--- /dev/null
+<?php namespace BookStack\Auth\Access;
+
+use BookStack\Auth\SocialAccount;
+use BookStack\Auth\UserRepo;
+use BookStack\Exceptions\UserRegistrationException;
+use Exception;
+
+class RegistrationService
+{
+
+ protected $userRepo;
+ protected $emailConfirmationService;
+
+ /**
+ * RegistrationService constructor.
+ */
+ public function __construct(UserRepo $userRepo, EmailConfirmationService $emailConfirmationService)
+ {
+ $this->userRepo = $userRepo;
+ $this->emailConfirmationService = $emailConfirmationService;
+ }
+
+
+ /**
+ * Check whether or not registrations are allowed in the app settings.
+ * @throws UserRegistrationException
+ */
+ public function checkRegistrationAllowed()
+ {
+ if (!setting('registration-enabled') || config('auth.method') === 'ldap') {
+ throw new UserRegistrationException(trans('auth.registrations_disabled'), '/login');
+ }
+ }
+
+ /**
+ * The registrations flow for all users.
+ * @throws UserRegistrationException
+ */
+ public function registerUser(array $userData, ?SocialAccount $socialAccount = null, bool $emailVerified = false)
+ {
+ $registrationRestrict = setting('registration-restrict');
+
+ if ($registrationRestrict) {
+ $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict));
+ $userEmailDomain = $domain = mb_substr(mb_strrchr($userData['email'], "@"), 1);
+ if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
+ throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register');
+ }
+ }
+
+ $newUser = $this->userRepo->registerNew($userData, $emailVerified);
+
+ if ($socialAccount) {
+ $newUser->socialAccounts()->save($socialAccount);
+ }
+
+ if ($this->emailConfirmationService->confirmationRequired() && !$emailVerified) {
+ $newUser->save();
+ $message = '';
+
+ try {
+ $this->emailConfirmationService->sendConfirmation($newUser);
+ } catch (Exception $e) {
+ $message = trans('auth.email_confirm_send_error');
+ }
+
+ throw new UserRegistrationException($message, '/register/confirm');
+ }
+
+ auth()->login($newUser);
+ }
+
+}
\ No newline at end of file
use BookStack\Exceptions\UserRegistrationException;
use Illuminate\Support\Str;
use Laravel\Socialite\Contracts\Factory as Socialite;
+use Laravel\Socialite\Contracts\Provider;
use Laravel\Socialite\Contracts\User as SocialUser;
+use Symfony\Component\HttpFoundation\RedirectResponse;
class SocialAuthService
{
/**
* SocialAuthService constructor.
- * @param \BookStack\Auth\UserRepo $userRepo
- * @param Socialite $socialite
- * @param SocialAccount $socialAccount
*/
public function __construct(UserRepo $userRepo, Socialite $socialite, SocialAccount $socialAccount)
{
/**
* Start the social login path.
- * @param string $socialDriver
- * @return \Symfony\Component\HttpFoundation\RedirectResponse
* @throws SocialDriverNotConfigured
*/
- public function startLogIn($socialDriver)
+ public function startLogIn(string $socialDriver): RedirectResponse
{
$driver = $this->validateDriver($socialDriver);
return $this->getSocialDriver($driver)->redirect();
/**
* Start the social registration process
- * @param string $socialDriver
- * @return \Symfony\Component\HttpFoundation\RedirectResponse
* @throws SocialDriverNotConfigured
*/
- public function startRegister($socialDriver)
+ public function startRegister(string $socialDriver): RedirectResponse
{
$driver = $this->validateDriver($socialDriver);
return $this->getSocialDriver($driver)->redirect();
/**
* Handle the social registration process on callback.
- * @param string $socialDriver
- * @param SocialUser $socialUser
- * @return SocialUser
* @throws UserRegistrationException
*/
- public function handleRegistrationCallback(string $socialDriver, SocialUser $socialUser)
+ public function handleRegistrationCallback(string $socialDriver, SocialUser $socialUser): SocialUser
{
// Check social account has not already been used
if ($this->socialAccount->where('driver_id', '=', $socialUser->getId())->exists()) {
/**
* Get the social user details via the social driver.
- * @param string $socialDriver
- * @return SocialUser
* @throws SocialDriverNotConfigured
*/
- public function getSocialUser(string $socialDriver)
+ public function getSocialUser(string $socialDriver): SocialUser
{
$driver = $this->validateDriver($socialDriver);
return $this->socialite->driver($driver)->user();
/**
* Handle the login process on a oAuth callback.
