This repository has been archived on 2024-07-27. You can view files and clone it, but cannot push or open issues or pull requests.
keksAccount/app/Http/Controllers/oAuthController.php

171 lines
5.2 KiB
PHP
Raw Permalink Normal View History

2019-04-24 18:46:41 +00:00
<?php
namespace App\Http\Controllers;
use App\Entity\Token;
use App\Exceptions\HTTPException;
use App\Models\AccessToken;
use App\Models\App;
use App\Models\AppAccess;
use App\Models\AppCode;
use App\Models\RefreshToken;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class oAuthController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
//
}
public function authorizeView(Request $request) {
2019-07-17 12:52:22 +00:00
if(getenv("NEW_GUI")){
$guiURL = getenv("GUI_URL")."/#/oauth?".$_SERVER['QUERY_STRING'];
return redirect($guiURL);
}
2019-04-24 18:46:41 +00:00
$app = App::query()->where("apiKey", "=", $request->input("client_id"))->first();
$user = Auth::user();
$redirect = false;
if($user != null) {
2019-05-02 09:25:38 +00:00
$access = AppAccess::getOrCreate($user->id, $app->id);
2019-04-24 18:46:41 +00:00
if($app->auto_accept == true) {
$access->status = "allowed";
$access->saveOrFail();
}
if($access->status == "allowed") {
2019-04-24 18:46:41 +00:00
$redirect = true;
}
}
if($app->stop_auto_redirect) {
$redirect = false;
2019-04-24 18:46:41 +00:00
}
if($redirect) {
$returnUrl = urldecode($request->input("redirect_uri"));
if(strpos($returnUrl, "?") > 0) {
Log::debug("Found questionmark in redirect_uri");
if(substr($returnUrl, -1, 1) != "&") {
Log::debug("Add & to the redirect_uri");
$returnUrl .= "&";
}
} else {
$returnUrl .= "?";
}
$appCode = AppCode::createCode($access);
2019-06-20 16:03:54 +00:00
$returnUrl.="code=".$appCode->code;
if($request->input("state", null) !== null) {
$returnUrl .= "&state=".$request->input("state");
}
2019-04-24 18:46:41 +00:00
Log::debug("Return URL: ".$returnUrl);
return redirect($returnUrl);
}
return view('oAuth/authorizeLogin', ["msg"=>"", "app"=>$app]);
}
public function authorizeDo(Request $request)
{
//Check user
$user = Auth::user();
$app = App::query()->where("apiKey", "=", $request->input("client_id"))->first();
//Check if user send username/password if not logged in
if(is_null($user)) {
$user = User::query()->where("username", "=", $request->input("username"))->first();
if($user == null){
return view('oAuth/authorizeLogin', ["msg"=>"Username or Password wrong", "app"=>$app]);
}
if(!password_verify($request->input("password"), $user->password)) {
return view('oAuth/authorizeLogin', ["msg"=>"Username or Password wrong", "app"=>$app]);
}
}
$access = AppAccess::getOrCreate($user->id, $app->id);
$access->status = "allowed";
$access->saveOrFail();
$returnUrl = urldecode($request->input("redirect_uri"));
if(strpos($returnUrl, "?") > 0) {
Log::debug("Found questionmark in redirect_uri");
if(substr($returnUrl, -1, 1) != "&") {
Log::debug("Add & to the redirect_uri");
$returnUrl .= "&";
}
} else {
$returnUrl .= "?";
}
$appCode = AppCode::createCode($access);
$returnUrl.="code=".$appCode->code."&state=".$request->input("state");
Log::debug("Return URL: ".$returnUrl);
return redirect($returnUrl);
}
public function token(Request $request) {
$code = AppCode::query()->where("code", "=", $request->input("code"))->first();
$access = $code->getAccess();
if($access->status != "allowed") {
throw new HTTPException("401", "Code has no access");
}
$accessToken = AccessToken::createToken($access);
$refreshToken = RefreshToken::createToken($access);
2019-07-17 16:42:27 +00:00
$code->delete();
2019-04-24 18:46:41 +00:00
$token = new Token();
$token->expires_at = $accessToken->expires_at;
$token->token = $accessToken->token;
$token->refreshToken = $refreshToken->token;
$d = [
'access_token' => $accessToken->token,
'token_type' => 'bearer',
'expires_in' => strtotime($accessToken->expires_at)-time(),
'refresh_token' => $refreshToken->token
];
echo json_encode($d);
}
public function getUserTMP() {
$user = Auth::user();
$data = [];
$data["id"] = $user->id;
$data["username"] = $user->username;
$data["sub"] = $user->username;
$data["email"] = $user->getMail();
$data["name"] = $user->username;
2019-04-28 12:49:10 +00:00
$data["displayName"] = $user->username; //Param for Nextcloud
2019-04-24 18:46:41 +00:00
$data["state"] = "active";
$data["avatar_url"] = "https://www.alzforum.org/sites/default/files/member-default.jpg";
#$data["web_url"] = "http://www.kekskurse.de";
$data["is_admin"] = false;
$data["public_email"] = $user->getMail();
echo json_encode($data);
}
public function getGroupsTMP() {
echo "[]";
}
//
}