whatsapp_web_groups/models/res_config_settings.py

# -*- coding: utf-8 -*-
# Part of Odoo. See LICENSE file for full copyright and licensing details.

import requests
import json
from odoo import fields, models, _
from odoo.exceptions import UserError


class ResConfigSettings(models.TransientModel):
    _inherit = 'res.config.settings'

    # Google API Configuration
    google_api_enabled = fields.Boolean(
        string='Google API Integration',
        config_parameter='google_api.enabled',
        help='Enable integration with Google Drive and Google Calendar'
    )
    
    # Google API Credentials (shared for all services)
    google_api_client_id = fields.Char(
        string='Google API Client ID',
        config_parameter='google_api.client_id',
        help='Client ID for Google APIs (Drive, Calendar, etc.)'
    )
    google_api_client_secret = fields.Char(
        string='Google API Client Secret',
        config_parameter='google_api.client_secret',
        help='Client Secret for Google APIs (Drive, Calendar, etc.)'
    )

    def action_test_google_api_connection(self):
        """Test Google API connection by checking if credentials are valid"""
        self.ensure_one()
        
        if not self.google_api_enabled:
            raise UserError(_('Google API Integration is not enabled'))
        
        if not self.google_api_client_id or not self.google_api_client_secret:
            raise UserError(_('Please provide both Client ID and Client Secret'))
        
        try:
            # Test 1: Verify credentials format
            if len(self.google_api_client_id) < 10:
                raise UserError(_('Client ID appears to be invalid (too short)'))
            
            if len(self.google_api_client_secret) < 10:
                raise UserError(_('Client Secret appears to be invalid (too short)'))
            
            # Test 2: Try to reach Google APIs (basic connectivity test)
            google_api_url = "https://www.googleapis.com"
            response = requests.get(google_api_url, timeout=10)
            
            if response.status_code not in [200, 404]:  # 404 is expected for root URL
                raise UserError(_('Cannot reach Google APIs. Please check your internet connection.'))
            
            # Test 3: Check if Drive API is available
            drive_api_url = "https://www.googleapis.com/drive/v3/about"
            drive_response = requests.get(drive_api_url, timeout=10)
            
            # Drive API requires authentication, so 401 is expected
            if drive_response.status_code not in [401, 403]:
                raise UserError(_('Google Drive API is not accessible'))
            
            # Test 4: Check if Calendar API is available
            calendar_api_url = "https://www.googleapis.com/calendar/v3/users/me/calendarList"
            calendar_response = requests.get(calendar_api_url, timeout=10)
            
            # Calendar API requires authentication, so 401 is expected
            if calendar_response.status_code not in [401, 403]:
                raise UserError(_('Google Calendar API is not accessible'))
            
            # Test 5: Validate OAuth2 endpoints
            oauth_auth_url = "https://accounts.google.com/o/oauth2/auth"
            oauth_response = requests.get(oauth_auth_url, timeout=10)
            
            if oauth_response.status_code not in [200, 405]:  # 405 Method Not Allowed is expected for GET
                raise UserError(_('Google OAuth2 endpoints are not accessible'))
            
            # All tests passed
            return {
                'type': 'ir.actions.client',
                'tag': 'display_notification',
                'params': {
                    'title': _('Success'),
                    'message': _('Google API connection test successful! All APIs are accessible.'),
                    'type': 'success',
                    'sticky': False,
                }
            }
            
        except requests.exceptions.Timeout:
            raise UserError(_('Connection timeout. Please check your internet connection.'))
        except requests.exceptions.ConnectionError:
            raise UserError(_('Connection error. Please check your internet connection.'))
        except Exception as e:
            raise UserError(_('Connection test failed: %s') % str(e))

    def action_validate_credentials(self):
        """Validate that the credentials are properly formatted"""
        self.ensure_one()
        
        if not self.google_api_client_id:
            raise UserError(_('Client ID is required'))
        
        if not self.google_api_client_secret:
            raise UserError(_('Client Secret is required'))
        
        # Basic format validation
        if not self.google_api_client_id.endswith('.apps.googleusercontent.com'):
            raise UserError(_('Client ID should end with .apps.googleusercontent.com'))
        
        if len(self.google_api_client_secret) < 20:
            raise UserError(_('Client Secret appears to be too short'))
        
        return {
            'type': 'ir.actions.client',
            'tag': 'display_notification',
            'params': {
                'title': _('Success'),
                'message': _('Credentials format is valid!'),
                'type': 'success',
                'sticky': False,
            }
        }

    def action_connect_google_account(self):
        """Connect Google account using manual OAuth flow"""
        self.ensure_one()
        
        if not self.google_api_client_id or not self.google_api_client_secret:
            raise UserError(_('Please configure Google API credentials first'))
        
