feat: added Google OAuth Support

2024-06-24 17:20:36 +12:00 · 2019-09-30 03:33:22 +05:30 · 2019-09-30 03:33:22 +05:30 · faa63aba97
parent ef3d72ff54
commit faa63aba97
6 changed files with 33 additions and 145 deletions
--- a/app/config/providers.php
+++ b/app/config/providers.php
@ -19,7 +19,7 @@ return [
    'gitlab' => [
        'developers' => 'https://docs.gitlab.com/ee/api/',
        'icon' => 'icon-gitlab',
-        'enabled' => true,
+        'enabled' => false,
    ],
    'google' => [
        'developers' => 'https://developers.google.com/',
--- a/app/controllers/auth.php
+++ b/app/controllers/auth.php
@ -716,7 +716,7 @@ $utopia->get('/v1/auth/oauth/:provider/redirect')
            }

            $oauthID = $oauth->getUserID($accessToken);
-
+           
            if (empty($oauthID)) {
                if (!empty($state['failure'])) {
                    $response->redirect($state['failure'], 301, 0);
@ -726,7 +726,7 @@ $utopia->get('/v1/auth/oauth/:provider/redirect')
            }

            $current = Auth::tokenVerify($user->getAttribute('tokens', []), Auth::TOKEN_TYPE_LOGIN, Auth::$secret);
-
+            
            if ($current) {
                $projectDB->deleteDocument($current); //throw new Exception('User already logged in', 401);
            }
@ -740,6 +740,7 @@ $utopia->get('/v1/auth/oauth/:provider/redirect')
                ],
            ]) : $user;

+
            if (empty($user)) { // No user logged in or with oauth provider ID, create new one or connect with account with same email
                $name = $oauth->getUserName($accessToken);
                $email = $oauth->getUserEmail($accessToken);
--- a/public/images/oauth/google.png
+++ b/public/images/oauth/google.png
--- a/src/Auth/OAuth.php
+++ b/src/Auth/OAuth.php
@ -94,13 +94,15 @@ abstract class OAuth
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_USERAGENT, 'Console_OAuth_Agent');
-        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

        if (!empty($payload)) {
            curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
        }

-        // Send the request & save response to $resp
+        $headers[] = "Content-length: ".strlen($payload);
+        curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+
+        // Send the request & save response to $response
        $response = curl_exec($ch);

