|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* OAuth mail authorization api file. |
|
4
|
|
|
* |
|
5
|
|
|
* @package API |
|
6
|
|
|
* |
|
7
|
|
|
* @copyright YetiForce S.A. |
|
8
|
|
|
* @license YetiForce Public License 5.0 (licenses/LicenseEN.txt or yetiforce.com) |
|
9
|
|
|
* @author Radosław Skrzypczak <[email protected]> |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
namespace Api\OAuth\BaseAction; |
|
13
|
|
|
|
|
14
|
|
|
class MailAccount extends \Api\Core\BaseAction |
|
15
|
|
|
{ |
|
16
|
|
|
/** {@inheritdoc} */ |
|
17
|
|
|
public $allowedMethod = ['GET']; |
|
18
|
|
|
|
|
19
|
|
|
/** @var string Module name */ |
|
20
|
|
|
private $moduleName = 'MailAccount'; |
|
21
|
|
|
|
|
22
|
|
|
/** {@inheritdoc} */ |
|
23
|
|
|
protected function checkPermission(): void |
|
24
|
|
|
{ |
|
25
|
|
|
\App\Session::init(); |
|
26
|
|
|
$state = $this->controller->request->get('state'); |
|
27
|
|
|
$hash = $state ? sha1($state) : ''; |
|
28
|
|
|
if (!$state || !\App\Session::has("OAuth.State.{$hash}") || $state !== \App\Session::get("OAuth.State.{$hash}")['state']) { |
|
29
|
|
|
throw new \Api\Core\Exception('No permission or wrong data', 401); |
|
30
|
|
|
} |
|
31
|
|
|
} |
|
32
|
|
|
|
|
33
|
|
|
/** {@inheritdoc} */ |
|
34
|
|
|
public function updateSession(array $data = []): void |
|
35
|
|
|
{ |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
/** {@inheritdoc} */ |
|
39
|
|
|
protected function checkPermissionToModule(): void |
|
40
|
|
|
{ |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
public function get() |
|
44
|
|
|
{ |
|
45
|
|
|
$code = $this->controller->request->getRaw('code'); |
|
46
|
|
|
$state = $this->controller->request->get('state'); |
|
47
|
|
|
$hash = $state ? sha1($state) : ''; |
|
48
|
|
|
$key = "OAuth.State.{$hash}"; |
|
49
|
|
|
|
|
50
|
|
|
$data = \App\Session::get($key); |
|
51
|
|
|
\App\Session::delete($key); |
|
52
|
|
|
$recordId = $data['recordId']; |
|
53
|
|
|
|
|
54
|
|
|
try { |
|
55
|
|
|
if ($this->controller->request->get('error') && !$code) { |
|
56
|
|
|
$message = $this->controller->request->get('error_description') ?: 'Authentication error'; |
|
57
|
|
|
$this->setLogs($recordId, $message); |
|
58
|
|
|
} else { |
|
59
|
|
|
$mailAccount = \App\Mail\Account::getInstanceById($recordId); |
|
60
|
|
|
$mailAccount->getAccessToken(['code' => $code]); |
|
61
|
|
|
$provider = $mailAccount->getOAuthProvider(); |
|
62
|
|
|
$resourceOwner = $provider->getResourceOwner(); |
|
63
|
|
|
if (($aud = $resourceOwner->toArray()['aud'] ?? '') && $aud !== $mailAccount->getServer()->get('client_id')) { |
|
64
|
|
|
$this->setLogs($recordId, 'Attempted to authenticate the wrong data aud: ' . $aud); |
|
65
|
|
|
} else { |
|
66
|
|
|
$mailAccount->update(); |
|
67
|
|
|
} |
|
68
|
|
|
} |
|
69
|
|
|
|
|
70
|
|
|
$redirectUri = $data['redirectUri']; |
|
71
|
|
|
header('location: ' . $redirectUri); |
|
72
|
|
|
exit; |
|
73
|
|
|
} catch (\Throwable $th) { |
|
74
|
|
|
$message = $th->getMessage(); |
|
75
|
|
|
if ($th instanceof \App\Exceptions\AppException) { |
|
76
|
|
|
$message = $th->getDisplayMessage(); |
|
77
|
|
|
} |
|
78
|
|
|
$url = $this->setLogs($recordId, $message); |
|
79
|
|
|
header('location: ' . \App\Config::main('site_URL') . $url); |
|
80
|
|
|
exit; |
|
81
|
|
|
} |
|
82
|
|
|
} |
|
83
|
|
|
|
|
84
|
|
|
private function setLogs(int $recordId, string $message): string |
|
85
|
|
|
{ |
|
86
|
|
|
$recordModel = \Vtiger_Record_Model::getInstanceById($recordId, $this->moduleName); |
|
87
|
|
|
$fieldModel = $recordModel->getField('logs'); |
|
88
|
|
|
$fieldModelStatus = $recordModel->getField('mailaccount_status'); |
|
89
|
|
|
$status = 'PLL_LOCKED'; |
|
90
|
|
|
if (mb_strlen($message) > $fieldModel->getMaxValue()) { |
|
91
|
|
|
$message = substr($message, 0, $fieldModel->getMaxValue()); |
|
92
|
|
|
} |
|
93
|
|
|
$recordModel->set($fieldModel->getName(), $message)->setDataForSave([$fieldModel->getTableName() => [$fieldModel->getColumnName() => $message]]); |
|
94
|
|
|
$recordModel->set($fieldModelStatus->getName(), $status)->setDataForSave([$fieldModelStatus->getTableName() => [$fieldModelStatus->getColumnName() => $status]]); |
|
95
|
|
|
$recordModel->save(); |
|
96
|
|
|
|
|
97
|
|
|
return $recordModel->getDetailViewUrl(); |
|
98
|
|
|
} |
|
99
|
|
|
} |
|
100
|
|
|
|
YetiForceCompany /
YetiForceCRM
