Ejemplo n.º 1
0
function wespot_msg_get_user($providerCode, $oauthId)
{
    $providername = getElggProviderName($providerCode);
    $user_uid = $providername . "_" . $oauthId;
    $options = array('type' => 'user', 'plugin_id' => 'elgg_social_login', 'plugin_user_setting_name_value_pairs' => array('uid' => $user_uid, 'provider' => $providername), 'plugin_user_setting_name_value_pairs_operator' => 'AND', 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if (count($users) == 1) {
        return $users[0];
    }
    return false;
}
Ejemplo n.º 2
0
/**
 * Listen to the upgrade event to make sure upgrades can be run
 *
 * @param string $event  the name of the event
 * @param string $type   the type of the event
 * @param null   $object nothing
 *
 * @return void
 */
function thewire_tools_upgrade_system_event_handler($event, $type, $object)
{
    // Upgrade also possible hidden entities. This feature get run
    // by an administrator so there's no need to ignore access.
    $access_status = access_get_show_hidden_status();
    access_show_hidden_entities(true);
    // register an upgrade script
    $options = array("type" => "user", "plugin_id" => "thewire_tools", "plugin_user_setting_name" => "notify_mention", "count" => true);
    $count = elgg_get_entities_from_plugin_user_settings($options);
    if ($count) {
        $path = "admin/upgrades/thewire_tools_mentions";
        $upgrade = new ElggUpgrade();
        if (!$upgrade->getUpgradeFromPath($path)) {
            $upgrade->setPath($path);
            $upgrade->title = "TheWire Tools mentions upgrade";
            $upgrade->description = "The way mention notifications are handled has changed. Run this script to make sure all settings are migrated.";
            $upgrade->save();
        }
    }
    access_show_hidden_entities($access_status);
}
Ejemplo n.º 3
0
 // if facebook
 if (strtolower($provider) == "facebook") {
     $config["providers"][$provider]["display"] = "popup";
 }
 // create an instance for Hybridauth
 $hybridauth = new Hybrid_Auth($config);
 // try to authenticate the selected $provider
 $adapter = $hybridauth->authenticate($provider);
 $user_profile = $adapter->getUserProfile();
 $user_uid = $provider . "_" . $user_profile->identifier;
 // attempt to find user
 /**
  * !!! taken from Elgg Facebook Services plugin by anirupdutta 
  */
 $options = array('type' => 'user', 'plugin_id' => 'elgg_social_login', 'plugin_user_setting_name_value_pairs' => array('uid' => $user_uid, 'provider' => $provider), 'plugin_user_setting_name_value_pairs_operator' => 'AND', 'limit' => 0);
 $users = elgg_get_entities_from_plugin_user_settings($options);
 if (!$users) {
     $userlogin = str_replace(' ', '-', $user_profile->displayName);
     if (!$userlogin) {
         $userlogin = '******' . rand(10000, 99999);
     }
     while (get_user_by_username($userlogin)) {
         $userlogin = str_replace(' ', '-', $user_profile->displayName) . '-' . rand(1000, 9999);
     }
     $password = generate_random_cleartext_password();
     $username = $user_profile->displayName;
     $useremail = $user_profile->email;
     $user = new ElggUser();
     $user->username = $userlogin;
     $user->name = $username;
     $user->access_id = ACCESS_PUBLIC;
Ejemplo n.º 4
0
<?php

/**
 * List all announcement editors
 */
site_announcements_editor_gatekeeper();
// breadcrumb
elgg_push_breadcrumb(elgg_echo('site_annoucements'), 'announcements/all');
elgg_push_breadcrumb(elgg_echo('site_annoucements:editors'));
// add button
elgg_register_title_button();
// build page elements
$title = elgg_echo('site_annoucements:editors:title');
// get correct users
$dbprefix = elgg_get_config('dbprefix');
$editor_options = array('type' => 'user', 'plugin_id' => 'site_announcements', 'plugin_user_setting_name' => 'editor', 'limit' => false, 'callback' => false);
