dolibarr 21.0.3
openid_connect.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2023 Maximilien Rozniecki <mrozniecki@easya.solutions>
3 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
25// Load Dolibarr environment
26require '../main.inc.php';
27require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
28require_once DOL_DOCUMENT_ROOT.'/core/lib/openid_connect.lib.php';
29require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
30require_once DOL_DOCUMENT_ROOT.'/core/lib/openid_connect.lib.php';
31
40$langs->loadLangs(["admin", "openidconnect"]);
41
42if (!$user->admin) {
43 accessforbidden();
44}
45
46$action = GETPOST('action', 'alpha');
47
48
49/*
50 * Actions
51 */
52
53$errors = [];
54$error = 0;
55
56if ($action == 'set') {
57 $client_id = GETPOST('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', 'alpha');
58 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', $client_id, 'chaine', 0, '', 0);
59 if (!$res > 0) {
60 $errors[] = $db->lasterror();
61 $error++;
62 }
63
64 $client_id = GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_ID', 'alpha');
65 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_CLIENT_ID', $client_id, 'chaine', 0, '', 0);
66 if (!$res > 0) {
67 $errors[] = $db->lasterror();
68 $error++;
69 }
70
71 $client_secret = GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', 'alpha');
72 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', $client_secret, 'chaine', 0, '', 0);
73 if (!$res > 0) {
74 $errors[] = $db->lasterror();
75 $error++;
76 }
77
78 $scopes = GETPOST('MAIN_AUTHENTICATION_OIDC_SCOPES', 'alpha');
79 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_SCOPES', $scopes, 'chaine', 0, '', 0);
80 if (!$res > 0) {
81 $errors[] = $db->lasterror();
82 $error++;
83 }
84
85 $authorize_url = GETPOST('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', 'alpha');
86 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', $authorize_url, 'chaine', 0, '', 0);
87 if (!$res > 0) {
88 $errors[] = $db->lasterror();
89 $error++;
90 }
91
92 $value = GETPOST('MAIN_AUTHENTICATION_OIDC_TOKEN_URL', 'alpha');
93 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_TOKEN_URL', $value, 'chaine', 0, '', 0);
94 if (!$res > 0) {
95 $errors[] = $db->lasterror();
96 $error++;
97 }
98
99 $value = GETPOST('MAIN_AUTHENTICATION_OIDC_USERINFO_URL', 'alpha');
100 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_USERINFO_URL', $value, 'chaine', 0, '', 0);
101 if (!$res > 0) {
102 $errors[] = $db->lasterror();
103 $error++;
104 }
105
106 $logout_url = GETPOST('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', 'alpha');
107 $res = dolibarr_set_const($db, 'MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', $logout_url, 'chaine', 0, '', 0);
108 if (!$res > 0) {
109 $errors[] = $db->lasterror();
110 $error++;
111 }
112}
113
114if ($action != '') {
115 if (!$error) {
116 setEventMessage($langs->trans("SetupSaved"));
117 header("Location: " . $_SERVER["PHP_SELF"]);
118 exit;
119 } else {
120 setEventMessages('', $errors, 'errors');
121 }
122}
123
124
125/*
126 * View
127 */
128
129llxHeader();
130
131$linkback='<a href="'.DOL_URL_ROOT.'/admin/modules.php">'.$langs->trans("BackToModuleList").'</a>';
132print load_fiche_titre($langs->trans("OpenIDconnectSetup"), $linkback, 'title_setup');
133
134$head = openid_connect_prepare_head();
135
136print dol_get_fiche_head($head, 'settings', $langs->trans("Parameters"), -1, 'action');
137
138print $langs->trans("SeeWikiDocForHelpInSetupOpenIDCOnnect");
139print ' - ';
140print img_picto('', 'url', 'class="pictofixedwidth"').'<a target="_blank" href="https://wiki.dolibarr.org/index.php?title=Authentication,_SSO_and_SSL#Mode_openid_connect">';
141print $langs->trans("SeeHere");
142print '</a>';
143
144print dol_get_fiche_end();
145
146print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
147print '<input type="hidden" name="token" value="'.newToken().'">';
148print '<input type="hidden" name="action" value="set">';
149
150print '<div class="div-table-responsive-no-min">';
