input('provider') == 'google') { return $this->handleGoogleOauth(); } return response() ->json(['message' => 'Provider not supported'], 400) ->header('X-App-Version', config('ninja.app_version')) ->header('X-Api-Version', config('ninja.minimum_client_version')); } private function handleGoogleOauth() { $user = false; $google = new Google(); $user = $google->getTokenResponse(request()->input('id_token')); if ($user) { $client = new Google_Client(); $client->setClientId(config('ninja.auth.google.client_id')); $client->setClientSecret(config('ninja.auth.google.client_secret')); $client->setRedirectUri(config('ninja.app_url')); $refresh_token = ''; $token = ''; $connected_account = [ 'email' => $google->harvestEmail($user), 'oauth_user_id' => $google->harvestSubField($user), 'oauth_provider_id' => 'google', 'email_verified_at' =>now() ]; auth()->user()->update($connected_account); auth()->user()->email_verified_at = now(); auth()->user()->save(); $timeout = auth()->user()->company()->default_password_timeout; Cache::put(auth()->user()->hashed_id.'_'.auth()->user()->account_id.'_logged_in', Str::random(64), $timeout); return $this->itemResponse(auth()->user()); } return response() ->json(['message' => ctrans('texts.invalid_credentials')], 401) ->header('X-App-Version', config('ninja.app_version')) ->header('X-Api-Version', config('ninja.minimum_client_version')); } public function handleGmailOauth(Request $request) { $user = false; $google = new Google(); $user = $google->getTokenResponse($request->input('id_token')); if ($user) { $client = new Google_Client(); $client->setClientId(config('ninja.auth.google.client_id')); $client->setClientSecret(config('ninja.auth.google.client_secret')); $client->setRedirectUri(config('ninja.app_url')); $token = $client->authenticate($request->input('server_auth_code')); $refresh_token = ''; if (array_key_exists('refresh_token', $token)) { $refresh_token = $token['refresh_token']; } $connected_account = [ 'email' => $google->harvestEmail($user), 'oauth_user_id' => $google->harvestSubField($user), 'oauth_user_token' => $token, 'oauth_user_refresh_token' => $refresh_token, 'oauth_provider_id' => 'google', 'email_verified_at' =>now() ]; if(auth()->user()->email != $google->harvestEmail($user)) return response()->json(['message' => 'Primary Email differs to OAuth email. Emails must match.'], 400); auth()->user()->update($connected_account); auth()->user()->email_verified_at = now(); auth()->user()->save(); $this->activateGmail(auth()->user()); return $this->itemResponse(auth()->user()); } return response() ->json(['message' => ctrans('texts.invalid_credentials')], 401) ->header('X-App-Version', config('ninja.app_version')) ->header('X-Api-Version', config('ninja.minimum_client_version')); } private function activateGmail(User $user) { $company = $user->company(); $settings = $company->settings; if($settings->email_sending_method == 'default') { $settings->email_sending_method = 'gmail'; $settings->gmail_sending_user_id = (string)$user->hashed_id; $company->settings = $settings; $company->save(); } } }