Home Explore Help
Register Sign In
youhk
/
youhk_test_repository
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
youhk_test_repo...
/
app
/
Http
/
Controllers
/
Auth
/
DaborySSOController.php--

DaborySSOController.php-- 6.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 
  1. <?php
    2. 

  2. 

  3. namespace App\Http\Controllers\Auth;
    4. 

  4. 

  5. use Exception;
    6. 

  6. use App\Services\CallApiService;
    7. 

  7. use App\Http\Controllers\Api\ApiController;
    8. 

  8. 

  9. class DaborySSOController
    10. 

  10. {
    11. 

  11.     /**
    12. 

  12.      * @var CallApiService
    13. 

  13.      */
    14. 

  14.     private $callApiService;
    15. 

  15.     private $oauth2Info;
    16. 

  16.     private $target;
    17. 

  17. 

  18.     public function __construct(CallApiService $callApiService)
    19. 

  19.     {
    20. 

  20.         $this->callApiService = $callApiService;
    21. 

  21.     }
    22. 

  22. 

  23.     private function generate_string($strength = 32)
    24. 

  24.     {
    25. 

  25.         $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    26. 

  26.         $input_length = strlen($permitted_chars);
    27. 

  27.         $random_string = '';
    28. 

  28.         for ($i = 0; $i < $strength; $i++) {
    29. 

  29.             $random_character = $permitted_chars[mt_rand(0, $input_length - 1)];
    30. 

  30.             $random_string .= $random_character;
    31. 

  31.         }
    32. 

  32. 

  33.         return $random_string;
    34. 

  34.     }
    35. 

  35. 

  36.     public function redirectToProvider()
    37. 

  37.     {
    38. 

  38.         $this->oauth2Info = request('oauth2Info');
    39. 

  39.         $this->oauth2Info['ClientId'] = config('app.api.erp.ClientId');
    40. 

  40.         $this->oauth2Info['ClientSecret'] = config('app.api.erp.ClientSecret');
    41. 

  41.         $this->target = request('target');
    42. 

  42.         $host =  request()->getSchemeAndHttpHost();
    43. 

  43.         $callback_uri = $host . "/dabory/ssologin/callback?target={$this->target}";
    44. 

  44. 

  45.         session()->put('oauth2Info', $this->oauth2Info);
    46. 

  46.         session()->put('target', $this->target);
    47. 

  47. 

  48.         $state = $this->generate_string();
    49. 

  49.         $url = $this->oauth2Info['AuthorizeUri']  . '?client_id=' . $this->oauth2Info['ClientId'] . '&redirect_uri=' . $callback_uri . '&response_type=code&scope=all&state=' . $state;
    50. 

  50. 

  51.         return redirect()->away($url);
    52. 

  52.     }
    53. 

  53. 

  54. 

  55.     function getAccessToken($authorization_code)
    56. 

  56.     {
    57. 

  57.         $host =  request()->getSchemeAndHttpHost();
    58. 

  58.         $callback_uri = $host . "/dabory/ssologin/callback?target={$this->target}";
    59. 

  59.         $authorization = base64_encode("{$this->oauth2Info['ClientId']}:{$this->oauth2Info['ClientSecret']}");
    60. 

  60.         $header = array("Authorization: Basic {$authorization}", "Content-Type: application/x-www-form-urlencoded");
    61. 

  61.         $content = "grant_type=authorization_code&code=$authorization_code&redirect_uri={$callback_uri}";
    62. 

  62. 

  63.         $curl = curl_init();
    64. 

  64.         curl_setopt_array($curl, array(
    65. 

  65.             CURLOPT_URL => $this->oauth2Info['TokenUri'],
    66. 

  66.             CURLOPT_HTTPHEADER => $header,
    67. 

  67.             CURLOPT_SSL_VERIFYPEER => false,
    68. 

  68.             CURLOPT_RETURNTRANSFER => true,
    69. 

  69.             CURLOPT_POST => true,
    70. 

  70.             CURLOPT_POSTFIELDS => $content
    71. 

  71.         ));
    72. 

  72.         $response = curl_exec($curl);
    73. 

  73.         curl_close($curl);
    74. 

  74. 

  75.         if ($response === false) {
    76. 

  76.             echo "Failed";
    77. 

  77.             echo curl_error($curl);
    78. 

  78.             echo "Failed";
    79. 

  79.         }
    80. 

  80. 

  81.         return json_decode($response)->access_token;
    82. 

  82.     }
    83. 

  83. 

  84.     //	we can now use the access_token as much as we want to access protected resources
    85. 

  85.     function getResource($access_token)
    86. 

  86.     {
    87. 

  87.         $header = array("Authorization: Bearer {$access_token}");
    88. 

  88. 

  89.         $curl = curl_init();
    90. 

  90.         curl_setopt_array($curl, array(
    91. 

  91.             CURLOPT_URL => $this->oauth2Info['UserInfoUri'],
    92. 

  92.             CURLOPT_HTTPHEADER => $header,
    93. 

  93.             CURLOPT_SSL_VERIFYPEER => false,
    94. 

  94.             CURLOPT_RETURNTRANSFER => true
    95. 

  95.         ));
    96. 

