* Copyright (C) 2016 Raphaƫl Doursenaud * Copyright (C) 2022 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * */ /** * \file htdocs/admin/oauth.php * \ingroup oauth * \brief Setup page to configure oauth access api */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // $supportedoauth2array is defined into oauth.lib.php // Define $urlwithroot $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current // Load translation files required by the page $langs->loadLangs(array('admin', 'oauth')); // Security check if (!$user->admin) { accessforbidden(); } $action = GETPOST('action', 'aZ09'); $provider = GETPOST('provider', 'aZ09'); $label = GETPOST('label', 'aZ09'); $error = 0; /* * Actions */ if ($action == 'add') { // $provider is OAUTH_XXX if ($provider && $provider != '-1') { $constname = strtoupper($provider).($label ? '-'.$label : '').'_ID'; if (getDolGlobalString($constname)) { setEventMessages($langs->trans("AOAuthEntryForThisProviderAndLabelAlreadyHasAKey"), null, 'errors'); $error++; } else { dolibarr_set_const($db, $constname, $langs->trans('ToComplete'), 'chaine', 0, '', $conf->entity); setEventMessages($langs->trans("OAuthProviderAdded"), null); } } } if ($action == 'update') { foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.+_ID$/', $key)) { $constvalue = str_replace('_ID', '', $key); if (!dolibarr_set_const($db, $constvalue.'_ID', GETPOST($constvalue.'_ID'), 'chaine', 0, '', $conf->entity)) { $error++; } // If we reset this provider, we also remove the secret if (!dolibarr_set_const($db, $constvalue.'_SECRET', GETPOST($constvalue.'_ID') ? GETPOST($constvalue.'_SECRET') : '', 'chaine', 0, '', $conf->entity)) { $error++; } if (GETPOSTISSET($constvalue.'_URLAUTHORIZE')) { if (!dolibarr_set_const($db, $constvalue.'_URLAUTHORIZE', GETPOST($constvalue.'_URLAUTHORIZE'), 'chaine', 0, '', $conf->entity)) { $error++; } } if (GETPOSTISSET($constvalue.'_SCOPE')) { if (!dolibarr_set_const($db, $constvalue.'_SCOPE', GETPOST($constvalue.'_SCOPE'), 'chaine', 0, '', $conf->entity)) { $error++; } } } } if (!$error) { setEventMessages($langs->trans("SetupSaved"), null); } else { setEventMessages($langs->trans("Error"), null, 'errors'); } } /* * View */ llxHeader(); $form = new Form($db); $linkback = ''.$langs->trans("BackToModuleList").''; print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup'); print '
'; print ''; print ''; $head = oauthadmin_prepare_head(); print dol_get_fiche_head($head, 'services', '', -1, ''); print ''.$langs->trans("ListOfSupportedOauthProviders").'

'; print ''; print ajax_combobox('provider'); print ' '; print ' '; print '
'; print '
'; print '
'; print '
'; print ''; print ''; print '
'; print ''; $i = 0; // Define $listinsetup foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { $provider = preg_replace('/_ID$/', '', $key); $listinsetup[] = array( $provider.'_NAME', $provider.'_ID', $provider.'_SECRET', $provider.'_URLAUTHORIZE', // For custom oauth links $provider.'_SCOPE' // For custom oauth links ); } } // $list is defined into oauth.lib.php to the list of supporter OAuth providers. foreach ($listinsetup as $key) { $supported = 0; $keyforsupportedoauth2array = $key[0]; // May be OAUTH_GOOGLE_NAME or OAUTH_GOOGLE_xxx_NAME $keyforsupportedoauth2array = preg_replace('/^OAUTH_/', '', $keyforsupportedoauth2array); $keyforsupportedoauth2array = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array); if (preg_match('/^.*-/', $keyforsupportedoauth2array)) { $keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array); } else { $keyforprovider = ''; } $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array); $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME'; if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) { $supported = 1; } if (!$supported) { continue; // show only supported } $i++; // Api Name $label = $langs->trans($keyforsupportedoauth2array); print ''; print ''; print ''; print ''; if ($supported) { $redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php'; print ''; print ''; print ''; if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') { print ''; print ''; print ''; } } else { print ''; print ''; print ''; print ''; } // Api Id print ''; print ''; print ''; // Api Secret print ''; print ''; print ''; // TODO Move this into token generation if ($supported) { if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') { print ''; print ''; print ''; } else { print ''; print ''; print ''; } } } print '
'; print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"'); if ($label == $keyforsupportedoauth2array) { print $supportedoauth2array[$keyforsupportedoauth2array]['name']; } else { print $label; } if ($keyforprovider) { print ' ('.$keyforprovider.')'; } else { print ' ('.$langs->trans("NoName").')'; } print ''; if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials'])) { print $langs->trans("OAUTH_URL_FOR_CREDENTIAL", $supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials']); } print '
'.$langs->trans("UseTheFollowingUrlAsRedirectURI").''; print '
'.$langs->trans("URLOfServiceForAuthorization").''; print '
'.$langs->trans("UseTheFollowingUrlAsRedirectURI").''.$langs->trans("FeatureNotYetSupported").'
'; print '
'; print '
'.$langs->trans("Scopes").''; print ''; print '
'.$langs->trans("Scopes").''; //print ''; print $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope']; print '
'."\n"; print '
'; print dol_get_fiche_end(); print $form->buttonsSaveCancel("Modify", ''); print '
'; // End of page llxFooter(); $db->close();