Untitled
unknown
plain_text
2 months ago
17 kB
3
Indexable
if (isset($_REQUEST['code'], $_REQUEST['state'])) { if (!isset($_SESSION) || session_id() === '') { session_start(); } if (!isset($_GET['code'])) { throw new \Exception($_GET['error_description'] ?? $_GET['error'] ?? 'Invalid response'); } try { $current_app_name = ''; if (!empty($_SESSION['appname'])) { $current_app_name = $_SESSION['appname']; } elseif (!empty($_GET['state'])) { $current_app_name = base64_decode($_GET['state']); } if (empty($current_app_name)) { throw new \Exception('No request found for this application.'); } $apps_list = get_option('mo_oauth_apps_list'); $email_attr = ''; $current_app = null; foreach ($apps_list as $key => $app) { if ($key === $current_app_name) { $current_app = $app; $email_attr = $app['email_attr'] ?? $email_attr; break; } } if ($current_app === null) { throw new \Exception('Application not configured.'); } $mo_oauth_handler = new \Mo_OAuth_Hanlder(); $accessTokenUrl = $current_app['accesstokenurl']; $uri = parse_url(home_url($_SERVER['REQUEST_URI'])); parse_str($uri['query'], $queries); unset($queries['state'], $queries['session_state'], $queries['code']); $redirect_url = get_permalink(); switch (get_page_template_slug()) { case 'leoo-core/page-product.php': $redirect_url .= $_GET['product'] . '/'; break; case 'leoo-core/page-taxon.php': $redirect_url .= $_GET['taxon'] . '/'; break; } $redirect_url = add_query_arg($queries, $redirect_url); $access_token = $mo_oauth_handler->getAccessToken( $accessTokenUrl, 'authorization_code', $current_app['clientid'], $current_app['clientsecret'], $_GET['code'], $redirect_url ); if (!$access_token) { throw new \Exception('Invalid token received.'); } $resource_owner_details_url = $current_app['resourceownerdetailsurl']; if (substr($resource_owner_details_url, -1) === '=') { $resource_owner_details_url .= $access_token; } $resource_owner = $mo_oauth_handler->getResourceOwner($resource_owner_details_url, $access_token); // TEST Configuration if (isset($_COOKIE['mo_oauth_test']) && $_COOKIE['mo_oauth_test']) { echo '<style>table{border-collapse: collapse;}table, td, th {border: 1px solid black;padding:4px}</style>'; echo '<h2>Test Configuration</h2><table><tr><th>Attribute Name</th><th>Attribute Value</th></tr>'; testattrmappingconfig('', $resource_owner); echo '</table>'; exit; } $username = $resource_owner['sub']; $user = get_user_by('login', $username); $vyv_consumer = (new Parser(new JoseEncoder()))->parse($access_token)->claims()->all(); $stream = fopen('/var/www/club/web/app/logs/oauth-' . date('Y-m-d') . '.log', 'a+'); fwrite($stream, '======================' . PHP_EOL); fwrite($stream, 'Time: ' . date('h:i:sa') . PHP_EOL); fwrite($stream, 'Vyv consumer : ' . json_encode($vyv_consumer) . PHP_EOL); /** @var CustomerGroupCollection $companies */ $companies = get_client_shop()->customerGroup()->getAll(['itemsPerPage' => PHP_INT_MAX])->getResponse(); $grantedCompanies = []; /** @var CustomerGroup $company */ foreach ($companies->getItems() as $company) { $grantedCompanies[] = $company->getCode(); } fwrite($stream, 'Granted companies : ' . json_encode($grantedCompanies) . PHP_EOL); if (!empty($vyv_consumer['company']) && !\in_array(mb_strtolower($vyv_consumer['company']), $grantedCompanies)) { throw new \Exception(__('Your company is not eligible to come here.', 'leoo-vyv')); } if ($user === false) { fwrite($stream, 'user false' . PHP_EOL); add_action(LeooAuthentication::PRE_LOGIN, function (PreLogin $preLogin) use ($resource_owner, $vyv_consumer, $stream): void { try { $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword()) !== null; fwrite($stream, 'exists : ' . $exists . PHP_EOL); } catch (ClientException $exception) { $exists = false; fwrite($stream, 'clientException : ' . $exception->getMessage() . PHP_EOL); } if ($exists === false && !empty($resource_owner['email'])) { $user = get_user_by('email', $resource_owner['email']); if ($user instanceof \WP_User) { $username = $preLogin->getUsername(); $preLogin = new PreLogin($user->user_nicename, $user->user_nicename); $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword()); if ($exists) { $customer = LeooCore::instance()->getAuthentication()->getMe($exists); $customer->setResources([ 'company' => $vyv_consumer['company'] ?? null, 'sub' => $vyv_consumer['sub'] ?? null, 'adherent_id' => $vyv_consumer['adherent_id'] ?? null, 'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null, 'vyv' => $vyv_consumer, ]) ->setEmailCanonical($vyv_consumer['sub']); LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer); /* To reset token after change email canonical */ LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $preLogin->getPassword(), true); LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->changePassword($customer, $vyv_consumer['sub'], $preLogin->getPassword()); } } } if ($exists === false) { if (empty($resource_owner['email'])) { FlashMessage::add(__('Email is required, please contact your mutual health insurance to add one.', 'leoo-vyv'), FlashMessage::ERROR); return; } $customer = (new