        # Get base URL
        base_url = self.env['ir.config_parameter'].sudo().get_param('web.base.url')
        
        # Create a custom redirect URI for our manual flow
        redirect_uri = f"{base_url}/web/google_oauth_callback"
        
        # Build OAuth authorization URL
        auth_url = "https://accounts.google.com/o/oauth2/auth"
        params = {
            'client_id': self.google_api_client_id,
            'redirect_uri': redirect_uri,
            'scope': 'https://www.googleapis.com/auth/drive',
            'response_type': 'code',
            'access_type': 'offline',
            'prompt': 'consent',
            'state': 'google_drive_integration'
        }
        
        # Build URL with parameters
        param_string = '&'.join([f"{k}={v}" for k, v in params.items()])
        oauth_url = f"{auth_url}?{param_string}"
        
        # Store the redirect URI for later use
        self.env['ir.config_parameter'].sudo().set_param('google_api.manual_redirect_uri', redirect_uri)
        
        return {
            'type': 'ir.actions.act_url',
            'url': oauth_url,
            'target': 'new',
        }

    def action_show_oauth_redirect_uris(self):
        """Show the redirect URIs that need to be configured in Google Cloud Console"""
        self.ensure_one()
        
        base_url = self.env['ir.config_parameter'].sudo().get_param('web.base.url')
        redirect_uri = f"{base_url}/web/google_oauth_callback"
        
        return {
            'type': 'ir.actions.client',
            'tag': 'display_notification',
            'params': {
                'title': _('OAuth Redirect URI'),
                'message': _('Configure this redirect URI in Google Cloud Console:\n\n%s\n\nCopy this URL and add it to your OAuth 2.0 client configuration.') % redirect_uri,
                'type': 'info',
                'sticky': True,
            }
        }

    def action_test_google_oauth_connection(self):
        """Test OAuth connection using manual OAuth flow"""
        self.ensure_one()
        
        # Check for manual OAuth token
        access_token = self.env['ir.config_parameter'].sudo().get_param('google_api.access_token')
        
        if not access_token:
            return {
                'type': 'ir.actions.client',
                'tag': 'display_notification',
                'params': {
                    'title': _('Info'),
                    'message': _('No OAuth token found. Please use "Connect Google Account" to connect your Google account.'),
                    'type': 'info',
                    'sticky': False,
                }
            }
        
        try:
            # Test Google Drive API access
            headers = {
                'Authorization': f'Bearer {access_token}',
            }
            
            # Try to get user info (this will test the token)
            response = requests.get(
                'https://www.googleapis.com/drive/v3/about?fields=user',
                headers=headers,
                timeout=10
            )
            
            if response.status_code == 200:
                user_info = response.json()
                user_email = user_info.get('user', {}).get('emailAddress', 'Unknown')
                
                return {
                    'type': 'ir.actions.client',
                    'tag': 'display_notification',
                    'params': {
                        'title': _('Success'),
                        'message': _('OAuth connection successful! Connected as: %s') % user_email,
                        'type': 'success',
                        'sticky': False,
                    }
                }
            elif response.status_code == 401:
                # Try to refresh the token
                if self._refresh_access_token():
                    return {
                        'type': 'ir.actions.client',
                        'tag': 'display_notification',
                        'params': {
                            'title': _('Token Refreshed'),
                            'message': _('Access token was refreshed successfully. Please try the test again.'),
                            'type': 'success',
                        }
                    }
                else:
                    raise UserError(_('OAuth token has expired and could not be refreshed. Please reconnect your Google account.'))
            else:
                raise UserError(_('Google Drive API test failed. Status: %s') % response.status_code)
                
        except Exception as e:
            raise UserError(_('OAuth connection test failed: %s') % str(e))

    def _refresh_access_token(self):
        """Refresh the access token using the refresh token"""
        try:
            refresh_token = self.env['ir.config_parameter'].sudo().get_param('google_api.refresh_token')
            client_id = self.env['ir.config_parameter'].sudo().get_param('google_api.client_id')
            client_secret = self.env['ir.config_parameter'].sudo().get_param('google_api.client_secret')
            
            if not all([refresh_token, client_id, client_secret]):
                return False
            
            # Exchange refresh token for new access token
            token_url = 'https://oauth2.googleapis.com/token'
            data = {
                'client_id': client_id,
                'client_secret': client_secret,
                'refresh_token': refresh_token,
                'grant_type': 'refresh_token'
            }
            
            response = requests.post(token_url, data=data, timeout=30)
            
            if response.status_code == 200:
                token_data = response.json()
                new_access_token = token_data.get('access_token')
                
                if new_access_token:
                    # Store the new access token
                    self.env['ir.config_parameter'].sudo().set_param('google_api.access_token', new_access_token)
                    return True
            
            return False
            
        except Exception as e:
            _logger.error(f"Failed to refresh access token: {str(e)}")
            return False