private function __construct(ConnectionConfiguration $connConfig)
{
if ($connConfig->getHost() == null) {
throw new Exception("Host must be set to establish Workbench Context.");
}
if ($connConfig->getApiVersion() == null) {
throw new Exception("API Version must be set to establish Workbench Context.");
}
$this->connConfig = $connConfig;
$this->initializeCache();
$this->defaultObject = false;
$this->defaultObjectChanged = false;
$this->sfdcUiSidLikelySet = false;
$this->agreedToTerms = false;
}
private function processLogin($username, $password, $serverUrl, $sessionId, $actionJump)
{
if ($username && $password && $sessionId) {
$this->addError('Provide only username and password OR session id, but not all three.');
return;
}
//block connections to localhost
if (stripos($serverUrl, 'localhost')) {
if (isset($GLOBALS['internal']['localhostLoginError'])) {
$this->addError($GLOBALS['internal']['localhostLoginError']);
} else {
$this->addError("Must not connect to 'localhost'");
}
return;
}
if (WorkbenchContext::isEstablished()) {
// cache clearing shouldn't be needed since we're releasing on the next line,
// but doing it just in case someone puts a cache key outside the WbCtx scope
WorkbenchContext::get()->clearCache();
WorkbenchContext::get()->release();
}
// TODO: clean up this hackiness due to in-progress context refactoring...
$savedOauthConfig = isset($_SESSION['oauth']) ? $_SESSION['oauth'] : null;
session_unset();
session_destroy();
session_start();
session_regenerate_id();
$_SESSION['oauth'] = $savedOauthConfig;
$overriddenClientId = isset($_REQUEST["clientId"]) ? $_REQUEST["clientId"] : null;
if ($username && $password && !$sessionId) {
if ($this->oauthRequired) {
throw new WorkbenchHandledException("OAuth login is required");
}
$orgId = isset($_REQUEST["orgId"]) ? $_REQUEST["orgId"] : WorkbenchConfig::get()->value("loginScopeHeader_organizationId");
$portalId = isset($_REQUEST["portalId"]) ? $_REQUEST["portalId"] : WorkbenchConfig::get()->value("loginScopeHeader_portalId");
WorkbenchContext::establish(ConnectionConfiguration::fromUrl($serverUrl, null, $overriddenClientId));
try {
WorkbenchContext::get()->login($username, $password, $orgId, $portalId);
} catch (Exception $e) {
WorkbenchContext::get()->release();
$this->addError($e->getMessage());
return;
}
} else {
if ($sessionId && $serverUrl && !($username && $password)) {
$serverUrlHost = parse_url($serverUrl, PHP_URL_HOST);
$loginHosts = array("login.salesforce.com", "test.salesforce.com", "prerellogin.pre.salesforce.com");
if (in_array($serverUrlHost, $loginHosts)) {
$this->addError('Must not connect to login server (www, login, test, or prerellogin) if providing a session id. ' . 'Choose your specific Salesforce instance on the QuickSelect menu when using a session id; ' . 'otherwise, provide a username and password and choose the appropriate a login server.');
return;
}
WorkbenchContext::establish(ConnectionConfiguration::fromUrl($serverUrl, $sessionId, $overriddenClientId));
WorkbenchContext::get()->setIsUiSessionLikelySet(true);
} else {
$this->addError('Invalid login parameters.');
return;
}
}
// todo: put in WbCtx?
if (stripos(WorkbenchContext::get()->getHost(), 'localhost')) {
if (isset($GLOBALS['internal']['localhostLoginRedirectError'])) {
$this->addError($GLOBALS['internal']['localhostLoginRedirectError']);
} else {
$this->addError("Must not connect to 'localhost'");
}
return;
}
if (isset($_POST['termsAccepted'])) {
WorkbenchContext::get()->agreeToTerms();
}
// test the connection and prime the UserInfo cache
// exceptions will be caught by top-level handler
$userInfo = WorkbenchContext::get()->getUserInfo();
// do org id whitelist/blacklisting
$orgId15 = substr($userInfo->organizationId, 0, 15);
$orgIdWhiteList = array_map('trim', explode(",", WorkbenchConfig::get()->value("orgIdWhiteList")));
$orgIdBlackList = array_map('trim', explode(",", WorkbenchConfig::get()->value("orgIdBlackList")));
$isAllowed = true;
foreach ($orgIdWhiteList as $allowedOrgId) {
if ($allowedOrgId === "") {
continue;
} else {
if ($orgId15 === substr($allowedOrgId, 0, 15)) {
$isAllowed = true;
break;
} else {
// there is something on the whitelist that's not us
// disallow and keep looking until we find our org id
$isAllowed = false;
}
}
}
foreach ($orgIdBlackList as $disallowedOrgId) {
if ($orgId15 === substr($disallowedOrgId, 0, 15)) {
$isAllowed = false;
break;
}
}
if (!$isAllowed) {
throw new WorkbenchAuthenticationException("Requests for organization {$orgId15} are not allowed");
}
if (isset($_REQUEST['autoLogin'])) {
$actionJump .= (strpos($actionJump, "?") > -1 ? "&" : "?") . "autoLogin=1";
if (isset($_REQUEST['skipVC'])) {
$actionJump .= "&skipVC=1";
}
if (isset($_GET['clientId'])) {
$_SESSION['tempClientId'] = $_GET['clientId'];
}
}
header("Location: {$actionJump}");
}
function establish(ConnectionConfiguration $connConfig)
{
return new SforceMetadataClient($connConfig->getSessionId(), $connConfig->getClientId(), $this->buildEndpoint($connConfig), $this->buildWsdlPath($connConfig));
}
protected function buildEndpoint(ConnectionConfiguration $connConfig)
{
return "http" . ($connConfig->isSecure() ? "s" : "") . "://" . $connConfig->getHost() . "/services/" . $this->getEndpointType() . "/" . $connConfig->getApiVersion();
}
protected function buildWsdlPath(ConnectionConfiguration $connConfig)
{
return "soapclient/sforce." . str_replace(".", "", max($this->getMinWsdlVersion(), $connConfig->getApiVersion())) . "." . $this->getWsdlType() . ".wsdl";
}
<?php
// block direct web access
if (php_sapi_name() != 'cli') {
http_response_code(404);
exit(1);
}
require_once 'shared.php';
require_once 'config/constants.php';
require_once 'config/WorkbenchConfig.php';
require_once 'context/WorkbenchContext.php';
WorkbenchContext::establish(ConnectionConfiguration::fromUrl(getenv('SFDC_SERVER_URL') ? getenv('SFDC_SERVER_URL') : 'https://login.salesforce.com/services/Soap/u/33.0', null, null));
function login($un, $pw)
{
print "Logging in as " . getenv('SFDC_USERNAME') . "... ";
WorkbenchContext::get()->agreeToTerms();
WorkbenchContext::get()->login($un, $pw, null, null);
print "done\n";
$W = WorkbenchContext::get();
$ui = $W->getUserInfo();
print "-----> " . $ui->userFullName . " at " . $ui->organizationName . " on API " . $W->getApiVersion() . "\n";
print "-----> " . "Use \$W to access WorkbenchContext\n";
print "\n";
}
if (getenv('SFDC_USERNAME') && getenv('SFDC_PASSWORD')) {
login(getenv('SFDC_USERNAME'), getenv('SFDC_PASSWORD'));
}
