loviuz/openstamanager
loviuz/openstamanager
1
0
Fork 0
mirror of https://github.com/devcode-it/openstamanager.git synced 2025-03-11 16:50:09 +01:00
Code Issues Releases Activity

Miglioramento supporto OAuth2

Browse Source 
Correzione per funzionamento con sistemi Microsoft.
This commit is contained in:
Dasc3er 2021-08-30 16:01:25 +02:00
parent ceb86b13bc
commit 8108b70b6f
11 changed files with 173 additions and 60 deletions

4
modules/emails/src/Account.php

@ -34,6 +34,10 @@ class Account extends Model
protected $table = 'em_accounts'; protected $table = 'em_accounts';
protected $casts = [
'oauth2_config' => 'array',
];
/** @var OAuth2 */ /** @var OAuth2 */
protected $gestoreOAuth2; protected $gestoreOAuth2;

43
modules/emails/src/OAuth2.php

@ -4,32 +4,21 @@ namespace Modules\Emails;
use InvalidArgumentException; use InvalidArgumentException;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException; use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Provider\Google;
use League\OAuth2\Client\Token\AccessToken; use League\OAuth2\Client\Token\AccessToken;
use TheNetworg\OAuth2\Client\Provider\Azure; use Modules\Emails\OAuth2\Google;
use Modules\Emails\OAuth2\Microsoft;
class OAuth2 class OAuth2
{ {
public static $providers = [ public static $providers = [
'microsoft' => [ 'microsoft' => [
'name' => 'Microsoft', 'name' => 'Microsoft',
'class' => Azure::class, 'class' => Microsoft::class,
'options' => [
'scope' => [
'offline_access',
'https://graph.microsoft.com/SMTP.Send',
//'https://outlook.office.com/IMAP.AccessAsUser.All'
],
],
'help' => 'https://docs.openstamanager.com/faq/configurazione-oauth2#microsoft', 'help' => 'https://docs.openstamanager.com/faq/configurazione-oauth2#microsoft',
], ],
'google' => [ 'google' => [
'name' => 'Google', 'name' => 'Google',
'class' => Google::class, 'class' => Google::class,
'options' => [
'scope' => ['https://mail.google.com/'],
'accessType' => 'offline',
],
'help' => 'https://docs.openstamanager.com/faq/configurazione-oauth2#google', 'help' => 'https://docs.openstamanager.com/faq/configurazione-oauth2#google',
], ],
]; ];
@ -41,31 +30,11 @@ class OAuth2
{ {
$this->account = $account; $this->account = $account;
$this->init(); // Inizializza il provider per l'autenticazione OAuth2.
}
/**
* Inizializza il provider per l'autenticazione OAuth2.
*/
public function init()
{
$redirect_uri = base_url().'/oauth2.php'; $redirect_uri = base_url().'/oauth2.php';
$class = $this->getProviderConfiguration()['class']; $class = $this->getProviderConfiguration()['class'];
$this->provider = new $class($this->account, $redirect_uri);
// Authorization
$this->provider = new $class([
'clientId' => $this->account->client_id,
'clientSecret' => $this->account->client_secret,
'redirectUri' => $redirect_uri,
'accessType' => 'offline',
]);
// Configurazioni specifiche per il provider di Microsoft Azure
if ($this->provider instanceof Azure) {
$this->provider->defaultEndPointVersion = Azure::ENDPOINT_VERSION_2_0;
$this->provider->tenant = 'consumers';
}
} }
public function getProvider() public function getProvider()
@ -109,7 +78,7 @@ class OAuth2
} }
$provider = $this->getProvider(); $provider = $this->getProvider();
$options = $this->getProviderConfiguration()['options']; $options = $provider->getOptions();
if (empty($code)) { if (empty($code)) {
// Fetch the authorization URL from the provider; this returns the // Fetch the authorization URL from the provider; this returns the
// urlAuthorize option and generates and applies any necessary parameters // urlAuthorize option and generates and applies any necessary parameters

