RVRNEXT-27 add logic for google connect/disconnect
This commit is contained in:
parent
3f7817fd1f
commit
73c7d8434e
@ -37,6 +37,130 @@ class UserController implements IAuthenticationRequired
|
|||||||
return new HtmlContent('account/account', ['user' => $user->toArray()]);
|
return new HtmlContent('account/account', ['user' => $user->toArray()]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getGoogleConnectRedirect(): IRedirect
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var User $user
|
||||||
|
*/
|
||||||
|
$user = \Container::$request->user();
|
||||||
|
|
||||||
|
$state = bin2hex(random_bytes(16));
|
||||||
|
$nonce = bin2hex(random_bytes(16));
|
||||||
|
|
||||||
|
\Container::$request->session()->set('oauth_state', $state);
|
||||||
|
\Container::$request->session()->set('oauth_nonce', $nonce);
|
||||||
|
|
||||||
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
|
|
||||||
|
$url = $oAuth->getDialogUrl(
|
||||||
|
$state,
|
||||||
|
\Container::$request->getBase() . \Container::$routeCollection->getRoute('account.googleConnect-confirm')->generateLink(),
|
||||||
|
$nonce,
|
||||||
|
$user->getEmail()
|
||||||
|
);
|
||||||
|
|
||||||
|
return new Redirect($url, IRedirect::TEMPORARY);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getGoogleConnectConfirm(): IContent
|
||||||
|
{
|
||||||
|
$defaultError = 'Authentication with Google failed. Please <a href="' . \Container::$routeCollection->getRoute('account.googleConnect')->generateLink() . '" title="Connect with Google">try again</a>!';
|
||||||
|
|
||||||
|
if (\Container::$request->query('state') !== \Container::$request->session()->get('oauth_state')) {
|
||||||
|
return new HtmlContent('account/google_connect', ['success' => false, 'error' => $defaultError]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
|
$tokenData = $oAuth->getToken(
|
||||||
|
\Container::$request->query('code'),
|
||||||
|
\Container::$request->getBase() . \Container::$routeCollection->getRoute('account.googleConnect-confirm')->generateLink()
|
||||||
|
);
|
||||||
|
if (!isset($tokenData['id_token'])) {
|
||||||
|
return new HtmlContent('account/google_connect', ['success' => false, 'error' => $defaultError]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$jwtParser = new JwtParser($tokenData['id_token']);
|
||||||
|
$idToken = $jwtParser->getPayload();
|
||||||
|
if ($idToken['nonce'] !== \Container::$request->session()->get('oauth_nonce')) {
|
||||||
|
return new HtmlContent('account/google_connect', ['success' => false, 'error' => $defaultError]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$anotherUser = $this->userRepository->getByGoogleSub($idToken['sub']);
|
||||||
|
if ($anotherUser !== null) {
|
||||||
|
return new HtmlContent('account/google_connect', [
|
||||||
|
'success' => false,
|
||||||
|
'error' => 'This Google account is linked to another account.'
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
\Container::$request->session()->set('google_user_data', $idToken);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var User $user
|
||||||
|
*/
|
||||||
|
$user = \Container::$request->user();
|
||||||
|
|
||||||
|
return new HtmlContent('account/google_connect', [
|
||||||
|
'success' => true,
|
||||||
|
'googleAccount' => $idToken['email'],
|
||||||
|
'userEmail' => $user->getEmail()
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function connectGoogle(): IContent
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var User $user
|
||||||
|
*/
|
||||||
|
$user = \Container::$request->user();
|
||||||
|
if (!$user->checkPassword(\Container::$request->post('password'))) {
|
||||||
|
return new JsonContent([
|
||||||
|
'error' => [
|
||||||
|
'errorText' => 'The given password is wrong.'
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$googleUserData = \Container::$request->session()->get('google_user_data');
|
||||||
|
$user->setGoogleSub($googleUserData['sub']);
|
||||||
|
\Container::$persistentDataManager->saveToDb($user);
|
||||||
|
|
||||||
|
return new JsonContent(['success' => true]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getGoogleDisconnectConfirm(): IContent
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var User $user
|
||||||
|
*/
|
||||||
|
$user = \Container::$request->user();
|
||||||
|
|
||||||
|
return new HtmlContent('account/google_disconnect', [
|
||||||
|
'success' => true,
|
||||||
|
'userEmail' => $user->getEmail()
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function disconnectGoogle(): IContent
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var User $user
|
||||||
|
*/
|
||||||
|
$user = \Container::$request->user();
|
||||||
|
if (!$user->checkPassword(\Container::$request->post('password'))) {
|
||||||
|
return new JsonContent([
|
||||||
|
'error' => [
|
||||||
|
'errorText' => 'The given password is wrong.'
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$user->setGoogleSub(null);
|
||||||
|
\Container::$persistentDataManager->saveToDb($user);
|
||||||
|
|
||||||
|
return new JsonContent(['success' => true]);
|
||||||
|
}
|
||||||
|
|
||||||
public function getGoogleAuthenticateRedirect(): IRedirect
|
public function getGoogleAuthenticateRedirect(): IRedirect
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user