28 require
'../../../main.inc.php';
29 require_once DOL_DOCUMENT_ROOT.
'/includes/OAuth/bootstrap.php';
30 use OAuth\Common\Storage\DoliStorage;
31 use OAuth\Common\Consumer\Credentials;
32 use OAuth\OAuth2\Service\Google;
35 $urlwithouturlroot = preg_replace(
'/'.preg_quote(DOL_URL_ROOT,
'/').
'$/i',
'', trim($dolibarr_main_url_root));
36 $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT;
41 $action =
GETPOST(
'action',
'aZ09');
42 $backtourl =
GETPOST(
'backtourl',
'alpha');
43 $keyforprovider =
GETPOST(
'keyforprovider',
'aZ09');
44 if (empty($keyforprovider) && !empty($_SESSION[
"oauthkeyforproviderbeforeoauthjump"]) && (
GETPOST(
'code') || $action ==
'delete')) {
46 $keyforprovider = $_SESSION[
"oauthkeyforproviderbeforeoauthjump"];
56 $currentUri =
$uriFactory->createFromAbsolute($urlwithroot.
'/core/modules/oauth/google_oauthcallback.php');
64 $serviceFactory = new \OAuth\ServiceFactory();
65 $httpClient = new \OAuth\Common\Http\Client\CurlClient();
69 $serviceFactory->setHttpClient($httpClient);
72 $keyforparamid =
'OAUTH_GOOGLE'.($keyforprovider ?
'-'.$keyforprovider :
'').
'_ID';
73 $keyforparamsecret =
'OAUTH_GOOGLE'.($keyforprovider ?
'-'.$keyforprovider :
'').
'_SECRET';
74 $credentials =
new Credentials(
77 $currentUri->getAbsoluteUri()
81 $statewithscopeonly =
'';
82 $statewithanticsrfonly =
'';
84 $requestedpermissionsarray = array();
87 $statewithscopeonly = preg_replace(
'/\-.*$/',
'', $state);
88 $requestedpermissionsarray = explode(
',', $statewithscopeonly);
89 $statewithanticsrfonly = preg_replace(
'/^.*\-/',
'', $state);
91 if ($action !=
'delete' && empty($requestedpermissionsarray)) {
92 print
'Error, parameter state is not defined';
99 $storage =
new DoliStorage($db, $conf, $keyforprovider);
104 $apiService = $serviceFactory->createService(
'Google', $credentials, $storage, $requestedpermissionsarray);
108 $apiService->setAccessType(
'offline');
111 $langs->load(
"oauth");
114 accessforbidden(
'Setup of service is not complete. Customer ID is missing');
117 accessforbidden(
'Setup of service is not complete. Secret key is missing');
126 if ($action ==
'delete') {
127 $storage->clearToken(
'Google');
131 header(
'Location: '.$backtourl);
136 dol_syslog(
"We are coming from the oauth provider page keyforprovider=".$keyforprovider);
139 if (isset($_SESSION[
'oauthstateanticsrf']) && $state != $_SESSION[
'oauthstateanticsrf']) {
140 print
'Value for state = '.dol_escape_htmltag($state).
' differs from value in $_SESSION["oauthstateanticsrf"]. Code is refused.';
141 unset($_SESSION[
'oauthstateanticsrf']);
151 $token = $apiService->requestAccessToken(
GETPOST(
'code'), $state);
154 $extraparams = $token->getExtraParams();
155 $jwt = explode(
'.', $extraparams[
'id_token']);
158 if (!empty($jwt[1])) {
159 $userinfo = json_decode(base64_decode($jwt[1]),
true);
182 $backtourl = $_SESSION[
"backtourlsavedbeforeoauthjump"];
183 unset($_SESSION[
"backtourlsavedbeforeoauthjump"]);
185 header(
'Location: '.$backtourl);
188 print $e->getMessage();
194 $_SESSION[
"backtourlsavedbeforeoauthjump"] = $backtourl;
195 $_SESSION[
"oauthkeyforproviderbeforeoauthjump"] = $keyforprovider;
196 $_SESSION[
'oauthstateanticsrf'] = $state;
198 if (!preg_match(
'/^forlogin/', $state)) {
199 $apiService->setApprouvalPrompt(
'force');
205 $url = $apiService->getAuthorizationUri(array(
'state' => $state));
207 $url = $apiService->getAuthorizationUri();
211 $url .=
'&nonce='.bin2hex(random_bytes(64/8));
213 if (!preg_match(
'/^forlogin/', $state)) {
218 header(
'Location: '.$url);