44 dol_syslog(
"functions_googleoauth::check_user_password_googleoauth usertotest=".$usertotest.
" GETPOST('actionlogin')=".
GETPOST(
'actionlogin'));
49 if (
GETPOST(
'actionlogin') ==
'login') {
50 if (
GETPOST(
'beforeoauthloginredirect')) {
52 dol_syslog(
"We post the form on the login page by clicking on the link to login using Google. We save _SESSION['datafromloginform']");
55 $_SESSION[
'datafromloginform'] = array(
56 'entity'=>
GETPOST(
'entity',
'int'),
57 'backtopage'=>
GETPOST(
'backtopage'),
59 'tz_string'=>
GETPOST(
'tz_string'),
60 'dst_observed'=>
GETPOST(
'dst_observed'),
61 'dst_first'=>
GETPOST(
'dst_first'),
62 'dst_second'=>
GETPOST(
'dst_second'),
63 'dol_screenwidth'=>
GETPOST(
'screenwidth'),
64 'dol_screenheight'=>
GETPOST(
'screenheight'),
65 'dol_hide_topmenu'=>
GETPOST(
'dol_hide_topmenu'),
66 'dol_hide_leftmenu'=>
GETPOST(
'dol_hide_leftmenu'),
67 'dol_optimize_smallscreen'=>
GETPOST(
'dol_optimize_smallscreen'),
68 'dol_no_mouse_hover'=>
GETPOST(
'dol_no_mouse_hover'),
69 'dol_use_jmobile'=>
GETPOST(
'dol_use_jmobile')
78 $urlwithroot=DOL_MAIN_URL_ROOT;
81 $shortscope =
'openid,email,profile';
83 $oauthstateanticsrf = bin2hex(random_bytes(128/8));
84 $_SESSION[
'oauthstateanticsrf'] = $shortscope.
'-'.$oauthstateanticsrf;
86 $url = $urlwithroot.
'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).
'&state='.urlencode(
'forlogin-'.$shortscope.
'-'.$oauthstateanticsrf).
'&username='.urlencode($usertotest);
89 header(
'Location: '.$url);
93 if (
GETPOST(
'afteroauthloginreturn')) {
95 dol_syslog(
"We reach the code after a call of a redirect to the targeted page from the callback url page of Google OAUTH2");
97 $tmparray = (empty($_SESSION[
'datafromloginform']) ? array() : $_SESSION[
'datafromloginform']);
99 if (!empty($tmparray)) {
100 $_POST[
'entity'] = $tmparray[
'entity'];
101 $_POST[
'backtopage'] = $tmparray[
'backtopage'];
102 $_POST[
'tz'] = $tmparray[
'tz'];
103 $_POST[
'tz_string'] = $tmparray[
'tz_string'];
104 $_POST[
'dst_observed'] = $tmparray[
'dst_observed'];
105 $_POST[
'dst_first'] = $tmparray[
'dst_first'];
106 $_POST[
'dst_second'] = $tmparray[
'dst_second'];
107 $_POST[
'screenwidth'] = $tmparray[
'dol_screenwidth'];
108 $_POST[
'screenheight'] = $tmparray[
'dol_screenheight'];
109 $_POST[
'dol_hide_topmenu'] = $tmparray[
'dol_hide_topmenu'];
110 $_POST[
'dol_hide_leftmenu'] = $tmparray[
'dol_hide_leftmenu'];
111 $_POST[
'dol_optimize_smallscreen'] = $tmparray[
'dol_optimize_smallscreen'];
112 $_POST[
'dol_no_mouse_hover'] = $tmparray[
'dol_no_mouse_hover'];
113 $_POST[
'dol_use_jmobile'] = $tmparray[
'dol_use_jmobile'];
117 if (!empty($_SESSION[
'googleoauth_receivedlogin']) &&
dol_verifyHash($conf->file->instance_unique_id.$usertotest, $_SESSION[
'googleoauth_receivedlogin'],
'0')) {
118 dol_syslog(
"Login received by Google OAuth was validated by callback page and saved crypted into session. This login is ".$usertotest);
119 unset($_SESSION[
'googleoauth_receivedlogin']);
120 $login = $usertotest;
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
check_user_password_googleoauth($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION["dol_login...
dol_verifyHash($chain, $hash, $type='0')
Compute a hash and compare it to the given one For backward compatibility reasons,...