X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/6b6f6d2c9207b0a04e67434d526233bc3c059e4f..refs/pull/711/head:/app/Services/SocialAuthService.php

diff --git a/app/Services/SocialAuthService.php b/app/Services/SocialAuthService.php
index fda39819d..02361e59b 100644
--- a/app/Services/SocialAuthService.php
+++ b/app/Services/SocialAuthService.php
@@ -1,11 +1,13 @@
-<?php namespace Oxbow\Services;
+<?php namespace BookStack\Services;
 
+use BookStack\Http\Requests\Request;
+use GuzzleHttp\Exception\ClientException;
 use Laravel\Socialite\Contracts\Factory as Socialite;
-use Oxbow\Exceptions\SocialDriverNotConfigured;
-use Oxbow\Exceptions\SocialSignInException;
-use Oxbow\Repos\UserRepo;
-use Oxbow\SocialAccount;
-use Oxbow\User;
+use BookStack\Exceptions\SocialDriverNotConfigured;
+use BookStack\Exceptions\SocialSignInException;
+use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Repos\UserRepo;
+use BookStack\SocialAccount;
 
 class SocialAuthService
 {
@@ -14,7 +16,7 @@ class SocialAuthService
     protected $socialite;
     protected $socialAccount;
 
-    protected $validSocialDrivers = ['google', 'github'];
+    protected $validSocialDrivers = ['google', 'github', 'facebook', 'slack', 'twitter', 'azure', 'okta', 'gitlab', 'twitch'];
 
     /**
      * SocialAuthService constructor.
@@ -29,9 +31,10 @@ class SocialAuthService
         $this->socialAccount = $socialAccount;
     }
 
+
     /**
      * Start the social login path.
-     * @param $socialDriver
+     * @param string $socialDriver
      * @return \Symfony\Component\HttpFoundation\RedirectResponse
      * @throws SocialDriverNotConfigured
      */
@@ -42,31 +45,68 @@ class SocialAuthService
     }
 
     /**
-     * Get a user from socialite after a oAuth callback.
-     *
+     * Start the social registration process
+     * @param string $socialDriver
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse
+     * @throws SocialDriverNotConfigured
+     */
+    public function startRegister($socialDriver)
+    {
+        $driver = $this->validateDriver($socialDriver);
+        return $this->socialite->driver($driver)->redirect();
+    }
+
+    /**
+     * Handle the social registration process on callback.
      * @param $socialDriver
-     * @return User
+     * @return \Laravel\Socialite\Contracts\User
      * @throws SocialDriverNotConfigured
-     * @throws SocialSignInException
+     * @throws UserRegistrationException
      */
-    public function handleCallback($socialDriver)
+    public function handleRegistrationCallback($socialDriver)
     {
         $driver = $this->validateDriver($socialDriver);
 
+        // Get user details from social driver
+        $socialUser = $this->socialite->driver($driver)->user();
+
+        // Check social account has not already been used
+        if ($this->socialAccount->where('driver_id', '=', $socialUser->getId())->exists()) {
+            throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver]), '/login');
+        }
+
+        if ($this->userRepo->getByEmail($socialUser->getEmail())) {
+            $email = $socialUser->getEmail();
+            throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver, 'email' => $email]), '/login');
+        }
+
+        return $socialUser;
+    }
+
+    /**
+     * Handle the login process on a oAuth callback.
+     * @param $socialDriver
+     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     * @throws SocialDriverNotConfigured
+     * @throws SocialSignInException
+     */
+    public function handleLoginCallback($socialDriver)
+    {
+        $driver = $this->validateDriver($socialDriver);
         // Get user details from social driver
         $socialUser = $this->socialite->driver($driver)->user();
         $socialId = $socialUser->getId();
 
         // Get any attached social accounts or users
         $socialAccount = $this->socialAccount->where('driver_id', '=', $socialId)->first();
-        $user = $this->userRepo->getByEmail($socialUser->getEmail());
         $isLoggedIn = auth()->check();
-        $currentUser = auth()->user();
+        $currentUser = user();
 
-        // When a user is not logged in but a matching SocialAccount exists,
-        // Log the user found on the SocialAccount into the application.
+        // When a user is not logged in and a matching SocialAccount exists,
+        // Simply log the user into the application.
         if (!$isLoggedIn && $socialAccount !== null) {
-            return $this->logUserIn($socialAccount->user);
+            auth()->login($socialAccount->user);
+            return redirect()->intended('/');
         }
 
         // When a user is logged in but the social account does not exist,
@@ -74,49 +114,29 @@ class SocialAuthService
         if ($isLoggedIn && $socialAccount === null) {
             $this->fillSocialAccount($socialDriver, $socialUser);
             $currentUser->socialAccounts()->save($this->socialAccount);
-            \Session::flash('success', title_case($socialDriver) . ' account was successfully attached to your profile.');
+            session()->flash('success', trans('settings.users_social_connected', ['socialAccount' => title_case($socialDriver)]));
             return redirect($currentUser->getEditUrl());
         }
 
         // When a user is logged in and the social account exists and is already linked to the current user.
         if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) {
-            \Session::flash('error', 'This ' . title_case($socialDriver) . ' account is already attached to your profile.');
+            session()->flash('error', trans('errors.social_account_existing', ['socialAccount' => title_case($socialDriver)]));
             return redirect($currentUser->getEditUrl());
         }
 