Customer()) ->setUsername($preLogin->getUsername()) ->setEmail($resource_owner['email']) ->setFirstName($resource_owner['given_name']) ->setLastName($resource_owner['family_name']) ->setResources([ 'company' => $vyv_consumer['company'] ?? null, 'sub' => $vyv_consumer['sub'] ?? null, 'adherent_id' => $vyv_consumer['adherent_id'] ?? null, 'postal_code' => $vyv_consumer['postal_code'] ?? null, 'vyv' => $vyv_consumer, ]) ->setEmailCanonical($vyv_consumer['sub']) ->setPassword($preLogin->getPassword()); LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->create($customer); $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword()); $customer = LeooCore::instance()->getAuthentication()->getMe($exists); $group = null; try { if (!empty($vyv_consumer['company'])) { $response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse(); $group = $response->getIri(); } } catch (\Throwable $e) { } $customer->setResources([ 'company' => $vyv_consumer['company'] ?? null, 'sub' => $vyv_consumer['sub'] ?? null, 'adherent_id' => $vyv_consumer['adherent_id'] ?? null, 'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null, 'vyv' => $vyv_consumer, ]) ->setEmailCanonical($vyv_consumer['sub']) ->setGroup($group); LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer); } add_filter(LeooAuthentication::LOGIN_REDIRECT, function ($redirectUrl) { return $redirectUrl ?? site_url(); }); }); } add_filter(LeooAuthentication::SESSION, function (array $session) use ($vyv_consumer) { $session['vyv'] = $vyv_consumer; return $session; }); add_action(LeooAuthentication::POST_LOGIN, function (PostLogin $postLogin) use ($vyv_consumer, $resource_owner, $current_app, $stream): void { /** @var Customer $customer */ $customer = $postLogin->getUser(); $roles = []; /** @var User $syliusUser */ $syliusUser = $customer->getUser(); $userRoles = $syliusUser->getRoles(); fwrite($stream, 'userRoles : ' . json_encode($userRoles) . PHP_EOL); foreach ($userRoles as $role) { if (\in_array($role, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []) === true) { $roles[] = $role; } if (preg_match('#^ROLE_#', $role)) { $roles[] = $role; } } fwrite($stream, 'roles : ' . json_encode($roles) . PHP_EOL); $user = get_user_by('login', $resource_owner['sub']) ?: get_user_by('email', $resource_owner['email']); $user->first_name = $resource_owner['given_name']; $user->last_name = $resource_owner['family_name']; $user->user_pass = $resource_owner['sub']; $user->user_nicename = $resource_owner['sub']; $user->remove_all_caps(); array_map([$user, 'add_cap'], $roles); wp_update_user($user); fwrite($stream, 'roles before merge : ' . json_encode($roles) . PHP_EOL); $roles = array_merge($roles, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []); $group = null; fwrite($stream, 'roles after merge : ' . json_encode($roles) . PHP_EOL); try { if (!empty($vyv_consumer['company'])) { $response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse(); $group = $response->getIri(); fwrite($stream, 'group only if not empty viv_consumer company : ' . $group . PHP_EOL); } } catch (\Throwable $e) { } $gender = mb_strtolower($vyv_consumer['gender'] ?? $customer->getGender() ?? 'm'); if (!\in_array($gender, ['f', 'm', 'u'])) { $gender = 'm'; } $customer->setEmail($vyv_consumer['email']) ->setFirstName($vyv_consumer['given_name']) ->setLastName($vyv_consumer['family_name']) ->setGender($gender) ->setBirthday(!empty($vyv_consumer['birthdate']) ? new \DateTime($vyv_consumer['birthdate']) : $customer->getBirthday()) ->setResources([ 'company' => $vyv_consumer['company'] ?? null, 'sub' => $vyv_consumer['sub'] ?? null, 'adherent_id' => $vyv_consumer['adherent_id'] ?? null, 'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null, 'vyv' => $vyv_consumer, ]) ->setEmailCanonical($vyv_consumer['sub']) ->setGroup($group); fwrite($stream, 'resources : ' . json_encode([ 'company' => $vyv_consumer['company'] ?? null, 'sub' => $vyv_consumer['sub'] ?? null, 'adherent_id' => $vyv_consumer['adherent_id'] ?? null, 'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null, 'vyv' => $vyv_consumer, ]) . PHP_EOL); LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer); $syliusUser->setRoles($roles); fwrite($stream, 'sylius user update roles : ' . json_encode($roles) . PHP_EOL); fwrite($stream, '======================' . PHP_EOL); LeooCore::instance()->getSyliusClient()->getShopClient()->user()->update($syliusUser); unset($_SESSION['site_context']); /* To reset token after change email canonical */ LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $vyv_consumer['sub'], true); }); $_SESSION['consumer'] = $vyv_consumer; if ($user instanceof \WP_User) { wp_update_user($user); } wp_signon(['user_login' => $username, 'user_password' => $username], true); wp_redirect(apply_filters(LeooAuthentication::LOGIN_REDIRECT, $redirect_url)); exit; } catch (\Throwable $e) { FlashMessage::add($e->getMessage(), FlashMessage::ERROR); } } elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'generateDynmicUrl') !== false) { throw new \RuntimeException('Not supported.'); } elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'mooauth') !== false) { throw new \RuntimeException('Not supported.'); } }
Editor is loading...
Leave a Comment