dolibarr  21.0.0-alpha
functions_googleoauth.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2007-2013 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2007-2009 Regis Houssin <regis.houssin@inodbox.com>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <https://www.gnu.org/licenses/>.
17  */
18 
28 //include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
29 
30 
40 function check_user_password_googleoauth($usertotest, $passwordtotest, $entitytotest)
41 {
42  global $conf;
43 
44  dol_syslog("functions_googleoauth::check_user_password_googleoauth usertotest=".$usertotest." GETPOST('actionlogin')=".GETPOST('actionlogin'));
45 
46  $login = '';
47 
48  // Get identity from user and redirect browser to Google OAuth Server
49  if (GETPOST('actionlogin') == 'login') {
50  if (GETPOST('beforeoauthloginredirect')) {
51  // We post the form on the login page by clicking on the link to login using Google.
52  dol_syslog("We post the form on the login page by clicking on the link to login using Google. We save _SESSION['datafromloginform']");
53 
54  // We save data of form into a variable
55  $_SESSION['datafromloginform'] = array(
56  'entity'=>GETPOSTINT('entity'),
57  'backtopage'=>GETPOST('backtopage'),
58  'tz'=>GETPOST('tz'),
59  'tz_string'=>GETPOST('tz_string'),
60  'dst_observed'=>GETPOST('dst_observed'),
61  'dst_first'=>GETPOST('dst_first'),
62  'dst_second'=>GETPOST('dst_second'),
63  'dol_screenwidth'=>GETPOST('screenwidth'),
64  'dol_screenheight'=>GETPOST('screenheight'),
65  'dol_hide_topmenu'=>GETPOST('dol_hide_topmenu'),
66  'dol_hide_leftmenu'=>GETPOST('dol_hide_leftmenu'),
67  'dol_optimize_smallscreen'=>GETPOST('dol_optimize_smallscreen'),
68  'dol_no_mouse_hover'=>GETPOST('dol_no_mouse_hover'),
69  'dol_use_jmobile'=>GETPOST('dol_use_jmobile')
70  );
71 
72  // Make the redirect to the google_authcallback.php page to start the redirect to Google OAUTH.
73 
74  // Define $urlwithroot
75  //global $dolibarr_main_url_root;
76  //$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
77  //$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
78  $urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
79 
80  //$shortscope = 'userinfo_email,userinfo_profile';
81  $shortscope = 'openid,email,profile'; // For openid connect
82 
83  $oauthstateanticsrf = bin2hex(random_bytes(128/8));
84  $_SESSION['oauthstateanticsrf'] = $shortscope.'-'.$oauthstateanticsrf;
85 
86  $url = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode('forlogin-'.$shortscope.'-'.$oauthstateanticsrf).'&username='.urlencode($usertotest);
87 
88  // we go on oauth provider authorization page
89  header('Location: '.$url);
90  exit();
91  }
92 
93  if (GETPOST('afteroauthloginreturn')) {
94  // We reach this code after a call of a redirect to the targeted page from the callback url page of Google OAUTH2
95  dol_syslog("We reach the code after a call of a redirect to the targeted page from the callback url page of Google OAUTH2");
96 
97  $tmparray = (empty($_SESSION['datafromloginform']) ? array() : $_SESSION['datafromloginform']);
98 
99  if (!empty($tmparray)) {
100  $_POST['entity'] = $tmparray['entity'];
101  $_POST['backtopage'] = $tmparray['backtopage'];
102  $_POST['tz'] = $tmparray['tz'];
103  $_POST['tz_string'] = $tmparray['tz_string'];
104  $_POST['dst_observed'] = $tmparray['dst_observed'];
105  $_POST['dst_first'] = $tmparray['dst_first'];
106  $_POST['dst_second'] = $tmparray['dst_second'];
107  $_POST['screenwidth'] = $tmparray['dol_screenwidth'];
108  $_POST['screenheight'] = $tmparray['dol_screenheight'];
109  $_POST['dol_hide_topmenu'] = $tmparray['dol_hide_topmenu'];
110  $_POST['dol_hide_leftmenu'] = $tmparray['dol_hide_leftmenu'];
111  $_POST['dol_optimize_smallscreen'] = $tmparray['dol_optimize_smallscreen'];
112  $_POST['dol_no_mouse_hover'] = $tmparray['dol_no_mouse_hover'];
113  $_POST['dol_use_jmobile'] = $tmparray['dol_use_jmobile'];
114  }
115 
116  // If googleoauth_login has been set (by google_oauthcallback after a successful OAUTH2 request on openid scope
117  if (!empty($_SESSION['googleoauth_receivedlogin']) && dol_verifyHash($conf->file->instance_unique_id.$usertotest, $_SESSION['googleoauth_receivedlogin'], '0')) {
118  dol_syslog("Login received by Google OAuth was validated by callback page and saved crypted into session. This login is ".$usertotest);
119  unset($_SESSION['googleoauth_receivedlogin']);
120  $login = $usertotest;
121  }
122  }
123  }
124 
125  return $login;
126 }
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
check_user_password_googleoauth($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION["dol_login...
dol_verifyHash($chain, $hash, $type='0')
Compute a hash and compare it to the given one For backward compatibility reasons,...