Skip to content

Commit

Permalink
fix authorization grant and walert widget
Browse files Browse the repository at this point in the history
  • Loading branch information
HugoMartineau committed Oct 10, 2024
1 parent 9078497 commit 375569e
Show file tree
Hide file tree
Showing 9 changed files with 198 additions and 61 deletions.
17 changes: 13 additions & 4 deletions admin/widget_edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,12 @@

<link rel="stylesheet" href="/node_modules/bootstrap/dist/css/bootstrap.min.css">
<link rel="stylesheet" href="/css/main.min.css">
<style>
.front {
clip-path: inset(0 50% 0 0 round 999px);
-webkit-clip-path: inset(0 50% 0 0 round 999px);
}
</style>
</head>

<body class="bg-light">
Expand Down Expand Up @@ -117,14 +123,14 @@
<!-- Prévisualisation de la barre de donation -->
<div class="progress">
<div class="back" style="background:<?php echo htmlspecialchars($donationGoalWidget['background_color']); ?>;color:<?php echo htmlspecialchars($donationGoalWidget['text_color_main']); ?>">
<p id="back-goal-current"><?php echo 1000; ?> €</p>
<p id="back-goal-current"><?php echo ($donationGoalWidget['goal'] / 2); ?> €</p>
<p id="back-title"><?php echo htmlspecialchars($donationGoalWidget['text_content']); ?></p>
<p id="back-goal-total"><?php echo 2000; ?> €</p>
<p id="back-goal-total"><?php echo $donationGoalWidget['goal']; ?> €</p>
</div>
<div class="front" style="background:<?php echo htmlspecialchars($donationGoalWidget['bar_color']); ?>;color:<?php echo htmlspecialchars($donationGoalWidget['text_color_alt']); ?>">
<p id="front-goal-current"><?php echo 1000; ?> €</p>
<p id="front-goal-current"><?php echo ($donationGoalWidget['goal'] / 2); ?> €</p>
<p id="front-title"><?php echo htmlspecialchars($donationGoalWidget['text_content']); ?></p>
<p id="front-goal-total"><?php echo 2000; ?> €</p>
<p id="front-goal-total"><?php echo $donationGoalWidget['goal']; ?> €</p>
</div>
</div>
<br />
Expand Down Expand Up @@ -168,6 +174,9 @@
<li>{amount} le montant du don</li>
<li>{message} si le donateur a laissé un message</li>
</ul>
Vous pouvez ensuite formater le texte avec du html.
<br />
<br />
</div>
<textarea class="form-control" id="message_template"
name="message_template"><?php echo htmlspecialchars($alertBoxWidget['message_template']); ?></textarea>
Expand Down
128 changes: 95 additions & 33 deletions app/ApiWrapper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,29 +24,69 @@ public function __construct($repository, $haAuthUrl, $apiUrl, $apiAuthUrl, $clie

// Authentification

function getAccessTokensAndRefreshIfNecessary($organization_slug)
function getGlobalTokensAndRefreshIfNecessary()
{
$tokenData = $this->repository->getAccessTokensDB($organization_slug);

if ($tokenData == null) {
if ($organization_slug == null) {
$tokenData = $this->generateGlobalAccessToken();
return $tokenData;
} else {
return null;
}
} else {
$tokenData = $this->repository->getAccessTokensDB(null);

if ($tokenData == null)
{
$tokenData = $this->generateGlobalAccessToken();
return $tokenData;
}
else
{
$tokenData['access_token'] = Helpers::decryptToken($tokenData['access_token']);
$tokenData['refresh_token'] = Helpers::decryptToken($tokenData['refresh_token']);

if ($tokenData['access_token_expires_at'] < date('Y-m-d H:i:s')) {
$tokenData = $this->refreshToken($tokenData['refresh_token'], null);
return $tokenData;
if ($tokenData['access_token_expires_at'] < date('Y-m-d H:i:s'))
{
try
{
$tokenData = $this->refreshToken($tokenData['refresh_token'], null);
return $tokenData;
}
catch (Exception $e)
{
// Impossible de refresh le token global, il faut en générer un nouveau
$newToken = $this->generateGlobalAccessToken();

$accessTokenExpiresAt = (new DateTime())->add(new DateInterval('PT28M'));
$refreshTokenExpiresAt = (new DateTime())->add(new DateInterval('P28D'));

$this->repository->updateAccessTokenDB(
Helpers::encryptToken($newToken['access_token']),
Helpers::encryptToken($newToken['refresh_token']),
null,
$accessTokenExpiresAt,
$refreshTokenExpiresAt
);
}

}
return $tokenData;
}
}

function getOrganizationTokensAndRefreshIfNecessary($organization_slug)
{
$tokenData = $this->repository->getAccessTokensDB($organization_slug);

if ($tokenData == null)
{
throw new Exception("Aucun token trouvé pour cette association");
}

