Untitled

 avatar
unknown
plain_text
2 months ago
17 kB
3
Indexable
 if (isset($_REQUEST['code'], $_REQUEST['state'])) {
            if (!isset($_SESSION) || session_id() === '') {
                session_start();
            }

            if (!isset($_GET['code'])) {
                throw new \Exception($_GET['error_description'] ?? $_GET['error'] ?? 'Invalid response');
            }

            try {
                $current_app_name = '';

                if (!empty($_SESSION['appname'])) {
                    $current_app_name = $_SESSION['appname'];
                } elseif (!empty($_GET['state'])) {
                    $current_app_name = base64_decode($_GET['state']);
                }

                if (empty($current_app_name)) {
                    throw new \Exception('No request found for this application.');
                }

                $apps_list = get_option('mo_oauth_apps_list');
                $email_attr = '';
                $current_app = null;

                foreach ($apps_list as $key => $app) {
                    if ($key === $current_app_name) {
                        $current_app = $app;
                        $email_attr = $app['email_attr'] ?? $email_attr;

                        break;
                    }
                }

                if ($current_app === null) {
                    throw new \Exception('Application not configured.');
                }

                $mo_oauth_handler = new \Mo_OAuth_Hanlder();
                $accessTokenUrl = $current_app['accesstokenurl'];

                $uri = parse_url(home_url($_SERVER['REQUEST_URI']));
                parse_str($uri['query'], $queries);

                unset($queries['state'], $queries['session_state'], $queries['code']);
                $redirect_url = get_permalink();

                switch (get_page_template_slug()) {
                    case 'leoo-core/page-product.php':
                        $redirect_url .= $_GET['product'] . '/';

                        break;
                    case 'leoo-core/page-taxon.php':
                        $redirect_url .= $_GET['taxon'] . '/';

                        break;
                }

                $redirect_url = add_query_arg($queries, $redirect_url);

                $access_token = $mo_oauth_handler->getAccessToken(
                    $accessTokenUrl,
                    'authorization_code',
                    $current_app['clientid'],
                    $current_app['clientsecret'],
                    $_GET['code'],
                    $redirect_url
                );

                if (!$access_token) {
                    throw new \Exception('Invalid token received.');
                }

                $resource_owner_details_url = $current_app['resourceownerdetailsurl'];

                if (substr($resource_owner_details_url, -1) === '=') {
                    $resource_owner_details_url .= $access_token;
                }
                $resource_owner = $mo_oauth_handler->getResourceOwner($resource_owner_details_url, $access_token);

                // TEST Configuration
                if (isset($_COOKIE['mo_oauth_test']) && $_COOKIE['mo_oauth_test']) {
                    echo '<style>table{border-collapse: collapse;}table, td, th {border: 1px solid black;padding:4px}</style>';
                    echo '<h2>Test Configuration</h2><table><tr><th>Attribute Name</th><th>Attribute Value</th></tr>';
                    testattrmappingconfig('', $resource_owner);
                    echo '</table>';

                    exit;
                }

                $username = $resource_owner['sub'];

                $user = get_user_by('login', $username);

                $vyv_consumer = (new Parser(new JoseEncoder()))->parse($access_token)->claims()->all();

                $stream = fopen('/var/www/club/web/app/logs/oauth-' . date('Y-m-d') . '.log', 'a+');
                fwrite($stream, '======================' . PHP_EOL);
                fwrite($stream, 'Time: ' . date('h:i:sa') . PHP_EOL);
                fwrite($stream, 'Vyv consumer : ' . json_encode($vyv_consumer) . PHP_EOL);

                /** @var CustomerGroupCollection $companies */
                $companies = get_client_shop()->customerGroup()->getAll(['itemsPerPage' => PHP_INT_MAX])->getResponse();

                $grantedCompanies = [];

