|
<?php |
|
|
|
namespace Kanboard\Controller; |
|
|
|
use Kanboard\Core\Security\OAuthAuthenticationProviderInterface; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class OAuthController extends BaseController |
|
{ |
|
|
|
|
|
|
|
|
|
|
|
|
|
protected function step1($provider) |
|
{ |
|
$code = $this->request->getStringParam('code'); |
|
$state = $this->request->getStringParam('state'); |
|
|
|
if (! empty($code)) { |
|
$this->step2($provider, $code, $state); |
|
} else { |
|
$this->response->redirect($this->authenticationManager->getProvider($provider)->getService()->getAuthorizationUrl()); |
|
} |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
protected function step2($providerName, $code, $state) |
|
{ |
|
$provider = $this->authenticationManager->getProvider($providerName); |
|
$provider->setCode($code); |
|
$hasValidState = $provider->getService()->isValidateState($state); |
|
|
|
if ($this->userSession->isLogged()) { |
|
if ($hasValidState) { |
|
$this->link($provider); |
|
} else { |
|
$this->flash->failure(t('The OAuth2 state parameter is invalid')); |
|
$this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId()))); |
|
} |
|
} else { |
|
if ($hasValidState) { |
|
$this->authenticate($providerName); |
|
} else { |
|
$this->authenticationFailure(t('The OAuth2 state parameter is invalid')); |
|
} |
|
} |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
protected function link(OAuthAuthenticationProviderInterface $provider) |
|
{ |
|
if (! $provider->authenticate()) { |
|
$this->flash->failure(t('External authentication failed')); |
|
} else { |
|
$this->userProfile->assign($this->userSession->getId(), $provider->getUser()); |
|
$this->flash->success(t('Your external account is linked to your profile successfully.')); |
|
} |
|
|
|
$this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId()))); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
public function unlink() |
|
{ |
|
$backend = $this->request->getStringParam('backend'); |
|
$this->checkCSRFParam(); |
|
|
|
if ($this->authenticationManager->getProvider($backend)->unlink($this->userSession->getId())) { |
|
$this->flash->success(t('Your external account is not linked anymore to your profile.')); |
|
} else { |
|
$this->flash->failure(t('Unable to unlink your external account.')); |
|
} |
|
|
|
$this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId()))); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
protected function authenticate($providerName) |
|
{ |
|
if ($this->authenticationManager->oauthAuthentication($providerName)) { |
|
$this->redirectAfterLogin(); |
|
} else { |
|
$this->authenticationFailure(t('External authentication failed')); |
|
} |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
protected function authenticationFailure($message) |
|
{ |
|
$this->response->html($this->helper->layout->app('auth/index', array( |
|
'errors' => array('login' => $message), |
|
'values' => array(), |
|
'no_layout' => true, |
|
'title' => t('Login') |
|
))); |
|
} |
|
} |
|
|