mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Debug IMAP-PHP for MS
This commit is contained in:
Laurent Destailleur
parent
411fbc1a04
commit
310fd4e369
|
|
@ -107,6 +107,7 @@ $permissiondellink = $user->admin; // Used by the include of actions_dellink.inc
|
|||
$permissiontoadd = $user->admin; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
|
||||
|
||||
$debuginfo = '';
|
||||
$error = 0;
|
||||
|
||||
|
||||
/*
|
||||
|
|
@ -121,8 +122,6 @@ if ($reshook < 0) {
|
|||
}
|
||||
|
||||
if (empty($reshook)) {
|
||||
$error = 0;
|
||||
|
||||
$permissiontoadd = 1;
|
||||
$permissiontodelete = 1;
|
||||
if (empty($backtopage)) {
|
||||
|
|
@ -397,104 +396,112 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
|||
$connectstringsource = '';
|
||||
$connectstringtarget = '';
|
||||
|
||||
if (function_exists('imap_open')) {
|
||||
// Note: $object->host has been loaded by the fetch
|
||||
$usessl = 1;
|
||||
// Note: $object->host has been loaded by the fetch
|
||||
$usessl = 1;
|
||||
|
||||
$connectstringserver = $object->getConnectStringIMAP($usessl);
|
||||
$connectstringserver = $object->getConnectStringIMAP($usessl);
|
||||
|
||||
if ($action == 'scan') {
|
||||
if (!empty($conf->global->MAIN_IMAP_USE_PHPIMAP)) {
|
||||
if ($object->acces_type == 1) {
|
||||
// Mode OAUth2 with PHP-IMAP
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // define $supportedoauth2array
|
||||
$keyforsupportedoauth2array = $object->oauth_service;
|
||||
if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
|
||||
$keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
|
||||
} else {
|
||||
$keyforprovider = '';
|
||||
}
|
||||
$keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
|
||||
$keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
|
||||
|
||||
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
|
||||
//$debugtext = "Host: ".$this->host."<br>Port: ".$this->port."<br>Login: ".$this->login."<br>Password: ".$this->password."<br>access type: ".$this->acces_type."<br>oauth service: ".$this->oauth_service."<br>Max email per collect: ".$this->maxemailpercollect;
|
||||
//dol_syslog($debugtext);
|
||||
|
||||
$storage = new DoliStorage($db, $conf);
|
||||
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
$expire = true;
|
||||
// Is token expired or will token expire in the next 30 seconds
|
||||
// if (is_object($tokenobj)) {
|
||||
// $expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30));
|
||||
// }
|
||||
// Token expired so we refresh it
|
||||
if (is_object($tokenobj) && $expire) {
|
||||
$credentials = new Credentials(
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_ID'),
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_SECRET'),
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_URLAUTHORIZE')
|
||||
);
|
||||
$serviceFactory = new \OAuth\ServiceFactory();
|
||||
$oauthname = explode('-', $OAUTH_SERVICENAME);
|
||||
// ex service is Google-Emails we need only the first part Google
|
||||
$apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array());
|
||||
// We have to save the token because Google give it only once
|
||||
$refreshtoken = $tokenobj->getRefreshToken();
|
||||
$tokenobj = $apiService->refreshAccessToken($tokenobj);
|
||||
$tokenobj->setRefreshToken($refreshtoken);
|
||||
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj);
|
||||
}
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
if (is_object($tokenobj)) {
|
||||
$token = $tokenobj->getAccessToken();
|
||||
} else {
|
||||
$object->error = "Token not found";
|
||||
return -1;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
print $e->getMessage();
|
||||
}
|
||||
|
||||
$cm = new ClientManager();
|
||||
$client = $cm->make([
|
||||
'host' => $object->host,
|
||||