- * @param $socialDriver
- * @param SocialUser $socialUser
- * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
* @throws SocialSignInAccountNotUsed
*/
- public function handleLoginCallback($socialDriver, SocialUser $socialUser)
+ public function handleLoginCallback(string $socialDriver, SocialUser $socialUser)
{
$socialId = $socialUser->getId();
/**
* Ensure the social driver is correct and supported.
- *
- * @param $socialDriver
- * @return string
* @throws SocialDriverNotConfigured
*/
- private function validateDriver($socialDriver)
+ protected function validateDriver(string $socialDriver): string
{
$driver = trim(strtolower($socialDriver));
if (!in_array($driver, $this->validSocialDrivers)) {
abort(404, trans('errors.social_driver_not_found'));
}
+
if (!$this->checkDriverConfigured($driver)) {
throw new SocialDriverNotConfigured(trans('errors.social_driver_not_configured', ['socialAccount' => Str::title($socialDriver)]));
}
/**
* Check a social driver has been configured correctly.
- * @param $driver
- * @return bool
*/
- private function checkDriverConfigured($driver)
+ protected function checkDriverConfigured(string $driver): bool
{
$lowerName = strtolower($driver);
$configPrefix = 'services.' . $lowerName . '.';
/**
* Gets the names of the active social drivers.
- * @return array
*/
- public function getActiveDrivers()
+ public function getActiveDrivers(): array
{
$activeDrivers = [];
+
foreach ($this->validSocialDrivers as $driverKey) {
if ($this->checkDriverConfigured($driverKey)) {
$activeDrivers[$driverKey] = $this->getDriverName($driverKey);
}
}
+
return $activeDrivers;
}
/**
* Get the presentational name for a driver.
- * @param $driver
- * @return mixed
*/
- public function getDriverName($driver)
+ public function getDriverName(string $driver): string
{
return config('services.' . strtolower($driver) . '.name');
}
/**
* Check if the current config for the given driver allows auto-registration.
- * @param string $driver
- * @return bool
*/
- public function driverAutoRegisterEnabled(string $driver)
+ public function driverAutoRegisterEnabled(string $driver): bool
{
return config('services.' . strtolower($driver) . '.auto_register') === true;
}
/**
* Check if the current config for the given driver allow email address auto-confirmation.
- * @param string $driver
- * @return bool
*/
- public function driverAutoConfirmEmailEnabled(string $driver)
+ public function driverAutoConfirmEmailEnabled(string $driver): bool
{
return config('services.' . strtolower($driver) . '.auto_confirm') === true;
}
/**
- * @param string $socialDriver
- * @param SocialUser $socialUser
- * @return SocialAccount
+ * Fill and return a SocialAccount from the given driver name and SocialUser.
*/
- public function fillSocialAccount($socialDriver, $socialUser)
+ public function fillSocialAccount(string $socialDriver, SocialUser $socialUser): SocialAccount
{
$this->socialAccount->fill([
'driver' => $socialDriver,
/**
* Detach a social account from a user.
- * @param $socialDriver
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
- public function detachSocialAccount($socialDriver)
+ public function detachSocialAccount(string $socialDriver)
{
user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
- session()->flash('success', trans('settings.users_social_disconnected', ['socialAccount' => Str::title($socialDriver)]));
- return redirect(user()->getEditUrl());
}
/**
* Provide redirect options per service for the Laravel Socialite driver
- * @param $driverName
- * @return \Laravel\Socialite\Contracts\Provider
*/
- public function getSocialDriver(string $driverName)
+ public function getSocialDriver(string $driverName): Provider
{
$driver = $this->socialite->driver($driverName);
/**
* Overrides the action when a user is authenticated.
* If the user authenticated but does not exist in the user table we create them.
- * @param Request $request
- * @param Authenticatable $user
- * @return \Illuminate\Http\RedirectResponse
* @throws AuthException
* @throws \BookStack\Exceptions\LdapException
*/
/**
* Show the application login form.
- * @param Request $request
- * @return \Illuminate\Http\Response
*/
public function getLogin(Request $request)
{
]);
}
- /**
- * Redirect to the relevant social site.
- * @param $socialDriver
- * @return \Symfony\Component\HttpFoundation\RedirectResponse
- * @throws \BookStack\Exceptions\SocialDriverNotConfigured
- */
- public function getSocialLogin($socialDriver)
- {
- session()->put('social-callback', 'login');
- return $this->socialAuthService->startLogIn($socialDriver);
- }
-
/**
* Log the user out of the application.
