--- /tmp/dsg/dolibarr/htdocs/core/modules/oauth/github_github_oauthcallback.php +++ /tmp/dsg/dolibarr/htdocs/core/modules/oauth/client_github_oauthcallback.php @@ -35,7 +35,7 @@ -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $backtourl = GETPOST('backtourl', 'alpha'); @@ -65,21 +65,22 @@ // Setup the credentials for the requests $credentials = new Credentials( - $conf->global->OAUTH_GITHUB_ID, - $conf->global->OAUTH_GITHUB_SECRET, - $currentUri->getAbsoluteUri() + $conf->global->OAUTH_GITHUB_ID, + $conf->global->OAUTH_GITHUB_SECRET, + $currentUri->getAbsoluteUri() ); $requestedpermissionsarray = array(); if (GETPOST('state')) $requestedpermissionsarray = explode(',', GETPOST('state')); // Example: 'user'. 'state' parameter is standard to retrieve some parameters back if ($action != 'delete' && empty($requestedpermissionsarray)) { - print 'Error, parameter state is not defined'; - exit; + print 'Error, parameter state is not defined'; + exit; } //var_dump($requestedpermissionsarray);exit; // Instantiate the Api service using the credentials, http client and storage mechanism for the token +/** @var $apiService Service */ $apiService = $serviceFactory->createService('GitHub', $credentials, $storage, $requestedpermissionsarray); // access type needed to have oauth provider refreshing token @@ -94,12 +95,12 @@ if ($action == 'delete') { - $storage->clearToken('GitHub'); + $storage->clearToken('GitHub'); - setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); + setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); - header('Location: '.$backtourl); - exit(); + header('Location: '.$backtourl); + exit(); } if (!empty($_GET['code'])) // We are coming from oauth provider page @@ -108,55 +109,58 @@ //$_GET=array('code' => string 'aaaaaaaaaaaaaa' (length=20), 'state' => string 'user,public_repo' (length=16)) dol_syslog("We are coming from the oauth provider page"); - //llxHeader('',$langs->trans("OAuthSetup")); + //llxHeader('',$langs->trans("OAuthSetup")); - //$linkback=''.$langs->trans("BackToModuleList").''; - //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); + //$linkback=''.$langs->trans("BackToModuleList").''; + //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); - //print dol_get_fiche_head(); - // retrieve the CSRF state parameter - $state = isset($_GET['state']) ? $_GET['state'] : null; - //print ''; + //dol_fiche_head(); + // retrieve the CSRF state parameter + $state = isset($_GET['state']) ? $_GET['state'] : null; + //print '
'; - // This was a callback request from service, get the token - try { - //var_dump($_GET['code']); - //var_dump($state); - //var_dump($apiService); // OAuth\OAuth2\Service\GitHub + // This was a callback request from service, get the token + try { + //var_dump($_GET['code']); + //var_dump($state); + //var_dump($apiService); // OAuth\OAuth2\Service\GitHub - //$token = $apiService->requestAccessToken($_GET['code'], $state); - $token = $apiService->requestAccessToken($_GET['code']); - // Github is a service that does not need state to be stored. - // Into constructor of GitHub, the call - // parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri) - // has not the ending parameter to true like the Google class constructor. + //$token = $apiService->requestAccessToken($_GET['code'], $state); + $token = $apiService->requestAccessToken($_GET['code']); + // Github is a service that does not need state to be stored. + // Into constructor of GitHub, the call + // parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri) + // has not the ending parameter to true like the Google class constructor. - setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token + setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token - $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; - unset($_SESSION["backtourlsavedbeforeoauthjump"]); + $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; + unset($_SESSION["backtourlsavedbeforeoauthjump"]); - header('Location: '.$backtourl); - exit(); - } catch (Exception $e) { - print $e->getMessage(); - } -} else // If entry on page with no parameter, we arrive here + header('Location: '.$backtourl); + exit(); + } catch (Exception $e) { + print $e->getMessage(); + } +} +else // If entry on page with no parameter, we arrive here { - $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; + $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; - // This may create record into oauth_state before the header redirect. - // Creation of record with state in this tables depend on the Provider used (see its constructor). - if (GETPOST('state')) - { - $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); - } else { - $url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated - } + // This may create record into oauth_state before the header redirect. + // Creation of record with state in this tables depend on the Provider used (see its constructor). + if (GETPOST('state')) + { + $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); + } + else + { + $url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated + } - // we go on oauth provider authorization page - header('Location: '.$url); - exit(); + // we go on oauth provider authorization page + header('Location: '.$url); + exit(); } --- /tmp/dsg/dolibarr/htdocs/core/modules/oauth/github_google_oauthcallback.php +++ /tmp/dsg/dolibarr/htdocs/core/modules/oauth/client_google_oauthcallback.php @@ -35,7 +35,7 @@ -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $backtourl = GETPOST('backtourl', 'alpha'); @@ -65,23 +65,24 @@ // Setup the credentials for the requests $credentials = new Credentials( - $conf->global->OAUTH_GOOGLE_ID, - $conf->global->OAUTH_GOOGLE_SECRET, - $currentUri->getAbsoluteUri() + $conf->global->OAUTH_GOOGLE_ID, + $conf->global->OAUTH_GOOGLE_SECRET, + $currentUri->getAbsoluteUri() ); $requestedpermissionsarray = array(); if (GETPOST('state')) $requestedpermissionsarray = explode(',', GETPOST('state')); // Example: 'userinfo_email,userinfo_profile,cloud_print'. 