1 files changed, 182 insertions, 146 deletions
diff --git a/vendor/phpmailer/phpmailer/get_oauth_token.php b/vendor/phpmailer/phpmailer/get_oauth_token.php
index 85dde29..cda0445 100644
--- a/vendor/phpmailer/phpmailer/get_oauth_token.php
+++ b/vendor/phpmailer/phpmailer/get_oauth_token.php
@@ -1,146 +1,182 @@
-<?php
-
-/**
- * PHPMailer - PHP email creation and transport class.
- * PHP Version 5.5
- * @package PHPMailer
- * @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
- * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
- * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
- * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
- * @author Brent R. Matzelle (original founder)
- * @copyright 2012 - 2020 Marcus Bointon
- * @copyright 2010 - 2012 Jim Jagielski
- * @copyright 2004 - 2009 Andy Prevost
- * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
- * @note This program is distributed in the hope that it will be useful - WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/**
- * Get an OAuth2 token from an OAuth2 provider.
- * * Install this script on your server so that it's accessible
- * as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
- * e.g.: http://localhost/phpmailer/get_oauth_token.php
- * * Ensure dependencies are installed with 'composer install'
- * * Set up an app in your Google/Yahoo/Microsoft account
- * * Set the script address as the app's redirect URL
- * If no refresh token is obtained when running this file,
- * revoke access to your app and run the script again.
- */
-
-namespace PHPMailer\PHPMailer;
-
-/**
- * Aliases for League Provider Classes
- * Make sure you have added these to your composer.json and run `composer install`
- * Plenty to choose from here:
- * @see http://oauth2-client.thephpleague.com/providers/thirdparty/
- */
-//@see https://github.com/thephpleague/oauth2-google
-use League\OAuth2\Client\Provider\Google;
-//@see https://packagist.org/packages/hayageek/oauth2-yahoo
-use Hayageek\OAuth2\Client\Provider\Yahoo;
-//@see https://github.com/stevenmaguire/oauth2-microsoft
-use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
-
-if (!isset($_GET['code']) && !isset($_GET['provider'])) {
-    ?>
-<html>
-<body>Select Provider:<br>
-<a href='?provider=Google'>Google</a><br>
-<a href='?provider=Yahoo'>Yahoo</a><br>
-<a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br>
-</body>
-</html>
-    <?php
-    exit;
-}
-
-require 'vendor/autoload.php';
-
-session_start();
-
-$providerName = '';
-
-if (array_key_exists('provider', $_GET)) {
-    $providerName = $_GET['provider'];
-    $_SESSION['provider'] = $providerName;
-} elseif (array_key_exists('provider', $_SESSION)) {
-    $providerName = $_SESSION['provider'];
-}
-if (!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) {
-    exit('Only Google, Microsoft and Yahoo OAuth2 providers are currently supported in this script.');
-}
-
-//These details are obtained by setting up an app in the Google developer console,
-//or whichever provider you're using.
-$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
-$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
-
-//If this automatic URL doesn't work, set it yourself manually to the URL of this script
-$redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
-//$redirectUri = 'http://localhost/PHPMailer/redirect';
-
-$params = [
-    'clientId' => $clientId,
-    'clientSecret' => $clientSecret,
-    'redirectUri' => $redirectUri,
-    'accessType' => 'offline'
-];
-
-$options = [];
-$provider = null;
-
-switch ($providerName) {
-    case 'Google':
-        $provider = new Google($params);
-        $options = [
-            'scope' => [
-                'https://mail.google.com/'
-            ]
-        ];
-        break;
-    case 'Yahoo':
-        $provider = new Yahoo($params);
-        break;
-    case 'Microsoft':
-        $provider = new Microsoft($params);
-        $options = [
-            'scope' => [
-                'wl.imap',
-                'wl.offline_access'
-            ]
-        ];
-        break;
-}
-
-if (null === $provider) {
-    exit('Provider missing');
-}
-
-if (!isset($_GET['code'])) {
-    //If we don't have an authorization code then get one
-    $authUrl = $provider->getAuthorizationUrl($options);
-    $_SESSION['oauth2state'] = $provider->getState();
-    header('Location: ' . $authUrl);
-    exit;
-    //Check given state against previously stored one to mitigate CSRF attack
-} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
-    unset($_SESSION['oauth2state']);
-    unset($_SESSION['provider']);
-    exit('Invalid state');
-} else {
-    unset($_SESSION['provider']);
-    //Try to get an access token (using the authorization code grant)
-    $token = $provider->getAccessToken(
-        'authorization_code',
-        [
-            'code' => $_GET['code']
-        ]
-    );
-    //Use this to interact with an API on the users behalf
-    //Use this to get a new access token if the old one expires
-    echo 'Refresh Token: ', $token->getRefreshToken();
-}
+<?php
+
+/**
+ * PHPMailer - PHP email creation and transport class.
+ * PHP Version 5.5
+ * @package PHPMailer
+ * @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
+ * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
+ * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
+ * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
+ * @author Brent R. Matzelle (original founder)
+ * @copyright 2012 - 2020 Marcus Bointon
+ * @copyright 2010 - 2012 Jim Jagielski
+ * @copyright 2004 - 2009 Andy Prevost
+ * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+ * @note This program is distributed in the hope that it will be useful - WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/**
+ * Get an OAuth2 token from an OAuth2 provider.
