First commit

Author: fguillot

.gitignore

@@ -0,0 +1 @@
+*.zip

.travis.yml

@@ -0,0 +1,35 @@
+language: php
+sudo: false
+
+php:
+  - 7.1
+  - 7.0
+  - 5.6
+  - 5.5
+  - 5.4
+  - 5.3
+
+env:
+  global:
+    - PLUGIN=OAuth2
+    - KANBOARD_REPO=https://github.com/kanboard/kanboard.git
+  matrix:
+    - DB=sqlite
+    - DB=mysql
+    - DB=postgres
+
+matrix:
+  fast_finish: true
+
+install:
+  - git clone --depth 1 $KANBOARD_REPO
+  - ln -s $TRAVIS_BUILD_DIR kanboard/plugins/$PLUGIN
+
+before_script:
+  - cd kanboard
+  - phpenv config-add tests/php.ini
+  - composer install
+  - ls -la plugins/
+
+script:
+  - phpunit -c tests/units.$DB.xml plugins/$PLUGIN/Test/

Auth/GenericOAuth2Provider.php

@@ -0,0 +1,206 @@
+<?php
+
+namespace Kanboard\Plugin\OAuth2\Auth;
+
+use Kanboard\Core\Base;
+use Kanboard\Core\Security\OAuthAuthenticationProviderInterface;
+use Kanboard\Plugin\OAuth2\User\GenericOAuth2UserProvider;
+
+/**
+ * GenericOAuth2Provider
+ *
+ * @package  Kanboard\Auth
+ * @author   Frederic Guillot
+ */
+class GenericOAuth2Provider extends Base implements OAuthAuthenticationProviderInterface
+{
+    /**
+     * User properties
+     *
+     * @access private
+     * @var GenericOAuth2UserProvider
+     */
+    private $userInfo = null;
+
+    /**
+     * OAuth2 instance
+     *
+     * @access protected
+     * @var \Kanboard\Core\Http\OAuth2
+     */
+    protected $service;
+
+    /**
+     * OAuth2 code
+     *
+     * @access protected
+     * @var string
+     */
+    protected $code = '';
+
+    /**
+     * Get authentication provider name
+     *
+     * @access public
+     * @return string
+     */
+    public function getName()
+    {
+        return 'OAuth2';
+    }
+
+    /**
+     * Authenticate the user
+     *
+     * @access public
+     * @return boolean
+     */
+    public function authenticate()
+    {
+        $profile = $this->getProfile();
+
+        if (! empty($profile)) {
+            $this->userInfo = new GenericOAuth2UserProvider($this->container, $profile);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Set Code
+     *
+     * @access public
+     * @param  string  $code
+     * @return $this
+     */
+    public function setCode($code)
+    {
+        $this->code = $code;
+        return $this;
+    }
+
+    /**
+     * Get user object
+     *
+     * @access public
+     * @return GenericOAuth2UserProvider
+     */
+    public function getUser()
+    {
+        return $this->userInfo;
+    }
+
+    /**
+     * Get configured OAuth2 service
+     *
+     * @access public
+     * @return \Kanboard\Core\Http\OAuth2
+     */
+    public function getService()
+    {
+        if (empty($this->service)) {
+            $this->service = $this->oauth->createService(
+                $this->getClientId(),
+                $this->getClientSecret(),
+                $this->helper->url->to('OAuthController', 'handler', array('plugin' => 'OAuth2'), '', true),
+                $this->getOAuthAuthorizeUrl(),
+                $this->getOAuthTokenUrl(),
+                array()
+            );
+        }
+
+        return $this->service;
+    }
+
+    /**
+     * Get user profile
+     *
+     * @access public
+     * @return array
+     */
+    public function getProfile()
+    {
+        $token = $this->getService()->getAccessToken($this->code);
+
+        if (DEBUG) {
+            $this->logger->debug(__METHOD__.': Got access token: '.(empty($token) ? 'No' : 'Yes'));
+            $this->logger->debug(__METHOD__.': Fetch user profile from '.$this->getUserAPiUrl());
+        }
+
+        return $this->httpClient->getJson(
+            $this->getUserAPiUrl(),
+            array($this->getService()->getAuthorizationHeader())
+        );
+    }
+
+    /**
+     * Unlink user
+     *
+     * @access public
+     * @param  integer $userId
+     * @return bool
+     */
+    public function unlink($userId)
+    {
+        return $this->userModel->update(array(
+            'id' => $userId,
+            'oauth2_user_id' => '',
+        ));
+    }
+
+    /**
+     * Get client id
+     *
+     * @access public
+     * @return string
+     */
+    public function getClientId()
+    {
+        return $this->configModel->get('oauth2_client_id');
+    }
+
+    /**
+     * Get client secret
+     *
+     * @access public
+     * @return string
+     */
+    public function getClientSecret()
+    {
+        return $this->configModel->get('oauth2_client_secret');
+    }
+
+    /**
+     * Get authorize url
+     *
+     * @access public
+     * @return string
+     */
+    public function getOAuthAuthorizeUrl()
+    {
+        return $this->configModel->get('oauth2_authorize_url');
+    }
+
+    /**
+     * Get token url
+     *
+     * @access public
+     * @return string
+     */
+    public function getOAuthTokenUrl()
+    {
+        return $this->configModel->get('oauth2_token_url');
+    }
+
+    /**
+     * Get User API url
+     *
+     * @access public
+     * @return string
+     */
+    public function getUserAPiUrl()
+    {
+        return $this->configModel->get('oauth2_user_api_url');
+    }
+}