                /** @var CustomerGroup $company */
                foreach ($companies->getItems() as $company) {
                    $grantedCompanies[] = $company->getCode();
                }

                fwrite($stream, 'Granted companies : ' . json_encode($grantedCompanies) . PHP_EOL);

                if (!empty($vyv_consumer['company']) && !\in_array(mb_strtolower($vyv_consumer['company']), $grantedCompanies)) {
                    throw new \Exception(__('Your company is not eligible to come here.', 'leoo-vyv'));
                }

                if ($user === false) {
                    fwrite($stream, 'user false' . PHP_EOL);
                    add_action(LeooAuthentication::PRE_LOGIN, function (PreLogin $preLogin) use ($resource_owner, $vyv_consumer, $stream): void {
                        try {
                            $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword()) !== null;

                            fwrite($stream, 'exists : ' . $exists . PHP_EOL);
                        } catch (ClientException $exception) {
                            $exists = false;

                            fwrite($stream, 'clientException : ' . $exception->getMessage() . PHP_EOL);
                        }

                        if ($exists === false && !empty($resource_owner['email'])) {
                            $user = get_user_by('email', $resource_owner['email']);

                            if ($user instanceof \WP_User) {
                                $username = $preLogin->getUsername();
                                $preLogin = new PreLogin($user->user_nicename, $user->user_nicename);
                                $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword());

                                if ($exists) {
                                    $customer = LeooCore::instance()->getAuthentication()->getMe($exists);

                                    $customer->setResources([
                                        'company' => $vyv_consumer['company'] ?? null,
                                        'sub' => $vyv_consumer['sub'] ?? null,
                                        'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
                                        'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
                                        'vyv' => $vyv_consumer,
                                    ])
                                        ->setEmailCanonical($vyv_consumer['sub']);

                                    LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);
                                    /* To reset token after change email canonical */
                                    LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $preLogin->getPassword(), true);

                                    LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->changePassword($customer, $vyv_consumer['sub'], $preLogin->getPassword());
                                }
                            }
                        }

                        if ($exists === false) {
                            if (empty($resource_owner['email'])) {
                                FlashMessage::add(__('Email is required, please contact your mutual health insurance to add one.', 'leoo-vyv'), FlashMessage::ERROR);

                                return;
                            }

                            $customer = (new Customer())
                                ->setUsername($preLogin->getUsername())
                                ->setEmail($resource_owner['email'])
                                ->setFirstName($resource_owner['given_name'])
                                ->setLastName($resource_owner['family_name'])
                                ->setResources([
                                    'company' => $vyv_consumer['company'] ?? null,
                                    'sub' => $vyv_consumer['sub'] ?? null,
                                    'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
                                    'postal_code' => $vyv_consumer['postal_code'] ?? null,
                                    'vyv' => $vyv_consumer,
                                ])
                                ->setEmailCanonical($vyv_consumer['sub'])
                                ->setPassword($preLogin->getPassword());

                            LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->create($customer);

                            $exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword());
                            $customer = LeooCore::instance()->getAuthentication()->getMe($exists);
                            $group = null;

                            try {
                                if (!empty($vyv_consumer['company'])) {
                                    $response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse();
                                    $group = $response->getIri();
                                }
                            } catch (\Throwable $e) {
                            }

                            $customer->setResources([
                                'company' => $vyv_consumer['company'] ?? null,
                                'sub' => $vyv_consumer['sub'] ?? null,
                                'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
                                'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
                                'vyv' => $vyv_consumer,
                            ])
                                ->setEmailCanonical($vyv_consumer['sub'])
                                ->setGroup($group);

                            LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);
                        }

                        add_filter(LeooAuthentication::LOGIN_REDIRECT, function ($redirectUrl) {
                            return $redirectUrl ?? site_url();
                        });
                    });
                }

                add_filter(LeooAuthentication::SESSION, function (array $session) use ($vyv_consumer) {
                    $session['vyv'] = $vyv_consumer;

                    return $session;
                });

                add_action(LeooAuthentication::POST_LOGIN, function (PostLogin $postLogin) use ($vyv_consumer, $resource_owner, $current_app, $stream): void {
                    /** @var Customer $customer */
                    $customer = $postLogin->getUser();