'port' => $object->port,
|
||||
'encryption' => 'ssl',
|
||||
'validate_cert' => true,
|
||||
'protocol' => 'imap',
|
||||
'username' => $object->login,
|
||||
'password' => $token,
|
||||
'authentication' => "oauth",
|
||||
]);
|
||||
if ($action == 'scan') {
|
||||
if (!empty($conf->global->MAIN_IMAP_USE_PHPIMAP)) {
|
||||
if ($object->acces_type == 1) {
|
||||
// Mode OAUth2 with PHP-IMAP
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // define $supportedoauth2array
|
||||
$keyforsupportedoauth2array = $object->oauth_service;
|
||||
if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
|
||||
$keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
|
||||
} else {
|
||||
// Mode login/pass with PHP-IMAP
|
||||
$cm = new ClientManager();
|
||||
$client = $cm->make([
|
||||
'host' => $object->host,
|
||||
'port' => $object->port,
|
||||
'encryption' => 'ssl',
|
||||
'validate_cert' => true,
|
||||
'protocol' => 'imap',
|
||||
'username' => $object->login,
|
||||
'password' => $object->password,
|
||||
'authentication' => "login",
|
||||
]);
|
||||
$keyforprovider = '';
|
||||
}
|
||||
$keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
|
||||
$keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
|
||||
|
||||
$OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : ''));
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
|
||||
//$debugtext = "Host: ".$this->host."<br>Port: ".$this->port."<br>Login: ".$this->login."<br>Password: ".$this->password."<br>access type: ".$this->acces_type."<br>oauth service: ".$this->oauth_service."<br>Max email per collect: ".$this->maxemailpercollect;
|
||||
//dol_syslog($debugtext);
|
||||
|
||||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
$expire = true;
|
||||
// Is token expired or will token expire in the next 30 seconds
|
||||
// if (is_object($tokenobj)) {
|
||||
// $expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30));
|
||||
// }
|
||||
// Token expired so we refresh it
|
||||
if (is_object($tokenobj) && $expire) {
|
||||
$credentials = new Credentials(
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_ID'),
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_SECRET'),
|
||||
getDolGlobalString('OAUTH_'.$object->oauth_service.'_URLAUTHORIZE')
|
||||
);
|
||||
$serviceFactory = new \OAuth\ServiceFactory();
|
||||
$oauthname = explode('-', $OAUTH_SERVICENAME);
|
||||
// ex service is Google-Emails we need only the first part Google
|
||||
$apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array());
|
||||
// We have to save the token because Google give it only once
|
||||
$refreshtoken = $tokenobj->getRefreshToken();
|
||||
$tokenobj = $apiService->refreshAccessToken($tokenobj);
|
||||
$tokenobj->setRefreshToken($refreshtoken);
|
||||
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj);
|
||||
}
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
if (is_object($tokenobj)) {
|
||||
$token = $tokenobj->getAccessToken();
|
||||
} else {
|
||||
$error++;
|
||||
$morehtml .= "Token not found";
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
$error++;
|
||||
$morehtml .= $e->getMessage();
|
||||
}
|
||||
|
||||
if (empty($object->login)) {
|
||||
$error++;
|
||||
$morehtml .= 'Error: Login is empty. Must be email owner when using MAIN_IMAP_USE_PHPIMAP and OAuth.';
|
||||
}
|
||||
|
||||
$cm = new ClientManager();
|
||||
$client = $cm->make([
|
||||
'host' => $object->host,
|
||||
'port' => $object->port,
|
||||
'encryption' => 'ssl',
|
||||
'validate_cert' => true,
|
||||
'protocol' => 'imap',
|
||||
'username' => $object->login,
|
||||
'password' => $token,
|
||||
'authentication' => "oauth",
|
||||
]);
|
||||
} else {
|
||||
// Mode login/pass with PHP-IMAP
|
||||
$cm = new ClientManager();
|
||||
