PageRenderTime 41ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/oauth_callback.php

https://github.com/whale2/users
PHP | 127 lines | 106 code | 18 blank | 3 comment | 14 complexity | 2826186278cb2581882cdb920aa341cb MD5 | raw file
    

  1. <?php
    2. 

  2. require_once(dirname(__FILE__).'/config.php');
    3. 

  3. require_once(dirname(__FILE__).'/User.php');
    4. 

  4. 

  5. $current_user = User::get();
    6. 

  6. 

  7. $oauth_user_id = null;
    8. 

  8. 

  9. try
    10. 

  10. {
    11. 

  11. 	if (!array_key_exists('module', $_GET)) {
    12. 

  12. 		throw new Exception('module not specified');
    13. 

  13. 	}
    14. 

  14. 

  15. 	if (!array_key_exists('oauth_token', $_GET) || !array_key_exists('oauth_verifier', $_GET)) {
    16. 

  16. 		throw new Exception('oauth_token & oauth_varifier required');
    17. 

  17. 	}
    18. 

  18. 

  19. 	$module = AuthenticationModule::get($_GET['module']);
    20. 

  20. 

  21. 	$storage = new MrClay_CookieStorage(array(
    22. 

  22. 		'secret' => UserConfig::$SESSION_SECRET,
    23. 

  23. 		'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
    24. 

  24. 		'path' => UserConfig::$SITEROOTURL,
    25. 

  25. 		'httponly' => true
    26. 

  26. 	));
    27. 

  27. 

  28. 	$oauth_user_id = $storage->fetch(UserConfig::$oauth_user_id_key);
    29. 

  29. 	$storage->delete(UserConfig::$oauth_user_id_key);
    30. 

  30. 

  31. 	if (is_null($oauth_user_id)) {
    32. 

  32. 		throw new Exception("can't determine OAuth User ID");
    33. 

  33. 	}
    34. 

  34. 

  35. 	try
    36. 

  36. 	{
    37. 

  37. 		$module->getAccessToken($oauth_user_id);
    38. 

  38. 	}
    39. 

  39. 	catch (OAuthException2 $e)
    40. 

  40. 	{
    41. 

  41. 		throw new Exception('problem getting access token: '.$e->getMessage());
    42. 

  42. 	}
    43. 

  43. 

  44. 	try
    45. 

  45. 	{
    46. 

  46. 		$identity = $module->getIdentity($oauth_user_id);
    47. 

  47. 	}
    48. 

  48. 	catch (OAuthException2 $e)
    49. 

  49. 	{
    50. 

  50. 		throw new Exception('problem getting user identity: '.$e->getMessage());
    51. 

  51. 	}
    52. 

  52. 

  53. 	if (is_null($identity)) {
    54. 

  54. 		throw new Exception('no identity returned');
    55. 

  55. 	}
    56. 

  56. 

  57. 	#error_log(
    58. 

  58. 	#	'$identity = '.var_export($identity, true).
    59. 

  59. 	#	'$oauth_user_id = '.$oauth_user_id
    60. 

  60. 	#);
    61. 

  61. 

  62. 	$user = $module->getUserByOAuthIdentity($identity, $oauth_user_id);
    63. 

  63. 

  64. 	if (is_null($current_user)) {
    65. 

  65. 		// if user is not logged in yet, it means we're logging them in
    66. 

  66. 		if (is_null($user)) {
    67. 

  67. 			// This user doesn't exist yet, registering them
    68. 

  68. 			$new_user = User::createNewWithoutCredentials(
    69. 

  69. 				$identity['name'],
    70. 

  70. 				array_key_exists('email', $identity) ? $identity['email'] : null
    71. 

  71. 			);
    72. 

  72. 

  73. 			$module->addUserOAuthIdentity($new_user, $identity, $oauth_user_id);
    74. 

  74. 

  75. 			$new_user->setRegistrationModule($module);
    76. 

  76. 

  77. 			$new_user->setSession(true);
    78. 

  78. 			$module->recordRegistrationActivity($new_user);
    79. 

  79. 		} else {
    80. 

  80. 			$user->setSession(true);
    81. 

  81. 			$module->recordLoginActivity($user);
    82. 

  82. 		}
    83. 

  83. 	} else {
    84. 

  84. 		// otherwise, we're adding their credential to an existing user
    85. 

  85. 		if (!is_null($user)) {
    86. 

  86. 			throw new Exception('another user is already connected with this account');
    87. 

  87. 		}
    88. 

  88. 

  89. 		$module->addUserOAuthIdentity($current_user, $identity, $oauth_user_id);
    90. 

  90. 

  91. 		$module->recordAddActivity($current_user);
    92. 

  92. 	}
    93. 

  93. } catch (Exception $e) {
    94. 

  94. 	error_log($e->getMessage());
    95. 

  95. 

  96. 	// we should delete temporary OAuth User ID
    97. 

  97. 	if (!is_null($oauth_user_id)) {
    98. 

  98. 		$module->deleteOAuthUser($oauth_user_id);
    99. 

  99. 	}
    100. 

  100. 

  101. 	if (is_null($current_user)) {
    102. 

  102. 		header('Location: '.UserConfig::$USERSROOTURL.'/login.php?'.
    103. 

  103. 			(array_key_exists('module', $_GET) ? 'module='.$_GET['module'].'&' : '').
    104. 

  104. 			'error=failed');
    105. 

  105. 	} else {
    106. 

  106. 		header('Location: '.UserConfig::$USERSROOTURL.'/edit.php?'.
    107. 

  107. 			(array_key_exists('module', $_GET) ? 'module='.$_GET['module'].'&' : '').
    108. 

  108. 			'error=failed');
    109. 

  109. 	}
    110. 

  110. 	exit;
    111. 

  111. }
    112. 

  112. 

  113. $return = User::getReturn();
    114. 

  114. User::clearReturn();
    115. 

  115. 

  116. if (is_null($return) && !is_null($current_user)) {
    117. 

  117. 	$return = UserConfig::$USERSROOTURL.'/edit.php';
    118. 

  118. }
    119. 

  119. 

  120. if (!is_null($return))
    121. 

  121. {
    122. 

  122. 	header('Location: '.$return);
    123. 

  123. }
    124. 

  124. else
    125. 

  125. {
    126. 

  126. 	header('Location: '.UserConfig::$DEFAULTLOGINRETURN);
    127. 

  127. }
    128. 

  128.