+ * * Install this script on your server so that it's accessible
+ * as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
+ * e.g.: http://localhost/phpmailer/get_oauth_token.php
+ * * Ensure dependencies are installed with 'composer install'
+ * * Set up an app in your Google/Yahoo/Microsoft account
+ * * Set the script address as the app's redirect URL
+ * If no refresh token is obtained when running this file,
+ * revoke access to your app and run the script again.
+ */
+
+namespace PHPMailer\PHPMailer;
+
+/**
+ * Aliases for League Provider Classes
+ * Make sure you have added these to your composer.json and run `composer install`
+ * Plenty to choose from here:
+ * @see http://oauth2-client.thephpleague.com/providers/thirdparty/
+ */
+//@see https://github.com/thephpleague/oauth2-google
+use League\OAuth2\Client\Provider\Google;
+//@see https://packagist.org/packages/hayageek/oauth2-yahoo
+use Hayageek\OAuth2\Client\Provider\Yahoo;
+//@see https://github.com/stevenmaguire/oauth2-microsoft
+use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
+//@see https://github.com/greew/oauth2-azure-provider
+use Greew\OAuth2\Client\Provider\Azure;
+
+if (!isset($_GET['code']) && !isset($_POST['provider'])) {
+    ?>
+<html>
+<body>
+<form method="post">
+    <h1>Select Provider</h1>
+    <input type="radio" name="provider" value="Google" id="providerGoogle">
+    <label for="providerGoogle">Google</label><br>
+    <input type="radio" name="provider" value="Yahoo" id="providerYahoo">
+    <label for="providerYahoo">Yahoo</label><br>
+    <input type="radio" name="provider" value="Microsoft" id="providerMicrosoft">
+    <label for="providerMicrosoft">Microsoft</label><br>
+    <input type="radio" name="provider" value="Azure" id="providerAzure">
+    <label for="providerAzure">Azure</label><br>
+    <h1>Enter id and secret</h1>
+    <p>These details are obtained by setting up an app in your provider's developer console.
+    </p>
+    <p>ClientId: <input type="text" name="clientId"><p>
+    <p>ClientSecret: <input type="text" name="clientSecret"></p>
+    <p>TenantID (only relevant for Azure): <input type="text" name="tenantId"></p>
+    <input type="submit" value="Continue">
+</form>
+</body>
+</html>
+    <?php
+    exit;
+}
+
+require 'vendor/autoload.php';
+
+session_start();
+
+$providerName = '';
+$clientId = '';
+$clientSecret = '';
+$tenantId = '';
+
+if (array_key_exists('provider', $_POST)) {
+    $providerName = $_POST['provider'];
+    $clientId = $_POST['clientId'];
+    $clientSecret = $_POST['clientSecret'];
+    $tenantId = $_POST['tenantId'];
+    $_SESSION['provider'] = $providerName;
+    $_SESSION['clientId'] = $clientId;
+    $_SESSION['clientSecret'] = $clientSecret;
+    $_SESSION['tenantId'] = $tenantId;
+} elseif (array_key_exists('provider', $_SESSION)) {
+    $providerName = $_SESSION['provider'];
+    $clientId = $_SESSION['clientId'];
+    $clientSecret = $_SESSION['clientSecret'];
+    $tenantId = $_SESSION['tenantId'];
+}
+
+//If you don't want to use the built-in form, set your client id and secret here
+//$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
+//$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
+
+//If this automatic URL doesn't work, set it yourself manually to the URL of this script
+$redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+//$redirectUri = 'http://localhost/PHPMailer/redirect';
+
+$params = [
+    'clientId' => $clientId,
+    'clientSecret' => $clientSecret,
+    'redirectUri' => $redirectUri,
+    'accessType' => 'offline'
+];
+
+$options = [];
+$provider = null;
+
+switch ($providerName) {
+    case 'Google':
+        $provider = new Google($params);
+        $options = [
+            'scope' => [
+                'https://mail.google.com/'
+            ]
+        ];
+        break;
+    case 'Yahoo':
+        $provider = new Yahoo($params);
+        break;
+    case 'Microsoft':
+        $provider = new Microsoft($params);
+        $options = [
+            'scope' => [
+                'wl.imap',
+                'wl.offline_access'
+            ]
+        ];
+        break;
+    case 'Azure':
+        $params['tenantId'] = $tenantId;
+
+        $provider = new Azure($params);
+        $options = [
+            'scope' => [
+                'https://outlook.office.com/SMTP.Send',
+                'offline_access'
+            ]
+        ];
+        break;
+}
+
+if (null === $provider) {
+    exit('Provider missing');
+}
+
+if (!isset($_GET['code'])) {
+    //If we don't have an authorization code then get one
+    $authUrl = $provider->getAuthorizationUrl($options);
+    $_SESSION['oauth2state'] = $provider->getState();
+    header('Location: ' . $authUrl);
+    exit;
+    //Check given state against previously stored one to mitigate CSRF attack
+} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
+    unset($_SESSION['oauth2state']);
+    unset($_SESSION['provider']);
+    exit('Invalid state');
+} else {
+    unset($_SESSION['provider']);
+    //Try to get an access token (using the authorization code grant)
+    $token = $provider->getAccessToken(
+        'authorization_code',
+        [
+            'code' => $_GET['code']
+        ]
+    );
+    //Use this to interact with an API on the users behalf
+    //Use this to get a new access token if the old one expires
+    echo 'Refresh Token: ', $token->getRefreshToken();
+}