$client = $cm->make([
|
||||
'host' => $object->host,
|
||||
'port' => $object->port,
|
||||
'encryption' => 'ssl',
|
||||
'validate_cert' => true,
|
||||
'protocol' => 'imap',
|
||||
'username' => $object->login,
|
||||
'password' => $object->password,
|
||||
'authentication' => "login",
|
||||
]);
|
||||
}
|
||||
if (!$error) {
|
||||
try {
|
||||
$client->connect();
|
||||
} catch (ConnectionFailedException $e) {
|
||||
print $e->getMessage();
|
||||
}
|
||||
|
||||
$f = $client->getFolders(false, $object->source_directory);
|
||||
$nbemail = $f[0]->examine()["exists"];
|
||||
$morehtml .= $nbemail;
|
||||
} else {
|
||||
$f = $client->getFolders(false, $object->source_directory);
|
||||
$nbemail = $f[0]->examine()["exists"];
|
||||
$morehtml .= $nbemail;
|
||||
} catch (ConnectionFailedException $e) {
|
||||
$morehtml .= 'ConnectionFailedException '.$e->getMessage();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (function_exists('imap_open')) {
|
||||
try {
|
||||
if ($sourcedir) {
|
||||
//$connectstringsource = $connectstringserver.imap_utf7_encode($sourcedir);
|
||||
|
|
@ -521,7 +528,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
|||
|
||||
//dol_syslog("end imap_open connection=".var_export($connection, true));
|
||||
} catch (Exception $e) {
|
||||
print $e->getMessage();
|
||||
$morehtml .= $e->getMessage();
|
||||
}
|
||||
|
||||
if (!$connection) {
|
||||
|
|
@ -540,16 +547,16 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
|
|||
dol_syslog("Imap close");
|
||||
imap_close($connection);
|
||||
}
|
||||
} else {
|
||||
$morehtml .= 'IMAP functions not available on your PHP. ';
|
||||
}
|
||||
} else {
|
||||
$morehtml .= '<a class="flat" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=scan&token='.newToken().'">'.img_picto('', 'refresh', 'class="paddingrightonly"').$langs->trans("Refresh").'</a>';
|
||||
}
|
||||
|
||||
$morehtml .= $form->textwithpicto('', 'connect string '.$connectstringserver);
|
||||
} else {
|
||||
$morehtml .= 'IMAP functions not available on your PHP. ';
|
||||
$morehtml .= '<a class="flat" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=scan&token='.newToken().'">'.img_picto('', 'refresh', 'class="paddingrightonly"').$langs->trans("Refresh").'</a>';
|
||||
}
|
||||
|
||||
$morehtml .= $form->textwithpicto('', 'connect string '.$connectstringserver);
|
||||
|
||||
dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref.'<div class="refidno">'.$morehtml.'</div>', '', 0, '', '', 0, '');
|
||||
|
||||
print '<div class="fichecenter">';
|
||||
|
|
|
|||
|
|
@ -221,8 +221,11 @@ if ($mode == 'setup' && $user->admin) {
|
|||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
try {
|
||||
// $OAUTH_SERVICENAME is for example 'Google-keyforprovider'
|
||||
print $OAUTH_SERVICENAME;
|
||||
print '<!-- '.$OAUTH_SERVICENAME.' -->'."\n";
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
//print $storage->token.'<br>';
|
||||
//print $tokenobj->getExtraParams()['id_token'].'<br>';
|
||||
//print $tokenobj->getAccessToken().'<br>';
|
||||
} catch (Exception $e) {
|
||||
// Return an error if token not found
|
||||
//print $e->getMessage();
|
||||
|
|
@ -342,7 +345,6 @@ if ($mode == 'setup' && $user->admin) {
|
|||
print '<td colspan="2">';
|
||||
|
||||
if (is_object($tokenobj)) {
|
||||
//var_dump($tokenobj);
|
||||
$tokentoshow = $tokenobj->getAccessToken();
|
||||
print '<span class="" title="'.dol_escape_htmltag($tokentoshow).'">'.showValueWithClipboardCPButton($tokentoshow, 1, dol_trunc($tokentoshow, 32)).'</span><br>';
|
||||
//print 'Refresh: '.$tokenobj->getRefreshToken().'<br>';
|
||||
|
|
|
|||
|
|
@ -908,7 +908,7 @@ class CMailFile
|
|||
|
||||
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
|
||||
|
||||
