File: //home/cafsindia/lead_cafsinfotech.com/public/legacy/modules/Users/GoogleApiKeySaverEntryPoint.php
<?php
use SuiteCRM\LangText;
/**
*
* SugarCRM Community Edition is a customer relationship management program developed by
* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
*
* SuiteCRM is an extension to SugarCRM Community Edition developed by SalesAgility Ltd.
* Copyright (C) 2011 - 2018 SalesAgility Ltd.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
* You should have received a copy of the GNU Affero General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
* reasonably feasible for technical reasons, the Appropriate Legal Notices must
* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
*/
/**
* Entry Point for saving Google API tokens during account authorization.
*
* @license https://raw.githubusercontent.com/salesagility/SuiteCRM/master/LICENSE.txt
* GNU Affero General Public License version 3
* @author Benjamin Long <ben@offsite.guru>
*/
if (!defined('sugarEntry') || !sugarEntry) {
die('Not A Valid Entry Point');
}
/**
* class GoogleApiKeySaverEntryPoint
*/
#[\AllowDynamicProperties]
class GoogleApiKeySaverEntryPoint
{
/**
*
* @var User
*/
protected $currentUser;
/**
*
* @var array
*/
protected $sugarConfig;
/**
*
* @var Google\Client
*/
protected $client;
/**
*
* @var array
*/
protected $request;
/**
*
* @param User $current_user
* @param array $sugar_config
* @param Google\Client $client
* @param array $request
*/
public function __construct(User $current_user, $sugar_config, Google\Client $client, $request)
{
$this->currentUser = $current_user;
$this->sugarConfig = $sugar_config;
$this->client = $client;
$this->request = $request;
$this->handleEntryPoint();
}
/**
*
* @throws Exception 1 - google_auth_json requested variable is missing, 2 - Invalid json for auth config
*/
protected function handleEntryPoint()
{
$this->client->setApplicationName('SuiteCRM');
$this->client->setScopes(Google\Service\Calendar::CALENDAR);
if (!isset($this->sugarConfig['google_auth_json'])) {
throw new Exception('google_auth_json requested variable is missing', 1);
}
$json = base64_decode($this->sugarConfig['google_auth_json']);
$config = json_decode($json, true);
if (!$config) {
throw new Exception('Invalid json for auth config', 2);
}
$this->validateConfig($config);
$this->client->setAuthConfig($config);
$this->client->setAccessType('offline');
$this->client->setApprovalPrompt('force');
$this->handleRequest();
}
/**
*
* @param array $config
* @throws Exception 2 - web is not set in the config json, 3 - client_id is not set in config json, 4 - client_secret is not set in config json
*/
protected function validateConfig($config)
{
if (!isset($config['web'])) {
throw new Exception('web is not set in the config json', 2);
}
if (!isset($config['web']['client_id'])) {
throw new Exception('client_id is not set in config json', 3);
}
if (!isset($config['web']['client_secret'])) {
throw new Exception('client_secret is not set in config json', 4);
}
}
/**
* handle requested action handler method
*/
protected function handleRequest()
{
if (isset($this->request['getnew'])) {
$this->handleRequestGetnew();
} elseif (isset($this->request['code'])) {
$this->handleRequestCode();
} elseif (isset($this->request['setinvalid'])) {
$this->handleRequestSetinvalid();
} elseif (isset($this->request['error'])) {
$this->handleRequestError();
} else {
$this->handleRequestUnknown();
}
}
/**
* create and redirect to auth URL
*/
protected function handleRequestGetnew()
{
$authUrl = $this->client->createAuthUrl();
$this->redirect($authUrl);
}
/**
* set google api token
*
* @throws Exception 1 - Unable to get User bean. 2 - Unable to retrive user by ID
*/
protected function handleRequestCode()
{
$user = BeanFactory::getBean('Users');
if (!$user) {
throw new Exception('Unable to get User bean.', 1);
}
$ret = $user->retrieve($this->currentUser->id);
if (!$ret) {
throw new Exception('Unable to retrive user by ID: ' . $this->currentUser->id, 2);
}
$accessToken = $this->client->fetchAccessTokenWithAuthCode($this->request['code']);
if (array_key_exists('error', $accessToken)) {
throw new Exception('Unable to fetch access token: ' . $accessToken['error'] . '|' . $accessToken['error_description'], 10);
}
$user->setPreference('GoogleApiToken', base64_encode(json_encode($accessToken)), false, 'GoogleSync');
$accessRefreshToken = $accessToken['refresh_token'];
if (isset($accessRefreshToken)) {
$user->setPreference('GoogleApiRefreshToken', base64_encode($accessRefreshToken), false, 'GoogleSync');
}
$user->savePreferencesToDB();
$url = $this->sugarConfig['site_url'] . "/index.php?module=Users&action=EditView&record=" . $this->currentUser->id;
$this->redirect($url);
}
/**
* set google api token to invalid
*
* @throws Exception 1 - Unable to get User bean. 2 - Unable to retrive user by ID
*/
protected function handleRequestSetinvalid()
{
$user = BeanFactory::getBean('Users');
if (!$user) {
throw new Exception('Unable to get User bean.', 1);
}
$ret = $user->retrieve($this->currentUser->id);
if (!$ret) {
throw new Exception('Unable to retrive user by ID: ' . $this->currentUser->id, 2);
}
$user->setPreference('GoogleApiToken', '', false, 'GoogleSync');
$user->savePreferencesToDB();
$url = $this->sugarConfig['site_url'] . "/index.php?module=Users&action=EditView&record=" . $this->currentUser->id;
$this->redirect($url);
}
/**
* shows an error - pick error message from language file instead
* using simple requested text as it is an XSS vulnerability issue
*/
protected function handleRequestError()
{
$url = $this->sugarConfig['site_url'] . "/index.php?module=Users&action=EditView&record=" . $this->currentUser->id;
$tpl = new Sugar_Smarty();
$txtKey = $this->request['error'];
$tpl->assign('error', LangText::get($txtKey));
$tpl->assign('url', $url);
$exitstring = $tpl->fetch(__DIR__ . '/googleApiKeySaverEntryPointError.tpl');
$this->protectedDie($exitstring);
}
/**
* redirect to user edit view if unknown function given.
*/
protected function handleRequestUnknown()
{
LoggerManager::getLogger()->error('Unkown entry point function given.');
// If we don't get a known return, we just silently return to the user profile.
$url = $this->sugarConfig['site_url'] . "/index.php?module=Users&action=EditView&record=" . $this->currentUser->id;
$this->redirect($url);
}
/**
* protected function for SugarApplication::redirect() so test mock can override it
* @param string $url
*/
protected function redirect($url)
{
SugarApplication::redirect($url);
}
/**
* protected function for die() so test mock can override it
* @param string $exitstring
*/
protected function protectedDie($exitstring)
{
die($exitstring);
}
}