diff --git a/app/config/providers.php b/app/config/providers.php index 205d07123..98ad93b30 100644 --- a/app/config/providers.php +++ b/app/config/providers.php @@ -121,6 +121,16 @@ return [ // Ordered by ABC. 'beta' => false, 'mock' => false, ], + 'etsy' => [ + 'name' => 'Etsy', + 'developers' => 'https://developers.etsy.com/', + 'icon' => 'icon-etsy', + 'enabled' => true, + 'sandbox' => false, + 'form' => false, + 'beta' => false, + 'mock' => false, + ], 'facebook' => [ 'name' => 'Facebook', 'developers' => 'https://developers.facebook.com/', diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index d0c9f6901..f5b1de2a7 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -74,6 +74,10 @@ App::post('/v1/teams') ]))); if (!$isPrivilegedUser && !$isAppUser) { // Don't add user on server mode + if (!\in_array('owner', $roles)) { + $roles[] = 'owner'; + } + $membershipId = ID::unique(); $membership = new Document([ '$id' => $membershipId, diff --git a/public/images/users/autodesk.png b/public/images/users/autodesk.png index c7ad94f61..2ab801606 100644 Binary files a/public/images/users/autodesk.png and b/public/images/users/autodesk.png differ diff --git a/public/images/users/etsy.png b/public/images/users/etsy.png new file mode 100644 index 000000000..ac038ec97 Binary files /dev/null and b/public/images/users/etsy.png differ diff --git a/src/Appwrite/Auth/OAuth2/Etsy.php b/src/Appwrite/Auth/OAuth2/Etsy.php new file mode 100644 index 000000000..7ff16fcb7 --- /dev/null +++ b/src/Appwrite/Auth/OAuth2/Etsy.php @@ -0,0 +1,200 @@ +pkce)) { + $this->pkce = \bin2hex(\random_bytes(rand(43, 128))); + } + + return $this->pkce; + } + + /** + * @return string + */ + public function getName(): string + { + return 'etsy'; + } + + /** + * @return string + */ + public function getLoginURL(): string + { + return 'https://www.etsy.com/oauth/connect/oauth/authorize?' . \http_build_query([ + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'response_type' => 'code', + 'state' => \json_encode($this->state), + 'scope' => $this->scopes, + 'code_challenge' => $this->getPKCE(), + 'code_challenge_method' => 'S256', + ]); + } + + /** + * @param string $code + * + * @return array + */ + protected function getTokens(string $code): array + { + if (empty($this->tokens)) { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . '/oauth/token', + $headers, + \http_build_query([ + 'grant_type' => 'authorization_code', + 'client_id' => $this->appID, + 'redirect_uri' => $this->callback, + 'code' => $code, + 'code_verifier' => $this->getPKCE(), + ]) + ), true); + } + + return $this->tokens; + } + + /** + * @param string $refreshToken + * + * @return array + */ + public function refreshTokens(string $refreshToken): array + { + $headers = ['Content-Type: application/x-www-form-urlencoded']; + + $this->tokens = \json_decode($this->request( + 'POST', + $this->endpoint . '/oauth/token', + $headers, + \http_build_query([ + 'grant_type' => 'refresh_token', + 'client_id' => $this->appID, + 'refresh_token' => $refreshToken, + ]) + ), true); + + if (empty($this->tokens['refresh_token'])) { + $this->tokens['refresh_token'] = $refreshToken; + } + + return $this->tokens; + } + + /** + * @param $accessToken + * + * @return string + */ + public function getUserID(string $accessToken): string + { + $components = explode('.', $accessToken); + + return $components[0]; + } + + /** + * @param $accessToken + * + * @return string + */ + public function getUserEmail(string $accessToken): string + { + return $this->getUser($accessToken)['primary_email']; + } + + /** + * Check if the OAuth email is verified + * + * OAuth is only allowed if account has been verified through Etsy, itself. + * + * @param string $accessToken + * + * @return bool + */ + public function isEmailVerified(string $accessToken): bool + { + $email = $this->getUserEmail($accessToken); + + return !empty($email); + } + + /** + * @param $accessToken + * + * @return string + */ + public function getUserName(string $accessToken): string + { + return $this->getUser($accessToken)['login_name']; + } + + /** + * @param string $accessToken + * + * @return array + */ + protected function getUser(string $accessToken): array + { + if (!empty($this->user)) { + return $this->user; + } + + $headers = ['Authorization: Bearer ' . $accessToken]; + + $this->user = \json_decode($this->request( + 'GET', + 'https://api.etsy.com/v3/application/users/' . $this->getUserID($accessToken), + ), true); + + return $this->user; + } +} diff --git a/tests/e2e/Services/Teams/TeamsBase.php b/tests/e2e/Services/Teams/TeamsBase.php index 2404ca324..addfcfa63 100644 --- a/tests/e2e/Services/Teams/TeamsBase.php +++ b/tests/e2e/Services/Teams/TeamsBase.php @@ -19,7 +19,8 @@ trait TeamsBase 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ 'teamId' => ID::unique(), - 'name' => 'Arsenal' + 'name' => 'Arsenal', + 'roles' => ['player'], ]); $this->assertEquals(201, $response1['headers']['status-code']); diff --git a/tests/e2e/Services/Teams/TeamsBaseClient.php b/tests/e2e/Services/Teams/TeamsBaseClient.php index e07e9fbb1..5fe5c370a 100644 --- a/tests/e2e/Services/Teams/TeamsBaseClient.php +++ b/tests/e2e/Services/Teams/TeamsBaseClient.php @@ -30,7 +30,8 @@ trait TeamsBaseClient $this->assertEquals($this->getUser()['name'], $response['body']['memberships'][0]['userName']); $this->assertEquals($this->getUser()['email'], $response['body']['memberships'][0]['userEmail']); $this->assertEquals($teamName, $response['body']['memberships'][0]['teamName']); - $this->assertEquals('owner', $response['body']['memberships'][0]['roles'][0]); + $this->assertContains('owner', $response['body']['memberships'][0]['roles']); + $this->assertContains('player', $response['body']['memberships'][0]['roles']); $membershipId = $response['body']['memberships'][0]['$id']; @@ -47,7 +48,8 @@ trait TeamsBaseClient $this->assertEquals($this->getUser()['name'], $response['body']['memberships'][0]['userName']); $this->assertEquals($this->getUser()['email'], $response['body']['memberships'][0]['userEmail']); $this->assertEquals($teamName, $response['body']['memberships'][0]['teamName']); - $this->assertEquals('owner', $response['body']['memberships'][0]['roles'][0]); + $this->assertContains('owner', $response['body']['memberships'][0]['roles']); + $this->assertContains('player', $response['body']['memberships'][0]['roles']); $response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([ 'content-type' => 'application/json', @@ -62,7 +64,8 @@ trait TeamsBaseClient $this->assertEquals($this->getUser()['name'], $response['body']['memberships'][0]['userName']); $this->assertEquals($this->getUser()['email'], $response['body']['memberships'][0]['userEmail']); $this->assertEquals($teamName, $response['body']['memberships'][0]['teamName']); - $this->assertEquals('owner', $response['body']['memberships'][0]['roles'][0]); + $this->assertContains('owner', $response['body']['memberships'][0]['roles']); + $this->assertContains('player', $response['body']['memberships'][0]['roles']); $response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([ 'content-type' => 'application/json',