$options = array('type' => 'user', 'joins' => array("JOIN {$dbprefix}users_entity ue ON e.guid = ue.guid"), 'wheres' => array('ue.admin = "yes"'), 'no_results' => elgg_echo('site_annoucements:editors:none'));
$editors = elgg_get_entities_from_plugin_user_settings($editor_options);
if (!empty($editors)) {
    $editor_guids = array();
    foreach ($editors as $row) {
        $editor_guids[] = (int) $row->guid;
    }
    $options['wheres'][0] .= ' OR e.guid IN (' . implode(',', $editor_guids) . ')';
}
$content = elgg_list_entities($options);
// build page
$page_data = elgg_view_layout('content', array('title' => $title, 'content' => $content));
// draw page
echo elgg_view_page($title, $page_data);
/**
 * Used to add facebook account to user account
 *
 * @access public
 * @return void
 */
function facebook_connect_add_account()
{
    elgg_load_library('facebook');
    $fbData = facebook_connect_get_fbdata();
    if (isset($_GET['error'])) {
        forward();
    } else {
        if (!empty($fbData['loginUrl'])) {
            forward($fbData['loginUrl'], 'facebook_connect');
        } else {
            if (empty($fbData['user_profile']['id'])) {
                forward();
            } else {
                $options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('uid' => $fbData['user_profile']['id'], 'access_token' => $fbData['user_profile']['accessToken']), 'plugin_user_setting_name_value_pairs_operator' => 'OR', 'limit' => 0);
                $users = elgg_get_entities_from_plugin_user_settings($options);
                if (!$users) {
                    elgg_set_plugin_user_setting('uid', $fbData['user_profile']['id']);
                    elgg_set_plugin_user_setting('access_token', $fbData['user_profile']['accessToken']);
                    system_message(elgg_echo('facebook_connect:authorize:success'));
                }
                $user = get_loggedin_user();
                forward('settings/plugins/' . $user->username . '/facebook_connect', 'facebook_connect');
            }
        }
    }
}
/**
 * User-initiated Twitter authorization
 *
 * Callback action from Twitter registration. Registers a single Elgg user with
 * the authorization tokens. Will revoke access from previous users when a
 * conflict exists.
 *
 * Depends upon {@link twitter_api_get_authorize_url} being called previously
 * to establish session request tokens.
 */
function twitter_api_authorize()
{
    $token = twitter_api_get_access_token(get_input('oauth_verifier'));
    if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
        register_error(elgg_echo('twitter_api:authorize:error'));
        forward('settings/plugins', 'twitter_api');
    }
    // make sure no other users are registered to this twitter account.
    $options = array('type' => 'user', 'plugin_id' => 'twitter_api', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    /* @var ElggUser[] $users */
    if ($users) {
        foreach ($users as $user) {
            // revoke access
            elgg_unset_plugin_user_setting('twitter_name', $user->getGUID(), 'twitter_api');
            elgg_unset_plugin_user_setting('access_key', $user->getGUID(), 'twitter_api');
            elgg_unset_plugin_user_setting('access_secret', $user->getGUID(), 'twitter_api');
        }
    }
    // register user's access tokens
    elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], 0, 'twitter_api');
    elgg_set_plugin_user_setting('access_key', $token['oauth_token'], 0, 'twitter_api');
    elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], 0, 'twitter_api');
    // trigger authorization hook
    elgg_trigger_plugin_hook('authorize', 'twitter_api', array('token' => $token));
    system_message(elgg_echo('twitter_api:authorize:success'));
    forward('settings/plugins', 'twitter_api');
}
Ejemplo n.º 7
0
/**
 * Link a user to a Service Provider (SP), so in the future the user can login using this SP.
 *
 * @param ElggUser $user        the user to link
 * @param string   $saml_source the name of the SP
 * @param string   $saml_uid    the unique ID of the user on the IDentity Provider side
 *
 * @return bool true is the user is successfully linked, false on failure
 */
function simplesaml_link_user(ElggUser $user, $saml_source, $saml_uid)
{
    $result = false;
    if (!empty($user) && elgg_instanceof($user, "user", null, "ElggUser") && !empty($saml_source) && !empty($saml_uid)) {
        if (simplesaml_is_enabled_source($saml_source)) {
            // remove links from other users
            $options = array("type" => "user", "limit" => false, "site_guids" => false, "plugin_id" => "simplesaml", "plugin_user_setting_name_value_pairs" => array($saml_source . "_uid" => $saml_uid));
            $users = elgg_get_entities_from_plugin_user_settings($options);
            if (!empty($users)) {
                foreach ($users as $other_user) {
                    simplesaml_unlink_user($other_user, $saml_source);
                }
            }
            // now save the setting for this user
            $result = elgg_set_plugin_user_setting($saml_source . "_uid", $saml_uid, $user->getGUID(), "simplesaml");
        }
    }
    return $result;
}
Ejemplo n.º 8
0
/**
 * The socialink page handler
 *
 * @param array $page page elements
 *
 * @return bool
 */
function socialink_page_handler($page)
{
    $result = false;
    switch ($page[0]) {
        case "authorize":
            elgg_gatekeeper();
            $user = elgg_get_logged_in_user_entity();
            switch ($page[1]) {
                case "twitter":
                case "linkedin":
                case "facebook":
                case "wordpress":
                    if (call_user_func("socialink_" . $page[1] . "_authorize")) {
                        system_message(elgg_echo("socialink:authorize:success", array(elgg_echo("socialink:network:" . $page[1]))));
                    } else {
                        register_error(elgg_echo("socialink:authorize:failed", array(elgg_echo("socialink:network:" . $page[1]))));
                    }
                    break;
            }
            if (!empty($page[1]) && socialink_is_available_network($page[1])) {
                elgg_trigger_plugin_hook("socialink:sync", "user", array("user" => $user, "network" => $page[1]));
            }
            forward("settings/plugins/" . $user->username . "/socialink");
            break;
        case "login":
            if (elgg_is_logged_in() || !isset($page[1])) {
                // invalid input
                forward();
            }
            $network = $page[1];
            $network_name = elgg_echo("socialink:network:" . $network);
            $error_msg_no_user = elgg_echo("socialink:login:error:no_user", array($network_name, $network_name));
            if (!socialink_is_available_network($network)) {
                // unavailable network
                forward();
            }
            // find hidden users (just created)
            $access_status = access_get_show_hidden_status();
            access_show_hidden_entities(true);
            switch ($network) {
                case "twitter":
                    $token = socialink_twitter_get_access_token(get_input("oauth_verifier"));
                    if (!isset($token["oauth_token"]) || !isset($token["oauth_token_secret"])) {
                        register_error($error_msg_no_user);
                        break;
                    }
                    $params = array("type" => "user", "limit" => 1, "site_guids" => false, "plugin_id" => "socialink", "plugin_user_setting_name_value_pairs" => array("twitter_oauth_token" => $token["oauth_token"], "twitter_oauth_secret" => $token["oauth_token_secret"]));
                    $users = elgg_get_entities_from_plugin_user_settings($params);
                    if (!empty($users)) {
                        $user = $users[0];
                    } else {
                        $_SESSION["socialink_token"] = $token;
                        forward("socialink/no_linked_account/twitter");
                    }
                    break;
                case "linkedin":
                    $token = socialink_linkedin_get_access_token(get_input("oauth_verifier"));
                    if (!isset($token["oauth_token"]) || !isset($token["oauth_token_secret"])) {
                        register_error($error_msg_no_user);
                        break;
                    }
                    $params = array("type" => "user", "limit" => 1, "site_guids" => false, "plugin_id" => "socialink", "plugin_user_setting_name_value_pairs" => array("linkedin_oauth_token" => $token["oauth_token"], "linkedin_oauth_secret" => $token["oauth_token_secret"]));
                    $users = elgg_get_entities_from_plugin_user_settings($params);
                    if (!empty($users)) {
                        $user = $users[0];
                    } else {
                        $_SESSION["socialink_token"] = $token;
                        forward("socialink/no_linked_account/linkedin");
                    }
                    break;
                case "facebook":
                    $token = socialink_facebook_get_access_token();
                    if (empty($token)) {
                        register_error($error_msg_no_user);
                        break;
                    }
                    $user_id = socialink_facebook_get_user_id_from_access_token($token);
                    if (empty($user_id)) {
                        register_error($error_msg_no_user);