- *
- * @param \Illuminate\Http\Request $request
- * @return \Illuminate\Http\Response
*/
public function logout(Request $request)
{
}
$this->guard()->logout();
-
$request->session()->invalidate();
return $this->loggedOut($request) ?: redirect('/');
namespace BookStack\Http\Controllers\Auth;
-use BookStack\Auth\Access\EmailConfirmationService;
+use BookStack\Auth\Access\RegistrationService;
use BookStack\Auth\Access\SocialAuthService;
-use BookStack\Auth\SocialAccount;
use BookStack\Auth\User;
-use BookStack\Auth\UserRepo;
-use BookStack\Exceptions\SocialDriverNotConfigured;
-use BookStack\Exceptions\SocialSignInAccountNotUsed;
-use BookStack\Exceptions\SocialSignInException;
use BookStack\Exceptions\UserRegistrationException;
use BookStack\Http\Controllers\Controller;
-use Exception;
use Illuminate\Foundation\Auth\RegistersUsers;
-use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
-use Illuminate\Http\Response;
-use Illuminate\Routing\Redirector;
use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Str;
-use Laravel\Socialite\Contracts\User as SocialUser;
use Validator;
class RegisterController extends Controller
use RegistersUsers;
protected $socialAuthService;
- protected $emailConfirmationService;
- protected $userRepo;
+ protected $registrationService;
/**
* Where to redirect users after login / registration.
/**
* Create a new controller instance.
- *
- * @param SocialAuthService $socialAuthService
- * @param EmailConfirmationService $emailConfirmationService
- * @param UserRepo $userRepo
*/
- public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
+ public function __construct(SocialAuthService $socialAuthService, RegistrationService $registrationService)
{
- $this->middleware('guest')->only(['getRegister', 'postRegister', 'socialRegister']);
+ $this->middleware('guest')->only(['getRegister', 'postRegister']);
+
$this->socialAuthService = $socialAuthService;
- $this->emailConfirmationService = $emailConfirmationService;
- $this->userRepo = $userRepo;
+ $this->registrationService = $registrationService;
+
$this->redirectTo = url('/');
$this->redirectPath = url('/');
parent::__construct();
/**
* Get a validator for an incoming registration request.
*
- * @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
]);
}
- /**
- * Check whether or not registrations are allowed in the app settings.
- * @throws UserRegistrationException
- */
- protected function checkRegistrationAllowed()
- {
- if (!setting('registration-enabled') || config('auth.method') === 'ldap') {
- throw new UserRegistrationException(trans('auth.registrations_disabled'), '/login');
- }
- }
-
/**
* Show the application registration form.
- * @return Response
* @throws UserRegistrationException
*/
public function getRegister()
{
- $this->checkRegistrationAllowed();
+ $this->registrationService->checkRegistrationAllowed();
$socialDrivers = $this->socialAuthService->getActiveDrivers();
$samlEnabled = (config('saml2.enabled') === true) && (config('saml2.auto_register') === true);
return view('auth.register', [
/**
* Handle a registration request for the application.
- * @param Request|Request $request
- * @return RedirectResponse|Redirector
* @throws UserRegistrationException
*/
public function postRegister(Request $request)
{
- $this->checkRegistrationAllowed();
+ $this->registrationService->checkRegistrationAllowed();
$this->validator($request->all())->validate();
-
$userData = $request->all();
- return $this->registerUser($userData);
+
+ try {
+ $this->registrationService->registerUser($userData);
+ } catch (UserRegistrationException $exception) {
+ if ($exception->getMessage()) {
+ $this->showErrorNotification($exception->getMessage());
+ }
+ return redirect($exception->redirectLocation);
+ }
+
+ $this->showSuccessNotification(trans('auth.register_success'));
+ return redirect($this->redirectPath());
}
/**
]);
}
- /**
- * The registrations flow for all users.