34
modules/emails/src/OAuth2/Google.php Normal file

@ -0,0 +1,34 @@
<?php
namespace Modules\Emails\OAuth2;
use League\OAuth2\Client\Provider\Google as OriginalProvider;
use Modules\Emails\Account;
class Google extends OriginalProvider implements ProviderInterface
{
protected static $options = [
'scope' => ['https://mail.google.com/'],
'accessType' => 'offline',
];
public function __construct(Account $account, $redirect_uri)
{
parent::__construct([
'clientId' => $account->client_id,
'clientSecret' => $account->client_secret,
'redirectUri' => $redirect_uri,
'accessType' => 'offline',
]);
}
public function getOptions()
{
return self::$options;
}
public static function getConfigInputs()
{
return [];
}
}

56
modules/emails/src/OAuth2/Microsoft.php Normal file

@ -0,0 +1,56 @@
<?php
namespace Modules\Emails\OAuth2;
use Modules\Emails\Account;
use TheNetworg\OAuth2\Client\Provider\Azure;
class Microsoft extends Azure implements ProviderInterface
{
/**
* Impostazioni native per la connessione.
*
* Ufficialmente lo scope dovrebbe comprendere 'https://graph.microsoft.com/SMTP.Send', a causa di un quirk interno bisogna utilizzare 'https://outlook.office.com/SMTP.Send'.
*
* @source https://github.com/decomplexity/SendOauth2/blob/main/MSFT%20OAuth2%20quirks.md
*
* @var \string[][]
*/
protected static $options = [
'scope' => [
'offline_access',
'https://outlook.office.com/SMTP.Send',
//'https://outlook.office.com/IMAP.AccessAsUser.All'
],
];
public function __construct(Account $account, $redirect_uri)
{
parent::__construct([
'clientId' => $account->client_id,
'clientSecret' => $account->client_secret,
'redirectUri' => $redirect_uri,
'accessType' => 'offline',
]);
// Configurazioni specifiche per il provider di Microsoft Azure
$this->defaultEndPointVersion = parent::ENDPOINT_VERSION_2_0;
$this->tenant = $account->oauth2_config['tenant_id'];
}
public function getOptions()
{
return self::$options;
}
public static function getConfigInputs()
{
return [
'tenant_id' => [
'label' => 'Tenant ID',
'type' => 'text',
'required' => true,
],
];
}
}

24
modules/emails/src/OAuth2/ProviderInterface.php Normal file

@ -0,0 +1,24 @@
<?php
namespace Modules\Emails\OAuth2;
use Modules\Emails\Account;
interface ProviderInterface
{
public function __construct(Account $account, $redirect_uri);
/**
* Restituisce l'array di configurazione per la connessione remota al servizio del provider.
*
* @return array
*/
public function getOptions();
/**
* Restituisce un insieme di campi aggiuntivi richiesti per la configurazione del provider.
*
* @return array
*/
public static function getConfigInputs();
}

