Merge branch 'release/2.0.2'

trilbymedia · Apr 28, 2019 · 3a11c09 · 3a11c09
2 parents 3c7d69b + 4442e89
commit 3a11c09
Show file tree

Hide file tree

Showing 6 changed files with 54 additions and 30 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# v2.0.2
+## 04/28/2019
+
+1. [](#improved)
+    * Removed configurable callback URL.
+
 # v2.0.1
 ## 04/28/2019
 

diff --git a/README.md b/README.md
@@ -12,8 +12,30 @@ Currently the core plugin supports the following providers:
 
 It's also possible to extend this plugin an create a new AOauth2 for specific providers. 
 
+## Callback URL
 
-### Installation
+When you setup your OAuth provider application, you will need to provide a Callback URL.  Grav passes this as part of the OAuth2 request process, but it needs to match the configuration on the server side.  Typically, when logging in via the the frontend **site**, the URL will look something like this:
+
+```text
+http://yoursite.com/task:callback.oauth2
+```
+
+Where `http://yoursite.com` is the URL of your Grav-based site.  If you are using SSL, then this URL will be:
+
+```text
+https://yoursite.com/task:callback.oauth2
+```
+
+If you use the OAuth2 plugin to login to the **admin** side of your Grav site, your callback URL will look like this:
+
+```text
+http://yoursite.com/admin/task:callback.oauth2
+```
+
+Where `http://yoursite.com/admin` is the URL you use to log into the admin plugin. Again, if you have this under SSL, you would need to use `https://` rather than `http://`.  Some OAuth2 providers allow you to use provide multiple callback URLs, and in this case you can use the same application setup with multiple URLs, to work with the **site** and the **admin** and potentially `http://` and `https://` URLs.  However, some providers only allow a single callback URL, and in these cases you need to create multiple OAuth2 applications to handle each callback URL.
+
+
+## Installation
 
 Installing the Login OAuth2 plugin can be done in one of two ways. The GPM (Grav Package Manager) installation method enables you to quickly and easily install the plugin with a simple terminal command, while the manual method enables you to do so via a zip file.
 
@@ -47,7 +69,6 @@ The default configuration and an explanation of available options:
 
 ```yaml
 enabled: true
-callback_uri: '/task:callback.oauth2'
 
 built_in_css: true
 button_style: row
@@ -105,7 +126,6 @@ admin:
   enabled: false
   built_in_css: true
   button_style: row
-  callback_uri: '/task:callback.oauth2'
 
   providers:
     github:
@@ -159,7 +179,6 @@ admin:
 |store_provider_data|If storing a local Grav user, you can also store OAuth2 Provider data so its available in Grav| true \| [default: `false`] |
 |default_access_levels.access|You can find more information on access levels in the https://learn.getgrav.org/advanced/groups-and-permissions#permissions|[default: `site: { login: 'true' }`]|
 |default_groups| You can find more information on access levels in the https://learn.getgrav.org/advanced/groups-and-permissions#permissions|[default: `[]`]|
-|callback_uri|This is the URI that the provider will call when it has authenticated the user remotely. You shouldn't need to change this|[default: `/task:callback.oauth2`]|
 
 
 ### OAuth2 Providers

diff --git a/blueprints.yaml b/blueprints.yaml
@@ -1,5 +1,5 @@
 name: Login OAuth2
-version: 2.0.1
+version: 2.0.2
 description: OAuth2 Client Plugin to integrate with Grav's Login
 icon: plug
 author:
@@ -27,6 +27,20 @@ form:
       validate:
         type: bool
 
+    site_callback_url:
+      type: text
+      disabled: true
+      label: PLUGIN_LOGIN_OAUTH2.SITE_CALLBACK_URI
+      help: PLUGIN_LOGIN_OAUTH2.SITE_CALLBACK_URI_HELP
+      data-default@: ['Grav\Plugin\Login\OAuth2\Providers\BaseProvider::getCallbackUri', false]
+
+    admin_callback_url:
+      type: text
+      disabled: true
+      label: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI
+      help: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI_HELP
+      data-default@: ['Grav\Plugin\Login\OAuth2\Providers\BaseProvider::getCallbackUri', true]
+
     oauth2_tabs:
       type: tabs
 
@@ -103,15 +117,6 @@ form:
               validate:
                 type: commalist
 
-            callback_uri:
-              type: text
-              label: PLUGIN_LOGIN_OAUTH2.CALLBACK_URI
-              placeholder: '/task:callback.oauth2'
-              help: PLUGIN_LOGIN_OAUTH2.CALLBACK_URI_HELP
-              size: large
-              validate:
-                required: true
-
         tab_admin:
           type: tab
           title: PLUGIN_LOGIN_OAUTH2.ADMIN
@@ -151,15 +156,6 @@ form:
                 row: Horizontal Row
                 square: Square Block
 
-            admin.callback_uri:
-              type: text
-              label: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI
-              placeholder: '/task:callback.oauth2'
-              help: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI_HELP
-              size: large
-              validate:
-                required: true
-
         tab_2:
           type: tab
           title: PLUGIN_LOGIN_OAUTH2.PROVIDERS

diff --git a/classes/Providers/BaseProvider.php b/classes/Providers/BaseProvider.php
@@ -10,6 +10,8 @@
 
 abstract class BaseProvider implements ProviderInterface
 {
+    const CALLBACK_URI = '/task:callback.oauth2';
+
     /** @var string */
     protected $name;
     /** @var string */
@@ -80,10 +82,13 @@ public function getProvider()
         return $this->provider;
     }
 
-    public function getCallbackUri()
+    public static function getCallbackUri($admin = 'auto')
     {
-        $admin = Grav::instance()['oauth2']->isAdmin();
-        $callback_uri = Grav::instance()['config']->get('plugins.login-oauth2.' . ($admin ? 'admin.callback_uri' : 'callback_uri'));
+        if ($admin === 'auto') {
+            $admin = Grav::instance()['oauth2']->isAdmin();
+        }
+
+        $callback_uri = ((bool) $admin ? Grav::instance()['config']->get('plugins.admin.route', '') : '') . static::CALLBACK_URI;
 
         $base_url = Grav::instance()['base_url_absolute'];
 

diff --git a/languages/en.yaml b/languages/en.yaml
@@ -6,8 +6,8 @@ PLUGIN_LOGIN_OAUTH2:
   BUILTIN_CSS_HELP: "If you want to provide your own custom CSS, feel free to disable the CSS provided by the plugin"
   BUTTON_STYLE: "Button Style"
   BUTTON_STYLE_HELLP: "If using built-in CSS, you can pick from either row or square display types for the OAUTH buttons"
-  CALLBACK_URI: "Callback URI"
-  CALLBACK_URI_HELP: "This is the URI that the provider will call when it has authenticated the user remotely. You shouldn't need to change this"
+  SITE_CALLBACK_URI: "Site Callback URI"
+  SITE_CALLBACK_URI_HELP: "This is the URI that the provider will call when it has authenticated the user remotely."
   SAVE_GRAV_USER: "Save Grav user"
   SAVE_GRAV_USER_DESC: "Saves the logged in user as a local Grav account"
   STORE_OAUTH2_USER: "Store Provider data"

diff --git a/login-oauth2.yaml b/login-oauth2.yaml
@@ -1,5 +1,4 @@
 enabled: true
-callback_uri: '/task:callback.oauth2'
 
 built_in_css: true
 button_style: row
@@ -56,7 +55,6 @@ admin:
   enabled: false
   built_in_css: true
   button_style: row
-  callback_uri: '/admin/task:callback.oauth2'
 
   providers:
     github: