dolibarr  17.0.4
oauth.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2015-2018 Frederic France <frederic.france@netlogic.fr>
3  * Copyright (C) 2016 RaphaĆ«l Doursenaud <rdoursenaud@gpcsolutions.fr>
4  * Copyright (C) 2022 Laurent Destailleur <eldy@users.sourceforge.net>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <https://www.gnu.org/licenses/>.
18  */
19 
27 // Load Dolibarr environment
28 require '../main.inc.php';
29 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
30 require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php';
31 
32 // $supportedoauth2array is defined into oauth.lib.php
33 
34 // Define $urlwithroot
35 $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
36 $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
37 //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
38 
39 // Load translation files required by the page
40 $langs->loadLangs(array('admin', 'oauth', 'modulebuilder'));
41 
42 // Security check
43 if (!$user->admin) {
44  accessforbidden();
45 }
46 
47 $action = GETPOST('action', 'aZ09');
48 $provider = GETPOST('provider', 'aZ09');
49 $label = GETPOST('label', 'aZ09');
50 
51 $error = 0;
52 
53 
54 /*
55  * Actions
56  */
57 
58 if ($action == 'add') { // $provider is OAUTH_XXX
59  if ($provider && $provider != '-1') {
60  $constname = strtoupper($provider).($label ? '-'.$label : '').'_ID';
61 
62  if (getDolGlobalString($constname)) {
63  setEventMessages($langs->trans("AOAuthEntryForThisProviderAndLabelAlreadyHasAKey"), null, 'errors');
64  $error++;
65  } else {
66  dolibarr_set_const($db, $constname, $langs->trans('ToComplete'), 'chaine', 0, '', $conf->entity);
67  setEventMessages($langs->trans("OAuthProviderAdded"), null);
68  }
69  }
70 }
71 if ($action == 'update') {
72  foreach ($conf->global as $key => $val) {
73  if (!empty($val) && preg_match('/^OAUTH_.+_ID$/', $key)) {
74  $constvalue = str_replace('_ID', '', $key);
75  if (!dolibarr_set_const($db, $constvalue.'_ID', GETPOST($constvalue.'_ID'), 'chaine', 0, '', $conf->entity)) {
76  $error++;
77  }
78  // If we reset this provider, we also remove the secret
79  if (!dolibarr_set_const($db, $constvalue.'_SECRET', GETPOST($constvalue.'_ID') ? GETPOST($constvalue.'_SECRET') : '', 'chaine', 0, '', $conf->entity)) {
80  $error++;
81  }
82  if (GETPOSTISSET($constvalue.'_URLAUTHORIZE')) {
83  if (!dolibarr_set_const($db, $constvalue.'_URLAUTHORIZE', GETPOST($constvalue.'_URLAUTHORIZE'), 'chaine', 0, '', $conf->entity)) {
84  $error++;
85  }
86  }
87  if (GETPOSTISSET($constvalue.'_TENANT')) {
88  if (!dolibarr_set_const($db, $constvalue.'_TENANT', GETPOST($constvalue.'_TENANT'), 'chaine', 0, '', $conf->entity)) {
89  $error++;
90  }
91  }
92  if (GETPOSTISSET($constvalue.'_SCOPE')) {
93  if (is_array(GETPOST($constvalue.'_SCOPE'))) {
94  $scopestring = implode(',', GETPOST($constvalue.'_SCOPE'));
95  } else {
96  $scopestring = GETPOST($constvalue.'_SCOPE');
97  }
98  if (!dolibarr_set_const($db, $constvalue.'_SCOPE', $scopestring, 'chaine', 0, '', $conf->entity)) {
99  $error++;
100  }
101  } else {
102  if (!dolibarr_set_const($db, $constvalue.'_SCOPE', '', 'chaine', 0, '', $conf->entity)) {
103  $error++;
104  }
105  }
106  }
107  }
108 
109 
110  if (!$error) {
111  setEventMessages($langs->trans("SetupSaved"), null);
112  } else {
113  setEventMessages($langs->trans("Error"), null, 'errors');
114  }
115 }
116 
117 if ($action == 'confirm_delete') {
118  $provider = GETPOST('provider', 'aZ09');
119  $label = GETPOST('label');
120 
121  $globalkey = empty($provider) ? $label : $label.'-'.$provider;
122 
123  if (getDolGlobalString($globalkey.'_ID') && getDolGlobalString($globalkey.'_SECRET')) { // If ID and secret exist, we delete first the token
124  $backtourl = DOL_URL_ROOT.'/admin/oauth.php?action=delete_entry&provider='.$provider.'&label='.$label.'&token='.newToken();
125  $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
126  $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT;
127  $callbacktodel = $urlwithroot;
128  if ($label == 'OAUTH_GOOGLE') {
129  $callbacktodel .= '/core/modules/oauth/google_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
130  } elseif ($label == 'OAUTH_GITHUB') {
131  $callbacktodel .= '/core/modules/oauth/github_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
132  } elseif ($label == 'OAUTH_STRIPE_LIVE') {
133  $callbacktodel .= '/core/modules/oauth/stripelive_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
134  } elseif ($label == 'OAUTH_STRIPE_TEST') {
135  $callbacktodel .= '/core/modules/oauth/stripetest_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
136  } elseif ($label == 'OAUTH_MICROSOFT') {
137  $callbacktodel .= '/core/modules/oauth/microsoft_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
138  } elseif ($label == 'OAUTH_OTHER') {
139  $callbacktodel .= '/core/modules/oauth/generic_oauthcallback.php?action=delete&keyforprovider='.$provider.'&token='.newToken().'&backtourl='.urlencode($backtourl);
140  }
141  header("Location: ".$callbacktodel);
142  exit;
143  } else {
144  $action = 'delete_entry';
145  }
146 }
147 
148 if ($action == 'delete_entry') {
149  $provider = GETPOST('provider', 'aZ09');
150  $label = GETPOST('label');
151 
152  $globalkey = empty($provider) ? $label : $label.'-'.$provider;
153 
154  if (!dolibarr_del_const($db, $globalkey.'_NAME', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_ID', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SECRET', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_URLAUTHORIZE', $conf->entity) || !dolibarr_del_const($db, $globalkey.'_SCOPE', $conf->entity)) {
155  setEventMessages($langs->trans("ErrorInEntryDeletion"), null, 'errors');
156  $error++;
157  } else {
158  setEventMessages($langs->trans("EntryDeleted"), null);
159  }
160 }
161 
162 /*
163  * View
164  */
165 
166 llxHeader();
167 
168 $form = new Form($db);
169 // Confirmation of action process
170 if ($action == 'delete') {
171  $formquestion = array();
172  $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?provider='.GETPOST('provider').'&label='.GETPOST('label'), $langs->trans('OAuthServiceConfirmDeleteTitle'), $langs->trans('OAuthServiceConfirmDeleteMessage'), 'confirm_delete', $formquestion, 0, 1, 220);
173  print $formconfirm;
174 }
175 
176 
177 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
178 print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup');
179 
180 print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
181 print '<input type="hidden" name="token" value="'.newToken().'">';
182 print '<input type="hidden" name="action" value="add">';
183 
184 $head = oauthadmin_prepare_head();
185 
186 print dol_get_fiche_head($head, 'services', '', -1, '');
187 
188 
189 print '<span class="opacitymedium">'.$langs->trans("ListOfSupportedOauthProviders").'</span><br><br>';
190 
191 
192 print '<select name="provider" id="provider" class="minwidth150">';
193 print '<option name="-1" value="-1">'.$langs->trans("OAuthProvider").'</option>';
194 foreach ($list as $key) {
195  $supported = 0;
196  $keyforsupportedoauth2array = $key[0];
197 
198  if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
199  $supported = 1;
200  }
201  if (!$supported) {
202  continue; // show only supported
203  }
204 
205  $i++;
206  print '<option name="'.$keyforsupportedoauth2array.'" value="'.str_replace('_NAME', '', $keyforsupportedoauth2array).'">'.$supportedoauth2array[$keyforsupportedoauth2array]['name'].'</option>'."\n";
207 }
208 print '</select>';
209 print ajax_combobox('provider');
210 print ' <input type="text" name="label" value="" placeholder="'.$langs->trans("Label").'" pattern="^\S+$" title="'.$langs->trans("SpaceOrSpecialCharAreNotAllowed").'">';
211 print ' <input type="submit" class="button small" name="add" value="'.$langs->trans("Add").'">';
212 
213 print '<br>';
214 print '<br>';
215 
216 print dol_get_fiche_end();
217 
218 print '</form>';
219 
220 $listinsetup = [];
221 // Define $listinsetup
222 foreach ($conf->global as $key => $val) {
223  if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) {
224  $provider = preg_replace('/_ID$/', '', $key);
225  $listinsetup[] = array(
226  $provider.'_NAME',
227  $provider.'_ID',
228  $provider.'_SECRET',
229  $provider.'_URLAUTHORIZE', // For custom oauth links
230  $provider.'_SCOPE' // For custom oauth links
231  );
232  }
233 }
234 
235 
236 if (count($listinsetup) > 0) {
237  print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
238  print '<input type="hidden" name="token" value="'.newToken().'">';
239  print '<input type="hidden" name="action" value="update">';
240 
241  print '<div class="div-table-responsive-no-min">';
242 
243  $i = 0;
244 
245  // $list is defined into oauth.lib.php to the list of supporter OAuth providers.
