From ca0c6020f69914c34e16e25a4c27216a517bac16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Droz?= Date: Mon, 29 Apr 2019 22:40:19 -0300 Subject: [PATCH 1/5] Even when used behind a reverse-proxy, callback URI must be an absolute URL while accounting for `custom_base_url` (#19) Fixes #18 --- classes/Providers/BaseProvider.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/Providers/BaseProvider.php b/classes/Providers/BaseProvider.php index 24eb8e8..b25c56f 100644 --- a/classes/Providers/BaseProvider.php +++ b/classes/Providers/BaseProvider.php @@ -90,7 +90,7 @@ public static function getCallbackUri($admin = 'auto') $callback_uri = ((bool) $admin ? Grav::instance()['config']->get('plugins.admin.route', '') : '') . static::CALLBACK_URI; - $base_url = Grav::instance()['base_url_absolute']; + $base_url = rtrim(Grav::instance()['uri']->rootUrl(true), '/'); return $base_url . '/' . ltrim($callback_uri, '/'); } @@ -118,4 +118,4 @@ public function getResourceOwner(AccessToken $token) { return $this->provider->getResourceOwner($token); } -} \ No newline at end of file +} From 1671d056faab8fe0e04a097c4a23f2ad66333033 Mon Sep 17 00:00:00 2001 From: Andy Miller Date: Fri, 3 May 2019 12:13:34 -0600 Subject: [PATCH 2/5] Added `copy-to-clipboard` support for Callback URIs --- CHANGELOG.md | 6 ++++++ blueprints.yaml | 2 ++ 2 files changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d3e0e6b..24ebe24 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +# v2.0.3 +## mm/dd/2019 + +1. [](#improved) + * Added `copy-to-clipboard` support for Callback URIs + # v2.0.2 ## 04/28/2019 diff --git a/blueprints.yaml b/blueprints.yaml index 4eb50b1..82a8f42 100644 --- a/blueprints.yaml +++ b/blueprints.yaml @@ -30,6 +30,7 @@ form: site_callback_url: type: text disabled: true + copy_to_clipboard: true label: PLUGIN_LOGIN_OAUTH2.SITE_CALLBACK_URI help: PLUGIN_LOGIN_OAUTH2.SITE_CALLBACK_URI_HELP data-default@: ['Grav\Plugin\Login\OAuth2\Providers\BaseProvider::getCallbackUri', false] @@ -37,6 +38,7 @@ form: admin_callback_url: type: text disabled: true + copy_to_clipboard: true label: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI help: PLUGIN_LOGIN_OAUTH2.ADMIN_CALLBACK_URI_HELP data-default@: ['Grav\Plugin\Login\OAuth2\Providers\BaseProvider::getCallbackUri', true] From 6df161a416f335e5e7ddec6fcfc9e9b0369ae942 Mon Sep 17 00:00:00 2001 From: Djamil Legato Date: Tue, 11 Feb 2020 19:35:03 -0800 Subject: [PATCH 3/5] ignore .idea --- .gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a09c56d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/.idea From 039f4c6a067a583fca7881db43cc4fe15b46e8b8 Mon Sep 17 00:00:00 2001 From: Djamil Legato Date: Thu, 13 Feb 2020 11:27:59 -0800 Subject: [PATCH 4/5] Added support for providers that callback via POST (ie, Apple) --- CHANGELOG.md | 1 + login-oauth2.php | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 24ebe24..99bf087 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ 1. [](#improved) * Added `copy-to-clipboard` support for Callback URIs + * Added support for providers that callback via POST (ie, Apple) # v2.0.2 ## 04/28/2019 diff --git a/login-oauth2.php b/login-oauth2.php index 34c41e9..cf34a63 100644 --- a/login-oauth2.php +++ b/login-oauth2.php @@ -182,10 +182,17 @@ public function loginCallback() /** @var Message $messages */ $messages = $this->grav['messages']; + + if ($oauth2->isValidProvider($provider_name)) { $state = filter_input(INPUT_GET, 'state', FILTER_SANITIZE_STRING, !FILTER_FLAG_STRIP_LOW); + // try POST + if (empty($state)) { + $state = filter_input(INPUT_POST, 'state', FILTER_SANITIZE_STRING, !FILTER_FLAG_STRIP_LOW); + } + if (empty($state) || ($state !== $session->oauth2_state)) { unset($session->oauth2_state); // TODO: better error message? @@ -242,6 +249,11 @@ public function userLoginAuthenticate(UserLoginEvent $event) if (isset($options['oauth2'])) { $code = filter_input(INPUT_GET, 'code', FILTER_SANITIZE_STRING, !FILTER_FLAG_STRIP_LOW); + + // try POST + if (!$code) { + $code = filter_input(INPUT_POST, 'code', FILTER_SANITIZE_STRING, !FILTER_FLAG_STRIP_LOW); + } $provider_name = $options['provider']; $provider = ProviderFactory::create($provider_name, $options); From 0bd9f0ef58f50a3cdf68c6ab4e1ce03bcf89238f Mon Sep 17 00:00:00 2001 From: Andy Miller Date: Mon, 24 Feb 2020 10:21:07 -0700 Subject: [PATCH 5/5] Fixed issues with saving in Admin 1.7 with strict form validation --- CHANGELOG.md | 3 ++- login-oauth2.yaml | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 99bf087..c4d63ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,10 @@ # v2.0.3 -## mm/dd/2019 +## 02/24/2019 1. [](#improved) * Added `copy-to-clipboard` support for Callback URIs * Added support for providers that callback via POST (ie, Apple) + * Fixed issues with saving in Admin 1.7 with strict form validation # v2.0.2 ## 04/28/2019 diff --git a/login-oauth2.yaml b/login-oauth2.yaml index 29cfaa6..9760255 100644 --- a/login-oauth2.yaml +++ b/login-oauth2.yaml @@ -37,10 +37,10 @@ providers: enabled: true client_id: '' client_secret: '' - hd: '*' options: scope: ['email', 'profile'] avatar_size: 200 + hd: '*' linkedin: enabled: true @@ -84,10 +84,10 @@ admin: enabled: false client_id: '' client_secret: '' - hd: '*' options: scope: ['email', 'profile'] avatar_size: 200 + hd: '*' linkedin: enabled: false