Skip to content

P
pbxm-perl-lib-el7
Commit 27beee5f authored by Andrey Shevchuk's avatar Andrey Shevchuk
Browse files
Options

fixed oauth

parent 4b11dc3d
Hide whitespace changes
Inline Side-by-side
Showing with 42 additions and 58 deletions
opt/thirdlane/perl_lib/lib/Thirdlane/Auth/OAuth2.pm
View file @ 27beee5f
...@@ -858,6 +858,30 @@ sub update_auth_data_access { ...@@ -858,6 +858,30 @@ sub update_auth_data_access {
if exists $access_data->{access_token} if exists $access_data->{access_token}
&& exists $access_data->{access_token}->{refresh_token}; && exists $access_data->{access_token}->{refresh_token};
$self->provider->set_auth_data(
{
store => "authentications",
key => "accounts_server",
value => $access_data->{access_token}->{accounts_server},
type => "string",
ttl => $self->get_request_max_ttl(),
user_id => $args->{user_id},
context => $args->{state}
}
) if exists $access_data->{access_token}->{accounts_server};
$self->provider->set_auth_data(
{
store => "authentications",
key => "api_domain",
value => $access_data->{access_token}->{api_domain},
type => "string",
ttl => $self->get_request_max_ttl(),
user_id => $args->{user_id},
context => $args->{state}
}
) if exists $access_data->{access_token}->{api_domain};
return 1; return 1;
} }
...@@ -955,7 +979,7 @@ sub process_received_code { ...@@ -955,7 +979,7 @@ sub process_received_code {
&& length $args->{code}; && length $args->{code};
my $access_data = my $access_data =
$self->provider->get_access_token( { code => $args->{code} } ); $self->provider->get_access_token( { code => $args->{code}, ( $args->{accounts_server} ? ( accounts_server => $args->{accounts_server} ) : () ) } );
my $is_login = 0; my $is_login = 0;
...@@ -997,8 +1021,6 @@ sub process_received_code { ...@@ -997,8 +1021,6 @@ sub process_received_code {
return undef unless $is_login; return undef unless $is_login;
} }
my $is_requested = 0;
my $uuid = $self->provider->gen_uuid(); my $uuid = $self->provider->gen_uuid();
my $context = { context => $args->{state} }; my $context = { context => $args->{state} };
...@@ -1007,21 +1029,9 @@ sub process_received_code { ...@@ -1007,21 +1029,9 @@ sub process_received_code {
if ( defined $auth_data if ( defined $auth_data
&& exists $args->{state} && exists $args->{state}
&& exists $auth_data->{ $args->{state} }->{requests}->{type}->{string} && exists $auth_data->{ $args->{state} }->{requests}->{type}->{string}
&& $auth_data->{ $args->{state} }->{requests}->{type}->{string} eq && grep { $_ eq $auth_data->{ $args->{state} }->{requests}->{type}->{string} } qw(authorization authentication) )
"authorization" )
{
$is_requested = 1;
}
elsif (defined $auth_data
&& exists $args->{state}
&& exists $auth_data->{ $args->{state} }->{requests}->{type}->{string}
&& $auth_data->{ $args->{state} }->{requests}->{type}->{string} eq
"authentication" )
{ {
$is_requested = 1;
}
if ($is_requested) {
$args->{user_id} = $args->{user_id} =
$auth_data->{ $args->{state} }->{requests}->{user_id}->{string} $auth_data->{ $args->{state} }->{requests}->{user_id}->{string}
unless exists $args->{user_id}; unless exists $args->{user_id};
......
opt/thirdlane/perl_lib/lib/Thirdlane/Auth/OAuth2/Generic.pm
View file @ 27beee5f
...@@ -466,7 +466,7 @@ sub get_ua { ...@@ -466,7 +466,7 @@ sub get_ua {
my $ua_config = $self->merge( $self->{internal}->{config}->{ua}, $config ); my $ua_config = $self->merge( $self->{internal}->{config}->{ua}, $config );
my $ua = LWP::UserAgent->new( %{ $self->{internal}->{config}->{ua} } ); my $ua = LWP::UserAgent->new( %{ $self->{internal}->{config}->{ua} }, ssl_opts => { verify_hostname => 0 } );
$ua->timeout( $self->{internal}->{config}->{ua}->{timeout} ) $ua->timeout( $self->{internal}->{config}->{ua}->{timeout} )
if exists $self->{internal}->{config}->{ua}->{timeout}; if exists $self->{internal}->{config}->{ua}->{timeout};
......
opt/thirdlane/perl_lib/lib/Thirdlane/Auth/OAuth2/Zoho.pm
View file @ 27beee5f
...@@ -5,13 +5,15 @@ use utf8; ...@@ -5,13 +5,15 @@ use utf8;
use strict; use strict;
use warnings; use warnings;
use URI; use URI;
use Digest::MD5 qw(md5_hex);
use JSON::XS qw(encode_json decode_json); use JSON::XS qw(encode_json decode_json);
use constant { use constant {
DISCOVERY_URL => q{https://accounts.zoho.com/oauth/v2/.well-known/openid-configuration} DISCOVERY_URL => q{https://accounts.zoho.com/oauth/v2/.well-known/openid-configuration},
ACCOUNT_URL => q{https://accounts.zoho.com},
TOKEN_ENDPOINT => q{/oauth/v2/token},
AUTH_ENDPOINT => q{/oauth/v2/auth},
ACCESS_SCOPE => q{ZohoCRM.modules.ALL}
}; };
sub discovery_url { sub discovery_url {
...@@ -41,36 +43,14 @@ sub get_access_token { ...@@ -41,36 +43,14 @@ sub get_access_token {
my $token_response = eval { $self->web_req( { my $token_response = eval { $self->web_req( {
method => "POST", method => "POST",
