From 40fc25eba904c93789f8c856665fac96da862ee7 Mon Sep 17 00:00:00 2001
From: Andy Heathershaw <andy@andysh.uk>
Date: Tue, 14 Aug 2018 12:57:41 +0100
Subject: [PATCH] #5: Facebook login is now working using the app ID/secret
 stored in the database, instead of in the services file

---
 .../Controllers/Admin/DefaultController.php   | 20 +++++++++++---
 app/Http/Controllers/Auth/LoginController.php | 27 +++++++++++++++++--
 config/services.php                           |  6 -----
 3 files changed, 41 insertions(+), 12 deletions(-)

diff --git a/app/Http/Controllers/Admin/DefaultController.php b/app/Http/Controllers/Admin/DefaultController.php
index 68fdd3a..5dd439c 100644
--- a/app/Http/Controllers/Admin/DefaultController.php
+++ b/app/Http/Controllers/Admin/DefaultController.php
@@ -29,10 +29,17 @@ use Illuminate\Support\Facades\View;
 
 class DefaultController extends Controller
 {
+    private $passwordSettingKeys;
+
     public function __construct()
     {
         $this->middleware('auth');
         View::share('is_admin', true);
+
+        $this->passwordSettingKeys = [
+            'smtp_password',
+            'facebook_app_secret'
+        ];
     }
 
     public function about()
@@ -211,9 +218,6 @@ class DefaultController extends Controller
     {
         $this->authorizeAccessToAdminPanel('admin:configure');
 
-        $passwordKeys = [
-            'smtp_password'
-        ];
         $checkboxKeys = [
             'albums_menu_parents_only',
             'allow_self_registration',
@@ -264,7 +268,7 @@ class DefaultController extends Controller
             }
 
             $config->value = $request->request->get($key);
-            if (in_array($key, $passwordKeys) && strlen($config->value) > 0)
+            if (in_array($key, $this->passwordSettingKeys) && strlen($config->value) > 0)
             {
                 $config->value = encrypt($config->value);
             }
@@ -313,6 +317,14 @@ class DefaultController extends Controller
             $dateFormatsLookup[$dateFormat] = date($dateFormat);
         }
 
+        foreach ($this->passwordSettingKeys as $passwordSettingKey)
+        {
+            if (isset($config[$passwordSettingKey]) && !empty($config[$passwordSettingKey]))
+            {
+                $config[$passwordSettingKey] = decrypt($config[$passwordSettingKey]);
+            }
+        }
+
         $themeNamesLookup = UserConfig::allowedThemeNames();
 
         return Theme::render('admin.settings', [
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 770afc3..715e3fb 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -3,10 +3,12 @@
 namespace App\Http\Controllers\Auth;
 
 use App\Facade\Theme;
+use App\Facade\UserConfig;
 use App\Http\Controllers\Controller;
 use App\User;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
+use Laravel\Socialite\Two\FacebookProvider;
 use Socialite;
 
 class LoginController extends Controller
@@ -71,7 +73,8 @@ class LoginController extends Controller
      */
     public function redirectToFacebook()
     {
-        return Socialite::driver('facebook')->redirect();
+        $socialite = $this->setSocialiteConfigs();
+        return $socialite->driver('facebook')->redirect();
     }
 
     /**
@@ -81,7 +84,8 @@ class LoginController extends Controller
      */
     public function handleFacebookCallback(Request $request)
     {
-        $facebookUser = Socialite::driver('facebook')->user();
+        $socialite = $this->setSocialiteConfigs();
+        $facebookUser = $socialite->driver('facebook')->user();
         $user = User::where('facebook_id', $facebookUser->id)->first();
 
         if (is_null($user))
@@ -100,4 +104,23 @@ class LoginController extends Controller
 
         return redirect(route('home'));
     }
+
+    private function setSocialiteConfigs()
+    {
+        // Force Socialite to use our config from the database instead of hard-coded in config/services.php
+        $socialite = app()->make('Laravel\Socialite\Contracts\Factory');
+        $socialite->extend(
+            'facebook',
+            function ($app) use ($socialite) {
+                $config = [
+                    'client_id' => UserConfig::get('facebook_app_id'),
+                    'client_secret' => decrypt(UserConfig::get('facebook_app_secret')),
+                    'redirect' => route('login_callback.facebook')
+                ];
+                return $socialite->buildProvider(FacebookProvider::class, $config);
+            }
+        );
+
+        return $socialite;
+    }
 }
diff --git a/config/services.php b/config/services.php
index a99b3fb..eab4683 100644
--- a/config/services.php
+++ b/config/services.php
@@ -14,12 +14,6 @@ return [
     |
     */
 
-    'facebook' => [
-        'client_id' => env('FACEBOOK_CLIENT_ID'),
-        'client_secret' => env('FACEBOOK_CLIENT_SECRET'),
-        'redirect' => php_sapi_name() != 'cli' ? url('login/facebook/callback') : ''
-    ],
-
     'gitea' => [
         'api_url' => 'https://apps.andysh.uk/api/v1',
         'cache_time_seconds' => 3600,