2021-06-26 23:23:15 +08:00
|
|
|
<?php
|
|
|
|
|
2023-05-18 00:56:55 +08:00
|
|
|
namespace BookStack\Access;
|
2015-09-05 00:50:52 +08:00
|
|
|
|
2015-09-11 02:31:09 +08:00
|
|
|
use BookStack\Exceptions\SocialDriverNotConfigured;
|
2018-09-25 23:58:03 +08:00
|
|
|
use BookStack\Exceptions\SocialSignInAccountNotUsed;
|
2015-09-11 02:31:09 +08:00
|
|
|
use BookStack\Exceptions\UserRegistrationException;
|
2023-05-18 00:56:55 +08:00
|
|
|
use BookStack\Users\Models\User;
|
2019-09-14 06:58:40 +08:00
|
|
|
use Illuminate\Support\Str;
|
2018-09-25 23:58:03 +08:00
|
|
|
use Laravel\Socialite\Contracts\Factory as Socialite;
|
2020-01-26 22:42:50 +08:00
|
|
|
use Laravel\Socialite\Contracts\Provider;
|
2018-09-22 01:05:06 +08:00
|
|
|
use Laravel\Socialite\Contracts\User as SocialUser;
|
2021-11-23 07:33:55 +08:00
|
|
|
use Laravel\Socialite\Two\GoogleProvider;
|
2020-01-26 22:42:50 +08:00
|
|
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
class SocialAuthService
|
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
public function __construct(
|
|
|
|
protected Socialite $socialite,
|
|
|
|
protected LoginService $loginService,
|
|
|
|
protected SocialDriverManager $driverManager,
|
|
|
|
) {
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
|
|
|
|
2015-09-05 03:40:36 +08:00
|
|
|
/**
|
|
|
|
* Start the social login path.
|
2021-06-26 23:23:15 +08:00
|
|
|
*
|
2015-09-05 03:40:36 +08:00
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
*/
|
2020-01-26 22:42:50 +08:00
|
|
|
public function startLogIn(string $socialDriver): RedirectResponse
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
$socialDriver = trim(strtolower($socialDriver));
|
|
|
|
$this->driverManager->ensureDriverActive($socialDriver);
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-12-06 21:49:53 +08:00
|
|
|
return $this->getDriverForRedirect($socialDriver)->redirect();
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-06-26 23:23:15 +08:00
|
|
|
* Start the social registration process.
|
|
|
|
*
|
2015-09-06 19:14:32 +08:00
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
*/
|
2020-01-26 22:42:50 +08:00
|
|
|
public function startRegister(string $socialDriver): RedirectResponse
|
2015-09-06 19:14:32 +08:00
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
$socialDriver = trim(strtolower($socialDriver));
|
|
|
|
$this->driverManager->ensureDriverActive($socialDriver);
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-12-06 21:49:53 +08:00
|
|
|
return $this->getDriverForRedirect($socialDriver)->redirect();
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handle the social registration process on callback.
|
2021-06-26 23:23:15 +08:00
|
|
|
*
|
2015-09-06 19:14:32 +08:00
|
|
|
* @throws UserRegistrationException
|
|
|
|
*/
|
2020-01-26 22:42:50 +08:00
|
|
|
public function handleRegistrationCallback(string $socialDriver, SocialUser $socialUser): SocialUser
|
2015-09-06 19:14:32 +08:00
|
|
|
{
|
|
|
|
// Check social account has not already been used
|
2021-03-20 00:16:26 +08:00
|
|
|
if (SocialAccount::query()->where('driver_id', '=', $socialUser->getId())->exists()) {
|
2021-03-20 05:54:50 +08:00
|
|
|
throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount' => $socialDriver]), '/login');
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
2021-03-20 00:16:26 +08:00
|
|
|
if (User::query()->where('email', '=', $socialUser->getEmail())->exists()) {
|
2015-09-06 19:14:32 +08:00
|
|
|
$email = $socialUser->getEmail();
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2020-02-03 01:31:00 +08:00
|
|
|
throw new UserRegistrationException(trans('errors.error_user_exists_different_creds', ['email' => $email]), '/login');
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
return $socialUser;
|
|
|
|
}
|
|
|
|
|
2018-09-22 01:05:06 +08:00
|
|
|
/**
|
|
|
|
* Get the social user details via the social driver.
|
2021-06-26 23:23:15 +08:00
|
|
|
*
|
2018-09-22 01:05:06 +08:00
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
*/
|
2020-01-26 22:42:50 +08:00
|
|
|
public function getSocialUser(string $socialDriver): SocialUser
|
2018-09-22 01:05:06 +08:00
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
$socialDriver = trim(strtolower($socialDriver));
|
|
|
|
$this->driverManager->ensureDriverActive($socialDriver);
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-12-06 21:49:53 +08:00
|
|
|
return $this->socialite->driver($socialDriver)->user();
|
2018-09-22 01:05:06 +08:00
|
|
|
}
|
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
/**
|
|
|
|
* Handle the login process on a oAuth callback.
|
2021-06-26 23:23:15 +08:00
|
|
|
*
|
2018-09-22 01:05:06 +08:00
|
|
|
* @throws SocialSignInAccountNotUsed
|
2015-09-05 00:50:52 +08:00
|
|
|
*/
|
2020-01-26 22:42:50 +08:00
|
|
|
public function handleLoginCallback(string $socialDriver, SocialUser $socialUser)
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
$socialDriver = trim(strtolower($socialDriver));
|
2015-09-05 03:40:36 +08:00
|
|
|
$socialId = $socialUser->getId();
|
|
|
|
|
|
|
|
// Get any attached social accounts or users
|
2021-03-20 00:16:26 +08:00
|
|
|
$socialAccount = SocialAccount::query()->where('driver_id', '=', $socialId)->first();
|
2015-09-05 19:29:47 +08:00
|
|
|
$isLoggedIn = auth()->check();
|
2016-09-29 19:43:46 +08:00
|
|
|
$currentUser = user();
|
2019-09-14 06:58:40 +08:00
|
|
|
$titleCaseDriver = Str::title($socialDriver);
|
2015-09-05 03:40:36 +08:00
|
|
|
|
2015-09-06 00:42:05 +08:00
|
|
|
// When a user is not logged in and a matching SocialAccount exists,
|
|
|
|
// Simply log the user into the application.
|
2015-09-05 03:40:36 +08:00
|
|
|
if (!$isLoggedIn && $socialAccount !== null) {
|
2021-09-16 03:55:10 +08:00
|
|
|
$this->loginService->login($socialAccount->user, $socialDriver);
|
2021-08-21 22:49:40 +08:00
|
|
|
|
2017-09-15 03:20:47 +08:00
|
|
|
return redirect()->intended('/');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// When a user is logged in but the social account does not exist,
|
|
|
|
// Create the social account and attach it to the user & redirect to the profile page.
|
|
|
|
if ($isLoggedIn && $socialAccount === null) {
|
2021-03-20 00:16:26 +08:00
|
|
|
$account = $this->newSocialAccount($socialDriver, $socialUser);
|
|
|
|
$currentUser->socialAccounts()->save($account);
|
2019-09-14 06:58:40 +08:00
|
|
|
session()->flash('success', trans('settings.users_social_connected', ['socialAccount' => $titleCaseDriver]));
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-10-19 21:18:42 +08:00
|
|
|
return redirect('/my-account/auth#social_accounts');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// When a user is logged in and the social account exists and is already linked to the current user.
|
|
|
|
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) {
|
2019-09-14 06:58:40 +08:00
|
|
|
session()->flash('error', trans('errors.social_account_existing', ['socialAccount' => $titleCaseDriver]));
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-10-19 21:18:42 +08:00
|
|
|
return redirect('/my-account/auth#social_accounts');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// When a user is logged in, A social account exists but the users do not match.
