Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-10 13:12:50 +01:00
Code Issues Releases Activity

Connected accounts

Browse Source
This commit is contained in:
David Bomba 2021-02-22 08:27:00 +11:00
parent 164d28e16f
commit 53f79440c0
3 changed files with 149 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/Exceptions/Handler.php
View File

@ -99,21 +99,21 @@ class Handler extends ExceptionHandler
private function validException($exception)
{
if (strpos($exception->getMessage(), 'file_put_contents') !== false) {
if (strpos($exception->getMessage(), 'file_put_contents') !== false)
return false;
}
if (strpos($exception->getMessage(), 'Permission denied') !== false) {
if (strpos($exception->getMessage(), 'Permission denied') !== false)
return false;
}
if (strpos($exception->getMessage(), 'flock()') !== false) {
if (strpos($exception->getMessage(), 'flock()') !== false)
return false;
}
if (strpos($exception->getMessage(), 'expects parameter 1 to be resource') !== false) {
if (strpos($exception->getMessage(), 'expects parameter 1 to be resource') !== false)
return false;
}
if (strpos($exception->getMessage(), 'fwrite()') !== false)
return false
return true;
}

139
app/Http/Controllers/ConnectedAccountController.php Normal file
View File

@ -0,0 +1,139 @@
<?php
/**
* Invoice Ninja (https://invoiceninja.com).
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://opensource.org/licenses/AAL
*/
namespace App\Http\Controllers;
use App\Libraries\MultiDB;
use App\Libraries\OAuth\Providers\Google;
use Illuminate\Http\Request;
class ConnectedAccountController extends BaseController
{
public function __construct()
{
parent::__construct();
}
/**
* Refreshes the data feed with the current Company User.
*
* @param Request $request
* @return User Refresh Feed.
*
*
* @OA\Post(
* path="/api/v1/connected_account",
* operationId="connected_account",
* tags={"connected_account"},
* summary="Connect an oauth user to an existing user",
* description="Refreshes the dataset",
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
* @OA\Parameter(ref="#/components/parameters/include"),
* @OA\Parameter(ref="#/components/parameters/include_static"),
* @OA\Parameter(ref="#/components/parameters/clear_cache"),
* @OA\Response(
* response=200,
* description="The Company User response",
* @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
* @OA\JsonContent(ref="#/components/schemas/User"),
* ),
* @OA\Response(
* response=422,
* description="Validation error",
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
* ),
* @OA\Response(
* response="default",
* description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"),
* ),
* )
*/
public function index(Request $request)
{
if ($request->input('provider') == 'google') {
return $this->handleGoogleOauth();
}
return response()
->json(['message' => 'Provider not supported'], 400)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
private function handleGoogleOauth()
{
$user = false;
$google = new Google();
$user = $google->getTokenResponse(request()->input('id_token'));
if (is_array($user)) {
$query = [
'oauth_user_id' => $google->harvestSubField($user),
'oauth_provider_id'=> 'google',
];
/* Cannot allow duplicates! */
if ($existing_user = MultiDB::hasUser($query)) {
return response()
->json(['message' => 'User already exists in system.'], 401)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
}
if ($user) {
$client = new Google_Client();
$client->setClientId(config('ninja.auth.google.client_id'));
$client->setClientSecret(config('ninja.auth.google.client_secret'));
$client->setRedirectUri(config('ninja.app_url'));
$token = $client->authenticate(request()->input('server_auth_code'));
$refresh_token = '';
if (array_key_exists('refresh_token', $token)) {
$refresh_token = $token['refresh_token'];
}
$connected_account = [
'password' => '',
'email' => $google->harvestEmail($user),
'oauth_user_id' => $google->harvestSubField($user),
'oauth_user_token' => $token,
'oauth_user_refresh_token' => $refresh_token,
'oauth_provider_id' => 'google',
'email_verified_at' =>now()
];
auth()->user()->update($connected_account);
auth()->user()->email_verified_at = now();
auth()->user()->save();
//$ct = CompanyUser::whereUserId(auth()->user()->id);
return $this->listResponse(auth()->user());
}
return response()
->json(['message' => ctrans('texts.invalid_credentials')], 401)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
}

2
routes/api.php
View File

@ -36,6 +36,8 @@ Route::group(['middleware' => ['api_db', 'token_auth', 'locale'], 'prefix' => 'a
Route::put('clients/{client}/upload', 'ClientController@upload')->name('clients.upload');
Route::post('clients/bulk', 'ClientController@bulk')->name('clients.bulk');
Route::post('connected_account', 'ConnectedAccountController@index');
Route::resource('client_statement', 'ClientStatementController@statement'); // name = (client_statement. index / create / show / update / destroy / edit
Route::post('companies/purge/{company}', 'MigrationController@purgeCompany')->middleware('password_protected');