芝麻web文件管理V1.00

编辑当前文件:/home/pulsehostuk9/www/cloud.pulsehost.co.uk/modules/GoogleAuthWebclient/Module.php

<?php
/**
 * This code is licensed under AGPLv3 license or Afterlogic Software License
 * if commercial version of the product was purchased.
 * For full statements of the licenses see LICENSE-AFTERLOGIC and LICENSE-AGPL3 files.
 */

namespace Aurora\Modules\GoogleAuthWebclient;

/**
 * This module adds ability to login using Google account.
 *
 * @license https://www.gnu.org/licenses/agpl-3.0.html AGPL-3.0
 * @license https://afterlogic.com/products/common-licensing Afterlogic Software License
 * @copyright Copyright (c) 2023, Afterlogic Corp.
 *
 * @property Settings $oModuleSettings
 *
 * @package Modules
 */
class Module extends \Aurora\System\Module\AbstractWebclientModule
{
    protected $sService = 'google';

protected $aRequireModules = array(
        'OAuthIntegratorWebclient',
        'Google'
    );

/**
     * @return Module
     */
    public static function getInstance()
    {
        return parent::getInstance();
    }

/**
     * @return Module
     */
    public static function Decorator()
    {
        return parent::Decorator();
    }

/**
     * @return Settings
     */
    public function getModuleSettings()
    {
        return $this->oModuleSettings;
    }

/***** private functions *****/
    protected function issetScope($sScope)
    {
        return in_array($sScope, explode(' ', $this->oModuleSettings->Scopes));
    }

/**
     * Initializes FacebookAuthWebclient Module.
     *
     * @ignore
     */
    public function init()
    {
        $this->subscribeEvent('OAuthIntegratorWebclient::GetServices::after', array($this, 'onAfterGetServices'));
        $this->subscribeEvent('OAuthIntegratorAction', array($this, 'onOAuthIntegratorAction'));
        $this->subscribeEvent('Google::GetSettings', array($this, 'onGetSettings'));
        $this->subscribeEvent('Google::UpdateSettings::after', array($this, 'onAfterUpdateSettings'));
        $this->subscribeEvent('RevokeAccessToken', array($this, 'onRevokeAccessToken'));
        $this->subscribeEvent('ResetAccessToken', array($this, 'onResetAccessToken'));
        $this->subscribeEvent('GetAccessToken', array($this, 'onGetAccessToken'));
    }

/**
     * Adds service name to array passed by reference.
     *
     * @ignore
     * @param array $aArgs
     * @param array $aServices Array with services names passed by reference.
     */
    public function onAfterGetServices($aArgs, &$aServices)
    {
        $oModule = \Aurora\Modules\Google\Module::getInstance();
        $sId = $oModule->oModuleSettings->Id;
        $sSecret = $oModule->oModuleSettings->Secret;

if ($oModule->oModuleSettings->EnableModule && $this->issetScope('auth') && !empty($sId) && !empty($sSecret)) {
            $aServices[] = $this->sService;
        }
    }

/**
     * Passes data to connect to service.
     *
     * @ignore
     * @param string $aArgs Service type to verify if data should be passed.
     * @param boolean|array $mResult variable passed by reference to take the result.
     */
    public function onOAuthIntegratorAction($aArgs, &$mResult)
    {
        if (isset($aArgs['Service']) && $aArgs['Service'] === $this->sService) {
            $sOAuthScopes = isset($_COOKIE['oauth-scopes']) ? $_COOKIE['oauth-scopes'] : '';
            $aGoogleScopes = [
                'https://www.googleapis.com/auth/userinfo.email',
                'https://www.googleapis.com/auth/userinfo.profile'
            ];
            $this->broadcastEvent('PopulateScopes', $sOAuthScopes, $aGoogleScopes);

$mResult = false;
            $oConnector = new Classes\Connector($this);
            if ($oConnector) {
                $oGoogleModule = \Aurora\Modules\Google\Module::getInstance();
                if ($oGoogleModule) {
                    $sId = $oGoogleModule->oModuleSettings->Id;
                    $sSecret = $oGoogleModule->oModuleSettings->Secret;