246  foreach ($listinsetup as $key) {
247  $supported = 0;
248  $keyforsupportedoauth2array = $key[0]; // May be OAUTH_GOOGLE_NAME or OAUTH_GOOGLE_xxx_NAME
249  $keyforsupportedoauth2array = preg_replace('/^OAUTH_/', '', $keyforsupportedoauth2array);
250  $keyforsupportedoauth2array = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
251  if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
252  $keybeforeprovider = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
253  $keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
254  } else {
255  $keybeforeprovider = $keyforsupportedoauth2array;
256  $keyforprovider = '';
257  }
258  $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
259  $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
260 
261  if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
262  $supported = 1;
263  }
264  if (!$supported) {
265  continue; // show only supported
266  }
267 
268  $i++;
269 
270  print '<table class="noborder centpercent">';
271 
272  // OAUTH service name
273  $label = $langs->trans($keyforsupportedoauth2array);
274  print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">';
275  print '<td class="titlefieldcreate">';
276  print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
277  if ($label == $keyforsupportedoauth2array) {
278  print $supportedoauth2array[$keyforsupportedoauth2array]['name'];
279  } else {
280  print $label;
281  }
282  if ($keyforprovider) {
283  print ' (<b>'.$keyforprovider.'</b>)';
284  } else {
285  print ' (<b>'.$langs->trans("NoName").'</b>)';
286  }
287  print '</td>';
288  print '<td>';
289  if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials'])) {
290  print $langs->trans("OAUTH_URL_FOR_CREDENTIAL", $supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials']);
291  }
292  print '</td>';
293 
294  // Delete
295  print '<td>';
296  $label = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
297  print '<a href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&provider='.urlencode($keyforprovider).'&label='.urlencode($label).'">';
298  print img_picto('', 'delete');
299  print '</a>';
300 
301  print '</form>';
302  print '</td>';
303 
304  print '</tr>';
305 
306  if ($supported) {
307  $redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php';
308  print '<tr class="oddeven value">';
309  print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
310  print '<td><input style="width: 80%" type="text" name="uri'.$keyforsupportedoauth2array.'" id="uri'.$keyforsupportedoauth2array.$keyforprovider.'" value="'.$redirect_uri.'" disabled>';
311  print ajax_autoselect('uri'.$keyforsupportedoauth2array.$keyforprovider);
312  print '</td>';
313  print '<td></td>';
314  print '</tr>';
315 
316  if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') {
317  print '<tr class="oddeven value">';
318  print '<td>'.$langs->trans("URLOfServiceForAuthorization").'</td>';
319  print '<td><input style="width: 80%" type="text" name="'.$key[3].'" value="'.getDolGlobalString($key[3]).'" >';
320  print '</td>';
321  print '<td></td>';
322  print '</tr>';
323  }
324  } else {
325  print '<tr class="oddeven value">';
326  print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
327  print '<td>'.$langs->trans("FeatureNotYetSupported").'</td>';
328  print '</td>';
329  print '<td></td>';
330  print '</tr>';
331  }
332 
333  // Api Id
334  print '<tr class="oddeven value">';
335  print '<td><label for="'.$key[1].'">'.$langs->trans("OAUTH_ID").'</label></td>';
336  print '<td><input type="text" size="100" id="'.$key[1].'" name="'.$key[1].'" value="'.getDolGlobalString($key[1]).'">';
337  print '</td>';
338  print '<td></td>';
339  print '</tr>';
340 
341  // Api Secret
342  print '<tr class="oddeven value">';
343  print '<td><label for="'.$key[2].'">'.$langs->trans("OAUTH_SECRET").'</label></td>';
344  print '<td><input type="password" size="100" id="'.$key[2].'" name="'.$key[2].'" value="'.getDolGlobalString($key[2]).'">';
345  print '</td>';
346  print '<td></td>';
347  print '</tr>';
348 
349  // Tenant
350  if ($keybeforeprovider == 'MICROSOFT') {
351  print '<tr class="oddeven value">';
352  print '<td><label for="'.$key[2].'">'.$langs->trans("OAUTH_TENANT").'</label></td>';
353  print '<td><input type="text" size="100" id="OAUTH_'.$keybeforeprovider.($keyforprovider ? '-'.$keyforprovider : '').'_TENANT" name="OAUTH_'.$keybeforeprovider.($keyforprovider ? '-'.$keyforprovider : '').'_TENANT" value="'.getDolGlobalString('OAUTH_'.$keybeforeprovider.($keyforprovider ? '-'.$keyforprovider : '').'_TENANT').'">';
354  print '</td>';
355  print '<td></td>';
356  print '</tr>';
357  }
358 
359  // TODO Move this into token generation ?