$tokenData['access_token'] = Helpers::decryptToken($tokenData['access_token']);
$tokenData['refresh_token'] = Helpers::decryptToken($tokenData['refresh_token']);

if ($tokenData['access_token_expires_at'] < date('Y-m-d H:i:s'))
{
$tokenData = $this->refreshToken($tokenData['refresh_token'], null);
return $tokenData;
}
return $tokenData;
}

function generateGlobalAccessToken()
{
$curl = curl_init();
Expand Down Expand Up @@ -99,14 +139,28 @@ function generateGlobalAccessToken()
$accessTokenExpiresAt = (new DateTime())->add(new DateInterval('PT1700S'));
$refreshTokenExpiresAt = (new DateTime())->add(new DateInterval('P29D'));

// Insérer les tokens en base de données
$this->repository->insertAccessTokenDB(
Helpers::encryptToken($responseData['access_token']),
Helpers::encryptToken($responseData['refresh_token']),
null,
$accessTokenExpiresAt,
$refreshTokenExpiresAt
);
//Nous devons définir si nous devons insérer le token global ou le mettre à jour en l'écrasant (possible si le refresh est expiré)
$existingGlobalToken = $this->repository->getAccessTokensDB(null);
if($existingGlobalToken == null)
{
$this->repository->insertAccessTokenDB(
Helpers::encryptToken($responseData['access_token']),
Helpers::encryptToken($responseData['refresh_token']),
null,
$accessTokenExpiresAt,
$refreshTokenExpiresAt
);
}
else
{
$this->repository->updateAccessTokenDB(
Helpers::encryptToken($responseData['access_token']),
Helpers::encryptToken($responseData['refresh_token']),
null,
$accessTokenExpiresAt,
$refreshTokenExpiresAt
);
}

return $responseData;
}
Expand Down Expand Up @@ -134,7 +188,8 @@ function refreshToken($refreshToken, $organization_slug)
$response = curl_exec($curl);

// Gérer les erreurs cURL
if (curl_errno($curl)) {
if (curl_errno($curl))
{
$error_msg = curl_error($curl);
curl_close($curl);
throw new Exception("Erreur cURL : $error_msg");
Expand Down Expand Up @@ -285,7 +340,7 @@ function exchangeAuthorizationCode($code, $redirect_uri, $codeVerifier)

function GetDonationForm($organizationSlug, $donationSlug)
{
$accessToken = $this->getAccessTokensAndRefreshIfNecessary(null);
$accessToken = $this->getGlobalTokensAndRefreshIfNecessary();
if (!$accessToken || !isset($accessToken['access_token'])) {
http_response_code(401);
echo json_encode(['error' => 'Jeton d\'accès API non trouvé ou expiré.']);
Expand Down Expand Up @@ -356,7 +411,7 @@ function GetAllOrders($organizationSlug, $formSlug, $currentAmount = 0, $continu
$previousToken = '';
$donations = [];

$organizationAccessToken = $this->getAccessTokensAndRefreshIfNecessary($organizationSlug);
$organizationAccessToken = $this->getOrganizationTokensAndRefreshIfNecessary($organizationSlug);

if (!$organizationAccessToken || !isset($organizationAccessToken['access_token'])) {
http_response_code(401);
Expand Down Expand Up @@ -384,16 +439,23 @@ function GetAllOrders($organizationSlug, $formSlug, $currentAmount = 0, $continu
$pseudo = "anonyme";
$message = "";

foreach ($order['items'] as $item) {
foreach ($item['customFields'] as $field) {
if ($field['name'] == 'pseudo') {
$pseudo = $field['answer'];
}
if ($field['name'] == 'message') {
$message = $field['answer'];
foreach ($order['items'] as $item)
{
if (array_key_exists('customFields', $item))
{
foreach ($item['customFields'] as $field)
{
if (strcasecmp($field['name'], 'pseudo') == 0)
{
$pseudo = $field['answer'];
}
if (strcasecmp($field['name'], 'message') == 0)
{
$message = $field['answer'];
}
}
}
}
}

$amount = isset($order['amount']['total']) && is_numeric($order['amount']['total']) ? $order['amount']['total'] : 0;
$currentAmount += $amount;
Expand Down
1 change: 0 additions & 1 deletion app/Config.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
<?php

/*
Enable to debug
ini_set('display_errors', 1);
Expand Down
4 changes: 2 additions & 2 deletions css/main.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@
bottom: 0;
background: #4c40cf;
color: white;
clip-path: inset(0 50% 0 0 round 999px);
-webkit-clip-path: inset(0 50% 0 0 round 999px);
clip-path: inset(0 100% 0 0 round 999px);
-webkit-clip-path: inset(0 100% 0 0 round 999px);
transition: clip-path 1s linear;
}