$mResult = $oConnector->Init(
                        $sId,
                        $sSecret,
                        [$sOAuthScopes, \implode(' ', $aGoogleScopes)]
                    );
                }
            }
            return true;
        }
    }

if ($oUser) {
            $aScope = array(
                'Name' => 'auth',
                'Description' => $this->i18N('SCOPE_AUTH'),
                'Value' => false
            );
            if ($oUser->Role === \Aurora\System\Enums\UserRole::SuperAdmin) {
                $aScope['Value'] = $this->issetScope('auth');
                $mResult['Scopes'][] = $aScope;
            }
            if ($oUser->isNormalOrTenant()) {
                if ($aArgs['OAuthAccount'] instanceof \Aurora\Modules\OAuthIntegratorWebclient\Models\OauthAccount) {
                    $aScope['Value'] = $aArgs['OAuthAccount']->issetScope('auth');
                }
                if ($this->issetScope('auth')) {
                    $mResult['Scopes'][] = $aScope;
                }
            }
        }
    }

public function onAfterUpdateSettings($aArgs, &$mResult)
    {
        $sScope = '';
        if (isset($aArgs['Scopes']) && is_array($aArgs['Scopes'])) {
            foreach ($aArgs['Scopes'] as $aScope) {
                if ($aScope['Name'] === 'auth') {
                    if ($aScope['Value']) {
                        $sScope = 'auth';
                        break;
                    }
                }
            }
        }
        $this->setConfig('Scopes', $sScope);
        $this->saveModuleConfig();
    }

public function onRevokeAccessToken($aArgs)
    {
        if (isset($aArgs['Service']) && $aArgs['Service'] === $this->sService) {
            $oConnector = new Classes\Connector($this);
            if ($oConnector) {
                $oGoogleModule = \Aurora\Modules\Google\Module::getInstance();
                if ($oGoogleModule) {
                    $sAccessToken = isset($aArgs['AccessToken']) ? $aArgs['AccessToken'] : '';
                    $oConnector->RevokeAccessToken(
                        $oGoogleModule->oModuleSettings->Id,
                        $oGoogleModule->oModuleSettings->Secret,
                        $sAccessToken
                    );
                }
            }
        }
    }

public function onResetAccessToken($aArgs)
    {
        if (isset($aArgs['Service']) && $aArgs['Service'] === $this->sService) {
            $oConnector = new Classes\Connector($this);
            if ($oConnector) {
                $oGoogleModule = \Aurora\Modules\Google\Module::getInstance();
                if ($oGoogleModule) {
                    $oConnector->ResetAccessToken(
                        $oGoogleModule->oModuleSettings->Id,
                        $oGoogleModule->oModuleSettings->Secret
                    );
                }
            }
        }
    }

public function onGetAccessToken($aArgs, &$mResult)
    {
        if (isset($aArgs['Service']) && $aArgs['Service'] === $this->sService && isset($aArgs['Account'])) {
            $mResult = false;
            /** @var \Aurora\Modules\OAuthIntegratorWebclient\Models\OauthAccount $oAccount */
            $oAccount = $aArgs['Account'];
            $oTokenData = \json_decode($oAccount->AccessToken);
            if ($oTokenData) {
                $iCreated = (int) $oTokenData->created;
                $iExpiresIn = (int) $oTokenData->expires_in;
                if (time() > ($iCreated + $iExpiresIn) && isset($oAccount->RefreshToken)) {
                    $oGoogleModule = \Aurora\Modules\Google\Module::getInstance();
                    if ($oGoogleModule) {
                        $oConnector = new Classes\Connector($this);
                        $aResult = $oConnector->RefreshAccessToken(
                            $oGoogleModule->oModuleSettings->Id,
                            $oGoogleModule->oModuleSettings->Secret,
                            $oAccount->RefreshToken
                        );
                        if (isset($aResult['access_token'])) {
                            $oTokenData->access_token = $aResult['access_token'];
                            $oTokenData->created = time();
                            $oTokenData->expires_in = $aResult['expires_in'];

$mResult = $oTokenData->access_token;

$oAccount->AccessToken = \json_encode($oTokenData);
                            $oAccount->save();
                        }
                    }
                } else {
                    $mResult = $oTokenData->access_token;
                }
            }

return true;
        }
    }
}