N°5102 - Allow to send emails using GSuite SMTP and OAuth - Rework

2026-04-25 03:28:45 +02:00 · 2022-06-21 09:54:52 +02:00
parent 53d2129bd1
commit aa90d5b6ab
67 changed files with 1852 additions and 699 deletions
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
@@ -16,8 +16,7 @@ class OAuthClientProviderAzure extends OAuthClientProviderAbstract
 	static protected $sRequiredSMTPScope = 'https://outlook.office.com/SMTP.Send offline_access';
 	static protected $sRequiredIMAPScope = 'https://outlook.office.com/IMAP.AccessAsUser.All offline_access';
 	static protected $sRequiredPOPScope = 'https://outlook.office.com/POP.AccessAsUser.All offline access';
-	/** @var \League\OAuth2\Client\Provider\GenericProvider */
-	protected $oVendorProvider;
+
 	/** @var \League\OAuth2\Client\Token\AccessToken */
 	protected $oAccessToken;

--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
@@ -3,6 +3,8 @@
 namespace Combodo\iTop\Core\Authentication\Client\OAuth;

 use CoreException;
+use DBObjectSet;
+use DBSearch;
 use Dict;
 use GuzzleHttp\Client;
 use League\OAuth2\Client\Token\AccessTokenInterface;
@@ -16,17 +18,19 @@ class OAuthClientProviderFactory
 	 */
 	public static function getProviderForSMTP()
 	{
-		$sProviderVendor = MetaModel::GetConfig()->Get('email_transport_smtp.oauth.provider'); // email_transport_smtp.oauth.provider
+		$oRemoteAuthentOAuth = self::GetRemoteAuthentOAuthForSMTP();
+
+		$sProviderVendor = $oRemoteAuthentOAuth->Get('provider');
 		$sProviderClass = self::getProviderClass($sProviderVendor);
 		$aProviderVendorParams = [
-			'clientId'     => MetaModel::GetConfig()->Get('email_transport_smtp.oauth.client_id'),  // email_transport_smtp.oauth.client_id
-			'clientSecret' => MetaModel::GetConfig()->Get('email_transport_smtp.oauth.client_secret'),// email_transport_smtp.oauth.client_secret
+			'clientId'     => $oRemoteAuthentOAuth->Get('client_id'),
+			'clientSecret' => $oRemoteAuthentOAuth->Get('client_secret'),
 			'redirectUri'  => $sProviderClass::GetRedirectUri(),
 			'scope'        => $sProviderClass::GetRequiredSMTPScope(),
 		];
 		$aAccessTokenParams = [
-			"access_token"  => MetaModel::GetConfig()->Get('email_transport_smtp.oauth.access_token'), // email_transport_smtp.oauth.access_token
-			"refresh_token" => MetaModel::GetConfig()->Get('email_transport_smtp.oauth.refresh_token'), // email_transport_smtp.oauth.refresh_token
+			"access_token"  => $oRemoteAuthentOAuth->Get('token'),
+			"refresh_token" => $oRemoteAuthentOAuth->Get('refresh_token'),
 			'scope'         => $sProviderClass::GetRequiredSMTPScope(),
 		];
 		$aCollaborators = [
@@ -36,6 +40,25 @@ class OAuthClientProviderFactory
 		return new $sProviderClass($aProviderVendorParams, $aCollaborators, $aAccessTokenParams);
 	}

+	/**
+	 * @return \DBObject|null
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MissingQueryArgument
+	 * @throws \MySQLException
+	 * @throws \MySQLHasGoneAwayException
+	 * @throws \OQLException
+	 */
+	public static function GetRemoteAuthentOAuthForSMTP()
+	{
+		$sUsername = MetaModel::GetConfig()->Get('email_transport_smtp.username');
+		$oSet = new DBObjectSet(DBSearch::FromOQL('SELECT RemoteAuthentOAuth WHERE name=:username', ['username' => $sUsername]));
+		if ($oSet->Count() != 1) {
+			throw new CoreException(Dict::Format('itop-remote-authent-oauth:MissingRemoteAuthentOAuth', $sUsername));
+		}
+		return $oSet->Fetch();
+	}
+
 	/**
 	 * @param $sProviderVendor
 	 * @param $sClientId
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderGoogle.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderGoogle.php
@@ -13,8 +13,7 @@ class OAuthClientProviderGoogle extends OAuthClientProviderAbstract
 	static protected $sVendorColors = ['#DB4437', '#F4B400', '#0F9D58', '#4285F4'];
 	/** @var string */
 	static protected $sVendorIcon = '../images/icons/icons8-google.svg';
-	/** @var \League\OAuth2\Client\Provider\GenericProvider */
-	protected $oVendorProvider;
+
 	/** @var \League\OAuth2\Client\Token\AccessToken */
 	protected $oAccessToken;
 	static protected $sRequiredSMTPScope = 'https://mail.google.com/';
--- a/sources/Core/Authentication/Client/Smtp/SmtpOAuthLogin.php
+++ b/sources/Core/Authentication/Client/Smtp/SmtpOAuthLogin.php
@@ -51,7 +51,7 @@ class Oauth extends Login
 	 *
 	 * @return void
 	 */
-	public static function setProvider(OAuthClientProviderAbstract $oProvider): void
+	public static function setProvider(OAuthClientProviderAbstract $oProvider)
 	{
 		self::$oProvider = $oProvider;
 	}
@@ -73,7 +73,7 @@ class Oauth extends Login
 			}
 		}
 		catch (IdentityProviderException $e) {
-			IssueLog::Error('Failed to get oAuth credentials for outgoing mails for provider '.self::$oProvider::GetVendorName(), static::LOG_CHANNEL);
+			IssueLog::Error('Failed to get oAuth credentials for outgoing mails for provider '.self::$oProvider::GetVendorName().' '.$e->getMessage(), static::LOG_CHANNEL);

 			return false;
 		}