  96.         $response = curl_exec($curl);
    97. 

  97.         curl_close($curl);
    98. 

  98. 

  99.         return json_decode($response, true);
    100. 

  100.     }
    101. 

  101. 

  102. 

  103.     /**
    104. 

  104.      * Handles redirecting off to the login provider
    105. 

  105.      *
    106. 

  106.      * @return array ['token' => array $token, 'profile' => \Hybridauth\User\Profile]
    107. 

  107.      */
    108. 

  108.     public function handleProviderCallback()
    109. 

  109.     {
    110. 

  110.         $code = filter_input(INPUT_GET, 'code');
    111. 

  111.         $token = $this->getAccessToken($code);
    112. 

  112.         $profile = $this->getResource($token);
    113. 

  113. 

  114.         return [
    115. 

  115.             'token' => $token,
    116. 

  116.             'profile' => $profile
    117. 

  117.         ];
    118. 

  118.     }
    119. 

  119. 

  120.     public function login()
    121. 

  121.     {
    122. 

  122.         $this->oauth2Info = session('oauth2Info');
    123. 

  123.         $this->oauth2Info['ClientId'] = config('app.api.erp.ClientId');
    124. 

  124.         $this->oauth2Info['ClientSecret'] = config('app.api.erp.ClientSecret');
    125. 

  125.         $this->target = session('target');
    126. 

  126.         session()->forget('oauth2Info');
    127. 

  127.         session()->forget('target');
    128. 

  128. 

  129.         $loginRoute = request('target') == 'member' ? 'pro.auth.member-sso-login' : 'user-login';
    130. 

  130.         if (request('target') !== $this->target) {
    131. 

  131.             return redirect()->route($loginRoute);
    132. 

  132.         }
    133. 

  133. 

  134.         try {
    135. 

  135.             $providerResponse = $this->handleProviderCallback();
    136. 

  136.             $userDetails = $providerResponse['profile'];
    137. 

  137.             if (!is_array($providerResponse))
    138. 

  138.                 return redirect()->route($loginRoute);
    139. 

  139.         } catch (Exception $e) {
    140. 

  140.             return redirect()->route($loginRoute)->with(['mgs' => $e->getMessage()]);
    141. 

  141.         }
    142. 

  142. 

  143.         if (request('target') == 'member') {
    144. 

  144.             $this->memberLogin($userDetails);
    145. 

  145.             return redirect()->to($this->oauth2Info['AfterMemberLoginUri']);
    146. 

  146.         } else {
    147. 

  147.             $this->usersLogin($userDetails);
    148. 

  148.             return redirect()->to($this->oauth2Info['AfterUsersLoginUri']);
    149. 

  149.         }
    150. 

  150.         // dd($this->oauth2Info);
    151. 

  151.     }
    152. 

  152. 

  153.     public function memberLogin($userDetails)
    154. 

  154.     {
    155. 

  155.         $response = (new ApiController($this->callApiService))->callApi('member-sso-login', [
    156. 

  156.             'Email' => $userDetails['user_id'],
    157. 

  157.             'SsoBrand' => 'dabory',
    158. 

  158.             'SsoSub' => $userDetails['sso_sub'],
    159. 

  159.         ]);
    160. 

  160. 

  161.         if (isset($response['apiStatus'])) {
    162. 

  162.             return redirect()->route('pro.auth.member-sso-login')->with(['mgs' => $response['body']]);
    163. 

  163.         }
    164. 

  164. 

  165.         session()->put('member', array_merge($response, ['is_member' => true, 'Ip' => request()->ip()]));
    166. 

  166.     }
    167. 

  167. 

  168.     public function usersLogin($userDetails)
    169. 

  169.     {
    170. 

  170.         $response = (new ApiController($this->callApiService))->callApi('user-sso-login', [
    171. 

  171.             'Email' => $userDetails['user_id'],
    172. 

  172.             'SsoBrand' => 'dabory',
    173. 

  173.             'SsoSub' => $userDetails['sso_sub'],
    174. 

  174.         ]);
    175. 

  175. 

  176.         // dd($response);
    177. 

  177.         if (isset($response['apiStatus'])) {
    178. 

  178.             return redirect()->route('user-login')->with(['mgs' => $response['body']]);
    179. 

  179.         }
    180. 

  180. 

  181.         session()->put('user', array_merge($response, ['is_member' => true, 'Ip' => request()->ip()]));
    182. 

  182.         // dd(session('user'));
    183. 

  183.     }
    184. 

  184. 

  185.     public function logout(): \Illuminate\Http\RedirectResponse
    186. 

  186.     {
    187. 

  187.         session()->forget('user');
    188. 

  188.         session()->forget('member');
    189. 

  189.         session()->forget('GateToken');
    190. 

  190. 

  191.         return redirect()->route('pro.auth.member-login');
    192. 

  192.     }
    193. 

  193. }
    194.