$storage = new DoliStorage($db, $conf);
|
||||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
$expire = false;
|
||||
|
|
@ -1030,7 +1030,7 @@ class CMailFile
|
|||
|
||||
require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
|
||||
|
||||
$storage = new DoliStorage($db, $conf);
|
||||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ $supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', '
|
|||
if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
|
||||
$supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'availablescopes'=>'Standard', 'returnurl'=>'/core/modules/oauth/generic_oauthcallback.php');
|
||||
// See https://learn.microsoft.com/fr-fr/azure/active-directory/develop/quickstart-register-app#register-an-application
|
||||
$supportedoauth2array['OAUTH_MICROSOFT_NAME'] = array('callbackfile' => 'microsoft', 'picto' => 'microsoft', 'urlforapp' => 'OAUTH_MICROSOFT_DESC', 'name'=>'Microsoft', 'urlforcredentials'=>'https://portal.azure.com/', 'availablescopes'=>'openid,offline_access,profile,email,IMAP.AccessAsUser.All', 'returnurl'=>'/core/modules/oauth/microsoft_oauthcallback.php');
|
||||
$supportedoauth2array['OAUTH_MICROSOFT_NAME'] = array('callbackfile' => 'microsoft', 'picto' => 'microsoft', 'urlforapp' => 'OAUTH_MICROSOFT_DESC', 'name'=>'Microsoft', 'urlforcredentials'=>'https://portal.azure.com/', 'availablescopes'=>'openid,offline_access,profile,email,IMAP.AccessAsUser.All,SMTP.Send,Mail.Read,Mail.Send', 'returnurl'=>'/core/modules/oauth/microsoft_oauthcallback.php');
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -119,6 +119,7 @@ function dolGetRandomBytes($length)
|
|||
function dolEncrypt($chain, $key = '', $ciphering = "AES-256-CTR")
|
||||
{
|
||||
global $dolibarr_main_instance_unique_id;
|
||||
global $dolibarr_disable_dolcrypt_for_debug;
|
||||
|
||||
if ($chain === '' || is_null($chain)) {
|
||||
return '';
|
||||
|
|
@ -136,7 +137,7 @@ function dolEncrypt($chain, $key = '', $ciphering = "AES-256-CTR")
|
|||
|
||||
$newchain = $chain;
|
||||
|
||||
if (function_exists('openssl_encrypt')) {
|
||||
if (function_exists('openssl_encrypt') && empty($dolibarr_disable_dolcrypt_for_debug)) {
|
||||
$ivlen = 16;
|
||||
if (function_exists('openssl_cipher_iv_length')) {
|
||||
$ivlen = openssl_cipher_iv_length($ciphering);
|
||||
|
|
|
|||
|
|
@ -217,6 +217,8 @@ if (GETPOST('code')) { // We are coming from oauth provider page.
|
|||
//$url .= 'hd=xxx';
|
||||
}
|
||||
|
||||
//var_dump($url);exit;
|
||||
|
||||
// we go on oauth provider authorization page
|
||||
header('Location: '.$url);
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -155,10 +155,9 @@ if (GETPOST('code') || GETPOST('error')) { // We are coming from oauth provi
|
|||
if (GETPOST('error')) {
|
||||
setEventMessages(GETPOST('error').' '.GETPOST('error_description'), null, 'errors');
|
||||
} else {
|
||||
$apiService->tenant = getDolGlobalString($keyforparamtenant);
|
||||
|
||||
//$token = $apiService->requestAccessToken(GETPOST('code'), $state);
|
||||
$token = $apiService->requestAccessToken(GETPOST('code'));
|
||||
//print $token;
|
||||
// Microsoft is a service that does not need state to be stored as second paramater of requestAccessToken
|
||||
|
||||
setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token
|
||||
|
|
@ -182,7 +181,6 @@ if (GETPOST('code') || GETPOST('error')) { // We are coming from oauth provi
|
|||
//if (!preg_match('/^forlogin/', $state)) {
|
||||
// $apiService->setApprouvalPrompt('auto');
|
||||
//}
|
||||
$apiService->tenant = getDolGlobalString($keyforparamtenant);
|
||||
|
||||
// This may create record into oauth_state before the header redirect.
|
||||
// Creation of record with state in this tables depend on the Provider used (see its constructor).
|
||||
|
|
|
|||
|
|
@ -116,10 +116,12 @@ class printing_printgcp extends PrintingDriver
|
|||
'type'=>'info',
|
||||
);
|
||||
} else {
|
||||
$keyforprovider = ''; // @FIXME
|
||||
|
||||
$this->google_id = getDolGlobalString('OAUTH_GOOGLE_ID');
|
||||
$this->google_secret = getDolGlobalString('OAUTH_GOOGLE_SECRET');
|
||||
// Token storage
|
||||
$storage = new DoliStorage($this->db, $this->conf);
|
||||
$storage = new DoliStorage($this->db, $this->conf, $keyforprovider);
|
||||
//$storage->clearToken($this->OAUTH_SERVICENAME_GOOGLE);
|
||||
// Setup the credentials for the requests
|
||||
$credentials = new Credentials(
|
||||
|
|
@ -254,8 +256,11 @@ class printing_printgcp extends PrintingDriver
|
|||
public function getlistAvailablePrinters()
|
||||
{
|
||||
$ret = array();
|
||||
|
||||
$keyforprovider = ''; // @FIXME
|
||||
|
||||
// Token storage
|
||||
$storage = new DoliStorage($this->db, $this->conf);
|
||||
$storage = new DoliStorage($this->db, $this->conf, $keyforprovider);
|
||||
// Setup the credentials for the requests
|
||||
$credentials = new Credentials(
|
||||
$this->google_id,
|
||||
|
|
@ -392,8 +397,11 @@ class printing_printgcp extends PrintingDriver
|
|||
'content' => base64_encode($contents), // encode file content as base64
|
||||
'contentType' => $contenttype,
|
||||
);
|
||||
|
||||
$keyforprovider = ''; // @FIXME
|
||||
|
||||
// Dolibarr Token storage
|
||||
$storage = new DoliStorage($this->db, $this->conf);
|
||||
$storage = new DoliStorage($this->db, $this->conf, $keyforprovider);
|
||||
// Setup the credentials for the requests
|
||||
$credentials = new Credentials(
|
||||
$this->google_id,
|
||||
|
|
@ -441,8 +449,11 @@ class printing_printgcp extends PrintingDriver
|
|||
|
||||
$error = 0;
|
||||
$html = '';
|
||||
|
||||
$keyforprovider = ''; // @FIXME
|
||||
|
||||
// Token storage
|
||||
$storage = new DoliStorage($this->db, $this->conf);
|
||||
$storage = new DoliStorage($this->db, $this->conf, $keyforprovider);
|
||||
// Setup the credentials for the requests
|
||||
$credentials = new Credentials(
|
||||
$this->google_id,
|
||||
|
|
|
|||
|
|
@ -1082,7 +1082,7 @@ class EmailCollector extends CommonObject
|
|||
//$debugtext = "Host: ".$this->host."<br>Port: ".$this->port."<br>Login: ".$this->login."<br>Password: ".$this->password."<br>access type: ".$this->acces_type."<br>oauth service: ".$this->oauth_service."<br>Max email per collect: ".$this->maxemailpercollect;
|
||||
//dol_syslog($debugtext);
|
||||
|
||||
$storage = new DoliStorage($db, $conf);
|
||||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
|
||||
|
|
|
|||
|
|
@ -57,6 +57,8 @@ class DoliStorage implements TokenStorageInterface
|
|||
private $key;
|
||||
//private $stateKey;
|
||||
private $keyforprovider;
|
||||
public $token;
|
||||
private $tenant;
|
||||
|
||||
public $state;
|
||||
public $date_creation;
|
||||
|
|
@ -73,6 +75,7 @@ class DoliStorage implements TokenStorageInterface
|
|||
$this->db = $db;
|
||||
$this->conf = $conf;
|
||||
$this->keyforprovider = $keyforprovider;
|
||||
$this->token = '';
|
||||
$this->tokens = array();
|
||||
$this->states = array();
|
||||
//$this->key = $key;
|
||||
|
|
@ -96,7 +99,7 @@ class DoliStorage implements TokenStorageInterface
|
|||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function storeAccessToken($service, TokenInterface $token)
|
||||
public function storeAccessToken($service, TokenInterface $tokenobj)
|
||||
{
|
||||
global $conf;
|
||||
|
||||
|
|
@ -104,16 +107,25 @@ class DoliStorage implements TokenStorageInterface
|
|||
//var_dump($token);
|
||||
dol_syslog("storeAccessToken service=".$service);
|
||||
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php';
|
||||
$serializedToken = dolEncrypt(serialize($token));
|
||||
$servicepluskeyforprovider = $service;
|
||||
if (!empty($this->keyforprovider)) {
|
||||
// We clean the keyforprovider after the - to be sure it is not present
|
||||
$servicepluskeyforprovider = preg_replace('/\-'.preg_quote($this->keyforprovider, '/').'$/', '', $servicepluskeyforprovider);
|
||||
// Now we add the keyforprovider
|
||||
$servicepluskeyforprovider .= '-'.$this->keyforprovider;
|
||||
}
|
||||
|
||||
$this->tokens[$service] = $token;
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php';
|
||||
$serializedToken = serialize($tokenobj);
