oauth.php 8.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240
  1. <?php
  2. /* Copyright (C) 2015-2018 Frederic France <frederic.france@netlogic.fr>
  3. * Copyright (C) 2016 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
  4. * Copyright (C) 2022 Laurent Destailleur <eldy@users.sourceforge.net>
  5. *
  6. * This program is free software; you can redistribute it and/or modify
  7. * it under the terms of the GNU General Public License as published by
  8. * the Free Software Foundation; either version 3 of the License, or
  9. * (at your option) any later version.
  10. *
  11. * This program is distributed in the hope that it will be useful,
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. * GNU General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  18. *
  19. */
  20. /**
  21. * \file htdocs/admin/oauth.php
  22. * \ingroup oauth
  23. * \brief Setup page to configure oauth access api
  24. */
  25. require '../main.inc.php';
  26. require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
  27. require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php';
  28. // $supportedoauth2array is defined into oauth.lib.php
  29. // Define $urlwithroot
  30. $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
  31. $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
  32. //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
  33. // Load translation files required by the page
  34. $langs->loadLangs(array('admin', 'oauth', 'modulebuilder'));
  35. // Security check
  36. if (!$user->admin) {
  37. accessforbidden();
  38. }
  39. $action = GETPOST('action', 'aZ09');
  40. $provider = GETPOST('provider', 'aZ09');
  41. $label = GETPOST('label', 'aZ09');
  42. $error = 0;
  43. /*
  44. * Actions
  45. */
  46. if ($action == 'add') { // $provider is OAUTH_XXX
  47. if ($provider && $provider != '-1') {
  48. $constname = strtoupper($provider).($label ? '-'.$label : '').'_ID';
  49. if (getDolGlobalString($constname)) {
  50. setEventMessages($langs->trans("AOAuthEntryForThisProviderAndLabelAlreadyHasAKey"), null, 'errors');
  51. $error++;
  52. } else {
  53. dolibarr_set_const($db, $constname, 'ToComplete', 'chaine', 0, '', $conf->entity);
  54. setEventMessages($langs->trans("OAuthProviderAdded"), null);
  55. }
  56. }
  57. }
  58. if ($action == 'update') {
  59. foreach ($conf->global as $key => $val) {
  60. if (!empty($val) && preg_match('/^OAUTH_.+_ID$/', $key)) {
  61. $constvalue = str_replace('_ID', '', $key);
  62. if (!dolibarr_set_const($db, $constvalue.'_ID', GETPOST($constvalue.'_ID'), 'chaine', 0, '', $conf->entity)) {
  63. $error++;
  64. }
  65. // If we reset this provider, we also remove the secret
  66. if (!dolibarr_set_const($db, $constvalue.'_SECRET', GETPOST($constvalue.'_ID') ? GETPOST($constvalue.'_SECRET') : '', 'chaine', 0, '', $conf->entity)) {
  67. $error++;
  68. }
  69. }
  70. }
  71. if (!$error) {
  72. setEventMessages($langs->trans("SetupSaved"), null);
  73. } else {
  74. setEventMessages($langs->trans("Error"), null, 'errors');
  75. }
  76. }
  77. /*
  78. * View
  79. */
  80. llxHeader();
  81. $form = new Form($db);
  82. $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
  83. print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup');
  84. print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
  85. print '<input type="hidden" name="token" value="'.newToken().'">';
  86. print '<input type="hidden" name="action" value="add">';
  87. $head = oauthadmin_prepare_head();
  88. print dol_get_fiche_head($head, 'services', '', -1, '');
  89. print '<span class="opacitymedium">'.$langs->trans("ListOfSupportedOauthProviders").'</span><br><br>';
  90. print '<select name="provider" id="provider" class="minwidth150">';
  91. print '<option name="-1" value="-1">'.$langs->trans("OAuthProvider").'</option>';
  92. foreach ($list as $key) {
  93. $supported = 0;
  94. $keyforsupportedoauth2array = $key[0];
  95. if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
  96. $supported = 1;
  97. }
  98. if (!$supported) {
  99. continue; // show only supported
  100. }
  101. $i++;
  102. print '<option name="'.$keyforsupportedoauth2array.'" value="'.str_replace('_NAME', '', $keyforsupportedoauth2array).'">'.$supportedoauth2array[$keyforsupportedoauth2array]['name'].'</option>'."\n";
  103. }
  104. print '</select>';
  105. print ajax_combobox('provider');
  106. print ' <input type="text" name="label" value="" placeholder="'.$langs->trans("Label").'" pattern="^\S+$" title="'.$langs->trans("SpaceOrSpecialCharAreNotAllowed").'">';
  107. print ' <input type="submit" class="button small" name="add" value="'.$langs->trans("Add").'">';
  108. print '</form>';
  109. print '<br>';
  110. print '<br>';
  111. print dol_get_fiche_end();
  112. //var_dump($list);
  113. foreach ($conf->global as $key => $val) {
  114. if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) {
  115. $provider = preg_replace('/_ID$/', '', $key);
  116. $listinsetup[] = array($provider.'_NAME', $provider.'_ID', $provider.'_SECRET', 'OAUTH Provider '.str_replace('OAUTH_', '', $provider));
  117. }
  118. }
  119. if (count($listinsetup) > 0) {
  120. print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
  121. print '<input type="hidden" name="token" value="'.newToken().'">';
  122. print '<input type="hidden" name="action" value="update">';
  123. print '<div class="div-table-responsive-no-min">';
  124. print '<table class="noborder centpercent">';
  125. $i = 0;
  126. // $list is defined into oauth.lib.php to the list of supporter OAuth providers.
