Add in verification of Google OAuth using an access token

2024-11-10 13:12:50 +01:00 · 2023-11-21 10:50:19 +11:00 · 2023-11-21 10:50:19 +11:00 · a8ecd8de64
commit a8ecd8de64
parent 4db163c4e1
4 changed files with 37 additions and 19 deletions
--- a/app/Filters/DesignFilters.php
+++ b/app/Filters/DesignFilters.php
@ -93,6 +93,7 @@ class DesignFilters extends QueryFilters

        return $this->builder->where('is_template', $bool_val);
    }
+
    /**
     * Filter the designs by `is_custom` column.
     *
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -527,7 +527,10 @@ class LoginController extends BaseController

        if (request()->has('id_token')) {
            $user = $google->getTokenResponse(request()->input('id_token'));
-        } else {
+        }elseif(request()->has('access_token')){
+            $user = $google->harvestUser(request()->input('access_token'));
+        } 
+        else {
            return response()->json(['message' => 'Illegal request'], 403);
        }

--- a/app/Libraries/OAuth/Providers/Google.php
+++ b/app/Libraries/OAuth/Providers/Google.php
@ -3,7 +3,6 @@
 namespace App\Libraries\OAuth\Providers;

 use Google_Client;
-
 class Google implements ProviderInterface
 {
    public function getTokenResponse($token)
@ -27,4 +26,28 @@ class Google implements ProviderInterface
    {
        return $payload['name'];
    }
+
+    public function harvestUser($access_token)
+    {
+        $client = new Google_Client();
+        $client->setClientId(config('ninja.auth.google.client_id'));
+        $client->setClientSecret(config('ninja.auth.google.client_secret'));
+        $client->setAccessToken($access_token);
+
+        $oauth2 = new \Google_Service_Oauth2($client);
+
+        try {
+            $userInfo = $oauth2->userinfo->get();
+        }
+        catch (\Exception $e) {
+            return false;
+        }
+
+        return [
+            'email' => $userInfo['email'],
+            'sub' => $userInfo['id'],
+            'name' => $userInfo['name'],
+        ];
+
+    }
 }
--- a/app/PaymentDrivers/BaseDriver.php
+++ b/app/PaymentDrivers/BaseDriver.php
@ -743,29 +743,20 @@ class BaseDriver extends AbstractPaymentDriver
        }

        $invoices_string = str_replace(["*","<",">","'",'"'], "-", $invoices_string);
-        // $invoices_string = "I-".$invoices_string;
-        // $invoices_string = substr($invoices_string, 0, 22);
        
 // 2023-11-02 - improve the statement descriptor for string
+
 $company_name = $this->client->company->present()->name();
+$company_name = str_replace(["*","<",">","'",'"'], "-", $company_name);

-if(ctype_digit(substr($company_name, 0, 1)))
-    $company_name = "X" . $company_name;
-
-$suffix = strlen($invoices_string) + 1;
-
-$length = 22 - $suffix;
-
-$company_name = substr($company_name, 0, $length);
+if(ctype_digit(substr($company_name, 0, 1))) {
+    $company_name = "I" . $company_name;
+}

+$company_name = substr($company_name, 0, 11);
 $descriptor = "{$company_name} {$invoices_string}";
-
-$invoices_string = str_pad($descriptor, 5, ctrans('texts.invoice'), STR_PAD_RIGHT);
-$invoices_string = substr($invoices_string, 0, 22);
-
-        // $invoices_string = str_pad($invoices_string, 5, ctrans('texts.invoice'), STR_PAD_LEFT);
-
-        return $invoices_string;
+$descriptor = substr($descriptor, 0, 22);
+return $descriptor;

    }
    /**