- * @param array $userData
- * @param bool|false|SocialAccount $socialAccount
- * @param bool $emailVerified
- * @return RedirectResponse|Redirector
- * @throws UserRegistrationException
- */
- protected function registerUser(array $userData, $socialAccount = false, $emailVerified = false)
- {
- $registrationRestrict = setting('registration-restrict');
-
- if ($registrationRestrict) {
- $restrictedEmailDomains = explode(',', str_replace(' ', '', $registrationRestrict));
- $userEmailDomain = $domain = mb_substr(mb_strrchr($userData['email'], "@"), 1);
- if (!in_array($userEmailDomain, $restrictedEmailDomains)) {
- throw new UserRegistrationException(trans('auth.registration_email_domain_invalid'), '/register');
- }
- }
-
- $newUser = $this->userRepo->registerNew($userData, $emailVerified);
- if ($socialAccount) {
- $newUser->socialAccounts()->save($socialAccount);
- }
-
- if ($this->emailConfirmationService->confirmationRequired() && !$emailVerified) {
- $newUser->save();
-
- try {
- $this->emailConfirmationService->sendConfirmation($newUser);
- } catch (Exception $e) {
- $this->showErrorNotification(trans('auth.email_confirm_send_error'));
- }
-
- return redirect('/register/confirm');
- }
-
- auth()->login($newUser);
- $this->showSuccessNotification(trans('auth.register_success'));
- return redirect($this->redirectPath());
- }
-
- /**
- * Redirect to the social site for authentication intended to register.
- * @param $socialDriver
- * @return mixed
- * @throws UserRegistrationException
- * @throws SocialDriverNotConfigured
- */
- public function socialRegister($socialDriver)
- {
- $this->checkRegistrationAllowed();
- session()->put('social-callback', 'register');
- return $this->socialAuthService->startRegister($socialDriver);
- }
-
- /**
- * The callback for social login services.
- * @param Request $request
- * @param string $socialDriver
- * @return RedirectResponse|Redirector
- * @throws SocialSignInException
- * @throws UserRegistrationException
- * @throws SocialDriverNotConfigured
- */
- public function socialCallback(Request $request, string $socialDriver)
- {
- if (!session()->has('social-callback')) {
- throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login');
- }
-
- // Check request for error information
- if ($request->has('error') && $request->has('error_description')) {
- throw new SocialSignInException(trans('errors.social_login_bad_response', [
- 'socialAccount' => $socialDriver,
- 'error' => $request->get('error_description'),
- ]), '/login');
- }
-
- $action = session()->pull('social-callback');
-
- // Attempt login or fall-back to register if allowed.
- $socialUser = $this->socialAuthService->getSocialUser($socialDriver);
- if ($action == 'login') {
- try {
- return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser);
- } catch (SocialSignInAccountNotUsed $exception) {
- if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) {
- return $this->socialRegisterCallback($socialDriver, $socialUser);
- }
- throw $exception;
- }
- }
-
- if ($action == 'register') {
- return $this->socialRegisterCallback($socialDriver, $socialUser);
- }
-
- return redirect()->back();
- }
-
- /**
- * Detach a social account from a user.
- * @param $socialDriver
- * @return RedirectResponse|Redirector
- */
- public function detachSocialAccount($socialDriver)
- {
- return $this->socialAuthService->detachSocialAccount($socialDriver);
- }
-
- /**
- * Register a new user after a registration callback.
- * @param string $socialDriver
- * @param SocialUser $socialUser
- * @return RedirectResponse|Redirector
- * @throws UserRegistrationException
- */
- protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser)
- {
- $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser);
- $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
- $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver);
-
- // Create an array of the user data to create a new user instance
- $userData = [
- 'name' => $socialUser->getName(),
- 'email' => $socialUser->getEmail(),
- 'password' => Str::random(30)
- ];
- return $this->registerUser($userData, $socialAccount, $emailVerified);
- }
}
--- /dev/null
+<?php
+
+namespace BookStack\Http\Controllers\Auth;
+
+use BookStack\Auth\Access\RegistrationService;
+use BookStack\Auth\Access\SocialAuthService;
+use BookStack\Exceptions\SocialDriverNotConfigured;
+use BookStack\Exceptions\SocialSignInAccountNotUsed;
+use BookStack\Exceptions\SocialSignInException;
+use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Routing\Redirector;
+use Illuminate\Support\Str;
+use Laravel\Socialite\Contracts\User as SocialUser;
+
+class SocialController extends Controller
+{
+
+ protected $socialAuthService;
+ protected $registrationService;
+
+ /**
+ * SocialController constructor.
+ */
+ public function __construct(SocialAuthService $socialAuthService, RegistrationService $registrationService)
+ {
+ $this->middleware('guest')->only(['getRegister', 'postRegister']);
+ $this->socialAuthService = $socialAuthService;
+ $this->registrationService = $registrationService;
+ }
+
+
+ /**
+ * Redirect to the relevant social site.
