request = $request = \Config\Services::request(); } public function index() { $envID = getenv('ENV_ID'); } public function endPointList(){ $endpoints = [ 'authstart' => ['POST'], 'authlogin' => ['POST'], ]; return $endpoints; } public function apigate(){ log_message('critical', "Oauth-Gate"); header('Access-Control-Allow-Origin: *'); log_message('critical', "0002"); $call_backend = true; header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token"); log_message('critical', "0003"); header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS"); header("Access-Control-Allow-Credentials: true"); header("Access-Control-Max-Age: 3600"); header('content-type: application/json; charset=utf-8'); $method = $_SERVER['REQUEST_METHOD']; if ($method == "OPTIONS") { header("HTTP/1.1 200 OK CORS"); log_message('critical', " apigate()-> OPTIONS DIE*****" ); die(); } //$request = service('request'); // what is the endpoint $uri = urldecode(current_url(true)); $findme = '?'; $pos = strpos($uri, $findme); if ($pos > 5) { $uri = substr($uri, 0, $pos); } log_message('critical', "API-GATE URI -> ".$uri ); $pieces = explode('/', $uri); $psc = count($pieces); $endpoint = $psc > 0 ? $pieces[$psc - 1] : ''; log_message('critical', "Enpoint-> ".$endpoint ); $endpoints = $this->endPointList(); $out = array(); $res1 = []; if (array_key_exists($endpoint, $endpoints)) { } else { http_response_code(404); // tell the user product does not exist return json_encode([ 'message' => 'Endpoint not found.', 'URI' => $uri, ]); } // echo "EXYTACT INPUT DATA HERE"; $raw_json = file_get_contents('php://input'); $raw_array = json_decode($raw_json, true); $local_out =[]; if ($_SERVER["REQUEST_METHOD"] == "POST") { // if upload lets modify all the data if (isset($_FILES) && is_array($_FILES) && count($_FILES)>0) { $raw_array = array_merge($_POST,$_FILES); } } if ($_SERVER['REQUEST_METHOD'] == 'GET') { log_message('critical', "Enpoint LOC2 HERE -> ".$endpoint ); $get_param = $_GET['reqData'] ?? null; $raw_array = ($get_param!=null) ? json_decode($get_param, true):[]; } //$in = $raw_array; log_message('critical', "wrenchboard_api-CALL RAW DATA".serialize($raw_array) ); //-- move to another module start $in["loc"] = $_SERVER["REMOTE_ADDR"]; $in = $this->prepareOauthEndPointData($endpoint, $raw_array,$call_backend,$local_out); log_message('critical', "wrenchboard_api-CALL PREPARE DATA".serialize($in) ); if ( $call_backend == true && $in["action"] !='' ){ $wrenchboard = new \App\Models\BackendModel(); $ret = $wrenchboard->wrenchboard_api($in, $out); $out['internal_return'] = $ret; } else { $out = $local_out; } //$this->doCacheStep($in, $out); return json_encode( ( new \App\Models\ResultFormatter() )->processOutJson($in, $out)); } private function gooleOAuthCodeExchange($in, &$local_out) { /* POST /token HTTP/1.1 Host: oauth2.googleapis.com Content-Type: application/x-www-form-urlencoded code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7& client_id=your_client_id& client_secret=your_client_secret& redirect_uri=https%3A//oauth2.example.com/code& grant_type=authorization_code */ $data = [ "code" => $in["code"], "client_id" => $this->getSiteConfigurations("google.google_client_id"), "client_secret" => $this->getSiteConfigurations("google.google_client_secret"), "redirect_uri" => $in["redirect_uri"], "grant_type" => "authorization_code" ]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"https://oauth2.googleapis.com/token"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); // Receive server response ... curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close($ch); $local_out = json_decode($server_output,true); if (!is_array($local_out) || !array_key_exists("message",$local_out)) { $local_out["message"] = "Received from Google token API: ".