12
modules/partitario/src/Import/CSV.php

@ -19,7 +19,6 @@
namespace Modules\Partitario\Import; namespace Modules\Partitario\Import;
use Carbon\Carbon;
use Importer\CSVImporter; use Importer\CSVImporter;
/** /**
@ -67,10 +66,10 @@ class CSV extends CSVImporter
$codice_conto3 = $numero[1]; $codice_conto3 = $numero[1];
//Estraggo il conto1 //Estraggo il conto1
$idpianodeiconti1 = $database->fetchOne("SELECT id FROM co_pianodeiconti1 WHERE LOWER(descrizione)=LOWER(".prepare($record['idpianodeiconti1']).")")['id']; $idpianodeiconti1 = $database->fetchOne('SELECT id FROM co_pianodeiconti1 WHERE LOWER(descrizione)=LOWER('.prepare($record['idpianodeiconti1']).')')['id'];
//Estraggo il conto, //Estraggo il conto,
$idpianodeiconti2 = $database->fetchOne("SELECT id FROM co_pianodeiconti2 WHERE numero=".prepare($codice_conto2))['id']; $idpianodeiconti2 = $database->fetchOne('SELECT id FROM co_pianodeiconti2 WHERE numero='.prepare($codice_conto2))['id'];
if (empty($idpianodeiconti2) && empty($codice_conto3)) { if (empty($idpianodeiconti2) && empty($codice_conto3)) {
$database->insert('co_pianodeiconti2', [ $database->insert('co_pianodeiconti2', [
@ -80,8 +79,7 @@ class CSV extends CSVImporter
'dir' => $record['dir'], 'dir' => $record['dir'],
]); ]);
} elseif (!empty($idpianodeiconti2) && !empty($codice_conto3)) { } elseif (!empty($idpianodeiconti2) && !empty($codice_conto3)) {
$idpianodeiconti3 = $database->fetchOne('SELECT id FROM co_pianodeiconti3 WHERE numero='.prepare($codice_conto3).' AND idpianodeiconti2='.prepare($idpianodeiconti2))['id'];
$idpianodeiconti3 = $database->fetchOne("SELECT id FROM co_pianodeiconti3 WHERE numero=".prepare($codice_conto3)." AND idpianodeiconti2=".prepare($idpianodeiconti2))['id'];
if (empty($idpianodeiconti3)) { if (empty($idpianodeiconti3)) {
$database->insert('co_pianodeiconti3', [ $database->insert('co_pianodeiconti3', [
@ -91,7 +89,6 @@ class CSV extends CSVImporter
'dir' => $record['dir'], 'dir' => $record['dir'],
]); ]);
} }
} }
} }
@ -103,7 +100,4 @@ class CSV extends CSVImporter
['Patrimoniale', '110.000010', 'Riepilogativo clienti', ''], ['Patrimoniale', '110.000010', 'Riepilogativo clienti', ''],
]; ];
} }
} }

4
modules/smtp/actions.php

@ -55,9 +55,12 @@ switch (filter('op')) {
'timeout' => post('timeout'), 'timeout' => post('timeout'),
'ssl_no_verify' => post('ssl_no_verify'), 'ssl_no_verify' => post('ssl_no_verify'),
'predefined' => $predefined, 'predefined' => $predefined,
// OAuth2
'provider' => post('provider'), 'provider' => post('provider'),
'client_id' => post('client_id'), 'client_id' => post('client_id'),
'client_secret' => post('client_secret'), 'client_secret' => post('client_secret'),
'oauth2_config' => json_encode(post('config')),
], ['id' => $id_record]); ], ['id' => $id_record]);
flash()->info(tr('Informazioni salvate correttamente!')); flash()->info(tr('Informazioni salvate correttamente!'));
@ -70,6 +73,7 @@ switch (filter('op')) {
'client_secret' => null, 'client_secret' => null,
'access_token' => null, 'access_token' => null,
'refresh_token' => null, 'refresh_token' => null,
'oauth2_config' => null,
], ['id' => $id_record]); ], ['id' => $id_record]);
} }