'state' parameter is standard to store a hash value and can be used to retrieve some parameters back if ($action != 'delete' && empty($requestedpermissionsarray)) { - print 'Error, parameter state is not defined'; - exit; + print 'Error, parameter state is not defined'; + exit; } //var_dump($requestedpermissionsarray);exit; // Instantiate the Api service using the credentials, http client and storage mechanism for the token // $requestedpermissionsarray contains list of scopes. // Conversion into URL is done by Reflection on constant with name SCOPE_scope_in_uppercase +/** @var $apiService Service */ $apiService = $serviceFactory->createService('Google', $credentials, $storage, $requestedpermissionsarray); // access type needed to have oauth provider refreshing token @@ -100,12 +101,12 @@ if ($action == 'delete') { - $storage->clearToken('Google'); + $storage->clearToken('Google'); - setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); + setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); - header('Location: '.$backtourl); - exit(); + header('Location: '.$backtourl); + exit(); } if (!empty($_GET['code'])) // We are coming from oauth provider page @@ -113,48 +114,51 @@ dol_syslog("We are coming from the oauth provider page"); //llxHeader('',$langs->trans("OAuthSetup")); - //$linkback=''.$langs->trans("BackToModuleList").''; - //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); + //$linkback=''.$langs->trans("BackToModuleList").''; + //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); - //print dol_get_fiche_head(); - // retrieve the CSRF state parameter - $state = isset($_GET['state']) ? $_GET['state'] : null; - //print '
'; + //dol_fiche_head(); + // retrieve the CSRF state parameter + $state = isset($_GET['state']) ? $_GET['state'] : null; + //print '
'; - // This was a callback request from service, get the token - try { - //var_dump($_GET['code']); - //var_dump($state); - //var_dump($apiService); // OAuth\OAuth2\Service\Google + // This was a callback request from service, get the token + try { + //var_dump($_GET['code']); + //var_dump($state); + //var_dump($apiService); // OAuth\OAuth2\Service\Google - $token = $apiService->requestAccessToken($_GET['code'], $state); + $token = $apiService->requestAccessToken($_GET['code'], $state); - setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token + setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token - $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; - unset($_SESSION["backtourlsavedbeforeoauthjump"]); + $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; + unset($_SESSION["backtourlsavedbeforeoauthjump"]); - header('Location: '.$backtourl); - exit(); - } catch (Exception $e) { - print $e->getMessage(); - } -} else // If entry on page with no parameter, we arrive here + header('Location: '.$backtourl); + exit(); + } catch (Exception $e) { + print $e->getMessage(); + } +} +else // If entry on page with no parameter, we arrive here { - $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; + $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; - // This may create record into oauth_state before the header redirect. - // Creation of record with state in this tables depend on the Provider used (see its constructor). - if (GETPOST('state')) - { - $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); - } else { - $url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated - } + // This may create record into oauth_state before the header redirect. + // Creation of record with state in this tables depend on the Provider used (see its constructor). + if (GETPOST('state')) + { + $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); + } + else + { + $url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated + } - // we go on oauth provider authorization page - header('Location: '.$url); - exit(); + // we go on oauth provider authorization page + header('Location: '.$url); + exit(); } --- /tmp/dsg/dolibarr/htdocs/core/modules/oauth/github_stripelive_oauthcallback.php +++ /tmp/dsg/dolibarr/htdocs/core/modules/oauth/client_stripelive_oauthcallback.php @@ -35,7 +35,7 @@ -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $backtourl = GETPOST('backtourl', 'alpha'); @@ -65,9 +65,9 @@ // Setup the credentials for the requests $credentials = new Credentials( - $conf->global->OAUTH_STRIPE_LIVE_ID, + $conf->global->OAUTH_STRIPE_LIVE_ID, $conf->global->STRIPE_LIVE_SECRET_KEY, - $currentUri->getAbsoluteUri() + $currentUri->getAbsoluteUri() ); $requestedpermissionsarray = array(); @@ -80,6 +80,7 @@ //var_dump($requestedpermissionsarray);exit; // Instantiate the Api service using the credentials, http client and storage mechanism for the token +/** @var $apiService Service */ //$apiService = $serviceFactory->createService('StripeTest', $credentials, $storage, $requestedpermissionsarray); $sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token set service='StripeLive', entity=".$conf->entity; @@ -98,12 +99,12 @@ if ($action == 'delete') { - $storage->clearToken('StripeLive'); + $storage->clearToken('StripeLive'); - setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); + setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs'); - header('Location: '.$backtourl); - exit(); + header('Location: '.$backtourl); + exit(); } if (!empty($_GET['code'])) // We are coming from oauth provider page @@ -112,57 +113,60 @@ //$_GET=array('code' => string 'aaaaaaaaaaaaaa' (length=20), 'state' => string 'user,public_repo' (length=16)) dol_syslog("We are coming from the oauth provider page"); - //llxHeader('',$langs->trans("OAuthSetup")); + //llxHeader('',$langs->trans("OAuthSetup")); - //$linkback=''.$langs->trans("BackToModuleList").''; - //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); + //$linkback=''.$langs->trans("BackToModuleList").''; + //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); - //print dol_get_fiche_head(); - // retrieve the CSRF state parameter - $state = isset($_GET['state']) ? $_GET['state'] : null; - //print '
