# -*- coding: utf-8 -*- # Part of Odoo. See LICENSE file for full copyright and licensing details. import requests import json from odoo import fields, models, _ from odoo.exceptions import UserError class ResConfigSettings(models.TransientModel): _inherit = 'res.config.settings' # Google API Configuration google_api_enabled = fields.Boolean( string='Google API Integration', config_parameter='google_api.enabled', help='Enable integration with Google Drive and Google Calendar' ) # Google API Credentials (shared for all services) google_api_client_id = fields.Char( string='Google API Client ID', config_parameter='google_api.client_id', help='Client ID for Google APIs (Drive, Calendar, etc.)' ) google_api_client_secret = fields.Char( string='Google API Client Secret', config_parameter='google_api.client_secret', help='Client Secret for Google APIs (Drive, Calendar, etc.)' ) def action_test_google_api_connection(self): """Test Google API connection by checking if credentials are valid""" self.ensure_one() if not self.google_api_enabled: raise UserError(_('Google API Integration is not enabled')) if not self.google_api_client_id or not self.google_api_client_secret: raise UserError(_('Please provide both Client ID and Client Secret')) try: # Test 1: Verify credentials format if len(self.google_api_client_id) < 10: raise UserError(_('Client ID appears to be invalid (too short)')) if len(self.google_api_client_secret) < 10: raise UserError(_('Client Secret appears to be invalid (too short)')) # Test 2: Try to reach Google APIs (basic connectivity test) google_api_url = "https://www.googleapis.com" response = requests.get(google_api_url, timeout=10) if response.status_code not in [200, 404]: # 404 is expected for root URL raise UserError(_('Cannot reach Google APIs. Please check your internet connection.')) # Test 3: Check if Drive API is available drive_api_url = "https://www.googleapis.com/drive/v3/about" drive_response = requests.get(drive_api_url, timeout=10) # Drive API requires authentication, so 401 is expected if drive_response.status_code not in [401, 403]: raise UserError(_('Google Drive API is not accessible')) # Test 4: Check if Calendar API is available calendar_api_url = "https://www.googleapis.com/calendar/v3/users/me/calendarList" calendar_response = requests.get(calendar_api_url, timeout=10) # Calendar API requires authentication, so 401 is expected if calendar_response.status_code not in [401, 403]: raise UserError(_('Google Calendar API is not accessible')) # Test 5: Validate OAuth2 endpoints oauth_auth_url = "https://accounts.google.com/o/oauth2/auth" oauth_response = requests.get(oauth_auth_url, timeout=10) if oauth_response.status_code not in [200, 405]: # 405 Method Not Allowed is expected for GET raise UserError(_('Google OAuth2 endpoints are not accessible')) # All tests passed return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('Success'), 'message': _('Google API connection test successful! All APIs are accessible.'), 'type': 'success', 'sticky': False, } } except requests.exceptions.Timeout: raise UserError(_('Connection timeout. Please check your internet connection.')) except requests.exceptions.ConnectionError: raise UserError(_('Connection error. Please check your internet connection.')) except Exception as e: raise UserError(_('Connection test failed: %s') % str(e)) def action_validate_credentials(self): """Validate that the credentials are properly formatted""" self.ensure_one() if not self.google_api_client_id: raise UserError(_('Client ID is required')) if not self.google_api_client_secret: raise UserError(_('Client Secret is required')) # Basic format validation if not self.google_api_client_id.endswith('.apps.googleusercontent.com'): raise UserError(_('Client ID should end with .apps.googleusercontent.com')) if len(self.google_api_client_secret) < 20: raise UserError(_('Client Secret appears to be too short')) return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('Success'), 'message': _('Credentials format is valid!'), 'type': 'success', 'sticky': False, } } def action_connect_google_account(self): """Connect Google account using manual OAuth flow""" self.ensure_one() if not self.google_api_client_id or not self.google_api_client_secret: raise UserError(_('Please configure Google API credentials first')) # Get base URL base_url = self.env['ir.config_parameter'].sudo().get_param('web.base.url') # Create a custom redirect URI for our manual flow redirect_uri = f"{base_url}/web/google_oauth_callback" # Build OAuth authorization URL auth_url = "https://accounts.google.com/o/oauth2/auth" params = { 'client_id': self.google_api_client_id, 'redirect_uri': redirect_uri, 'scope': 'https://www.googleapis.com/auth/drive', 'response_type': 'code', 'access_type': 'offline', 'prompt': 'consent', 'state': 'google_drive_integration' } # Build URL with parameters param_string = '&'.join([f"{k}={v}" for k, v in params.items()]) oauth_url = f"{auth_url}?{param_string}" # Store the redirect URI for later use self.env['ir.config_parameter'].sudo().set_param('google_api.manual_redirect_uri', redirect_uri) return { 'type': 'ir.actions.act_url', 'url': oauth_url, 'target': 'new', } def action_show_oauth_redirect_uris(self): """Show the redirect URIs that need to be configured in Google Cloud Console""" self.ensure_one() base_url = self.env['ir.config_parameter'].sudo().get_param('web.base.url') redirect_uri = f"{base_url}/web/google_oauth_callback" return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('OAuth Redirect URI'), 'message': _('Configure this redirect URI in Google Cloud Console:\n\n%s\n\nCopy this URL and add it to your OAuth 2.0 client configuration.') % redirect_uri, 'type': 'info', 'sticky': True, } } def action_test_google_oauth_connection(self): """Test OAuth connection using manual OAuth flow""" self.ensure_one() # Check for manual OAuth token access_token = self.env['ir.config_parameter'].sudo().get_param('google_api.access_token') if not access_token: return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('Info'), 'message': _('No OAuth token found. Please use "Connect Google Account" to connect your Google account.'), 'type': 'info', 'sticky': False, } } try: # Test Google Drive API access headers = { 'Authorization': f'Bearer {access_token}', } # Try to get user info (this will test the token) response = requests.get( 'https://www.googleapis.com/drive/v3/about?fields=user', headers=headers, timeout=10 ) if response.status_code == 200: user_info = response.json() user_email = user_info.get('user', {}).get('emailAddress', 'Unknown') return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('Success'), 'message': _('OAuth connection successful! Connected as: %s') % user_email, 'type': 'success', 'sticky': False, } } elif response.status_code == 401: # Try to refresh the token if self._refresh_access_token(): return { 'type': 'ir.actions.client', 'tag': 'display_notification', 'params': { 'title': _('Token Refreshed'), 'message': _('Access token was refreshed successfully. Please try the test again.'), 'type': 'success', } } else: raise UserError(_('OAuth token has expired and could not be refreshed. Please reconnect your Google account.')) else: raise UserError(_('Google Drive API test failed. Status: %s') % response.status_code) except Exception as e: raise UserError(_('OAuth connection test failed: %s') % str(e)) def _refresh_access_token(self): """Refresh the access token using the refresh token""" try: refresh_token = self.env['ir.config_parameter'].sudo().get_param('google_api.refresh_token') client_id = self.env['ir.config_parameter'].sudo().get_param('google_api.client_id') client_secret = self.env['ir.config_parameter'].sudo().get_param('google_api.client_secret') if not all([refresh_token, client_id, client_secret]): return False # Exchange refresh token for new access token token_url = 'https://oauth2.googleapis.com/token' data = { 'client_id': client_id, 'client_secret': client_secret, 'refresh_token': refresh_token, 'grant_type': 'refresh_token' } response = requests.post(token_url, data=data, timeout=30) if response.status_code == 200: token_data = response.json() new_access_token = token_data.get('access_token') if new_access_token: # Store the new access token self.env['ir.config_parameter'].sudo().set_param('google_api.access_token', new_access_token) return True return False except Exception as e: _logger.error(f"Failed to refresh access token: {str(e)}") return False