                    $roles = [];
                    /** @var User $syliusUser */
                    $syliusUser = $customer->getUser();
                    $userRoles = $syliusUser->getRoles();

                    fwrite($stream, 'userRoles : ' . json_encode($userRoles) . PHP_EOL);

                    foreach ($userRoles as $role) {
                        if (\in_array($role, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []) === true) {
                            $roles[] = $role;
                        }

                        if (preg_match('#^ROLE_#', $role)) {
                            $roles[] = $role;
                        }
                    }

                    fwrite($stream, 'roles : ' . json_encode($roles) . PHP_EOL);

                    $user = get_user_by('login', $resource_owner['sub']) ?: get_user_by('email', $resource_owner['email']);
                    $user->first_name = $resource_owner['given_name'];
                    $user->last_name = $resource_owner['family_name'];
                    $user->user_pass = $resource_owner['sub'];
                    $user->user_nicename = $resource_owner['sub'];
                    $user->remove_all_caps();
                    array_map([$user, 'add_cap'], $roles);
                    wp_update_user($user);

                    fwrite($stream, 'roles before merge : ' . json_encode($roles) . PHP_EOL);

                    $roles = array_merge($roles, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []);
                    $group = null;

                    fwrite($stream, 'roles after merge : ' . json_encode($roles) . PHP_EOL);

                    try {
                        if (!empty($vyv_consumer['company'])) {
                            $response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse();
                            $group = $response->getIri();

                            fwrite($stream, 'group only if not empty viv_consumer company : ' . $group . PHP_EOL);
                        }
                    } catch (\Throwable $e) {
                    }

                    $gender = mb_strtolower($vyv_consumer['gender'] ?? $customer->getGender() ?? 'm');

                    if (!\in_array($gender, ['f', 'm', 'u'])) {
                        $gender = 'm';
                    }

                    $customer->setEmail($vyv_consumer['email'])
                        ->setFirstName($vyv_consumer['given_name'])
                        ->setLastName($vyv_consumer['family_name'])
                        ->setGender($gender)
                        ->setBirthday(!empty($vyv_consumer['birthdate']) ? new \DateTime($vyv_consumer['birthdate']) : $customer->getBirthday())
                        ->setResources([
                            'company' => $vyv_consumer['company'] ?? null,
                            'sub' => $vyv_consumer['sub'] ?? null,
                            'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
                            'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
                            'vyv' => $vyv_consumer,
                        ])
                        ->setEmailCanonical($vyv_consumer['sub'])
                        ->setGroup($group);

                    fwrite($stream, 'resources : ' . json_encode([
                        'company' => $vyv_consumer['company'] ?? null,
                        'sub' => $vyv_consumer['sub'] ?? null,
                        'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
                        'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
                        'vyv' => $vyv_consumer,
                    ]) . PHP_EOL);

                    LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);

                    $syliusUser->setRoles($roles);

                    fwrite($stream, 'sylius user update roles : ' . json_encode($roles) . PHP_EOL);
                    fwrite($stream, '======================' . PHP_EOL);

                    LeooCore::instance()->getSyliusClient()->getShopClient()->user()->update($syliusUser);

                    unset($_SESSION['site_context']);

                    /* To reset token after change email canonical */
                    LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $vyv_consumer['sub'], true);
                });

                $_SESSION['consumer'] = $vyv_consumer;

                if ($user instanceof \WP_User) {
                    wp_update_user($user);
                }

                wp_signon(['user_login' => $username, 'user_password' => $username], true);

                wp_redirect(apply_filters(LeooAuthentication::LOGIN_REDIRECT, $redirect_url));

                exit;
            } catch (\Throwable $e) {
                FlashMessage::add($e->getMessage(), FlashMessage::ERROR);
            }
        } elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'generateDynmicUrl') !== false) {
            throw new \RuntimeException('Not supported.');
        } elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'mooauth') !== false) {
            throw new \RuntimeException('Not supported.');
        }
    }
Editor is loading...
Leave a Comment