151print '<table class="tagtable noborder liste nobottomiftotal">';
152print '<tr class="liste_titre">';
153print '<th class="liste_titre">'.$langs->trans("Parameters").'</th>'."\n";
154print '<th class="liste_titre"></th>'."\n";
155print '<th class="liste_titre"></th>'."\n";
156print "</tr>\n";
157
158// MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM
159print '<tr class="oddeven">' . "\n";
160print '<td>'.$langs->trans("MainAuthenticationOidcLoginClaimName").'</td>'."\n";
161print '<td>'.$langs->trans("MainAuthenticationOidcLoginClaimDesc").'</td>'."\n";
162print '<td align="right">' . "\n";
163print '<input name="MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM" id="MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM') ? GETPOST('MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM") : ''))).'"></td></tr>';
164print '</td></tr>' . "\n";
165
166// MAIN_AUTHENTICATION_OIDC_CLIENT_ID
167print '<tr class="oddeven">' . "\n";
168print '<td>'.$langs->trans("MainAuthenticationOidcClientIdName").'</td>'."\n";
169print '<td>'.$langs->trans("MainAuthenticationOidcClientIdDesc").'</td>'."\n";
170print '<td align="right">' . "\n";
171print '<input name="MAIN_AUTHENTICATION_OIDC_CLIENT_ID" id="MAIN_AUTHENTICATION_OIDC_CLIENT_ID" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_CLIENT_ID') ? GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_ID', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_CLIENT_ID) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_CLIENT_ID") : ''))).'"></td></tr>';
172print '</td></tr>' . "\n";
173
174// MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET
175print '<tr class="oddeven">' . "\n";
176print '<td>'.$langs->trans("MainAuthenticationOidcClientSecretName").'</td>'."\n";
177print '<td>'.$langs->trans("MainAuthenticationOidcClientSecretDesc").'</td>'."\n";
178print '<td align="right">' . "\n";
179print '<input type="password" name="MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET" id="MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET') ? GETPOST('MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_CLIENT_SECRET") : ''))).'"></td></tr>';
180print '</td></tr>' . "\n";
181
182// MAIN_AUTHENTICATION_OIDC_SCOPES
183print '<tr class="oddeven">' . "\n";
184print '<td>'.$langs->trans("MainAuthenticationOidcScopesName").'</td>'."\n";
185print '<td>'.$langs->trans("MainAuthenticationOidcScopesDesc").'</td>'."\n";
186print '<td align="right">' . "\n";
187print '<input name="MAIN_AUTHENTICATION_OIDC_SCOPES" id="MAIN_AUTHENTICATION_OIDC_SCOPES" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_SCOPES') ? GETPOST('MAIN_AUTHENTICATION_OIDC_SCOPES', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_SCOPES) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_SCOPES") : ''))).'"></td></tr>';
188print '</td></tr>' . "\n";
189
190// MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL
191print '<tr class="oddeven">' . "\n";
192print '<td>'.$langs->trans("MainAuthenticationOidcAuthorizeUrlName").'</td>'."\n";
193print '<td>'.$langs->trans("MainAuthenticationOidcAuthorizeUrlDesc").'</td>'."\n";
194print '<td align="right">' . "\n";
195print '<input name="MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL" id="MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_AUTHORIZE_URL") : ''))).'"></td></tr>';
196print '</td></tr>' . "\n";
197
198// MAIN_AUTHENTICATION_OIDC_TOKEN_URL
199print '<tr class="oddeven">' . "\n";
200print '<td>'.$langs->trans("MainAuthenticationOidcTokenUrlName").'</td>'."\n";
201print '<td>'.$langs->trans("MainAuthenticationOidcTokenUrlDesc").'</td>'."\n";
202print '<td align="right">' . "\n";
203print '<input name="MAIN_AUTHENTICATION_OIDC_TOKEN_URL" id="MAIN_AUTHENTICATION_OIDC_TOKEN_URL" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_TOKEN_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_TOKEN_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_TOKEN_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_TOKEN_URL") : ''))).'"></td></tr>';
204print '</td></tr>' . "\n";
205