|
||||
|
||||
if (!is_array($this->tokens)) {
|
||||
$this->tokens = array();
|
||||
}
|
||||
|
||||
$this->tokens[$service] = $tokenobj;
|
||||
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."oauth_token";
|
||||
$sql .= " WHERE service = '".$this->db->escape($service.($this->keyforprovider?'-'.$this->keyforprovider:''))."'";
|
||||
$sql .= " WHERE service = '".$this->db->escape($servicepluskeyforprovider)."'";
|
||||
$sql .= " AND entity IN (".getEntity('oauth_token').")";
|
||||
$resql = $this->db->query($sql);
|
||||
if (! $resql) {
|
||||
|
|
@ -123,7 +135,7 @@ class DoliStorage implements TokenStorageInterface
|
|||
if ($obj) {
|
||||
// update
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."oauth_token";
|
||||
$sql.= " SET token = '".$this->db->escape($serializedToken)."'";
|
||||
$sql.= " SET token = '".$this->db->escape(dolEncrypt($serializedToken))."'";
|
||||
$sql.= " WHERE rowid = ".((int) $obj['rowid']);
|
||||
$resql = $this->db->query($sql);
|
||||
if (!$resql) {
|
||||
|
|
@ -132,7 +144,7 @@ class DoliStorage implements TokenStorageInterface
|
|||
} else {
|
||||
// save
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX."oauth_token (service, token, entity, datec)";
|
||||
$sql .= " VALUES ('".$this->db->escape($service.($this->keyforprovider?'-'.$this->keyforprovider:''))."', '".$this->db->escape($serializedToken)."', ".((int) $conf->entity).", ";
|
||||
$sql .= " VALUES ('".$this->db->escape($servicepluskeyforprovider)."', '".$this->db->escape(dolEncrypt($serializedToken))."', ".((int) $conf->entity).", ";
|
||||
$sql .= " '".$this->db->idate(dol_now())."'";
|
||||
$sql .= ")";
|
||||
$resql = $this->db->query($sql);
|
||||
|
|
@ -147,15 +159,26 @@ class DoliStorage implements TokenStorageInterface
|
|||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
* Load token and other data from a $service
|
||||
* Note: Token load are cumulated into array ->tokens when other properties are erased by last loaded token.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function hasAccessToken($service)
|
||||
{
|
||||
// get from db
|
||||
dol_syslog("hasAccessToken service=".$service);
|
||||
|
||||
$servicepluskeyforprovider = $service;
|
||||
if (!empty($this->keyforprovider)) {
|
||||
// We clean the keyforprovider after the - to be sure it is not present
|
||||
$servicepluskeyforprovider = preg_replace('/\-'.preg_quote($this->keyforprovider, '/').'$/', '', $servicepluskeyforprovider);
|
||||
// Now we add the keyforprovider
|
||||
$servicepluskeyforprovider .= '-'.$this->keyforprovider;
|
||||
}
|
||||
|
||||
$sql = "SELECT token, datec, tms, state FROM ".MAIN_DB_PREFIX."oauth_token";
|
||||
$sql .= " WHERE service = '".$this->db->escape($service.(empty($this->keyforprovider) ? '' : '-'.$this->keyforprovider))."'";
|
||||
$sql .= " WHERE service = '".$this->db->escape($servicepluskeyforprovider)."'";
|
||||
$sql .= " AND entity IN (".getEntity('oauth_token').")";
|
||||
$resql = $this->db->query($sql);
|
||||
if (! $resql) {
|
||||
|
|
@ -164,18 +187,20 @@ class DoliStorage implements TokenStorageInterface
|
|||
$result = $this->db->fetch_array($resql);
|
||||
if ($result) {
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php';
|
||||
$token = unserialize(dolDecrypt($result['token']));
|
||||
$tokenobj = unserialize(dolDecrypt($result['token']));
|
||||
$this->token = dolDecrypt($result['token']);
|
||||
$this->date_creation = $this->db->jdate($result['datec']);
|
||||
$this->date_modification = $this->db->jdate($result['tms']);
|
||||
$this->state = $result['state'];
|
||||
} else {
|
||||
$token = '';
|
||||
$tokenobj = '';
|
||||
$this->token = '';
|
||||
$this->date_creation = null;
|
||||
$this->date_modification = null;
|
||||
$this->state = '';
|
||||
}
|
||||
|
||||
$this->tokens[$service] = $token;
|
||||
$this->tokens[$service] = $tokenobj;
|
||||
|
||||
return is_array($this->tokens)
|
||||
&& isset($this->tokens[$service])
|
||||
|
|
@ -331,4 +356,18 @@ class DoliStorage implements TokenStorageInterface
|
|||
// allow chaining
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the token
|
||||
*
|
||||
* @return string String for the tenant used to create the token
|
||||
*/
|
||||
public function getTenant()
|
||||
{
|
||||
// Set/Reset tenant now so it will be defined for.
