BookStack/app/Access/SocialAuthService.php

186 lines
6.6 KiB
PHP
Raw Normal View History

2021-06-26 23:23:15 +08:00
<?php
2023-05-18 00:56:55 +08:00
namespace BookStack\Access;
use BookStack\Exceptions\SocialDriverNotConfigured;
use BookStack\Exceptions\SocialSignInAccountNotUsed;
use BookStack\Exceptions\UserRegistrationException;
2023-05-18 00:56:55 +08:00
use BookStack\Users\Models\User;
2019-09-14 06:58:40 +08:00
use Illuminate\Support\Str;
use Laravel\Socialite\Contracts\Factory as Socialite;
use Laravel\Socialite\Contracts\Provider;
use Laravel\Socialite\Contracts\User as SocialUser;
use Laravel\Socialite\Two\GoogleProvider;
use Symfony\Component\HttpFoundation\RedirectResponse;
class SocialAuthService
{
public function __construct(
protected Socialite $socialite,
protected LoginService $loginService,
protected SocialDriverManager $driverManager,
) {
}
2015-09-05 03:40:36 +08:00
/**
* Start the social login path.
2021-06-26 23:23:15 +08:00
*
2015-09-05 03:40:36 +08:00
* @throws SocialDriverNotConfigured
*/
public function startLogIn(string $socialDriver): RedirectResponse
{
$socialDriver = trim(strtolower($socialDriver));
$this->driverManager->ensureDriverActive($socialDriver);
2021-06-26 23:23:15 +08:00
return $this->getDriverForRedirect($socialDriver)->redirect();
}
/**
2021-06-26 23:23:15 +08:00
* Start the social registration process.
*
* @throws SocialDriverNotConfigured
*/
public function startRegister(string $socialDriver): RedirectResponse
{
$socialDriver = trim(strtolower($socialDriver));
$this->driverManager->ensureDriverActive($socialDriver);
2021-06-26 23:23:15 +08:00
return $this->getDriverForRedirect($socialDriver)->redirect();
}
/**
* Handle the social registration process on callback.
2021-06-26 23:23:15 +08:00
*
* @throws UserRegistrationException
*/
public function handleRegistrationCallback(string $socialDriver, SocialUser $socialUser): SocialUser
{
// Check social account has not already been used
if (SocialAccount::query()->where('driver_id', '=', $socialUser->getId())->exists()) {
2021-03-20 05:54:50 +08:00
throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount' => $socialDriver]), '/login');
}
if (User::query()->where('email', '=', $socialUser->getEmail())->exists()) {
$email = $socialUser->getEmail();
2021-06-26 23:23:15 +08:00
throw new UserRegistrationException(trans('errors.error_user_exists_different_creds', ['email' => $email]), '/login');
}
return $socialUser;
}
/**
* Get the social user details via the social driver.
2021-06-26 23:23:15 +08:00
*
* @throws SocialDriverNotConfigured
*/
public function getSocialUser(string $socialDriver): SocialUser
{
$socialDriver = trim(strtolower($socialDriver));
$this->driverManager->ensureDriverActive($socialDriver);
2021-06-26 23:23:15 +08:00
return $this->socialite->driver($socialDriver)->user();
}
/**
* Handle the login process on a oAuth callback.
2021-06-26 23:23:15 +08:00
*
* @throws SocialSignInAccountNotUsed
*/
public function handleLoginCallback(string $socialDriver, SocialUser $socialUser)
{
$socialDriver = trim(strtolower($socialDriver));
2015-09-05 03:40:36 +08:00
$socialId = $socialUser->getId();
// Get any attached social accounts or users
$socialAccount = SocialAccount::query()->where('driver_id', '=', $socialId)->first();
$isLoggedIn = auth()->check();
$currentUser = user();
2019-09-14 06:58:40 +08:00
$titleCaseDriver = Str::title($socialDriver);
2015-09-05 03:40:36 +08:00
2015-09-06 00:42:05 +08:00
// When a user is not logged in and a matching SocialAccount exists,
// Simply log the user into the application.
2015-09-05 03:40:36 +08:00
if (!$isLoggedIn && $socialAccount !== null) {
$this->loginService->login($socialAccount->user, $socialDriver);
2021-08-21 22:49:40 +08:00
return redirect()->intended('/');
2015-09-05 03:40:36 +08:00
}
// When a user is logged in but the social account does not exist,
// Create the social account and attach it to the user & redirect to the profile page.
if ($isLoggedIn && $socialAccount === null) {
$account = $this->newSocialAccount($socialDriver, $socialUser);
$currentUser->socialAccounts()->save($account);
2019-09-14 06:58:40 +08:00
session()->flash('success', trans('settings.users_social_connected', ['socialAccount' => $titleCaseDriver]));
2021-06-26 23:23:15 +08:00
return redirect('/my-account/auth#social_accounts');
2015-09-05 03:40:36 +08:00
}
// When a user is logged in and the social account exists and is already linked to the current user.
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) {
2019-09-14 06:58:40 +08:00
session()->flash('error', trans('errors.social_account_existing', ['socialAccount' => $titleCaseDriver]));
2021-06-26 23:23:15 +08:00
return redirect('/my-account/auth#social_accounts');
2015-09-05 03:40:36 +08:00
}
// When a user is logged in, A social account exists but the users do not match.
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
2019-09-14 06:58:40 +08:00
session()->flash('error', trans('errors.social_account_already_used_existing', ['socialAccount' => $titleCaseDriver]));
2021-06-26 23:23:15 +08:00
return redirect('/my-account/auth#social_accounts');
2015-09-05 03:40:36 +08:00
}
2015-09-06 00:42:05 +08:00
// Otherwise let the user know this social account is not used by anyone.
2019-09-14 06:58:40 +08:00
$message = trans('errors.social_account_not_used', ['socialAccount' => $titleCaseDriver]);
if (setting('registration-enabled') && config('auth.method') !== 'ldap' && config('auth.method') !== 'saml2') {
2019-09-14 06:58:40 +08:00
$message .= trans('errors.social_account_register_instructions', ['socialAccount' => $titleCaseDriver]);
}
2021-03-20 05:54:50 +08:00
throw new SocialSignInAccountNotUsed($message, '/login');
2015-09-05 03:40:36 +08:00
}
/**
* Get the social driver manager used by this service.
*/
public function drivers(): SocialDriverManager
{
return $this->driverManager;
}
/**
* Fill and return a SocialAccount from the given driver name and SocialUser.
2015-09-05 03:40:36 +08:00
*/
public function newSocialAccount(string $socialDriver, SocialUser $socialUser): SocialAccount
2015-09-05 03:40:36 +08:00
{
return new SocialAccount([
2021-06-26 23:23:15 +08:00
'driver' => $socialDriver,
2015-09-05 03:40:36 +08:00
'driver_id' => $socialUser->getId(),
2021-06-26 23:23:15 +08:00
'avatar' => $socialUser->getAvatar(),
2015-09-05 03:40:36 +08:00
]);
}
/**
* Detach a social account from a user.
*/
public function detachSocialAccount(string $socialDriver): void
2015-09-05 03:40:36 +08:00
{
user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
2015-09-05 03:40:36 +08:00
}
/**
2021-06-26 23:23:15 +08:00
* Provide redirect options per service for the Laravel Socialite driver.
*/
protected function getDriverForRedirect(string $driverName): Provider
{
$driver = $this->socialite->driver($driverName);
if ($driver instanceof GoogleProvider && config('services.google.select_account')) {
$driver->with(['prompt' => 'select_account']);
}
$this->driverManager->getConfigureForRedirectCallback($driverName)($driver);
return $driver;
}
}