28
modules/smtp/edit.php

@ -142,6 +142,8 @@ echo '
<div class="col-md-6"> <div class="col-md-6">
{[ "type": "text", "label": "'.tr('Client Secret').'", "name": "client_secret", "value": "$client_secret$", "disabled": "'.intval(empty($account->provider)).'" ]} {[ "type": "text", "label": "'.tr('Client Secret').'", "name": "client_secret", "value": "$client_secret$", "disabled": "'.intval(empty($account->provider)).'" ]}
</div> </div>
<div id="config-provider"></div>
</div> </div>
<div class="alert alert-info"> <div class="alert alert-info">
@ -149,14 +151,34 @@ echo '
</div> </div>
</div> </div>
</div> </div>
</form> </form>';
// Inizializzazione dei form per campi personalizzati
foreach ($providers as $key => $provider) {
echo '
<div class="hidden" id="provider-'.$key.'">';
$config = $provider['class']::getConfigInputs();
foreach ($config as $name => $field) {
$field['name'] = 'config['.$name.']';
$field['value'] = $account->oauth2_config[$name];
echo '
<div class="col-md-6">'.input($field).'</div>';
}
echo '
</div>';
}
echo '
<script> <script>
var abilita_oauth2 = input("abilita_oauth2"); var abilita_oauth2 = input("abilita_oauth2");
var provider = input("provider"); var provider = input("provider");
var client_id = input("client_id"); var client_id = input("client_id");
var client_secret = input("client_secret"); var client_secret = input("client_secret");
var guida = $("#guida-configurazione"); var guida = $("#guida-configurazione");
var config = $("#config-provider");
abilita_oauth2.change(function() { abilita_oauth2.change(function() {
const disable = !abilita_oauth2.get(); const disable = !abilita_oauth2.get();
@ -175,6 +197,10 @@ provider.change(function() {
} else { } else {
guida.addClass("hidden"); guida.addClass("hidden");
} }
// Impostazione dei dati aggiuntivi da configurare
config.html("")
aggiungiContenuto(config, "#provider-" + data.id);
}) })
$(document).ready(function() { $(document).ready(function() {

1
update/2_4_25.php

@ -9,7 +9,6 @@ WHERE `id_componente_vecchio` IS NOT NULL');
foreach ($componenti_interessati as $componente) { foreach ($componenti_interessati as $componente) {
$note = ''; $note = '';
// Lettura da impostazioni INI // Lettura da impostazioni INI
$array = Ini::read($componente['contenuto']); $array = Ini::read($componente['contenuto']);
foreach ($array as $nome => $c) { foreach ($array as $nome => $c) {

3
update/2_4_25.sql

@ -63,3 +63,6 @@ ALTER TABLE `my_componenti` ADD FOREIGN KEY (`id_intervento`) REFERENCES `in_int
INSERT INTO `zz_views` (`id`, `id_module`, `name`, `query`, `order`, `search`, `slow`, `format`, `search_inside`, `order_by`, `visible`, `summable`, `default`) VALUES INSERT INTO `zz_views` (`id`, `id_module`, `name`, `query`, `order`, `search`, `slow`, `format`, `search_inside`, `order_by`, `visible`, `summable`, `default`) VALUES
(NULL, (SELECT `id` FROM `zz_modules` WHERE name = 'Anagrafiche'), 'Referenti', '(SELECT GROUP_CONCAT(nome SEPARATOR '', '') FROM an_referenti WHERE an_referenti .idanagrafica = an_anagrafiche.idanagrafica)', 11, 0, 0, 0, '', '', 1, 0, 1), (NULL, (SELECT `id` FROM `zz_modules` WHERE name = 'Anagrafiche'), 'Referenti', '(SELECT GROUP_CONCAT(nome SEPARATOR '', '') FROM an_referenti WHERE an_referenti .idanagrafica = an_anagrafiche.idanagrafica)', 11, 0, 0, 0, '', '', 1, 0, 1),
(NULL, (SELECT `id` FROM `zz_modules` WHERE name = 'Anagrafiche'), 'Sedi', '(SELECT GROUP_CONCAT(nomesede SEPARATOR '', '') FROM an_sedi WHERE an_sedi.idanagrafica = an_anagrafiche.idanagrafica)', 10, 0, 0, 0, '', '', 1, 0, 1); (NULL, (SELECT `id` FROM `zz_modules` WHERE name = 'Anagrafiche'), 'Sedi', '(SELECT GROUP_CONCAT(nomesede SEPARATOR '', '') FROM an_sedi WHERE an_sedi.idanagrafica = an_anagrafiche.idanagrafica)', 10, 0, 0, 0, '', '', 1, 0, 1);
-- Miglioramento supporto autenticazione OAuth 2
ALTER TABLE `em_accounts` ADD `oauth2_config` TEXT;