1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-14 07:02:34 +01:00
invoiceninja/app/Http/Controllers/ConnectedAccountController.php

204 lines
6.8 KiB
PHP
Raw Normal View History

2021-02-21 22:27:00 +01:00
<?php
/**
* Invoice Ninja (https://invoiceninja.com).
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
*
2021-06-16 08:58:16 +02:00
* @license https://www.elastic.co/licensing/elastic-license
2021-02-21 22:27:00 +01:00
*/
namespace App\Http\Controllers;
use App\Libraries\MultiDB;
use App\Libraries\OAuth\Providers\Google;
2021-03-09 23:56:59 +01:00
use App\Models\CompanyUser;
2021-03-21 23:02:22 +01:00
use App\Models\User;
2021-03-09 23:56:59 +01:00
use App\Transformers\CompanyUserTransformer;
2021-03-21 23:02:22 +01:00
use App\Transformers\UserTransformer;
2021-05-23 23:23:30 +02:00
use App\Utils\Traits\User\LoginCache;
2021-03-08 23:55:31 +01:00
use Google_Client;
2021-03-09 23:56:59 +01:00
use Illuminate\Http\Request;
2021-03-22 11:55:09 +01:00
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Str;
2021-02-21 22:27:00 +01:00
class ConnectedAccountController extends BaseController
{
2021-05-23 23:23:30 +02:00
use LoginCache;
2021-02-21 22:27:00 +01:00
2021-03-20 01:54:47 +01:00
protected $entity_type = User::class;
2021-03-09 23:56:59 +01:00
2021-03-20 01:54:47 +01:00
protected $entity_transformer = UserTransformer::class;
2021-03-09 23:56:59 +01:00
2021-02-21 22:27:00 +01:00
public function __construct()
{
parent::__construct();
}
2021-02-22 01:18:52 +01:00
/**
* Connect an OAuth account to a regular email/password combination account
2021-02-21 22:27:00 +01:00
*
* @param Request $request
* @return User Refresh Feed.
*
*
* @OA\Post(
* path="/api/v1/connected_account",
* operationId="connected_account",
* tags={"connected_account"},
* summary="Connect an oauth user to an existing user",
* description="Refreshes the dataset",
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
* @OA\Parameter(ref="#/components/parameters/include"),
* @OA\Parameter(ref="#/components/parameters/include_static"),
* @OA\Parameter(ref="#/components/parameters/clear_cache"),
* @OA\Response(
* response=200,
* description="The Company User response",
* @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
* @OA\JsonContent(ref="#/components/schemas/User"),
* ),
* @OA\Response(
* response=422,
* description="Validation error",
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
* ),
* @OA\Response(
* response="default",
* description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"),
* ),
* )
*/
public function index(Request $request)
{
if ($request->input('provider') == 'google') {
return $this->handleGoogleOauth();
}
return response()
->json(['message' => 'Provider not supported'], 400)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
private function handleGoogleOauth()
{
$user = false;
$google = new Google();
2021-03-16 12:33:48 +01:00
$user = $google->getTokenResponse(request()->input('id_token'));
2021-02-21 22:27:00 +01:00
if ($user) {
2021-03-16 12:44:10 +01:00
2021-02-21 22:27:00 +01:00
$client = new Google_Client();
$client->setClientId(config('ninja.auth.google.client_id'));
$client->setClientSecret(config('ninja.auth.google.client_secret'));
$client->setRedirectUri(config('ninja.app_url'));
2021-03-21 22:06:26 +01:00
$refresh_token = '';
$token = '';
$email = $google->harvestEmail($user);
if(auth()->user()->email != $email && MultiDB::checkUserEmailExists($email))
2021-07-28 00:01:26 +02:00
return response()->json(['message' => ctrans('texts.email_already_register')], 400);
2021-03-21 22:06:26 +01:00
$connected_account = [
'email' => $email,
2021-03-21 22:06:26 +01:00
'oauth_user_id' => $google->harvestSubField($user),
'oauth_provider_id' => 'google',
'email_verified_at' =>now()
];
auth()->user()->update($connected_account);
auth()->user()->email_verified_at = now();
auth()->user()->save();
2021-05-23 23:23:30 +02:00
$this->setLoginCache(auth()->user());
2021-03-21 22:06:26 +01:00
return $this->itemResponse(auth()->user());
}
return response()
->json(['message' => ctrans('texts.invalid_credentials')], 401)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
2021-03-21 22:06:26 +01:00
public function handleGmailOauth(Request $request)
{
$user = false;
$google = new Google();
$user = $google->getTokenResponse($request->input('id_token'));
if ($user) {
$client = new Google_Client();
$client->setClientId(config('ninja.auth.google.client_id'));
$client->setClientSecret(config('ninja.auth.google.client_secret'));
$client->setRedirectUri(config('ninja.app_url'));
$token = $client->authenticate($request->input('server_auth_code'));
2021-02-21 22:27:00 +01:00
$refresh_token = '';
if (array_key_exists('refresh_token', $token)) {
$refresh_token = $token['refresh_token'];
}
$connected_account = [
'email' => $google->harvestEmail($user),
'oauth_user_id' => $google->harvestSubField($user),
'oauth_user_token' => $token,
'oauth_user_refresh_token' => $refresh_token,
'oauth_provider_id' => 'google',
'email_verified_at' =>now()
];
2021-05-20 11:50:11 +02:00
if(auth()->user()->email != $google->harvestEmail($user))
return response()->json(['message' => 'Primary Email differs to OAuth email. Emails must match.'], 400);
2021-02-21 22:27:00 +01:00
auth()->user()->update($connected_account);
auth()->user()->email_verified_at = now();
auth()->user()->save();
2021-03-11 21:07:52 +01:00
$this->activateGmail(auth()->user());
2021-03-14 11:32:09 +01:00
return $this->itemResponse(auth()->user());
2021-03-21 10:45:30 +01:00
2021-02-21 22:27:00 +01:00
}
return response()
->json(['message' => ctrans('texts.invalid_credentials')], 401)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
2021-03-21 22:06:26 +01:00
2021-02-21 22:27:00 +01:00
}
private function activateGmail(User $user)
{
$company = $user->company();
$settings = $company->settings;
if($settings->email_sending_method == 'default')
{
$settings->email_sending_method = 'gmail';
$settings->gmail_sending_user_id = (string)$user->hashed_id;
$company->settings = $settings;
$company->save();
}
}
2021-02-21 22:27:00 +01:00
}