  127. foreach ($listinsetup as $key) {
  128. $supported = 0;
  129. $keyforsupportedoauth2array = $key[0]; // May be OAUTH_GOOGLE_NAME or OAUTH_GOOGLE_xxx_NAME
  130. $keyforsupportedoauth2array = preg_replace('/^OAUTH_/', '', $keyforsupportedoauth2array);
  131. $keyforsupportedoauth2array = preg_replace('/_NAME$/', '', $keyforsupportedoauth2array);
  132. if (preg_match('/^.*-/', $keyforsupportedoauth2array)) {
  133. $keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array);
  134. } else {
  135. $keyforprovider = '';
  136. }
  137. $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array);
  138. $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME';
  139. if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
  140. $supported = 1;
  141. }
  142. if (!$supported) {
  143. continue; // show only supported
  144. }
  145. $i++;
  146. print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">';
  147. // Api Name
  148. $label = $langs->trans($keyforsupportedoauth2array);
  149. print '<td>';
  150. print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
  151. print $label;
  152. if ($keyforprovider) {
  153. print ' (<b>'.$keyforprovider.'</b>)';
  154. } else {
  155. print ' (<b>'.$langs->trans("NoName").'</b>)';
  156. }
  157. print '</td>';
  158. print '<td>';
  159. if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials'])) {
  160. print $langs->trans("OAUTH_URL_FOR_CREDENTIAL", $supportedoauth2array[$keyforsupportedoauth2array]['urlforcredentials']);
  161. }
  162. print '</td>';
  163. print '</tr>';
  164. if ($supported) {
  165. $redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php';
  166. print '<tr class="oddeven value">';
  167. print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
  168. print '<td><input style="width: 80%" type"text" name="uri'.$keyforsupportedoauth2array.'" value="'.$redirect_uri.'">';
  169. print '</td></tr>';
  170. } else {
  171. print '<tr class="oddeven value">';
  172. print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
  173. print '<td>'.$langs->trans("FeatureNotYetSupported").'</td>';
  174. print '</td></tr>';
  175. }
  176. // Api Id
  177. print '<tr class="oddeven value">';
  178. print '<td><label for="'.$key[1].'">'.$langs->trans("OAUTH_ID").'</label></td>';
  179. print '<td><input type="text" size="100" id="'.$key[1].'" name="'.$key[1].'" value="'.$conf->global->{$key[1]}.'">';
  180. print '</td></tr>';
  181. // Api Secret
  182. print '<tr class="oddeven value">';
  183. print '<td><label for="'.$key[2].'">'.$langs->trans("OAUTH_SECRET").'</label></td>';
  184. print '<td><input type="password" size="100" id="'.$key[2].'" name="'.$key[2].'" value="'.$conf->global->{$key[2]}.'">';
  185. print '</td></tr>';
  186. }
  187. print '</table>'."\n";
  188. print '</div>';
  189. print $form->buttonsSaveCancel("Modify", '');
  190. print '</form>';
  191. }
  192. // End of page
  193. llxFooter();
  194. $db->close();