                        break;
                    }
                    $params = array("type" => "user", "limit" => 1, "site_guids" => false, "plugin_id" => "socialink", "plugin_user_setting_name_value_pairs" => array("facebook_user_id" => $user_id));
                    $users = elgg_get_entities_from_plugin_user_settings($params);
                    if (!empty($users)) {
                        $user = $users[0];
                    } else {
                        $_SESSION["socialink_token"] = $token;
                        forward("socialink/no_linked_account/facebook");
                    }
                    break;
                case "wordpress":
                    $token = socialink_wordpress_get_access_token(get_input("oauth_token"));
                    if (isset($token['oauth_token']) && isset($token['oauth_token_secret'])) {
                        if ($userdata = socialink_wordpress_get_user_data_from_token($token)) {
                            $params = array("type" => "user", "limit" => 1, "site_guids" => false, "plugin_id" => "socialink", "plugin_user_setting_name_value_pairs" => array("wordpress_userid" => $userdata->ID));
                            if ($users = elgg_get_entities_from_plugin_user_settings($params)) {
                                $user = $users[0];
                                socialink_wordpress_update_connection($token, $user->getGUID());
                            } else {
                                $_SESSION["socialink_token"] = $token;
                                forward("socialink/no_linked_account/wordpress");
                            }
                        }
                    } else {
                        register_error($error_msg_no_user);
                    }
                    break;
            }
            if (!empty($user) && elgg_instanceof($user, "user")) {
                try {
                    // permanent login
                    login($user, true);
                    // log last network
                    elgg_set_plugin_user_setting("last_login_network", $network, $user->getGUID(), "socialink");
                    // sync network data
                    elgg_trigger_plugin_hook("socialink:sync", "user", array("user" => $user, "network" => $network));
                    // set message and forward to correct page
                    system_message(elgg_echo("loginok"));
                    if (isset($_SESSION["last_forward_from"]) && $_SESSION["last_forward_from"]) {
                        $forward_url = $_SESSION["last_forward_from"];
                        unset($_SESSION["last_forward_from"]);
                        forward($forward_url);
                    } elseif (get_input("returntoreferer")) {
                        forward(REFERER);
                    } else {
                        forward();
                    }
                } catch (LoginException $e) {
                    // validation mechanisme should report that you are not authenticated. Currently uservalidation by email doesn't do that
                    //register_error($e->getMessage());
                    forward();
                }
            }
            // restore hidden status
            access_show_hidden_entities($access_status);
            forward();
            break;
        case "no_linked_account":
            if (elgg_is_logged_in()) {
                forward();
            }
            switch ($page[1]) {
                case "linkedin":
                case "facebook":
                case "twitter":
                case "wordpress":
                    $result = true;
                    set_input("network", $page[1]);
                    include dirname(dirname(__FILE__)) . "/pages/no_linked_account.php";
                    break;
            }
            break;
        case "share":
            elgg_gatekeeper();
            $result = true;
            include dirname(dirname(__FILE__)) . "/pages/share.php";
            break;
        case "forward":
            if (!isset($page[1]) && !isset($page[2])) {
                // invalid input
                break;
            }
            $network = $page[1];
            $action = $page[2];
            $allowed_actions = array("login", "authorize");
            if (!socialink_is_available_network($network) || !in_array($action, $allowed_actions)) {
                // unavailable network or unsupported action
                break;
            }
            if ($action == "login") {
                socialink_prepare_login();
            }
            $callback_url = elgg_get_site_url() . "socialink/" . $action . "/" . $network;
            $forward_url = "";
            switch ($network) {
                case "linkedin":
                    $forward_url = socialink_linkedin_get_authorize_url($callback_url);
                    break;
                case "facebook":
                    $forward_url = socialink_facebook_get_authorize_url($callback_url);
                    break;
                case "twitter":
                    $forward_url = socialink_twitter_get_authorize_url($callback_url);
                    break;
                case "wordpress":
                    $forward_url = socialink_wordpress_get_authorize_url($callback_url);
                    break;
            }
            forward($forward_url);
            break;
    }
    return $result;
}
/**
 * User-initiated facebook authorization
 *
 * Callback action from facebook registration. Registers a single Elgg user with
 * the authorization tokens. Will revoke access from previous users when a
 * conflict exists.