'; + //dol_fiche_head(); + // retrieve the CSRF state parameter + $state = isset($_GET['state']) ? $_GET['state'] : null; + //print '
'; - // This was a callback request from service, get the token - try { - //var_dump($_GET['code']); - //var_dump($state); - //var_dump($apiService); // OAuth\OAuth2\Service\GitHub + // This was a callback request from service, get the token + try { + //var_dump($_GET['code']); + //var_dump($state); + //var_dump($apiService); // OAuth\OAuth2\Service\GitHub - //$token = $apiService->requestAccessToken($_GET['code'], $state); - $token = $apiService->requestAccessToken($_GET['code']); - // Github is a service that does not need state to be stored. - // Into constructor of GitHub, the call - // parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri) - // has not the ending parameter to true like the Google class constructor. + //$token = $apiService->requestAccessToken($_GET['code'], $state); + $token = $apiService->requestAccessToken($_GET['code']); + // Github is a service that does not need state to be stored. + // Into constructor of GitHub, the call + // parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri) + // has not the ending parameter to true like the Google class constructor. - setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token + setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token - $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; - unset($_SESSION["backtourlsavedbeforeoauthjump"]); + $backtourl = $_SESSION["backtourlsavedbeforeoauthjump"]; + unset($_SESSION["backtourlsavedbeforeoauthjump"]); - header('Location: '.$backtourl); - exit(); - } catch (Exception $e) { - print $e->getMessage(); - } -} else // If entry on page with no parameter, we arrive here + header('Location: '.$backtourl); + exit(); + } catch (Exception $e) { + print $e->getMessage(); + } +} +else // If entry on page with no parameter, we arrive here { - $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; + $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; - // This may create record into oauth_state before the header redirect. - // Creation of record with state in this tables depend on the Provider used (see its constructor). - if (GETPOST('state')) - { - $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); - } else { - //$url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated - //https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_AX27ut70tJ1j6eyFCV3ObEXhNOo2jY6V&scope=read_write - $url = 'https://connect.stripe.com/oauth/authorize?response_type=code&client_id='.$conf->global->OAUTH_STRIPE_LIVE_ID.'&scope=read_write'; - } + // This may create record into oauth_state before the header redirect. + // Creation of record with state in this tables depend on the Provider used (see its constructor). + if (GETPOST('state')) + { + $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); + } + else + { + //$url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated + //https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_AX27ut70tJ1j6eyFCV3ObEXhNOo2jY6V&scope=read_write + $url = 'https://connect.stripe.com/oauth/authorize?response_type=code&client_id='.$conf->global->OAUTH_STRIPE_LIVE_ID.'&scope=read_write'; + } - // we go on oauth provider authorization page - header('Location: '.$url); - exit(); + // we go on oauth provider authorization page + header('Location: '.$url); + exit(); } --- /tmp/dsg/dolibarr/htdocs/core/modules/oauth/github_stripetest_oauthcallback.php +++ /tmp/dsg/dolibarr/htdocs/core/modules/oauth/client_stripetest_oauthcallback.php @@ -35,7 +35,7 @@ -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $backtourl = GETPOST('backtourl', 'alpha'); @@ -80,6 +80,7 @@ //var_dump($requestedpermissionsarray);exit; // Instantiate the Api service using the credentials, http client and storage mechanism for the token +/** @var $apiService Service */ //$apiService = $serviceFactory->createService('StripeTest', $credentials, $storage, $requestedpermissionsarray); $sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token set service='StripeTest', entity=".$conf->entity; @@ -117,7 +118,7 @@ //$linkback=''.$langs->trans("BackToModuleList").''; //print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup'); - //print dol_get_fiche_head(); + //dol_fiche_head(); // retrieve the CSRF state parameter $state = isset($_GET['state']) ? $_GET['state'] : null; //print '
'; @@ -145,7 +146,8 @@ } catch (Exception $e) { print $e->getMessage(); } -} else // If entry on page with no parameter, we arrive here +} +else // If entry on page with no parameter, we arrive here { $_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl; @@ -154,7 +156,9 @@ if (GETPOST('state')) { $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state'))); - } else { + } + else + { //$url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated //https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_AX27ut70tJ1j6eyFCV3ObEXhNOo2jY6V&scope=read_write $url = 'https://connect.stripe.com/oauth/authorize?response_type=code&client_id='.$conf->global->OAUTH_STRIPE_TEST_ID.'&scope=read_write';