        curl_close($ch);
--- a/src/Auth/OAuth/Gitlab.php
+++ b/src/Auth/OAuth/Gitlab.php
@ -1,121 +0,0 @@
-<?php
-
-namespace Auth\OAuth;
-
-use Auth\OAuth;
-
-class Gitlab extends OAuth
-{
-    /**
-     * @var string
-     */
-    protected $version = 'v2.8';
-
-    /**
-     * @var array
-     */
-    protected $user = [];
-
-    /**
-     * @return string
-     */
-    public function getName():string
-    {
-        return 'google';
-    }
-
-    /**
-     * @return string
-     */
-    public function getLoginURL():string
-    {
-        return 'https://www.google.com/'.$this->version.'/dialog/oauth?client_id='.urlencode($this->appID).'&redirect_uri='.urlencode($this->callback).'&scope=email&state='.urlencode(json_encode($this->state));
-    }
-
-    /**
-     * @param string $code
-     *
-     * @return string
-     */
-    public function getAccessToken(string $code):string
-    {
-        $accessToken = $this->request('GET', 'https://graph.google.com/'.$this->version.'/oauth/access_token?'.
-            'client_id='.urlencode($this->appID).
-            '&redirect_uri='.urlencode($this->callback).
-            '&client_secret='.urlencode($this->appSecret).
-            '&code='.urlencode($code)
-        );
-
-        $accessToken = json_decode($accessToken, true); //
-
-        if (isset($accessToken['access_token'])) {
-            return $accessToken['access_token'];
-        }
-
-        return '';
-    }
-
-    /**
-     * @param string $accessToken
-     *
-     * @return string
-     */
-    public function getUserID(string $accessToken):string
-    {
-        $user = $this->getUser($accessToken);
-
-        if (isset($user['id'])) {
-            return $user['id'];
-        }
-
-        return '';
-    }
-
-    /**
-     * @param string $accessToken
-     *
-     * @return string
-     */
-    public function getUserEmail(string $accessToken):string
-    {
-        $user = $this->getUser($accessToken);
-
-        if (isset($user['email'])) {
-            return $user['email'];
-        }
-
-        return '';
-    }
-
-    /**
-     * @param string $accessToken
-     *
-     * @return string
-     */
-    public function getUserName(string $accessToken):string
-    {
-        $user = $this->getUser($accessToken);
-
-        if (isset($user['name'])) {
-            return $user['name'];
-        }
-
-        return '';
-    }
-
-    /**
-     * @param string $accessToken
-     *
-     * @return array
-     */
-    protected function getUser(string $accessToken):array
-    {
-        if (empty($this->user)) {
-            $user = $this->request('GET', 'https://graph.google.com/'.$this->version.'/me?fields=email,name&access_token='.urlencode($accessToken));
-
-            $this->user = json_decode($user, true);
-        }
-
-        return $this->user;
-    }
-}
--- a/src/Auth/OAuth/Google.php
+++ b/src/Auth/OAuth/Google.php
@ -9,8 +9,7 @@ class Google extends OAuth
    /**
     * @var string
     */
-    protected $version = 'v2.8';
-
+    protected $version = 'v4';
    /**
     * @var array
     */
@ -19,7 +18,7 @@ class Google extends OAuth
    /**
     * @return string
     */
-    public function getName():string
+    public function getName(): string
    {
        return 'google';
    }
@ -27,9 +26,14 @@ class Google extends OAuth
    /**
     * @return string
     */
-    public function getLoginURL():string
+    public function getLoginURL(): string
    {
-        return 'https://www.google.com/'.$this->version.'/dialog/oauth?client_id='.urlencode($this->appID).'&redirect_uri='.urlencode($this->callback).'&scope=email&state='.urlencode(json_encode($this->state));
+        return 'https://accounts.google.com/o/oauth2/v2/auth?' .
+            'client_id=' . urlencode($this->appID) .
+            '&redirect_uri=' . urlencode($this->callback) .
+            '&scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile' .
+            '&state=' . urlencode(json_encode($this->state)) .
+            '&response_type=code';
    }

    /**
@ -37,16 +41,20 @@ class Google extends OAuth
     *
     * @return string
     */
-    public function getAccessToken(string $code):string
+    public function getAccessToken(string $code): string
    {
-        $accessToken = $this->request('GET', 'https://graph.google.com/'.$this->version.'/oauth/access_token?'.
-            'client_id='.urlencode($this->appID).
-            '&redirect_uri='.urlencode($this->callback).
-            '&client_secret='.urlencode($this->appSecret).
-            '&code='.urlencode($code)
+        $accessToken = $this->request(
+            'POST',
+            'https://www.googleapis.com/oauth2/' . $this->version . '/token?' .
+                'code=' . urlencode($code) .
+                '&client_id=' . urlencode($this->appID) .
+                '&client_secret=' . urlencode($this->appSecret) .
+                '&redirect_uri=' . urlencode($this->callback) .
+                '&scope=' .
+                '&grant_type=authorization_code'
        );

-        $accessToken = json_decode($accessToken, true); //
+        $accessToken = json_decode($accessToken, true);

        if (isset($accessToken['access_token'])) {
            return $accessToken['access_token'];
@ -60,7 +68,7 @@ class Google extends OAuth
     *
     * @return string
     */
-    public function getUserID(string $accessToken):string
+    public function getUserID(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

@ -76,7 +84,7 @@ class Google extends OAuth
     *
     * @return string
     */
-    public function getUserEmail(string $accessToken):string
+    public function getUserEmail(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

@ -92,7 +100,7 @@ class Google extends OAuth
     *
     * @return string
     */
-    public function getUserName(string $accessToken):string
+    public function getUserName(string $accessToken): string
    {
        $user = $this->getUser($accessToken);

@ -108,14 +116,12 @@ class Google extends OAuth
     *
     * @return array
     */
-    protected function getUser(string $accessToken):array
+    protected function getUser(string $accessToken): array
    {
        if (empty($this->user)) {
-            $user = $this->request('GET', 'https://graph.google.com/'.$this->version.'/me?fields=email,name&access_token='.urlencode($accessToken));
-
+            $user = $this->request('GET', 'https://www.googleapis.com/oauth2/v2/userinfo?access_token=' . urlencode($accessToken));
            $this->user = json_decode($user, true);
        }
-
        return $this->user;
    }
 }