IDEMPIERE-3101 implement OAuth2 for mail (gmail, outlook and other mail system) (#771)
* IDEMPIERE-3101 implement OAuth2 for mail (gmail, outlook and other mail system) Split processToken in two public methods to allow calling from external interfaces * Add suggestion from druiz
This commit is contained in:
Carlos Ruiz
GitHub
parent
8ef060d938
commit
287f6bf91f
|
|
@ -55,7 +55,7 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
/**
|
||||
*
|
||||
*/
|
||||
private static final long serialVersionUID = -2433704480923324032L;
|
||||
private static final long serialVersionUID = -3318054439833405030L;
|
||||
|
||||
/**
|
||||
* Create empty Authorization Credential
|
||||
|
|
@ -106,10 +106,32 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
msg = "Process instance parameter for Scopes not found";
|
||||
return msg;
|
||||
}
|
||||
MPInstanceLog pilog = pinstance.addLog(null, 0, null, null, MAuthorizationAccount.Table_ID, 0);
|
||||
msg = processToken(Env.getCtx(), code, paramScope.getP_String(), pilog);
|
||||
} catch (Exception ex) {
|
||||
ex.printStackTrace();
|
||||
msg = Msg.getMsg(getCtx(), "Error") + ex.getLocalizedMessage();
|
||||
return msg;
|
||||
}
|
||||
|
||||
return msg;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create or Update an Account based on the token received
|
||||
* @param ctx
|
||||
* @param code
|
||||
* @param paramScope
|
||||
* @param pilog
|
||||
* @return String message indicating success
|
||||
*/
|
||||
public String processToken(Properties ctx, String code, String paramScope, MPInstanceLog pilog) {
|
||||
String msg = null;
|
||||
try {
|
||||
String clientId = getAuthorizationClientId();
|
||||
String clientSecret = getAuthorizationClientSecret();
|
||||
Timestamp ts = new Timestamp(System.currentTimeMillis());
|
||||
MAuthorizationProvider ap = new MAuthorizationProvider(getCtx(), getAD_AuthorizationProvider_ID(), get_TrxName());
|
||||
MAuthorizationProvider ap = new MAuthorizationProvider(ctx, getAD_AuthorizationProvider_ID(), get_TrxName());
|
||||
AuthorizationCodeTokenRequest request = new AuthorizationCodeTokenRequest(new NetHttpTransport(),
|
||||
GsonFactory.getDefaultInstance(),
|
||||
new GenericUrl(ap.getTokenEndpoint()), code);
|
||||
|
|
@ -123,23 +145,23 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
email = (String) idtoken.getPayload().get("email");
|
||||
}
|
||||
if (email == null) {
|
||||
msg = Msg.parseTranslation(getCtx(), "@Error@ @OAuthProcessToken_CouldNotGetEMail@");
|
||||
msg = Msg.parseTranslation(ctx, "@Error@ @OAuthProcessToken_CouldNotGetEMail@");
|
||||
return msg;
|
||||
}
|
||||
|
||||
boolean newAccount = false;
|
||||
MAuthorizationAccount account = null;
|
||||
Query query = new Query(Env.getCtx(), MAuthorizationAccount.Table_Name, "AD_Client_ID=? AND AD_User_ID=? AND EMail=? AND AD_AuthorizationCredential_ID=?", get_TrxName());
|
||||
query.setParameters(Env.getAD_Client_ID(Env.getCtx()), Env.getAD_User_ID(Env.getCtx()), email, getAD_AuthorizationCredential_ID());
|
||||
Query query = new Query(ctx, MAuthorizationAccount.Table_Name, "AD_Client_ID=? AND AD_User_ID=? AND EMail=? AND AD_AuthorizationCredential_ID=?", get_TrxName());
|
||||
query.setParameters(Env.getAD_Client_ID(ctx), Env.getAD_User_ID(ctx), email, getAD_AuthorizationCredential_ID());
|
||||
account = query.setOnlyActiveRecords(true).first();
