You are here

function salesforce_update_8402 in Salesforce Suite 8.4

Same name and namespace in other branches
  1. 5.0.x salesforce.install \salesforce_update_8402()

Purge salesforce_encrypt module, in case it was not disabled.

See change record https://www.drupal.org/node/3034230 for more info.

File

./salesforce.install, line 366
Salesforce install file.

Code

function salesforce_update_8402() {

  // Manually uninstall salesforce_encrypt, which was removed.
  \Drupal::database()
    ->delete('key_value')
    ->condition('collection', 'system.schema')
    ->condition('name', 'salesforce_encrypt')
    ->execute();

  // Check to see if our profile exists, and if our creds are encrypted.
  // If so, try to unencrypt them and delete our profile.
  $profile = \Drupal::state()
    ->get('salesforce_encrypt.profile');
  if (!$profile) {
    return;
  }
  \Drupal::state()
    ->delete('salesforce_encrypt.profile');
  if (!\Drupal::hasService('encrypt.encryption_profile.manager') || !\Drupal::hasService('encryption')) {
    return;
  }
  $profile = \Drupal::service('encrypt.encryption_profile.manager')
    ->getEncryptionProfile($profile);
  if (!$profile) {
    return;
  }

  /** @var \Drupal\encrypt\EncryptService $encryption */
  $encryption = \Drupal::service('encryption');

  // Encryption exists. Profile exists. Look for encrypted credentials.

  /** @var \Drupal\salesforce\Entity\SalesforceAuthConfig $authConfig */
  $authConfig = SalesforceAuthConfig::load('oauth_default');
  if (!$authConfig) {

    // If we can't load the oauth_default config, we're done.
    return;
  }
  $credentials = $authConfig
    ->getPlugin()
    ->getCredentials();
  if (!$credentials instanceof \Drupal\salesforce_oauth\Consumer\SalesforceOAuthCredentials) {

    // @codingStandardsIgnoreLine
    // If we're not using OAuth, we are done.
    return;
  }
  try {
    $key = $encryption
      ->decrypt($credentials
      ->getConsumerKey(), $profile);
    $secret = $encryption
      ->decrypt($credentials
      ->getConsumerSecret(), $profile);
    $url = $credentials
      ->getLoginUrl();
    $settings = [
      'consumer_key' => $key,
      'consumer_secret' => $secret,
      'login_url' => $url,
    ];
    $authConfig
      ->set('provider_settings', $settings)
      ->save();
  } catch (\Exception $e) {

    // If these failed encryption, don't bother with the update which will
    // probably fail.
    return;
  }

  /** @var \Drupal\salesforce\Storage\SalesforceAuthTokenStorage $tokenStorage */
  $tokenStorage = \Drupal::service('salesforce.auth_token_storage');
  try {
    $token = $tokenStorage
      ->retrieveAccessToken('oauth_default');
    $accessToken = $encryption
      ->decrypt($token
      ->getAccessToken(), $profile);
    $refreshToken = $encryption
      ->decrypt($token
      ->getRefreshToken(), $profile);
    $token
      ->setAccessToken($accessToken);
    $token
      ->setRefreshToken($refreshToken);
    $tokenStorage
      ->storeAccessToken('oauth_default', $token);
    $identity = $tokenStorage
      ->retrieveIdentity('oauth_default');
    if (empty($identity)) {
      return;
    }
    if (is_string($identity)) {
      $identity = $encryption
        ->decrypt($identity, $profile);
      if (empty($identity) || !is_string($identity)) {

        // If decryption failed, we're done.
        return;
      }
      $identity = unserialize($identity);
      if ($identity === FALSE) {

        // We can't do anything with a non-serialized string.
        return;
      }
    }
    $tokenStorage
      ->storeIdentity('oauth_default', $identity);
  } catch (\Exception $e) {

    // If these failed encryption, don't bother with the update which will
    // probably fail.
    return;
  }
}