# url => $self->get_provider_data("token_endpoint"), # url => $self->get_provider_data("token_endpoint"),
url => 'https://accounts.zoho.com/oauth/v2/token', url => ( $args->{accounts_server} // ACCOUNT_URL ) . TOKEN_ENDPOINT,
body => [ %{ $access_token_query } ], body => [ %{ $access_token_query } ],
json => 1 json => 1
} ) }; } ) };
if ( defined $token_response ) { if ( defined $token_response ) {
$result->{access_token} = $token_response; $result->{access_token} = $token_response;
$result->{access_token}->{accounts_server} = $args->{accounts_server} // ACCOUNT_URL;
# my $key_response = $self->cache->get('oauth::config::provider::' . $self->name . '::jwks');
# unless ( defined $key_response ) {
my $key_response = eval { $self->web_req( {
method => "GET",
# url => $self->get_provider_data("jwks_uri"),
url => 'https://accounts.zoho.com/oauth/v2/token',
json => 1
} ) };
# $self->cache->set('oauth::config::provider::' . $self->name . '::jwks', $key_response, 60*60)
# if defined $key_response;
# }
if ( defined $key_response ) {
$result->{public_keys} = $key_response;
my $verify_result = eval { $self->try_decode_jwt($token_response->{id_token}, $key_response) };
if ( $verify_result ) {
$result->{id_token} = $verify_result;
}
}
} }
return $result; return $result;
...@@ -96,7 +76,7 @@ sub refresh_access_token { ...@@ -96,7 +76,7 @@ sub refresh_access_token {
my $token_response = eval { $self->web_req( { my $token_response = eval { $self->web_req( {
method => "POST", method => "POST",
# url => $self->get_provider_data("token_endpoint"), # url => $self->get_provider_data("token_endpoint"),
url => 'https://accounts.zoho.com/oauth/v2/token', url => ( $args->{accounts_server} // ACCOUNT_URL ) . TOKEN_ENDPOINT,
body => [ %{ $refresh_token_query } ], body => [ %{ $refresh_token_query } ],
json => 1 json => 1
} ) }; } ) };
...@@ -127,7 +107,7 @@ sub revoke_token { ...@@ -127,7 +107,7 @@ sub revoke_token {
my $revoke_token_response = eval { $self->web_req( { my $revoke_token_response = eval { $self->web_req( {
method => "POST", method => "POST",
# url => $self->get_provider_data("revocation_endpoint"), # url => $self->get_provider_data("revocation_endpoint"),
url => 'https://accounts.zoho.com/oauth/v2/token', url => ( $args->{accounts_server} // ACCOUNT_URL ) . TOKEN_ENDPOINT,
body => [ %{ $revoke_token_query } ] body => [ %{ $revoke_token_query } ]
} ) }; } ) };
...@@ -145,13 +125,11 @@ sub authentication_url { ...@@ -145,13 +125,11 @@ sub authentication_url {
my ( $args ) = @_; my ( $args ) = @_;
# my $uri = URI->new( $self->get_provider_data("authorization_endpoint") ); # my $uri = URI->new( $self->get_provider_data("authorization_endpoint") );
my $uri = URI->new( 'https://accounts.zoho.com/oauth/v2/auth'); my $uri = URI->new( ACCOUNT_URL . AUTH_ENDPOINT);
my $authentication_query = { my $authentication_query = {
scope => "crmapi", scope => ACCESS_SCOPE,
prompt => "consent", #none consent select_account ""
access_type => "offline", #offline(refresh token) online access_type => "offline", #offline(refresh token) online
include_granted_scopes => "true",
response_type => "code", response_type => "code",
client_id => $self->{provider}->{client_id}, client_id => $self->{provider}->{client_id},
...@@ -172,13 +150,11 @@ sub authorization_url { ...@@ -172,13 +150,11 @@ sub authorization_url {
my ( $args ) = @_; my ( $args ) = @_;
# my $uri = URI->new( $self->get_provider_data("authorization_endpoint") ); # my $uri = URI->new( $self->get_provider_data("authorization_endpoint") );
my $uri = URI->new( 'https://accounts.zoho.com/oauth/v2/auth'); my $uri = URI->new( ACCOUNT_URL . AUTH_ENDPOINT);
my $authorization_query = { my $authorization_query = {
scope => "crmapi", scope => ACCESS_SCOPE,
prompt => "consent", #none consent select_account ""
access_type => "offline", #offline(refresh token) online access_type => "offline", #offline(refresh token) online
include_granted_scopes => "true",
response_type => "code", response_type => "code",
client_id => $self->{provider}->{client_id}, client_id => $self->{provider}->{client_id},
...@@ -199,13 +175,11 @@ sub signin_url { ...@@ -199,13 +175,11 @@ sub signin_url {
my ( $args ) = @_; my ( $args ) = @_;
# my $uri = URI->new( $self->get_provider_data("authorization_endpoint") ); # my $uri = URI->new( $self->get_provider_data("authorization_endpoint") );
my $uri = URI->new( 'https://accounts.zoho.com/oauth/v2/auth'); my $uri = URI->new( ACCOUNT_URL . AUTH_ENDPOINT);
my $authentication_query = { my $authentication_query = {
scope => "crmapi", scope => ACCESS_SCOPE,
prompt => "consent", #none consent select_account ""
access_type => "offline", #offline(refresh token) online access_type => "offline", #offline(refresh token) online
include_granted_scopes => "true",
response_type => "code", response_type => "code",
client_id => $self->{provider}->{client_id}, client_id => $self->{provider}->{client_id},
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment