From a7e044febf6d5ae0548043569f056cfdfb02f88a Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 14:56:15 +0100 Subject: [PATCH 1/8] Make user id attribute for social network authentification configurable --- src/User/Contracts/AuthClientInterface.php | 10 ++++++++-- .../Service/SocialNetworkAccountConnectService.php | 2 +- src/User/Service/SocialNetworkAuthenticateService.php | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/User/Contracts/AuthClientInterface.php b/src/User/Contracts/AuthClientInterface.php index 6aad0348..84e284b6 100644 --- a/src/User/Contracts/AuthClientInterface.php +++ b/src/User/Contracts/AuthClientInterface.php @@ -14,8 +14,9 @@ use yii\authclient\ClientInterface; /** - * @property-read string $email - * @property-read string $username + * @property-read string|null $email + * @property-read string|null $userName + * @property-read mixed|null $userId */ interface AuthClientInterface extends ClientInterface { @@ -28,4 +29,9 @@ public function getEmail(); * @return string|null username */ public function getUserName(); + + /** + * @return mixed|null user id + */ + public function getUserId(); } diff --git a/src/User/Service/SocialNetworkAccountConnectService.php b/src/User/Service/SocialNetworkAccountConnectService.php index 2d6a7a59..366c5f89 100644 --- a/src/User/Service/SocialNetworkAccountConnectService.php +++ b/src/User/Service/SocialNetworkAccountConnectService.php @@ -83,7 +83,7 @@ protected function getSocialNetworkAccount() [], [ 'provider' => $this->client->getId(), - 'client_id' => $data['id'], + 'client_id' => $this->client->getUserId(), 'data' => json_encode($data), ] ); diff --git a/src/User/Service/SocialNetworkAuthenticateService.php b/src/User/Service/SocialNetworkAuthenticateService.php index ded5f478..b9906701 100644 --- a/src/User/Service/SocialNetworkAuthenticateService.php +++ b/src/User/Service/SocialNetworkAuthenticateService.php @@ -97,7 +97,7 @@ protected function createAccount() [], [ 'provider' => $this->client->getId(), - 'client_id' => $data['id'], + 'client_id' => $this->client->getUserId(), 'data' => json_encode($data), 'username' => $this->client->getUserName(), 'email' => $this->client->getEmail(), From edfbc44c52966c662862e113c790ff90d3472dd0 Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 15:05:26 +0100 Subject: [PATCH 2/8] Add separate property for social network registration --- docs/install/configuration-options.md | 5 +++++ src/User/Module.php | 4 ++++ src/User/Service/SocialNetworkAuthenticateService.php | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/install/configuration-options.md b/docs/install/configuration-options.md index f448a70d..7cdf9edb 100755 --- a/docs/install/configuration-options.md +++ b/docs/install/configuration-options.md @@ -143,6 +143,11 @@ List of urls that does not require explicit data processing consent to be access Setting this attribute allows the registration process. If you set it to `false`, the module won't allow users to register by throwing a `NotFoundHttpException` if the `RegistrationController::actionRegister()` is accessed. +#### enableSocialNetworkRegistration (type: `boolean`, default: `true`) + +Setting this attribute allows the registration process via social networks. If you set it to `false`, the module won't allow users to +register. + #### enableEmailConfirmation (type: `boolean`, default: `true`) If `true`, the module will send an email with a confirmation link that user needs to click through to complete its diff --git a/src/User/Module.php b/src/User/Module.php index 0e00f587..f160d025 100755 --- a/src/User/Module.php +++ b/src/User/Module.php @@ -117,6 +117,10 @@ class Module extends BaseModule * @var bool whether to allow registration process or not */ public $enableRegistration = true; + /** + * @var bool whether to allow registration process for social network or not + */ + public $enableSocialNetworkRegistration = true; /** * @var bool whether to force email confirmation to */ diff --git a/src/User/Service/SocialNetworkAuthenticateService.php b/src/User/Service/SocialNetworkAuthenticateService.php index b9906701..fad08e0f 100644 --- a/src/User/Service/SocialNetworkAuthenticateService.php +++ b/src/User/Service/SocialNetworkAuthenticateService.php @@ -48,7 +48,7 @@ public function __construct( public function run() { $account = $this->socialNetworkAccountQuery->whereClient($this->client)->one(); - if (!