|
|
|
|
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
|
2019-09-14 06:58:40 +08:00
|
|
|
session()->flash('error', trans('errors.social_account_already_used_existing', ['socialAccount' => $titleCaseDriver]));
|
2021-06-26 23:23:15 +08:00
|
|
|
|
2023-10-19 21:18:42 +08:00
|
|
|
return redirect('/my-account/auth#social_accounts');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2015-09-05 00:50:52 +08:00
|
|
|
|
2015-09-06 00:42:05 +08:00
|
|
|
// Otherwise let the user know this social account is not used by anyone.
|
2019-09-14 06:58:40 +08:00
|
|
|
$message = trans('errors.social_account_not_used', ['socialAccount' => $titleCaseDriver]);
|
2020-02-03 01:31:00 +08:00
|
|
|
if (setting('registration-enabled') && config('auth.method') !== 'ldap' && config('auth.method') !== 'saml2') {
|
2019-09-14 06:58:40 +08:00
|
|
|
$message .= trans('errors.social_account_register_instructions', ['socialAccount' => $titleCaseDriver]);
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
2021-03-20 05:54:50 +08:00
|
|
|
|
2018-09-22 01:05:06 +08:00
|
|
|
throw new SocialSignInAccountNotUsed($message, '/login');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
/**
|
2023-12-06 21:49:53 +08:00
|
|
|
* Get the social driver manager used by this service.
|
2015-09-05 00:50:52 +08:00
|
|
|
*/
|
2023-12-06 21:49:53 +08:00
|
|
|
public function drivers(): SocialDriverManager
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
2023-12-06 21:49:53 +08:00
|
|
|
return $this->driverManager;
|
2018-09-22 01:05:06 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-01-26 22:42:50 +08:00
|
|
|
* Fill and return a SocialAccount from the given driver name and SocialUser.
|
2015-09-05 03:40:36 +08:00
|
|
|
*/
|
2021-03-20 00:16:26 +08:00
|
|
|
public function newSocialAccount(string $socialDriver, SocialUser $socialUser): SocialAccount
|
2015-09-05 03:40:36 +08:00
|
|
|
{
|
2021-03-20 00:16:26 +08:00
|
|
|
return new SocialAccount([
|
2021-06-26 23:23:15 +08:00
|
|
|
'driver' => $socialDriver,
|
2015-09-05 03:40:36 +08:00
|
|
|
'driver_id' => $socialUser->getId(),
|
2021-06-26 23:23:15 +08:00
|
|
|
'avatar' => $socialUser->getAvatar(),
|
2015-09-05 03:40:36 +08:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Detach a social account from a user.
|
|
|
|
*/
|
2021-03-11 06:37:53 +08:00
|
|
|
public function detachSocialAccount(string $socialDriver): void
|
2015-09-05 03:40:36 +08:00
|
|
|
{
|
2016-09-29 19:43:46 +08:00
|
|
|
user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2018-11-05 02:40:06 +08:00
|
|
|
|
|
|
|
/**
|
2021-06-26 23:23:15 +08:00
|
|
|
* Provide redirect options per service for the Laravel Socialite driver.
|
2018-11-05 02:40:06 +08:00
|
|
|
*/
|
2021-05-24 19:55:45 +08:00
|
|
|
protected function getDriverForRedirect(string $driverName): Provider
|
2018-11-05 02:40:06 +08:00
|
|
|
{
|
2018-11-10 22:52:43 +08:00
|
|
|
$driver = $this->socialite->driver($driverName);
|
|
|
|
|
2021-11-23 07:33:55 +08:00
|
|
|
if ($driver instanceof GoogleProvider && config('services.google.select_account')) {
|
2018-11-10 22:52:43 +08:00
|
|
|
$driver->with(['prompt' => 'select_account']);
|
2018-11-05 02:40:06 +08:00
|
|
|
}
|
|
|
|
|
2023-12-06 21:49:53 +08:00
|
|
|
$this->driverManager->getConfigureForRedirectCallback($driverName)($driver);
|
2021-05-24 19:55:45 +08:00
|
|
|
|
2018-11-10 22:52:43 +08:00
|
|
|
return $driver;
|
2018-11-05 02:40:06 +08:00
|
|
|
}
|
2018-01-29 00:58:52 +08:00
|
|
|
}
|