|
||||
// TODO We must store it into the table llx_oauth_token
|
||||
$this->tenant = getDolGlobalString('OAUTH_MICROSOFT'.($this->keyforprovider ? '-'.$this->keyforprovider : '').'_TENANT');
|
||||
|
||||
return $this->tenant;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,9 +38,13 @@ class Microsoft extends AbstractService
|
|||
const SCOPE_APPLICATIONS = 'applications';
|
||||
const SCOPE_APPLICATIONS_CREATE = 'applications_create';
|
||||
const SCOPE_IMAP = 'imap';
|
||||
const SOCPE_IMAP_AccessAsUser_All='IMAP.AccessAsUser.All';
|
||||
const SOCPE_IMAP_ACCESSASUSERALL = 'IMAP.AccessAsUser.All';
|
||||
const SOCPE_SMTPSEND = 'SMTP.Send';
|
||||
const SOCPE_MAILREAD = 'Mail.Read';
|
||||
const SOCPE_MAILSEND = 'Mail.Send';
|
||||
|
||||
protected $storage;
|
||||
|
||||
public string $tenant;
|
||||
|
||||
/**
|
||||
* MS uses some magical not officialy supported scope to get even moar info like full emailaddresses.
|
||||
|
|
@ -65,6 +69,8 @@ class Microsoft extends AbstractService
|
|||
) {
|
||||
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri);
|
||||
|
||||
$this->storage = $storage;
|
||||
|
||||
if (null === $baseApiUri) {
|
||||
$this->baseApiUri = new Uri('https://apis.live.net/v5.0/');
|
||||
}
|
||||
|
|
@ -75,9 +81,11 @@ class Microsoft extends AbstractService
|
|||
*/
|
||||
public function getAuthorizationEndpoint()
|
||||
{
|
||||
//return new Uri('https://login.live.com/oauth20_authorize.srf');
|
||||
$tenant = $this->storage->getTenant();
|
||||
|
||||
//return new Uri('https://login.live.com/oauth20_authorize.srf');
|
||||
//return new Uri('https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize');
|
||||
return new Uri('https://login.microsoftonline.com/'.$this->tenant.'/oauth2/v2.0/authorize');
|
||||
return new Uri('https://login.microsoftonline.com/'.$tenant.'/oauth2/v2.0/authorize');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -85,9 +93,11 @@ class Microsoft extends AbstractService
|
|||
*/
|
||||
public function getAccessTokenEndpoint()
|
||||
{
|
||||
$tenant = $this->storage->getTenant();
|
||||
|
||||
//return new Uri('https://login.live.com/oauth20_token.srf');
|
||||
//return new Uri('https://login.microsoftonline.com/organizations/oauth2/v2.0/token');
|
||||
return new Uri('https://login.microsoftonline.com/'.$this->tenant.'/oauth2/v2.0/token');
|
||||
return new Uri('https://login.microsoftonline.com/'.$tenant.'/oauth2/v2.0/token');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -110,6 +120,7 @@ class Microsoft extends AbstractService
|
|||
} elseif (isset($data['error'])) {
|
||||
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
|
||||
}
|
||||
//print $data['access_token'];exit;
|
||||
|
||||
$token = new StdOAuth2Token();
|
||||
$token->setAccessToken($data['access_token']);
|
||||
|
|
|
|||
|
|
@ -201,13 +201,15 @@ if ($mode == 'setup' && $user->admin) {
|
|||
$i++;
|
||||
|
||||
if ($key['varname'] == 'PRINTGCP_TOKEN_ACCESS') {
|
||||
$keyforprovider = ''; // @BUG This must be set
|
||||
|
||||
// Token
|
||||
print '<tr class="oddeven">';
|
||||
print '<td>'.$langs->trans("Token").'</td>';
|
||||
print '<td colspan="2">';
|
||||
$tokenobj = null;
|
||||
// Dolibarr storage
|
||||
$storage = new DoliStorage($db, $conf);
|
||||
$storage = new DoliStorage($db, $conf, $keyforprovider);
|
||||
try {
|
||||
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME_GOOGLE);
|
||||
} catch (Exception $e) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user