360  if ($supported) {
361  if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') {
362  print '<tr class="oddeven value">';
363  print '<td>'.$langs->trans("Scopes").'</td>';
364  print '<td>';
365  print '<input style="width: 80%" type"text" name="'.$key[4].'" value="'.getDolGlobalString($key[4]).'" >';
366  print '</td>';
367  print '<td></td>';
368  print '</tr>';
369  } else {
370  $availablescopes = array_flip(explode(',', $supportedoauth2array[$keyforsupportedoauth2array]['availablescopes']));
371  $currentscopes = explode(',', getDolGlobalString($key[4]));
372  $scopestodispay = array();
373  foreach ($availablescopes as $keyscope => $valscope) {
374  if (in_array($keyscope, $currentscopes)) {
375  $scopestodispay[$keyscope] = 1;
376  } else {
377  $scopestodispay[$keyscope] = 0;
378  }
379  }
380  // Api Scope
381  print '<tr class="oddeven value">';
382  print '<td>'.$langs->trans("Scopes").'</td>';
383  print '<td>';
384  foreach ($scopestodispay as $scope => $val) {
385  print '<input type="checkbox" id="'.$keyforprovider.$scope.'" name="'.$key[4].'[]" value="'.$scope.'"'.($val ? ' checked' : '').'>';
386  print '<label style="margin-right: 10px" for="'.$keyforprovider.$scope.'">'.$scope.'</label>';
387  }
388  print '</td>';
389  print '<td></td>';
390  print '</tr>';
391  }
392  } else {
393  print '<tr class="oddeven value">';
394  print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
395  print '<td>'.$langs->trans("FeatureNotYetSupported").'</td>';
396  print '</td>';
397  print '<td></td>';
398  print '</tr>';
399  }
400 
401  print '</table>'."\n";
402 
403  print '<br>';
404  }
405 
406  print '</div>';
407 
408  print $form->buttonsSaveCancel("Save", '');
409 
410  print '</form>';
411 }
412 
413 // End of page
414 llxFooter();
415 $db->close();
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition: admin.lib.php:632
dolibarr_del_const
dolibarr_del_const($db, $name, $entity=1)
Delete a constant.
Definition: admin.lib.php:556
ajax_combobox
ajax_combobox($htmlname, $events=array(), $minLengthToAutocomplete=0, $forcefocus=0, $widthTypeOfAutocomplete='resolve', $idforemptyvalue='-1', $morecss='')
Convert a html select field into an ajax combobox.
Definition: ajax.lib.php:449
llxHeader
if(!defined('NOREQUIRESOC')) if(!defined('NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined('NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined('NOREQUIREAJAX')) llxHeader()
Empty header.
Definition: wrapper.php:56
llxFooter
llxFooter()
Empty footer.
Definition: wrapper.php:70
Form
Class to manage generation of HTML components Only common components must be here.
Definition: html.form.class.php:54
$form
if($cancel &&! $id) if($action=='add' &&! $cancel) if($action=='delete') if($id) $form
Actions.
Definition: card.php:143
load_fiche_titre
load_fiche_titre($titre, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
Definition: functions.lib.php:5360
dol_get_fiche_head
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='')
Show tabs of a record.
Definition: functions.lib.php:1858
dol_get_fiche_end
dol_get_fiche_end($notab=0)
Return tab footer of a card.
Definition: functions.lib.php:2054
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='')
Set event messages in dol_events session object.
Definition: functions.lib.php:8466
img_picto
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=false, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
Definition: functions.lib.php:4024
ajax_autoselect
ajax_autoselect($htmlname, $addlink='', $textonlink='Link')
Make content of an input box selected when we click into input field.
Definition: functions.lib.php:10088
newToken
newToken()
Return the value of token currently saved into session with name 'newtoken'.
Definition: functions.lib.php:11295
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition: functions.lib.php:520
getDolGlobalString
if(!function_exists('utf8_encode')) if(!function_exists('utf8_decode')) getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
Definition: functions.lib.php:82
GETPOSTISSET
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname from a POST of a form.
Definition: functions.lib.php:421
$formconfirm
$formconfirm
if ($action == 'delbookkeepingyear') {
Definition: listbyaccount.php:620
oauthadmin_prepare_head
oauthadmin_prepare_head()
Return array of tabs to used on pages to setup cron module.
Definition: oauth.lib.php:281
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition: security.lib.php:1125
Generated on Wed Apr 3 2024 21:00:02 for dolibarr by Doxygen 1.9.1