|
||||
if (account == null) {
|
||||
account = new MAuthorizationAccount(Env.getCtx(), 0, get_TrxName());
|
||||
account = new MAuthorizationAccount(ctx, 0, get_TrxName());
|
||||
account.setEMail(email);
|
||||
account.setAD_AuthorizationCredential_ID(getAD_AuthorizationCredential_ID());
|
||||
account.setAD_User_ID(Env.getAD_User_ID(Env.getCtx()));
|
||||
account.setAD_User_ID(Env.getAD_User_ID(ctx));
|
||||
newAccount = true;
|
||||
}
|
||||
account.setAD_AuthorizationScopes(paramScope.getP_String());
|
||||
account.setAD_AuthorizationScopes(paramScope);
|
||||
|
||||
account.setAccessToken(tokenResponse.getAccessToken());
|
||||
account.setAccessTokenTimestamp(ts);
|
||||
|
|
@ -156,7 +178,7 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
|
||||
if (tokenResponse.getRefreshToken() == null && account.getRefreshToken() == null) {
|
||||
//revoke access and ask for retry
|
||||
MAuthorizationProvider provider = new MAuthorizationProvider(getCtx(), getAD_AuthorizationProvider_ID(), get_TrxName());
|
||||
MAuthorizationProvider provider = new MAuthorizationProvider(ctx, getAD_AuthorizationProvider_ID(), get_TrxName());
|
||||
String revokeEndPoint = provider.getRevokeEndpoint();
|
||||
if (revokeEndPoint != null) {
|
||||
HttpRequestFactory factory = new NetHttpTransport().createRequestFactory();
|
||||
|
|
@ -164,7 +186,7 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
HttpRequest revokeRequest = factory.buildGetRequest(url);
|
||||
revokeRequest.execute();
|
||||
}
|
||||
msg = Msg.parseTranslation(getCtx(), "@Error@ @OAuthProcessToken_NoRefreshToken@");
|
||||
msg = Msg.parseTranslation(ctx, "@Error@ @OAuthProcessToken_NoRefreshToken@");
|
||||
return msg;
|
||||
}
|
||||
|
||||
|
|
@ -172,17 +194,20 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
|||
account.setRefreshToken(tokenResponse.getRefreshToken());
|
||||
}
|
||||
account.saveEx();
|
||||
String logmsg = Msg.parseTranslation(getCtx(), (newAccount ? "@Created@" : "@Updated@") + " @AD_AuthorizationAccount_ID@ for ") + account.getEMail();
|
||||
MPInstanceLog pilog = pinstance.addLog(null, 0, null, logmsg, MAuthorizationAccount.Table_ID, account.getAD_AuthorizationAccount_ID());
|
||||
pilog.saveEx();
|
||||
if (pilog != null) {
|
||||
String logmsg = Msg.parseTranslation(ctx, (newAccount ? "@Created@" : "@Updated@") + " @AD_AuthorizationAccount_ID@ for ") + account.getEMail();
|
||||
pilog.setP_Msg(logmsg);
|
||||
pilog.setRecord_ID(account.getAD_AuthorizationAccount_ID());
|
||||
pilog.saveEx();
|
||||
}
|
||||
account.syncOthers();
|
||||
if (newAccount)
|
||||
msg = Msg.getMsg(getCtx(), "Authorization_Access_OK", new Object[] {account.getEMail(), paramScope.getP_String()});
|
||||
msg = Msg.getMsg(ctx, "Authorization_Access_OK", new Object[] {account.getEMail(), paramScope});
|
||||
else
|
||||
msg = Msg.getMsg(getCtx(), "Authorization_Access_Previous", new Object[] {account.getEMail(), paramScope.getP_String()});
|
||||
msg = Msg.getMsg(ctx, "Authorization_Access_Previous", new Object[] {account.getEMail(), paramScope});
|
||||
} catch (Exception ex) {
|
||||
ex.printStackTrace();
|
||||
msg = Msg.getMsg(getCtx(), "Error") + ex.getLocalizedMessage();
|
||||
msg = Msg.getMsg(ctx, "Error") + ex.getLocalizedMessage();
|
||||
return msg;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue