
|
||||
print '<tr class="oddeven value">';
|
||||
|
||||
@@ -25,17 +25,13 @@
|
||||
|
||||
require '../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list and $supportedoauth2array
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
|
||||
use OAuth\Common\Storage\DoliStorage;
|
||||
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('admin', 'printing', 'oauth'));
|
||||
|
||||
if (!$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$mode = GETPOST('mode', 'alpha');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
@@ -50,6 +46,10 @@ if (!$mode) {
|
||||
$mode = 'setup';
|
||||
}
|
||||
|
||||
if (!$user->admin) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Action
|
||||
@@ -140,7 +140,9 @@ if ($mode == 'setup' && $user->admin) {
|
||||
|
||||
foreach ($list as $key) {
|
||||
$supported = 0;
|
||||
if (in_array($key[0], array_keys($supportedoauth2array))) {
|
||||
$keyforsupportedoauth2array = $key[0];
|
||||
|
||||
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
|
||||
$supported = 1;
|
||||
}
|
||||
if (!$supported) {
|
||||
@@ -148,17 +150,18 @@ if ($mode == 'setup' && $user->admin) {
|
||||
}
|
||||
|
||||
|
||||
$OAUTH_SERVICENAME = 'Unknown';
|
||||
if ($key[0] == 'OAUTH_GITHUB_NAME') {
|
||||
$OAUTH_SERVICENAME = 'GitHub';
|
||||
$OAUTH_SERVICENAME = empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'];
|
||||
|
||||
// Define $shortscope, $urltorenew, $urltodelete, $urltocheckperms
|
||||
// TODO Use array $supportedoauth2array
|
||||
if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') {
|
||||
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
|
||||
// We pass this param list in to 'state' because we need it before and after the redirect.
|
||||
$shortscope = 'user,public_repo';
|
||||
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltocheckperms = 'https://github.com/settings/applications/';
|
||||
} elseif ($key[0] == 'OAUTH_GOOGLE_NAME') {
|
||||
$OAUTH_SERVICENAME = 'Google';
|
||||
} elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') {
|
||||
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
|
||||
// We pass this param list in to 'state' because we need it before and after the redirect.
|
||||
$shortscope = 'userinfo_email,userinfo_profile,cloud_print';
|
||||
@@ -169,13 +172,11 @@ if ($mode == 'setup' && $user->admin) {
|
||||
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
|
||||
} elseif ($key[0] == 'OAUTH_STRIPE_TEST_NAME') {
|
||||
$OAUTH_SERVICENAME = 'StripeTest';
|
||||
} elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_TEST_NAME') {
|
||||
$urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltodelete = '';
|
||||
$urltocheckperms = '';
|
||||
} elseif ($key[0] == 'OAUTH_STRIPE_LIVE_NAME') {
|
||||
$OAUTH_SERVICENAME = 'StripeLive';
|
||||
} elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_LIVE_NAME') {
|
||||
$urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
|
||||
$urltodelete = '';
|
||||
$urltocheckperms = '';
|
||||
@@ -230,11 +231,14 @@ if ($mode == 'setup' && $user->admin) {
|
||||
print '<input type="hidden" name="token" value="'.newToken().'">';
|
||||
print '<input type="hidden" name="action" value="setconst">';
|
||||
|
||||
print '<div class="div-table-responsive">';
|
||||
print '<div class="div-table-responsive-no-min">';
|
||||
print '<table class="noborder centpercent">'."\n";
|
||||
|
||||
print '<tr class="liste_titre">';
|
||||
print '<th class="titlefieldcreate">'.$langs->trans($key[0]).'</th>';
|
||||
print '<th class="titlefieldcreate">';
|
||||
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
|
||||
print $langs->trans($keyforsupportedoauth2array);
|
||||
print '</th>';
|
||||
print '<th></th>';
|
||||
print '<th></th>';
|
||||
print "</tr>\n";
|
||||
@@ -244,7 +248,7 @@ if ($mode == 'setup' && $user->admin) {
|
||||
//var_dump($key);
|
||||
print $langs->trans("OAuthIDSecret").'</td>';
|
||||
print '<td>';
|
||||
print $langs->trans("SeePreviousTab");
|
||||
print '<span class="opacitymedium">'.$langs->trans("SeePreviousTab").'</span>';
|
||||
print '</td>';
|
||||
print '<td>';
|
||||
print '</td>';
|
||||
@@ -259,7 +263,7 @@ if ($mode == 'setup' && $user->admin) {
|
||||
if (is_object($tokenobj)) {
|
||||
print $langs->trans("HasAccessToken");
|
||||
} else {
|
||||
print $langs->trans("NoAccessToken");
|
||||
print '<span class="opacitymedium">'.$langs->trans("NoAccessToken").'</span>';
|
||||
}
|
||||
print '</td>';
|
||||
print '<td width="50%">';
|
||||
@@ -346,7 +350,7 @@ if ($mode == 'setup' && $user->admin) {
|
||||
if ($mode == 'test' && $user->admin) {
|
||||
print $langs->trans('PrintTestDesc'.$driver)."<br><br>\n";
|
||||
|
||||
print '<div class="div-table-responsive">';
|
||||
print '<div class="div-table-responsive-no-min">';
|
||||
print '<table class="noborder centpercent">';
|
||||
if (!empty($driver)) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/modules/printing/'.$driver.'.modules.php';
|
||||
|
||||
@@ -3658,7 +3658,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
|
||||
'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'puce',
|
||||
'stock', 'resize', 'service', 'stats', 'trip',
|
||||
'security', 'setup', 'share-alt', 'sign-out', 'split', 'stripe', 'stripe-s', 'switch_off', 'switch_on', 'switch_on_red', 'tools', 'unlink', 'uparrow', 'user', 'vcard', 'wrench',
|
||||
'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
|
||||
'github', 'google', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
|
||||
'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies',
|
||||
'generic', 'home', 'hrm', 'members', 'products', 'invoicing',
|
||||
'partnership', 'payment', 'payment_vat', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'region',
|
||||
@@ -3678,7 +3678,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
|
||||
if (in_array($pictowithouttext, array('card', 'bell', 'clock', 'establishment', 'generic', 'minus-square', 'object_generic', 'pdf', 'plus-square', 'timespent', 'note', 'off', 'on', 'object_bookmark', 'bookmark', 'vcard'))) {
|
||||
$fa = 'far';
|
||||
}
|
||||
if (in_array($pictowithouttext, array('black-tie', 'github', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) {
|
||||
if (in_array($pictowithouttext, array('black-tie', 'github', 'google', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) {
|
||||
$fa = 'fab';
|
||||
}
|
||||
|
||||
|
||||
@@ -25,13 +25,13 @@
|
||||
|
||||
// Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth)
|
||||
$supportedoauth2array = array(
|
||||
'OAUTH_GOOGLE_NAME'=>'google',
|
||||
'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google'),
|
||||
);
|
||||
if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
|
||||
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = 'stripetest';
|
||||
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = 'stripelive';
|
||||
if (!empty($conf->stripe->enabled)) {
|
||||
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest');
|
||||
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive');
|
||||
}
|
||||
$supportedoauth2array['OAUTH_GITHUB_NAME'] = 'github';
|
||||
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub');
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user