Controller/OAuthController.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Kanboard\Plugin\OAuth2\Controller;
+
+use Kanboard\Controller\OAuthController as BaseOAuthController;
+
+/**
+ * OAuth Controller
+ *
+ * @package  Kanboard\Controller
+ * @author   Frederic Guillot
+ */
+class OAuthController extends BaseOAuthController
+{
+    /**
+     * Handle authentication
+     *
+     * @access public
+     */
+    public function handler()
+    {
+        $this->step1('OAuth2');
+    }
+}

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Frédéric Guillot
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

Locale/fr_FR/translations.php

@@ -0,0 +1,3 @@
+<?php
+
+return array();

Makefile

@@ -0,0 +1,5 @@
+plugin=OAuth2
+
+all:
+	@ echo "Build archive for plugin ${plugin} version=${version}"
+	@ git archive HEAD --prefix=${plugin}/ --format=zip -o ${plugin}-${version}.zip

Plugin.php

@@ -0,0 +1,56 @@
+<?php
+
+namespace Kanboard\Plugin\OAuth2;
+
+use Kanboard\Core\Plugin\Base;
+use Kanboard\Core\Security\Role;
+use Kanboard\Core\Translator;
+use Kanboard\Plugin\OAuth2\Auth\GenericOAuth2Provider;
+
+class Plugin extends Base
+{
+    public function initialize()
+    {
+        $this->authenticationManager->register(new GenericOAuth2Provider($this->container));
+        $this->applicationAccessMap->add('OAuthController', 'handler', Role::APP_PUBLIC);
+
+        $this->route->addRoute('/oauth/callback', 'OAuthController', 'handler', 'OAuth2');
+
+        $this->template->hook->attach('template:auth:login-form:after', 'OAuth2:auth/login');
+        $this->template->hook->attach('template:config:integrations', 'OAuth2:config/integration');
+        $this->template->hook->attach('template:user:external', 'OAuth2:user/external');
+        $this->template->hook->attach('template:user:authentication:form', 'OAuth2:user/authentication');
+        $this->template->hook->attach('template:user:create-remote:form', 'OAuth2:user/create_remote');
+    }
+
+    public function onStartup()
+    {
+        Translator::load($this->languageModel->getCurrentLanguage(), __DIR__.'/Locale');
+    }
+
+    public function getPluginName()
+    {
+        return 'OAuth2';
+    }
+
+    public function getPluginDescription()
+    {
+        return t('Generic OAuth2 authentication plugin');
+    }
+
+    public function getPluginAuthor()
+    {
+        return 'Frédéric Guillot';
+    }
+
+    public function getPluginVersion()
+    {
+        return '1.0.0';
+    }
+
+    public function getPluginHomepage()
+    {
+        return 'https://github.com/kanboard/plugin-oauth2';
+    }
+}
+

README.md

@@ -0,0 +1,31 @@
+OAuth2 Authentication
+=====================
+
+Generic OAuth2 authentication plugin.
+
+Author
+------
+
+- Frédéric Guillot
+- License MIT
+
+Requirements
+------------
+
+- Kanboard >= 1.0.34
+
+Installation
+------------
+
+You have the choice between 3 methods:
+
+1. Install the plugin from the Kanboard plugin manager in one click
+2. Download the zip file and decompress everything under the directory `plugins/OAuth2`
+3. Clone this repository into the folder `plugins/OAuth2`
+
+Note: Plugin folder is case-sensitive.
+
+Configuration
+-------------
+
+Go to the application settings > integrations > OAuth2 Authentication.