redirect(); } public function handleProviderCallback($provider) { $openiduser = Socialite::with($provider)->user(); if (! $openiduser) return redirect('/home')->with('error','No user details obtained.'); $oo = ProviderOauth::firstOrCreate(['name'=>$provider,'active'=>TRUE]); // See if this user has connected and linked previously $aoo = $oo->users->where('userid',$openiduser->id); if ($aoo->count() == 1) { $aoo = $aoo->first(); if ((is_null($user=$aoo->user) AND (is_null($aoo->account) OR is_null($user=$aoo->account->user))) OR ! $user->active) { if (! $user) { $user = User::where('email',$openiduser->email)->first(); } if (! $user OR ! $user->active) { return redirect('/login')->with('error','Invalid account, or account inactive, please contact an admin.'); } return $this->link($provider,$aoo,$user); } // All Set to login Auth::login($user,FALSE); // If there are too many users, then we have a problem } elseif ($aoo->count() > 1) { return redirect('/login')->with('error','Seems you have multiple oauth IDs, please contact an admin.'); // User is using OAUTH for the first time. } else { $uo = User::active()->where('email',$openiduser->email); // See if their is an account with this email address if ($uo->count() == 1) { $aoo = new UserOauth; $aoo->userid = $openiduser->id; $aoo->oauth_data = $openiduser->user; $oo->users()->save($aoo); return $this->link($provider,$aoo,$uo->first()); // If there are too many users, then we have a problem } elseif ($uo->count() > 1) { return redirect('/login')->with('error','Seems you have multiple accounts, please contact an admin.'); } else { return redirect('/login')->with('error','Seems you dont have an account with that email, please contact an admin.'); } } return redirect()->intended(RouteServiceProvider::HOME); } public function handleBearerTokenCallback($provider) { $openiduser = Socialite::with($provider)->user(); if (! $openiduser) return redirect('/home')->with('error','No user details obtained.'); $po = ProviderOauth::where('name',$provider)->singleOrFail(); $uoo = ProviderToken::where('user_id',Auth::id())->where('provider_oauth_id',$po->id)->firstOrNew(); $uoo->user_id = Auth::id(); $uoo->access_token = $openiduser->token; $uoo->access_token_expires_at = Carbon::now()->addSeconds($openiduser->expiresIn); $uoo->refresh_token = $openiduser->refreshToken; $uoo->refresh_token_expires_at = Carbon::now()->addSeconds($openiduser->refresh_token_expires_in); $uoo->realm_id = $openiduser->realmid; $po->tokens()->save($uoo); return redirect() ->intended(RouteServiceProvider::HOME) ->with('success','Token refreshed.'); } /** * We have identified the user and oauth, just need them to confirm the link * * @param $provider * @param UserOauth $ao * @param User $uo * @return \Illuminate\View\View */ public function link($provider,UserOauth $ao,User $uo): \Illuminate\View\View { // @note If this is sent now (send()), it results in the caller to be executed a second time (handleProviderCallback()). Mail::to($uo->email)->queue(new SocialLink($ao)); return view('auth.social_link') ->with('oauthid',$ao->id) ->with('provider',$provider); } public function linkcomplete(Request $request,$provider) { // Load our oauth id $aoo = UserOauth::findOrFail($request->post('oauthid')); // Check our email matches if (Arr::get($aoo->oauth_data,'email','invalid') !== $request->post('email')) return redirect('/login')->with('error','Account details didnt match to make link.'); // Check our token matches if ($aoo->link_token !== $request->post('token')) return redirect('/login')->with('error','Token details didnt match to make link.'); // Load our email. $uo = User::where('email',$request->post('email'))->firstOrFail(); $aoo->user_id = $uo->id; $aoo->save(); Auth::login($uo,FALSE); return redirect()->intended(RouteServiceProvider::HOME); } }