Source of file SalesforceAuth.php
Size: 3,716 Bytes - Last Modified: 2021-12-23T10:49:10+00:00
/var/www/docs.ssmods.com/process/src/src/SalesforceAuth.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 | <?php /** * Contains the main Salesforce authentication logic. */ class SalesforceAuth { const AUTH_URL = 'https://login.salesforce.com/services/oauth2/authorize'; const CALLBACK_URL = 'https://login.salesforce.com/services/oauth2/token'; private $clientID; private $clientSecret; /** * @param string $clientID The Salesforce application client ID. * @param string $clientSecret The Salesforce application client secret. */ public function __construct($clientID, $clientSecret) { $this->clientID = $clientID; $this->clientSecret = $clientSecret; } /** * @return string */ public function getClientID() { return $this->clientID; } /** * @return string */ public function getClientSecret() { return $this->clientSecret; } /** * Gets the URL to redirect the user to for an authentication operation. * * @return string */ public function getAuthURL($state = null) { return Controller::join_links(self::AUTH_URL, '?' . http_build_query(array( 'response_type' => 'code', 'client_id' => $this->getClientID(), 'redirect_uri' => $this->getRedirectURL(), 'scope' => 'id', 'state' => json_encode($state) ))); } /** * Gets the application URL the user is redirected to from Salesforce. * * @return string */ public function getRedirectURL() { return Controller::join_links( Director::absoluteBaseURL(), 'salesforce-auth/callback' ); } /** * Returns a response to start an authentication response. * * @param string $redirect The URL to redirect to. * @param bool $remember Whether to remember the user's login. * @return SS_HTTPResponse */ public function authenticate($redirect, $remember = false) { $response = new SS_HTTPResponse(); $response->redirect($this->getAuthURL(array( 'redirect' => $redirect, 'remember' => $remember ))); return $response; } /** * Handles performing a callback to the Salesforce auth server with the * provided authorisation code. * * @param string $code * @param string $state * @return SS_HTTPResponse * @throws SalesforceAuthException On authentication failure. */ public function callback($code, $state) { $callback = new RestfulService(self::CALLBACK_URL, -1); $callback = $callback->request('', 'POST', array( 'code' => $code, 'grant_type' => 'authorization_code', 'client_id' => $this->getClientID(), 'client_secret' => $this->getClientSecret(), 'redirect_uri' => $this->getRedirectURL() )); $callback = json_decode($callback->getBody()); if(!$callback || !$callback->id) { throw new SalesforceAuthException( 'An invalid authorisation response was returned' ); } $id = new RestfulService($callback->id, -1); $id->setQueryString(array('oauth_token' => $callback->access_token)); $id = json_decode($id->request()->getBody()); if(!$id || !$id->email) { throw new SalesforceAuthException( 'An invalid identity response was returned' ); } /** @var Member $member */ $member = Member::get()->filter('Email', $id->email)->first(); if(!$member) { throw new SalesforceAuthException(sprintf( 'No member was found for the Salesforce email "%s"', $id->email )); } $state = json_decode($state); $redirect = isset($state->redirect) ? $state->redirect : null; $member->logIn(!empty($state->remember)); $member->extend('onSalesforceIdentify', $id); $response = new SS_HTTPResponse(); if($redirect && Director::is_site_url($redirect)) { return $response->redirect($redirect); } if($redirect = Config::inst()->get('Security', 'default_login_dest')) { return $response->redirect($redirect); } return $response->redirect(Director::absoluteBaseURL()); } } |