dolibarr 19.0.3
functions_googleoauth.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2007-2013 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2007-2009 Regis Houssin <regis.houssin@inodbox.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17 */
18
28//include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
29
30
40function check_user_password_googleoauth($usertotest, $passwordtotest, $entitytotest)
41{
42 global $_POST, $conf;
43
44 dol_syslog("functions_googleoauth::check_user_password_googleoauth usertotest=".$usertotest." GETPOST('actionlogin')=".GETPOST('actionlogin'));
45
46 $login = '';
47
48 // Get identity from user and redirect browser to Google OAuth Server
49 if (GETPOST('actionlogin') == 'login') {
50 if (GETPOST('beforeoauthloginredirect')) {
51 // We post the form on the login page by clicking on the link to login using Google.
52 dol_syslog("We post the form on the login page by clicking on the link to login using Google. We save _SESSION['datafromloginform']");
53
54 // We save data of form into a variable
55 $_SESSION['datafromloginform'] = array(
56 'entity'=>GETPOST('entity', 'int'),
57 'backtopage'=>GETPOST('backtopage'),
58 'tz'=>GETPOST('tz'),
59 'tz_string'=>GETPOST('tz_string'),
60 'dst_observed'=>GETPOST('dst_observed'),
61 'dst_first'=>GETPOST('dst_first'),
62 'dst_second'=>GETPOST('dst_second'),
63 'dol_screenwidth'=>GETPOST('screenwidth'),
64 'dol_screenheight'=>GETPOST('screenheight'),
65 'dol_hide_topmenu'=>GETPOST('dol_hide_topmenu'),
66 'dol_hide_leftmenu'=>GETPOST('dol_hide_leftmenu'),
67 'dol_optimize_smallscreen'=>GETPOST('dol_optimize_smallscreen'),
68 'dol_no_mouse_hover'=>GETPOST('dol_no_mouse_hover'),
69 'dol_use_jmobile'=>GETPOST('dol_use_jmobile')
70 );
71
72 // Make the redirect to the google_authcallback.php page to start the redirect to Google OAUTH.
73
74 // Define $urlwithroot
75 //global $dolibarr_main_url_root;
76 //$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
77 //$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
78 $urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
79
80 //$shortscope = 'userinfo_email,userinfo_profile';
81 $shortscope = 'openid,email,profile'; // For openid connect
82
83 $oauthstateanticsrf = bin2hex(random_bytes(128/8));
84 $_SESSION['oauthstateanticsrf'] = $shortscope.'-'.$oauthstateanticsrf;
85
86 $url = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode('forlogin-'.$shortscope.'-'.$oauthstateanticsrf).'&username='.urlencode($usertotest);
87
88 // we go on oauth provider authorization page
89 header('Location: '.$url);
90 exit();
91 }
92
93 if (GETPOST('afteroauthloginreturn')) {
94 // We reach this code after a call of a redirect to the targeted page from the callback url page of Google OAUTH2
95 dol_syslog("We reach the code after a call of a redirect to the targeted page from the callback url page of Google OAUTH2");
96
97 $tmparray = (empty($_SESSION['datafromloginform']) ? array() : $_SESSION['datafromloginform']);
98
99 if (!empty($tmparray)) {
100 $_POST['entity'] = $tmparray['entity'];
101 $_POST['backtopage'] = $tmparray['backtopage'];
102 $_POST['tz'] = $tmparray['tz'];
103 $_POST['tz_string'] = $tmparray['tz_string'];
104 $_POST['dst_observed'] = $tmparray['dst_observed'];
105 $_POST['dst_first'] = $tmparray['dst_first'];
106 $_POST['dst_second'] = $tmparray['dst_second'];
107 $_POST['screenwidth'] = $tmparray['dol_screenwidth'];
108 $_POST['screenheight'] = $tmparray['dol_screenheight'];
109 $_POST['dol_hide_topmenu'] = $tmparray['dol_hide_topmenu'];
110 $_POST['dol_hide_leftmenu'] = $tmparray['dol_hide_leftmenu'];
111 $_POST['dol_optimize_smallscreen'] = $tmparray['dol_optimize_smallscreen'];
112 $_POST['dol_no_mouse_hover'] = $tmparray['dol_no_mouse_hover'];
113 $_POST['dol_use_jmobile'] = $tmparray['dol_use_jmobile'];
114 }
115
116 // If googleoauth_login has been set (by google_oauthcallback after a successfull OAUTH2 request on openid scope
117 if (!empty($_SESSION['googleoauth_receivedlogin']) && dol_verifyHash($conf->file->instance_unique_id.$usertotest, $_SESSION['googleoauth_receivedlogin'], '0')) {
118 dol_syslog("Login received by Google OAuth was validated by callback page and saved crypted into session. This login is ".$usertotest);
119 unset($_SESSION['googleoauth_receivedlogin']);
120 $login = $usertotest;
121 }
122 }
123 }
124
125 return $login;
126}
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
check_user_password_googleoauth($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION["dol_login...
dol_verifyHash($chain, $hash, $type='0')
Compute a hash and compare it to the given one For backward compatibility reasons,...