$server_output; } } private function gooleOAuthGetUser($access_token, &$local_out) { $urlInfp = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" . $access_token; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$urlInfp); //curl_setopt($ch, CURLOPT_POST, 1); //curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); // Receive server response ... curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = curl_exec($ch); curl_close($ch); $local_out = json_decode($server_output,true); if (!is_array($local_out) || !array_key_exists("message",$local_out)) { $local_out["message"] = "Received from Google token API: ".$server_output; } return $local_out; } private function prepareOauthEndPointData($endpoint, $in, &$call_backend=true,&$local_out=[]){ log_message('critical', "Started prepareOauthEndPointData -> ".$endpoint ); switch ($endpoint) { case 'authstart': // may not need to call back end , juet get the configurations switch($in["auth_type"]){ case 'GOOGLE': log_message('critical', "Reading prepareOauthEndPointData -> ".$endpoint ); $this->gooleOAuthCodeExchange($in, $local_out); log_message('critical', "LET SEEEEE TOKEN prepareOauthEndPointData -> ".$local_out["access_token"] ); if ( isset($local_out["access_token"])){ log_message('critical', "XXXXXXXXXXXXXXXXX prepareOauthEndPointData -> ".$endpoint ); $l_out =[]; $local_out["user_info"] = $this->gooleOAuthGetUser($local_out["access_token"], $l_out); log_message('critical', "prepareOauthEndPointDataL FINAL DATALOGIN DATA STEP 889993".serialize( $local_out["user_info"] ) ); $this->provisionGoogleAccount($local_out["user_info"] , $local_out); } break; } log_message('critical', "prepareOauthEndPointDataL FINAL DATA".serialize($local_out) ); $call_backend=false; break; case 'authlogin': // not really implemented switch($in["auth_type"]){ case 'GOOGLE33': log_message('critical', "prepareOauthEndPointDataL LOGIN DATA STEP 2".serialize($in) ); $local_out["user_info"] = $this->gooleOAuthGetUser($in["access_token"], $local_out); log_message('critical', "prepareOauthEndPointDataL FINAL DATALOGIN DATA STEP 3".serialize($local_out) ); $this->provisionGoogleAccount($local_out["user_info"] , $local_out); break; } $in["action"] = WRENCHBOARD_ACCOUNT_AUXLOGIN; if (!isset($in["login_mode"])){ $in["login_mode"] = MOBILE_LOGIN; } break; } $in["pid"] = 100; return $in; } /* *essage";s:326:"Received from Google token API: { "id": "112113008943138678578", "email": "jubaworker@gmail.com", "verified_email": true, "name": "Juba Juba", "given_name": "Juba", "family_name": "Juba", "picture": "https://lh3.googleusercontent.com/a/AAcHTtcVmXN4sjpZiUCZI5X6AwJWUhi46g4VRJqtIqW2G2cb=s96-c", "locale": "en" } */ private function provisionGoogleAccount($user, &$out) { log_message('critical', "YYYYYYYYYYYYYYYYYYY prepareOauthEndPointData -> " ); $name = (string) $user["name"]; if (trim($name) == "") { $name = strtok($user["email"], "@"); } $data['google_id'] = $user["id"]; $data['action'] = WRENCHBOARD_GOOGLE_LOGIN; $data['firstname'] = $user["given_name"];; $data['lastname'] = $user["family_name"];; $data['email'] = $user["email"]; $data['login_channel'] = LOGIN_GOOGLE; $data['sessionid'] = rand(10000, 99999) . "A" . rand(10000, 99999); // $this->load->model('backend_model'); $out = array(); $wrenchboard = new \App\Models\BackendModel(); $ret = $wrenchboard->wrenchboard_api($data, $out); $out['internal_return'] = $ret; if ($ret == PHP_LOGIN_OK) { } else { // Cannot proceed - backend error? // $msg = (is_array($out) && array_key_exists('status',$out) && $out['status']!='') // ? $out ['status'] : json_encode($out); // $this->session->set_flashdata('login_message','Cannot proceed - error: '.$msg); // redirect('login'); } } }