Untitled
unknown
plain_text
10 months ago
17 kB
9
Indexable
if (isset($_REQUEST['code'], $_REQUEST['state'])) {
if (!isset($_SESSION) || session_id() === '') {
session_start();
}
if (!isset($_GET['code'])) {
throw new \Exception($_GET['error_description'] ?? $_GET['error'] ?? 'Invalid response');
}
try {
$current_app_name = '';
if (!empty($_SESSION['appname'])) {
$current_app_name = $_SESSION['appname'];
} elseif (!empty($_GET['state'])) {
$current_app_name = base64_decode($_GET['state']);
}
if (empty($current_app_name)) {
throw new \Exception('No request found for this application.');
}
$apps_list = get_option('mo_oauth_apps_list');
$email_attr = '';
$current_app = null;
foreach ($apps_list as $key => $app) {
if ($key === $current_app_name) {
$current_app = $app;
$email_attr = $app['email_attr'] ?? $email_attr;
break;
}
}
if ($current_app === null) {
throw new \Exception('Application not configured.');
}
$mo_oauth_handler = new \Mo_OAuth_Hanlder();
$accessTokenUrl = $current_app['accesstokenurl'];
$uri = parse_url(home_url($_SERVER['REQUEST_URI']));
parse_str($uri['query'], $queries);
unset($queries['state'], $queries['session_state'], $queries['code']);
$redirect_url = get_permalink();
switch (get_page_template_slug()) {
case 'leoo-core/page-product.php':
$redirect_url .= $_GET['product'] . '/';
break;
case 'leoo-core/page-taxon.php':
$redirect_url .= $_GET['taxon'] . '/';
break;
}
$redirect_url = add_query_arg($queries, $redirect_url);
$access_token = $mo_oauth_handler->getAccessToken(
$accessTokenUrl,
'authorization_code',
$current_app['clientid'],
$current_app['clientsecret'],
$_GET['code'],
$redirect_url
);
if (!$access_token) {
throw new \Exception('Invalid token received.');
}
$resource_owner_details_url = $current_app['resourceownerdetailsurl'];
if (substr($resource_owner_details_url, -1) === '=') {
$resource_owner_details_url .= $access_token;
}
$resource_owner = $mo_oauth_handler->getResourceOwner($resource_owner_details_url, $access_token);
// TEST Configuration
if (isset($_COOKIE['mo_oauth_test']) && $_COOKIE['mo_oauth_test']) {
echo '<style>table{border-collapse: collapse;}table, td, th {border: 1px solid black;padding:4px}</style>';
echo '<h2>Test Configuration</h2><table><tr><th>Attribute Name</th><th>Attribute Value</th></tr>';
testattrmappingconfig('', $resource_owner);
echo '</table>';
exit;
}
$username = $resource_owner['sub'];
$user = get_user_by('login', $username);
$vyv_consumer = (new Parser(new JoseEncoder()))->parse($access_token)->claims()->all();
$stream = fopen('/var/www/club/web/app/logs/oauth-' . date('Y-m-d') . '.log', 'a+');
fwrite($stream, '======================' . PHP_EOL);
fwrite($stream, 'Time: ' . date('h:i:sa') . PHP_EOL);
fwrite($stream, 'Vyv consumer : ' . json_encode($vyv_consumer) . PHP_EOL);
/** @var CustomerGroupCollection $companies */
$companies = get_client_shop()->customerGroup()->getAll(['itemsPerPage' => PHP_INT_MAX])->getResponse();
$grantedCompanies = [];
/** @var CustomerGroup $company */
foreach ($companies->getItems() as $company) {
$grantedCompanies[] = $company->getCode();
}
fwrite($stream, 'Granted companies : ' . json_encode($grantedCompanies) . PHP_EOL);
if (!empty($vyv_consumer['company']) && !\in_array(mb_strtolower($vyv_consumer['company']), $grantedCompanies)) {
throw new \Exception(__('Your company is not eligible to come here.', 'leoo-vyv'));
}
if ($user === false) {
fwrite($stream, 'user false' . PHP_EOL);
add_action(LeooAuthentication::PRE_LOGIN, function (PreLogin $preLogin) use ($resource_owner, $vyv_consumer, $stream): void {
try {
$exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword()) !== null;
fwrite($stream, 'exists : ' . $exists . PHP_EOL);
} catch (ClientException $exception) {
$exists = false;
fwrite($stream, 'clientException : ' . $exception->getMessage() . PHP_EOL);
}
if ($exists === false && !empty($resource_owner['email'])) {
$user = get_user_by('email', $resource_owner['email']);
if ($user instanceof \WP_User) {
$username = $preLogin->getUsername();
$preLogin = new PreLogin($user->user_nicename, $user->user_nicename);
$exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword());
if ($exists) {
$customer = LeooCore::instance()->getAuthentication()->getMe($exists);
$customer->setResources([
'company' => $vyv_consumer['company'] ?? null,
'sub' => $vyv_consumer['sub'] ?? null,
'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
'vyv' => $vyv_consumer,
])
->setEmailCanonical($vyv_consumer['sub']);
LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);
/* To reset token after change email canonical */
LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $preLogin->getPassword(), true);
LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->changePassword($customer, $vyv_consumer['sub'], $preLogin->getPassword());
}
}
}
if ($exists === false) {
if (empty($resource_owner['email'])) {
FlashMessage::add(__('Email is required, please contact your mutual health insurance to add one.', 'leoo-vyv'), FlashMessage::ERROR);
return;
}
$customer = (new Customer())
->setUsername($preLogin->getUsername())
->setEmail($resource_owner['email'])
->setFirstName($resource_owner['given_name'])
->setLastName($resource_owner['family_name'])
->setResources([