+ * @throws \BookStack\Exceptions\SocialDriverNotConfigured
+ */
+ public function getSocialLogin(string $socialDriver)
+ {
+ session()->put('social-callback', 'login');
+ return $this->socialAuthService->startLogIn($socialDriver);
+ }
+
+ /**
+ * Redirect to the social site for authentication intended to register.
+ * @throws SocialDriverNotConfigured
+ * @throws UserRegistrationException
+ */
+ public function socialRegister(string $socialDriver)
+ {
+ $this->registrationService->checkRegistrationAllowed();
+ session()->put('social-callback', 'register');
+ return $this->socialAuthService->startRegister($socialDriver);
+ }
+
+ /**
+ * The callback for social login services.
+ * @throws SocialSignInException
+ * @throws SocialDriverNotConfigured
+ * @throws UserRegistrationException
+ */
+ public function socialCallback(Request $request, string $socialDriver)
+ {
+ if (!session()->has('social-callback')) {
+ throw new SocialSignInException(trans('errors.social_no_action_defined'), '/login');
+ }
+
+ // Check request for error information
+ if ($request->has('error') && $request->has('error_description')) {
+ throw new SocialSignInException(trans('errors.social_login_bad_response', [
+ 'socialAccount' => $socialDriver,
+ 'error' => $request->get('error_description'),
+ ]), '/login');
+ }
+
+ $action = session()->pull('social-callback');
+
+ // Attempt login or fall-back to register if allowed.
+ $socialUser = $this->socialAuthService->getSocialUser($socialDriver);
+ if ($action == 'login') {
+ try {
+ return $this->socialAuthService->handleLoginCallback($socialDriver, $socialUser);
+ } catch (SocialSignInAccountNotUsed $exception) {
+ if ($this->socialAuthService->driverAutoRegisterEnabled($socialDriver)) {
+ return $this->socialRegisterCallback($socialDriver, $socialUser);
+ }
+ throw $exception;
+ }
+ }
+
+ if ($action == 'register') {
+ return $this->socialRegisterCallback($socialDriver, $socialUser);
+ }
+
+ return redirect()->back();
+ }
+
+ /**
+ * Detach a social account from a user.
+ */
+ public function detachSocialAccount(string $socialDriver)
+ {
+ $this->socialAuthService->detachSocialAccount($socialDriver);
+ session()->flash('success', trans('settings.users_social_disconnected', ['socialAccount' => Str::title($socialDriver)]));
+ return redirect(user()->getEditUrl());
+ }
+
+ /**
+ * Register a new user after a registration callback.
+ * @return RedirectResponse|Redirector
+ * @throws UserRegistrationException
+ */
+ protected function socialRegisterCallback(string $socialDriver, SocialUser $socialUser)
+ {
+ $socialUser = $this->socialAuthService->handleRegistrationCallback($socialDriver, $socialUser);
+ $socialAccount = $this->socialAuthService->fillSocialAccount($socialDriver, $socialUser);
+ $emailVerified = $this->socialAuthService->driverAutoConfirmEmailEnabled($socialDriver);
+
+ // Create an array of the user data to create a new user instance
+ $userData = [
+ 'name' => $socialUser->getName(),
+ 'email' => $socialUser->getEmail(),
+ 'password' => Str::random(30)
+ ];
+
+ try {
+ $this->registrationService->registerUser($userData, $socialAccount, $emailVerified);
+ } catch (UserRegistrationException $exception) {
+ if ($exception->getMessage()) {
+ $this->showErrorNotification($exception->getMessage());
+ }
+ return redirect($exception->redirectLocation);
+ }
+
+ $this->showSuccessNotification(trans('auth.register_success'));
+ return redirect('/');
+ }
+}
});
// Social auth routes
-Route::get('/login/service/{socialDriver}', 'Auth\LoginController@getSocialLogin');
-Route::get('/login/service/{socialDriver}/callback', 'Auth\RegisterController@socialCallback');
-Route::get('/login/service/{socialDriver}/detach', 'Auth\RegisterController@detachSocialAccount');
-Route::get('/register/service/{socialDriver}', 'Auth\RegisterController@socialRegister');
+Route::get('/login/service/{socialDriver}', 'Auth\SocialController@getSocialLogin');
+Route::get('/login/service/{socialDriver}/callback', 'Auth\SocialController@socialCallback');
+Route::get('/login/service/{socialDriver}/detach', 'Auth\SocialController@detachSocialAccount');
+Route::get('/register/service/{socialDriver}', 'Auth\SocialController@socialRegister');
// Login/Logout routes
Route::get('/login', 'Auth\LoginController@getLogin');
projects / bookstack / commitdiff