$this->controller->module->enableRegistration && ($account === null || $account->user === null)) { + if (!$this->controller->module->enableSocialNetworkRegistration && ($account === null || $account->user === null)) { Yii::$app->session->setFlash('danger', Yii::t('usuario', 'Registration on this website is disabled')); $this->authAction->setSuccessUrl(Url::to(['/user/security/login'])); From 8f18c51cf2860ef663fa761f8df5f96c04e5bdd5 Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 15:26:40 +0100 Subject: [PATCH 3/8] Use new property to enable social network registration in registration controller --- src/User/Controller/RegistrationController.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/User/Controller/RegistrationController.php b/src/User/Controller/RegistrationController.php index 6abb039a..c1c11f64 100644 --- a/src/User/Controller/RegistrationController.php +++ b/src/User/Controller/RegistrationController.php @@ -152,6 +152,10 @@ public function actionRegister() */ public function actionConnect($code) { + if (!$this->module->enableSocialNetworkRegistration) { + throw new NotFoundHttpException(); + } + /** @var SocialNetworkAccount $account */ $account = $this->socialNetworkAccountQuery->whereCode($code)->one(); if ($account === null || $account->getIsConnected()) { From 9aea9c76c08fa9aaf412caef45c1ee415916189c Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 15:27:13 +0100 Subject: [PATCH 4/8] Always save the user account when created via the social network authenticate service --- src/User/Service/SocialNetworkAuthenticateService.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/User/Service/SocialNetworkAuthenticateService.php b/src/User/Service/SocialNetworkAuthenticateService.php index fad08e0f..c96298c7 100644 --- a/src/User/Service/SocialNetworkAuthenticateService.php +++ b/src/User/Service/SocialNetworkAuthenticateService.php @@ -106,7 +106,10 @@ protected function createAccount() if (($user = $this->getUser($account)) instanceof User) { $account->user_id = $user->id; - $account->save(false); + } + + if ($account->save(false)) { + return null; } return $account; From e5d5ea426d553cf90385dc3a843993cf50a4dd6a Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 15:39:19 +0100 Subject: [PATCH 5/8] Always save the user account when created via the social network authenticate service --- src/User/Service/SocialNetworkAuthenticateService.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/User/Service/SocialNetworkAuthenticateService.php b/src/User/Service/SocialNetworkAuthenticateService.php index c96298c7..c2626848 100644 --- a/src/User/Service/SocialNetworkAuthenticateService.php +++ b/src/User/Service/SocialNetworkAuthenticateService.php @@ -107,8 +107,8 @@ protected function createAccount() if (($user = $this->getUser($account)) instanceof User) { $account->user_id = $user->id; } - - if ($account->save(false)) { + + if (!