'company' => $vyv_consumer['company'] ?? null,
'sub' => $vyv_consumer['sub'] ?? null,
'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
'postal_code' => $vyv_consumer['postal_code'] ?? null,
'vyv' => $vyv_consumer,
])
->setEmailCanonical($vyv_consumer['sub'])
->setPassword($preLogin->getPassword());
LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->create($customer);
$exists = LeooCore::instance()->getAuthentication()->createCustomerAccessToken($preLogin->getUsername(), $preLogin->getPassword());
$customer = LeooCore::instance()->getAuthentication()->getMe($exists);
$group = null;
try {
if (!empty($vyv_consumer['company'])) {
$response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse();
$group = $response->getIri();
}
} catch (\Throwable $e) {
}
$customer->setResources([
'company' => $vyv_consumer['company'] ?? null,
'sub' => $vyv_consumer['sub'] ?? null,
'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
'vyv' => $vyv_consumer,
])
->setEmailCanonical($vyv_consumer['sub'])
->setGroup($group);
LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);
}
add_filter(LeooAuthentication::LOGIN_REDIRECT, function ($redirectUrl) {
return $redirectUrl ?? site_url();
});
});
}
add_filter(LeooAuthentication::SESSION, function (array $session) use ($vyv_consumer) {
$session['vyv'] = $vyv_consumer;
return $session;
});
add_action(LeooAuthentication::POST_LOGIN, function (PostLogin $postLogin) use ($vyv_consumer, $resource_owner, $current_app, $stream): void {
/** @var Customer $customer */
$customer = $postLogin->getUser();
$roles = [];
/** @var User $syliusUser */
$syliusUser = $customer->getUser();
$userRoles = $syliusUser->getRoles();
fwrite($stream, 'userRoles : ' . json_encode($userRoles) . PHP_EOL);
foreach ($userRoles as $role) {
if (\in_array($role, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []) === true) {
$roles[] = $role;
}
if (preg_match('#^ROLE_#', $role)) {
$roles[] = $role;
}
}
fwrite($stream, 'roles : ' . json_encode($roles) . PHP_EOL);
$user = get_user_by('login', $resource_owner['sub']) ?: get_user_by('email', $resource_owner['email']);
$user->first_name = $resource_owner['given_name'];
$user->last_name = $resource_owner['family_name'];
$user->user_pass = $resource_owner['sub'];
$user->user_nicename = $resource_owner['sub'];
$user->remove_all_caps();
array_map([$user, 'add_cap'], $roles);
wp_update_user($user);
fwrite($stream, 'roles before merge : ' . json_encode($roles) . PHP_EOL);
$roles = array_merge($roles, $vyv_consumer['resource_access'][$current_app['clientid']]['roles'] ?? []);
$group = null;
fwrite($stream, 'roles after merge : ' . json_encode($roles) . PHP_EOL);
try {
if (!empty($vyv_consumer['company'])) {
$response = LeooCore::instance()->getSyliusClient()->getShopClient()->customerGroup()->get((new CustomerGroup())->setCode($vyv_consumer['company']))->getResponse();
$group = $response->getIri();
fwrite($stream, 'group only if not empty viv_consumer company : ' . $group . PHP_EOL);
}
} catch (\Throwable $e) {
}
$gender = mb_strtolower($vyv_consumer['gender'] ?? $customer->getGender() ?? 'm');
if (!\in_array($gender, ['f', 'm', 'u'])) {
$gender = 'm';
}
$customer->setEmail($vyv_consumer['email'])
->setFirstName($vyv_consumer['given_name'])
->setLastName($vyv_consumer['family_name'])
->setGender($gender)
->setBirthday(!empty($vyv_consumer['birthdate']) ? new \DateTime($vyv_consumer['birthdate']) : $customer->getBirthday())
->setResources([
'company' => $vyv_consumer['company'] ?? null,
'sub' => $vyv_consumer['sub'] ?? null,
'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
'vyv' => $vyv_consumer,
])
->setEmailCanonical($vyv_consumer['sub'])
->setGroup($group);
fwrite($stream, 'resources : ' . json_encode([
'company' => $vyv_consumer['company'] ?? null,
'sub' => $vyv_consumer['sub'] ?? null,
'adherent_id' => $vyv_consumer['adherent_id'] ?? null,
'postal_code' => $vyv_consumer['postal_code'] ?? $customer->getResources()['postal_code'] ?? null,
'vyv' => $vyv_consumer,
]) . PHP_EOL);
LeooCore::instance()->getSyliusClient()->getShopClient()->customer()->update($customer);
$syliusUser->setRoles($roles);
fwrite($stream, 'sylius user update roles : ' . json_encode($roles) . PHP_EOL);
fwrite($stream, '======================' . PHP_EOL);
LeooCore::instance()->getSyliusClient()->getShopClient()->user()->update($syliusUser);
unset($_SESSION['site_context']);
/* To reset token after change email canonical */
LeooCore::instance()->getAuthentication()->createCustomerAccessToken($vyv_consumer['sub'], $vyv_consumer['sub'], true);
});
$_SESSION['consumer'] = $vyv_consumer;
if ($user instanceof \WP_User) {
wp_update_user($user);
}
wp_signon(['user_login' => $username, 'user_password' => $username], true);
wp_redirect(apply_filters(LeooAuthentication::LOGIN_REDIRECT, $redirect_url));
exit;
} catch (\Throwable $e) {
FlashMessage::add($e->getMessage(), FlashMessage::ERROR);
}
} elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'generateDynmicUrl') !== false) {
throw new \RuntimeException('Not supported.');
} elseif (isset($_REQUEST['option']) && strpos($_REQUEST['option'], 'mooauth') !== false) {
throw new \RuntimeException('Not supported.');
}
}Editor is loading...
Leave a Comment