Expand Down
2 changes: 1 addition & 1 deletion css/main.min.css
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 17 additions & 1 deletion js/admin.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ function updateDonationGoalPreview() {
var front = document.querySelector('.front');
var backTitle = document.getElementById('back-title');
var frontTitle = document.getElementById('front-title');

var goal = document.getElementById('goal');

// Mise à jour des couleurs et du texte
back.style.backgroundColor = document.getElementById('background_color').value;
front.style.backgroundColor = document.getElementById('bar_color').value;

Expand All @@ -12,13 +14,27 @@ function updateDonationGoalPreview() {

backTitle.textContent = document.getElementById('text_content').value;
frontTitle.textContent = document.getElementById('text_content').value;
goal.textContent = document.getElementById('goal').value;

var currentDonation = goal.value / 2;

// Mettez à jour le texte d'affichage des objectifs
document.getElementById('back-goal-total').textContent = goal.value + ' €';
document.getElementById('front-goal-total').textContent = goal.value + ' €';
document.getElementById('back-goal-current').textContent = currentDonation + ' €';
document.getElementById('front-goal-current').textContent = currentDonation + ' €';

// Ajustement de la largeur de la barre si nécessaire
front.style.width = (currentDonation / goal * 100) + '%'; // Ajustez selon la logique de votre application
}

// Ajoutez des écouteurs d'événements pour chaque champ d'entrée
document.getElementById('text_color_main').addEventListener('input', updateDonationGoalPreview);
document.getElementById('text_color_alt').addEventListener('input', updateDonationGoalPreview);
document.getElementById('text_content').addEventListener('input', updateDonationGoalPreview);
document.getElementById('bar_color').addEventListener('input', updateDonationGoalPreview);
document.getElementById('background_color').addEventListener('input', updateDonationGoalPreview);
document.getElementById('goal').addEventListener('input', updateDonationGoalPreview);

document.getElementById('previewBtn').addEventListener('click', function() {
displayAlertBox('test de pseudo', 'test de message', '1000');
Expand Down
2 changes: 1 addition & 1 deletion js/admin.min.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

52 changes: 44 additions & 8 deletions redirect_auth_page.php
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,55 @@
<?php
use GuzzleHttp\Psr7\Message;
require 'app/Config.php';

$repository = Config::getInstance()->repo;
$apiWrapper = Config::getInstance()->apiWrapper;

$organizationSlug = $_GET['organizationSlug'];
if($organizationSlug == null)
{
throw new Exception("Erreur : OrganizationSlug introuvable");
}

$partnerTokenData = $apiWrapper->getAccessTokensAndRefreshIfNecessary(null);
$accessToken = $partnerTokenData['access_token'];
//Vérification si l'association à déjà lié son compte
//Récupération du refresh_token de l'association en BDD pour voir si c'est nécessaire de générer une URL de mire
$organizationToken = $repository->getAccessTokensDB($organizationSlug);

$apiWrapper->setClientDomain(Config::getInstance()->webSiteDomain, $accessToken);
if ($organizationToken != null)
{
//Nous avons réussi à récupérer un token de l'association
//Si on peut rafraichir ce token c'est qu'il est encore valide
try
{
$decryptedOrganizationRefreshToken = Helpers::decryptToken($organizationToken['refresh_token']);
$refreshToken = $apiWrapper->refreshToken( $decryptedOrganizationRefreshToken, $organizationSlug);
echo 'Nous possédons déjà un token pour le compte ' . $organizationSlug . ' et nous l\'avons rafraichi, vous pouvez fermer cette page.';
}
catch (Exception $e)
{
redirectionToAuthorizationUrl();
}
}
else
{
redirectionToAuthorizationUrl();
}

// Générer l'URL d'autorisation
$authorizationUrl = $apiWrapper->generateAuthorizationUrl($organizationSlug);
function redirectionToAuthorizationUrl()
{
global $apiWrapper;
global $organizationSlug;

// Rediriger vers l'URL générée
header('Location: ' . $authorizationUrl);
exit;
// Nous ne possédons pas de Refresh valide pour cette association, nous allons donc générer une Url pour la liaison
// Récupération du token global HelloassoCharityStream pour set le domain (important pour la mire)
$globalTokens = $apiWrapper->getGlobalTokensAndRefreshIfNecessary();
$globalAccessToken = $globalTokens['access_token'];

$apiWrapper->setClientDomain(Config::getInstance()->webSiteDomain, $globalAccessToken);

// Générer l'URL d'autorisation
$authorizationUrl = $apiWrapper->generateAuthorizationUrl($organizationSlug);

// Rediriger vers l'URL générée
header('Location: ' . $authorizationUrl);
}
Loading

0 comments on commit 375569e

Please sign in to comment.