 *
 */
function facebook_connect_authorize()
{
    $facebook = facebookservice_api();
    $access_token = $facebook->getAccessToken();
    if (!($userID = $facebook->getUser())) {
        register_error(elgg_echo('facebook_connect:authorize:error'));
        forward('settings/plugins', 'facebook_connect');
    }
    // make sure no other users are registered to this facebook account.
    $options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('uid' => $userID, 'access_token' => $access_token), 'plugin_user_setting_name_value_pairs_operator' => 'OR', 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if ($users) {
        foreach ($users as $user) {
            // revoke access
            elgg_unset_plugin_user_setting('uid', $user->getGUID());
            elgg_unset_plugin_user_setting('access_token', $user->getGUID());
        }
    }
    // register user's access tokens
    elgg_set_plugin_user_setting('uid', $userID);
    elgg_set_plugin_user_setting('access_token', $access_token);
    system_message(elgg_echo('facebook_connect:authorize:success'));
    forward('settings/plugins', 'facebook_connect');
}
Ejemplo n.º 10
0
function social_connect_handle_authentication($user_profile, $provider)
{
    global $CONFIG;
    global $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG;
    $ignore_access = elgg_get_ignore_access();
    $provider_name = $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider]['provider_name'];
    $user_uid = $user_profile->identifier;
    // establish the value for the proceeding hook
    $default_proceed = elgg_get_plugin_setting("ha_settings_{$provider}_hook1_default", 'social_connect');
    if (!$default_proceed || $default_proceed == 'global') {
        $default_proceed = elgg_get_plugin_setting('ha_settings_hook1_default', 'social_connect');
    }
    if (!$default_proceed) {
        $default_proceed = SOCIAL_CONNECT_DEFAULT_PROCEED;
    } else {
        if ($default_proceed == 'true') {
            $default_proceed = true;
        } else {
            if ($default_proceed == 'false') {
                $default_proceed = false;
            }
        }
    }
    // the arguments for social connect events and hooks
    $args = array('mode' => null, 'userid' => $user_uid, 'provider' => $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider], 'user' => null, 'profile' => $user_profile);
    // look for users that have already connected via this plugin
    $options = array('type' => 'user', 'plugin_id' => 'social_connect', 'plugin_user_setting_name_value_pairs' => array("{$provider}/uid" => $user_uid), 'plugin_user_setting_name_value_pairs_operator' => 'AND', 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if (!$users) {
        // user has not connected with plugin before
        $args['mode'] = 'connect';
        elgg_set_ignore_access(true);
        $proceed = elgg_trigger_plugin_hook('social_connect', 'user', $args, $default_proceed);
        elgg_set_ignore_access($ignore_access);
        if ($proceed === false) {
            // hook prevented social connection
            return;
        } else {
            if ($proceed === 'email' || $proceed === 'emailOnly') {
                // hook wants to try and connect via email address
                // check whether the user already exists with the email provided
                $useremail = $user_profile->email;
                if ($useremail && ($users = get_user_by_email($useremail))) {
                    social_connect_user($user_uid, $users[0], $user_profile, $provider);
                    system_message(sprintf(elgg_echo('social_connect:connect:ok'), $provider_name));
                    $args['mode'] = 'email';
                    $args['user'] = $users[0];
                    elgg_set_ignore_access(true);
                    elgg_trigger_event('social_connect', 'user', $args);
                    elgg_set_ignore_access($ignore_access);
                    return;
                }
                if ($proceed === 'emailOnly') {
                    // hook wants only email address connection or failure
                    register_error(sprintf(elgg_echo('social_connect:connect:emailnotfound'), $proceed));
                    return;
                }
            }
        }
        // email connection not required or failed, so register a new user
        $userlogin = str_replace(' ', '', $user_profile->displayName);
        if (!$userlogin) {
            $userlogin = $provider . '_user_' . rand(1000, 9999);
        }
        $org_userlogin = $userlogin;
        while (get_user_by_username($userlogin)) {
            $userlogin = $org_userlogin . '_' . rand(1000, 9999);
        }
        unset($org_userlogin);
        $password = generate_random_cleartext_password();
        $username = $user_profile->displayName;
        $user = new ElggUser();
        $user->username = $userlogin;
        $user->name = $username;
        $user->email = $user_profile->email;
        $user->access_id = ACCESS_PUBLIC;
        $user->salt = generate_random_cleartext_password();
        $user->password = generate_user_password($user, $password);
        $user->owner_guid = 0;
        $user->container_guid = 0;
        if ($user->save()) {
            if ($user->email && elgg_get_plugin_setting('notify_new_user', 'social_connect')) {
                $email = elgg_echo('email:social_connect:body', array($userlogin, $password));
                set_user_notification_setting($user->getGUID(), 'email', true);
                notify_user($user->guid, $CONFIG->site->guid, elgg_echo('email:social_connect:subject', array($provider_name)), $email, NULL, 'email');
            }
        } else {
            register_error(sprintf(elgg_echo('social_connect:register:bad'), $provider_name) . elgg_echo("zhaohu:sorry"));
            elgg_log("ZHError social_connect:register:bad , userlogin {$userlogin}", "ERROR");
            return;
        }
        system_message(sprintf(elgg_echo('social_connect:register:ok'), $provider_name));
        social_connect_user($user_uid, $user, $user_profile, $provider);
        $args['mode'] = 'register';
        $args['user'] = $user;
        elgg_set_ignore_access(true);
        elgg_trigger_event('social_connect', 'user', $args);
        elgg_set_ignore_access($ignore_access);
    } elseif (count($users) == 1) {
        // one user has already been registered on Elgg with this provider
        $args['mode'] = 'login';
        $args['user'] = $users[0];
        elgg_set_ignore_access(true);
        if (elgg_trigger_plugin_hook('social_connect', 'user', $args, (bool) $default_proceed)) {
            // if not, hook prevented social connection
            login($users[0]);
            system_message(sprintf(elgg_echo('social_connect:login:ok'), $provider_name));
        }
        elgg_set_ignore_access($ignore_access);
    } else {
        throw new Exception(sprintf(elgg_echo('social_connect:login:bad'), $provider_name));
    }
}
Ejemplo n.º 11
0
<?php

set_time_limit(0);
$options = array('type' => 'user', 'plugin_id' => 'elgg_social_login', 'plugin_user_setting_names' => array('uid'), 'limit' => 0);
$users = new ElggBatch('elgg_get_entities_from_plugin_user_settings', $options);
foreach ($users as $user) {
    $setting = elgg_get_plugin_user_setting('uid', $user->guid, 'elgg_social_login');
    list($provider, $uid) = explode('_', $setting);
    // Check to see if another record has been created with elgg_hybridauth
    $elgg_hybridauth_options = array('type' => 'user', 'plugin_id' => 'elgg_hybridauth', 'plugin_user_setting_name_value_pairs' => array("{$provider}:uid" => $uid), 'limit' => 0);
    $elgg_hybridauth_users = elgg_get_entities_from_plugin_user_settings($elgg_hybridauth_options);
    if ($elgg_hybridauth_users) {
        $elgg_hybridauth_user = $elgg_hybridauth_users[0];
        if ($user->time_created < $elgg_hybridauth_user->time_created) {
            // elgg_social_login user was created earlier, so give that user the ability to login in with this provider uid
            elgg_unset_plugin_user_setting("{$provider}:uid", $elgg_hybridauth_user->guid, 'elgg_hybridauth');
        }
    } else {
        elgg_set_plugin_user_setting("{$provider}:uid", $uid, $user->guid, 'elgg_hybridauth');
    }
    // keep a backup record
    elgg_unset_plugin_user_setting('uid', $user->guid, 'elgg_social_login');
    elgg_set_plugin_user_setting('elgg_social_login_uid', "{$provider}_{$uid}", 'elgg_hybridauth');
    $i++;
}
system_message(elgg_echo('hybridauth:admin:elgg_social_login:action', array($i)));
forward(REFERER);
Ejemplo n.º 12
0
/**
 * Check if we can find a user that is linked to the user provided by the Service Provider (SP).
 *
 * @param string $source          the name of the SP
 * @param array  $saml_attributes an array with the attributes provided by the SP configuration
 *
 * @return false|ElggUser
 */
function simplesaml_find_user($source, $saml_attributes)
{
    if (empty($source) || empty($saml_attributes) || !is_array($saml_attributes)) {
        return false;
    }
    $saml_uid = elgg_extract('elgg:external_id', $saml_attributes);
    if (is_array($saml_uid)) {
        $saml_uid = $saml_uid[0];
    }
    if (empty($saml_uid)) {
        return false;
    }
    // first check if we can find a user based on an existing link
    $options = ['type' => 'user', 'limit' => 1, 'site_guids' => false, 'plugin_id' => 'simplesaml', 'plugin_user_setting_name_value_pairs' => ["{$source}_uid" => $saml_uid]];
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if (!empty($users)) {
        return $users[0];
    }
    // no user found, can we auto link
    // are we allowed to link an existing account based on information from the IDP
    $profile_field = elgg_get_plugin_setting("{$source}_auto_link", 'simplesaml');
    // is the external information provided
    $auto_link_value = elgg_extract('elgg:auto_link', $saml_attributes);
    if (is_array($auto_link_value)) {
        $auto_link_value = $auto_link_value[0];
    }
    if (empty($profile_field) || empty($auto_link_value)) {
        return false;
    }
    $result = false;
    switch ($profile_field) {
        case 'username':
            // find user based on username
            $user = get_user_by_username($auto_link_value);
            if (!empty($user)) {
                $result = $user;
            }
            break;
        case 'email':
            // find user based on email address
            $users = get_user_by_email($auto_link_value);
            if (!empty($users) && count($users) == 1) {
                $result = $users[0];
            }
            break;
        default:
            // find user based on profile information
            $ia = elgg_set_ignore_access(true);
            $options = ['type' => 'user', 'limit' => false, 'site_guids' => false, 'metadata_name_value_pairs' => ['name' => $profile_field, 'value' => $auto_link_value]];
            $users = elgg_get_entities_from_metadata($options);
            if (!empty($users) && count($users) == 1) {
                // only found 1 user so this is ok
                $result = $users[0];
            }
            // restore access
            elgg_set_ignore_access($ia);
    }
    if (!$result instanceof ElggUser) {
        return false;
    }
    // we have a result, so link the user for future use
    simplesaml_link_user($result, $source, $saml_uid);
    return $result;
}
Ejemplo n.º 13
0
/**
 * Authorize a Wordpress account
 *
 * @param int $user_guid the user_guid to authorize
 *
 * @return bool
 */
function socialink_wordpress_authorize($user_guid = 0)
{
    $result = false;
    if (empty($user_guid)) {
        $user_guid = elgg_get_logged_in_user_guid();
    }
    $oauth_verifier = get_input("oauth_verifier", NULL);
    if (!empty($user_guid) && ($token = socialink_wordpress_get_access_token($oauth_verifier))) {
        if (isset($token["oauth_token"]) && isset($token["oauth_token_secret"])) {
            // get the WordPress username
            if ($userdata = socialink_wordpress_get_user_data_from_token($token)) {
                // only one user per tokens
                $params = array("type" => "user", "limit" => false, "site_guids" => false, "plugin_id" => "socialink", "plugin_user_setting_name_value_pairs" => array("wordpress_userid" => $userdata->ID));
                // find hidden users (just created)
                $access_status = access_get_show_hidden_status();
                access_show_hidden_entities(true);
                if ($users = elgg_get_entities_from_plugin_user_settings($params)) {
                    foreach ($users as $user) {
                        // revoke access
                        elgg_set_plugin_user_setting("wordpress_userid", NULL, $user->getGUID(), "socialink");
                        elgg_set_plugin_user_setting("wordpress_oauth_token", NULL, $user->getGUID(), "socialink");
                        elgg_set_plugin_user_setting("wordpress_oauth_secret", NULL, $user->getGUID(), "socialink");
                    }
                }
                // restore hidden status
                access_show_hidden_entities($access_status);
                // register user"s access tokens
                elgg_set_plugin_user_setting("wordpress_userid", $userdata->ID, $user_guid, "socialink");
                elgg_set_plugin_user_setting("wordpress_oauth_token", $token["oauth_token"], $user_guid, "socialink");
                elgg_set_plugin_user_setting("wordpress_oauth_secret", $token["oauth_token_secret"], $user_guid, "socialink");
                $result = true;
            }
        }
    }
    return $result;
}