Fixes #3240 - Allow reauthentication of Google / Microsoft365 accounts.

This commit is contained in:
Thorsten Eckel 2020-11-20 14:58:57 +01:00
parent b7a4cc6d6a
commit b930827b77
7 changed files with 69 additions and 25 deletions

View file

@ -37,6 +37,7 @@ class ChannelAccountOverview extends App.ControllerSubContent
events:
'click .js-new': 'new'
'click .js-delete': 'delete'
'click .js-reauthenticate': 'reauthenticate'
'click .js-configApp': 'configApp'
'click .js-disable': 'disable'
'click .js-enable': 'enable'
@ -158,6 +159,11 @@ class ChannelAccountOverview extends App.ControllerSubContent
container: @el.closest('.content')
)
reauthenticate: (e) =>
e.preventDefault()
id = $(e.target).closest('.action').data('id')
window.location.href = "#{@apiPath}/external_credentials/google/link_account?channel_id=#{id}"
disable: (e) =>
e.preventDefault()
id = $(e.target).closest('.action').data('id')

View file

@ -37,6 +37,7 @@ class ChannelAccountOverview extends App.ControllerSubContent
events:
'click .js-new': 'new'
'click .js-delete': 'delete'
'click .js-reauthenticate': 'reauthenticate'
'click .js-configApp': 'configApp'
'click .js-disable': 'disable'
'click .js-enable': 'enable'
@ -149,6 +150,11 @@ class ChannelAccountOverview extends App.ControllerSubContent
container: @el.closest('.content')
)
reauthenticate: (e) =>
e.preventDefault()
id = $(e.target).closest('.action').data('id')
window.location.href = "#{@apiPath}/external_credentials/microsoft365/link_account?channel_id=#{id}"
disable: (e) =>
e.preventDefault()
id = $(e.target).closest('.action').data('id')

View file

@ -110,6 +110,7 @@
<div class="btn btn--secondary js-enable"><%- @T('Enable') %></div>
<% end %>
<div class="btn btn--danger btn--secondary js-delete"><%- @T('Delete') %></div>
<div class="btn btn--secondary js-reauthenticate"><%- @T('Reauthenticate') %></div>
</div>
</div>
<% end %>

View file

@ -110,6 +110,7 @@
<% else: %>
<div class="btn btn--secondary js-enable"><%- @T('Enable') %></div>
<% end %>
<div class="btn btn--secondary js-reauthenticate"><%- @T('Reauthenticate') %></div>
</div>
</div>
<% end %>

View file

@ -34,18 +34,24 @@ class ExternalCredentialsController < ApplicationController
provider = params[:provider].downcase
attributes = ExternalCredential.request_account_to_link(provider)
session[:request_token] = attributes[:request_token]
session[:channel_id] = params[:channel_id]
redirect_to attributes[:authorize_url]
end
def callback
provider = params[:provider].downcase
channel = ExternalCredential.link_account(provider, session[:request_token], params.permit!.to_h)
channel = ExternalCredential.link_account(provider, session[:request_token], link_params)
session[:request_token] = nil
session[:channel_id] = nil
redirect_to app_url(provider, channel.id)
end
private
def link_params
params.permit!.to_h.merge(channel_id: session[:channel_id])
end
def callback_url(provider)
ExternalCredential.callback_url(provider)
end

View file

@ -41,18 +41,6 @@ class ExternalCredential::Google
user_data = user_info(response[:id_token])
raise Exceptions::UnprocessableEntity, 'Unable to extract user email from id_token!' if user_data[:email].blank?
migrate_channel = nil
Channel.where(area: 'Email::Account').find_each do |channel|
next if channel.options.dig(:inbound, :options, :user) != user_data[:email]
next if channel.options.dig(:inbound, :options, :host) != 'imap.gmail.com'
next if channel.options.dig(:outbound, :options, :user) != user_data[:email]
next if channel.options.dig(:outbound, :options, :host) != 'smtp.gmail.com'
migrate_channel = channel
break
end
channel_options = {
inbound: {
adapter: 'imap',
@ -82,6 +70,30 @@ class ExternalCredential::Google
),
}
if params[:channel_id]
existing_channel = Channel.where(area: 'Google::Account').find(params[:channel_id])
existing_channel.update!(
options: channel_options,
)
existing_channel.refresh_xoauth2!
return existing_channel
end
migrate_channel = nil
Channel.where(area: 'Email::Account').find_each do |channel|
next if channel.options.dig(:inbound, :options, :user) != user_data[:email]
next if channel.options.dig(:inbound, :options, :host) != 'imap.gmail.com'
next if channel.options.dig(:outbound, :options, :user) != user_data[:email]
next if channel.options.dig(:outbound, :options, :host) != 'smtp.gmail.com'
migrate_channel = channel
break
end
if migrate_channel
channel_options[:inbound][:options][:folder] = migrate_channel.options[:inbound][:options][:folder]
channel_options[:inbound][:options][:keep_on_server] = migrate_channel.options[:inbound][:options][:keep_on_server]

View file

@ -41,18 +41,6 @@ class ExternalCredential::Microsoft365
user_data = user_info(response[:id_token])
raise Exceptions::UnprocessableEntity, 'Unable to extract user preferred_username from id_token!' if user_data[:preferred_username].blank?
migrate_channel = nil
Channel.where(area: 'Email::Account').find_each do |channel|
next if channel.options.dig(:inbound, :options, :user) != user_data[:email]
next if channel.options.dig(:inbound, :options, :host) != 'outlook.office365.com'
next if channel.options.dig(:outbound, :options, :user) != user_data[:email]
next if channel.options.dig(:outbound, :options, :host) != 'smtp.office365.com'
migrate_channel = channel
break
end
channel_options = {
inbound: {
adapter: 'imap',
@ -81,6 +69,30 @@ class ExternalCredential::Microsoft365
),
}
if params[:channel_id]
existing_channel = Channel.where(area: 'Microsoft365::Account').find(params[:channel_id])
existing_channel.update!(
options: channel_options,
)
existing_channel.refresh_xoauth2!
return existing_channel
end
migrate_channel = nil
Channel.where(area: 'Email::Account').find_each do |channel|
next if channel.options.dig(:inbound, :options, :user) != user_data[:email]
next if channel.options.dig(:inbound, :options, :host) != 'outlook.office365.com'
next if channel.options.dig(:outbound, :options, :user) != user_data[:email]
next if channel.options.dig(:outbound, :options, :host) != 'smtp.office365.com'
migrate_channel = channel
break
end
if migrate_channel
channel_options[:inbound][:options][:folder] = migrate_channel.options[:inbound][:options][:folder]
channel_options[:inbound][:options][:keep_on_server] = migrate_channel.options[:inbound][:options][:keep_on_server]