$account->save(false)) { return null; } From 8a81ad7c4233be8a164b7ae37f5ba2519332aaaa Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 15:49:25 +0100 Subject: [PATCH 6/8] Add optional to control wether a welcome mail should be send after a registration by social network --- docs/install/configuration-options.md | 4 ++++ src/User/Controller/RegistrationController.php | 7 ++++++- src/User/Module.php | 4 ++++ src/User/Service/UserCreateService.php | 4 ++-- 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/docs/install/configuration-options.md b/docs/install/configuration-options.md index 7cdf9edb..ba775e1c 100755 --- a/docs/install/configuration-options.md +++ b/docs/install/configuration-options.md @@ -148,6 +148,10 @@ register by throwing a `NotFoundHttpException` if the `RegistrationController::a Setting this attribute allows the registration process via social networks. If you set it to `false`, the module won't allow users to register. +#### sendWelcomeMailAfterSocialNetworkRegistration (type: `boolean`, default: `true`) + +Setting this attribute controls wether a confirmation mail should be send or not. + #### enableEmailConfirmation (type: `boolean`, default: `true`) If `true`, the module will send an email with a confirmation link that user needs to click through to complete its diff --git a/src/User/Controller/RegistrationController.php b/src/User/Controller/RegistrationController.php index c1c11f64..0cfe1953 100644 --- a/src/User/Controller/RegistrationController.php +++ b/src/User/Controller/RegistrationController.php @@ -17,6 +17,7 @@ use Da\User\Factory\MailFactory; use Da\User\Form\RegistrationForm; use Da\User\Form\ResendForm; +use Da\User\Helper\SecurityHelper; use Da\User\Model\SocialNetworkAccount; use Da\User\Model\User; use Da\User\Query\SocialNetworkAccountQuery; @@ -175,7 +176,11 @@ public function actionConnect($code) if ($user->load(Yii::$app->request->post()) && $user->validate()) { $this->trigger(SocialNetworkConnectEvent::EVENT_BEFORE_CONNECT, $event); - $mailService = MailFactory::makeWelcomeMailerService($user); + if ($this->module->sendWelcomeMailAfterSocialNetworkRegistration) { + $mailService = MailFactory::makeWelcomeMailerService($user); + } else { + $mailService = null; + } if ($this->make(UserCreateService::class, [$user, $mailService])->run()) { $account->connect($user); $this->trigger(SocialNetworkConnectEvent::EVENT_AFTER_CONNECT, $event); diff --git a/src/User/Module.php b/src/User/Module.php index f160d025..d8b4e03d 100755 --- a/src/User/Module.php +++ b/src/User/Module.php @@ -121,6 +121,10 @@ class Module extends BaseModule * @var bool whether to allow registration process for social network or not */ public $enableSocialNetworkRegistration = true; + /** + * @var bool whether to send a welcome mail after the registration process for social network + */ + public $sendWelcomeMailAfterSocialNetworkRegistration = true; /** * @var bool whether to force email confirmation to */ diff --git a/src/User/Service/UserCreateService.php b/src/User/Service/UserCreateService.php index 74ecc73d..491873e0 100644 --- a/src/User/Service/UserCreateService.php +++ b/src/User/Service/UserCreateService.php @@ -31,7 +31,7 @@ class UserCreateService implements ServiceInterface protected $securityHelper; protected $mailService; - public function __construct(User $model, MailService $mailService, SecurityHelper $securityHelper) + public function __construct(User $model, ?MailService $mailService, SecurityHelper $securityHelper) { $this->model = $model; $this->mailService = $mailService; @@ -70,7 +70,7 @@ public function run() } $model->trigger(UserEvent::EVENT_AFTER_CREATE, $event); - if (!$this->sendMail($model)) { + if ($this->mailService instanceof MailService && !$this->sendMail($model)) { $error_msg = Yii::t( 'usuario', 'Error sending welcome message to "{email}". Please try again later.', From dc4097486868896558af0b573f9651197930d9f9 Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Fri, 5 Jan 2024 16:52:26 +0100 Subject: [PATCH 7/8] Add trait to support new interface in a backward compatible way --- src/User/AuthClient/Facebook.php | 4 ++++ src/User/AuthClient/GitHub.php | 2 ++ src/User/AuthClient/Google.php | 2 ++ src/User/AuthClient/LinkedIn.php | 3 +++ src/User/AuthClient/Twitter.php | 3 +++ src/User/AuthClient/VKontakte.php | 3 +++ src/User/AuthClient/Yandex.php | 3 +++ src/User/Traits/AuthClientUserIdTrait.php | 14 ++++++++++++++ 8 files changed, 34 insertions(+) create mode 100644 src/User/Traits/AuthClientUserIdTrait.php diff --git a/src/User/AuthClient/Facebook.php b/src/User/AuthClient/Facebook.php index b910539f..6a2cf7e4 100644 --- a/src/User/AuthClient/Facebook.php +++ b/src/User/AuthClient/Facebook.php @@ -12,10 +12,14 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use yii\authclient\clients\Facebook as BaseFacebook; class Facebook extends BaseFacebook implements AuthClientInterface { + + use AuthClientUserIdTrait; + /** * {@inheritdoc} */ diff --git a/src/User/AuthClient/GitHub.php b/src/User/AuthClient/GitHub.php index 1a298df5..19ccae62 100644 --- a/src/User/AuthClient/GitHub.php +++ b/src/User/AuthClient/GitHub.php @@ -12,10 +12,12 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use yii\authclient\clients\GitHub as BaseGitHub; class GitHub extends BaseGitHub implements AuthClientInterface { + use AuthClientUserIdTrait; /** * {@inheritdoc} */ diff --git a/src/User/AuthClient/Google.php b/src/User/AuthClient/Google.php index 42c24956..13fb6fec 100644 --- a/src/User/AuthClient/Google.php +++ b/src/User/AuthClient/Google.php @@ -12,10 +12,12 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use yii\authclient\clients\Google as BaseGoogle; class Google extends BaseGoogle implements AuthClientInterface { + use AuthClientUserIdTrait; /** * {@inheritdoc} */ diff --git a/src/User/AuthClient/LinkedIn.php b/src/User/AuthClient/LinkedIn.php index b0fc422e..fe5db731 100644 --- a/src/User/AuthClient/LinkedIn.php +++ b/src/User/AuthClient/LinkedIn.php @@ -12,10 +12,13 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use yii\authclient\clients\LinkedIn as BaseLinkedIn; class LinkedIn extends BaseLinkedIn implements AuthClientInterface { + use AuthClientUserIdTrait; + /** * {@inheritdoc} */ diff --git a/src/User/AuthClient/Twitter.php b/src/User/AuthClient/Twitter.php index 5a9f0a8e..166bb9ca 100644 --- a/src/User/AuthClient/Twitter.php +++ b/src/User/AuthClient/Twitter.php @@ -12,10 +12,13 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use yii\authclient\clients\Twitter as BaseTwitter; class Twitter extends BaseTwitter implements AuthClientInterface { + use AuthClientUserIdTrait; + /** * @return string */ diff --git a/src/User/AuthClient/VKontakte.php b/src/User/AuthClient/VKontakte.php index 69faa059..ac516c4d 100644 --- a/src/User/AuthClient/VKontakte.php +++ b/src/User/AuthClient/VKontakte.php @@ -12,11 +12,14 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use Yii; use yii\authclient\clients\VKontakte as BaseVKontakte; class VKontakte extends BaseVKontakte implements AuthClientInterface { + use AuthClientUserIdTrait; + /** * {@inheritdoc} */ diff --git a/src/User/AuthClient/Yandex.php b/src/User/AuthClient/Yandex.php index 35f3dfe2..262ec328 100644 --- a/src/User/AuthClient/Yandex.php +++ b/src/User/AuthClient/Yandex.php @@ -12,11 +12,14 @@ namespace Da\User\AuthClient; use Da\User\Contracts\AuthClientInterface; +use Da\User\Traits\AuthClientUserIdTrait; use Yii; use yii\authclient\clients\Yandex as BaseYandex; class Yandex extends BaseYandex implements AuthClientInterface { + use AuthClientUserIdTrait; + /** * {@inheritdoc} */ diff --git a/src/User/Traits/AuthClientUserIdTrait.php b/src/User/Traits/AuthClientUserIdTrait.php new file mode 100644 index 00000000..c1166fe1 --- /dev/null +++ b/src/User/Traits/AuthClientUserIdTrait.php @@ -0,0 +1,14 @@ +getUserAttributes()['id'] ?? null; + } +} From 86c31c30218b9e3f37fa2e9181ce2c53ff1bc152 Mon Sep 17 00:00:00 2001 From: Elias Luhr Date: Wed, 10 Jan 2024 15:40:12 +0100 Subject: [PATCH 8/8] Updated changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 226c9bc1..d3dd6073 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## dev +- Fix: Social Network Auth (eluhr) + ## 1.6.2 Jan 4th, 2024 - Fix: Two Factor Authentication - Filter - Blocks even when two factor authentication is enabled