         // When a user is logged in, A social account exists but the users do not match.
-        // Change the user that the social account is assigned to.
         if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
-            $socialAccount->user_id = $currentUser->id;
-            $socialAccount->save();
-            \Session::flash('success', 'This ' . title_case($socialDriver) . ' account is now attached to your profile.');
+            session()->flash('error', trans('errors.social_account_already_used_existing', ['socialAccount' => title_case($socialDriver)]));
+            return redirect($currentUser->getEditUrl());
         }
 
-        if ($user === null) {
-            throw new SocialSignInException('A system user with the email ' . $socialUser->getEmail() .
-                ' was not found and this ' . $socialDriver . ' account is not linked to any users.', '/login');
+        // Otherwise let the user know this social account is not used by anyone.
+        $message = trans('errors.social_account_not_used', ['socialAccount' => title_case($socialDriver)]);
+        if (setting('registration-enabled')) {
+            $message .= trans('errors.social_account_register_instructions', ['socialAccount' => title_case($socialDriver)]);
         }
-        return $this->authenticateUserWithNewSocialAccount($user, $socialUser, $socialUser);
-    }
-
-    /**
-     * Logs a user in and creates a new social account entry for future usage.
-     * @param User                              $user
-     * @param string                            $socialDriver
-     * @param \Laravel\Socialite\Contracts\User $socialUser
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
-     */
-    private function authenticateUserWithNewSocialAccount($user, $socialDriver, $socialUser)
-    {
-        $this->fillSocialAccount($socialDriver, $socialUser);
-        $user->socialAccounts()->save($this->socialAccount);
-        return $this->logUserIn($user);
-    }
-
-    private function logUserIn($user)
-    {
-        auth()->login($user);
-        return redirect('/');
+        
+        throw new SocialSignInException($message, '/login');
     }
 
     /**
@@ -130,8 +150,12 @@ class SocialAuthService
     {
         $driver = trim(strtolower($socialDriver));
 
-        if (!in_array($driver, $this->validSocialDrivers)) abort(404, 'Social Driver Not Found');
-        if (!$this->checkDriverConfigured($driver)) throw new SocialDriverNotConfigured;
+        if (!in_array($driver, $this->validSocialDrivers)) {
+            abort(404, trans('errors.social_driver_not_found'));
+        }
+        if (!$this->checkDriverConfigured($driver)) {
+            throw new SocialDriverNotConfigured(trans('errors.social_driver_not_configured', ['socialAccount' => title_case($socialDriver)]));
+        }
 
         return $driver;
     }
@@ -143,9 +167,10 @@ class SocialAuthService
      */
     private function checkDriverConfigured($driver)
     {
-        $upperName = strtoupper($driver);
-        $config = [env($upperName . '_APP_ID', false), env($upperName . '_APP_SECRET', false), env('APP_URL', false)];
-        return (!in_array(false, $config) && !in_array(null, $config));
+        $lowerName = strtolower($driver);
+        $configPrefix = 'services.' . $lowerName . '.';
+        $config = [config($configPrefix . 'client_id'), config($configPrefix . 'client_secret'), config('services.callback_url')];
+        return !in_array(false, $config) && !in_array(null, $config);
     }
 
     /**
@@ -155,25 +180,37 @@ class SocialAuthService
     public function getActiveDrivers()
     {
         $activeDrivers = [];
-        foreach ($this->validSocialDrivers as $driverName) {
-            if ($this->checkDriverConfigured($driverName)) {
-                $activeDrivers[$driverName] = true;
+        foreach ($this->validSocialDrivers as $driverKey) {
+            if ($this->checkDriverConfigured($driverKey)) {
+                $activeDrivers[$driverKey] = $this->getDriverName($driverKey);
             }
         }
         return $activeDrivers;
     }
 
     /**
-     * @param $socialDriver
-     * @param $socialUser
+     * Get the presentational name for a driver.
+     * @param $driver
+     * @return mixed
      */
-    private function fillSocialAccount($socialDriver, $socialUser)
+    public function getDriverName($driver)
+    {
+        return config('services.' . strtolower($driver) . '.name');
+    }
+
+    /**
+     * @param string                            $socialDriver
+     * @param \Laravel\Socialite\Contracts\User $socialUser
+     * @return SocialAccount
+     */
+    public function fillSocialAccount($socialDriver, $socialUser)
     {
         $this->socialAccount->fill([
             'driver'    => $socialDriver,
             'driver_id' => $socialUser->getId(),
             'avatar'    => $socialUser->getAvatar()
         ]);
+        return $this->socialAccount;
     }
 
     /**
@@ -183,10 +220,8 @@ class SocialAuthService
      */
     public function detachSocialAccount($socialDriver)
     {
-        session();
-        auth()->user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
-        \Session::flash('success', $socialDriver . ' account successfully detached');
-        return redirect(auth()->user()->getEditUrl());
+        user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
+        session()->flash('success', trans('settings.users_social_disconnected', ['socialAccount' => title_case($socialDriver)]));
+        return redirect(user()->getEditUrl());
     }
-
-}
\ No newline at end of file
+}