206// MAIN_AUTHENTICATION_OIDC_USERINFO_URL
207print '<tr class="oddeven">' . "\n";
208print '<td>'.$langs->trans("MainAuthenticationOidcUserinfoUrlName").'</td>'."\n";
209print '<td>'.$langs->trans("MainAuthenticationOidcUserinfoUrlDesc").'</td>'."\n";
210print '<td align="right">' . "\n";
211print '<input name="MAIN_AUTHENTICATION_OIDC_USERINFO_URL" id="MAIN_AUTHENTICATION_OIDC_USERINFO_URL" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_USERINFO_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_USERINFO_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_USERINFO_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_USERINFO_URL") : ''))).'"></td></tr>';
212print '</td></tr>' . "\n";
213
214// MAIN_AUTHENTICATION_OIDC_LOGOUT_URL
215print '<tr class="oddeven">' . "\n";
216print '<td>'.$langs->trans("MainAuthenticationOidcLogoutUrlName").'</td>'."\n";
217print '<td>'.$langs->trans("MainAuthenticationOidcLogoutUrlDesc").'</td>'."\n";
218print '<td align="right">' . "\n";
219print '<input name="MAIN_AUTHENTICATION_OIDC_LOGOUT_URL" id="MAIN_AUTHENTICATION_OIDC_LOGOUT_URL" class="minwidth400" value="'.dol_escape_htmltag((GETPOSTISSET('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL') ? GETPOST('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL', 'nohtml') : (!empty($conf->global->MAIN_AUTHENTICATION_OIDC_LOGOUT_URL) ? getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGOUT_URL") : ''))).'"></td></tr>';
220print '</td></tr>' . "\n";
221
222// REDIRECT_URL
223print '<tr class="oddeven">' . "\n";
224print '<td>'.$langs->trans("MainAuthenticationOidcRedirectUrlName").'</td>'."\n";
225print '<td>'.$langs->trans("MainAuthenticationOidcRedirectUrlDesc").'</td>'."\n";
226print '<td align="right">' . "\n";
227print '<input class="minwidth400" value="'.dol_escape_htmltag(openid_connect_get_redirect_url()).'" disabled></td></tr>';
228print '</td></tr>' . "\n";
229
230// LOGOUT_URL
231print '<tr class="oddeven">' . "\n";
232print '<td>'.$langs->trans("MainAuthenticationOidcLogoutRedirectUrlName").'</td>'."\n";
233print '<td>'.$langs->trans("MainAuthenticationOidcLogoutRedirectUrlDesc").'</td>'."\n";
234print '<td align="right">' . "\n";
235print '<input class="minwidth400" value="'.dol_escape_htmltag(getDolGlobalString('MAIN_LOGOUT_GOTO_URL', DOL_MAIN_URL_ROOT . "/index.php")).'" disabled></td></tr>';
236print '</td></tr>' . "\n";
237
238print '</table>'."\n";
239print '</div>';
240
241print '<br>';
242print '<div align="center">';
243print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
244print '</div>';
245
246print '</form>';
247
248print '<br>';
249
250llxFooter();
251$db->close();
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition admin.lib.php:671
llxFooter
llxFooter($comment='', $zone='private', $disabledoutputofmessages=0)
Empty footer.
Definition wrapper.php:87
llxHeader
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader($head='', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='', $morecssonbody='', $replacemainareaby='', $disablenofollow=0, $disablenoindex=0)
Empty header.
Definition wrapper.php:71
load_fiche_titre
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
Definition functions.lib.php:6541
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:10181
img_picto
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2, $allowothertags=array())
Show picto whatever it's its name (generic function)
Definition functions.lib.php:5159
dol_get_fiche_head
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
Definition functions.lib.php:2769
dol_get_fiche_end
dol_get_fiche_end($notab=0)
Return tab footer of a card.
Definition functions.lib.php:2963
setEventMessage
setEventMessage($mesgs, $style='mesgs', $noduplicate=0, $attop=0)
Set event message in dol_events session object.
Definition functions.lib.php:10134
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:802
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:228
$conf
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1287
Generated on Wed Aug 6 2025 01:00:15 for dolibarr by Doxygen 1.11.0