/**
* Finish the authentication process
*
* Steps:
* 1. Get the user profile from provider
* 2. Create new wordpress user if he didn't exist in database
* 3. Store his Hybridauth profile, contacts and BP mapping
* 4. Authenticate the user within wordpress
*/
function wsl_process_login_end()
{
// HOOKABLE:
do_action("wsl_process_login_end_start");
// HOOKABLE: set a custom Redirect URL
$redirect_to = wsl_process_login_get_redirect_to();
// HOOKABLE: selected provider name
$provider = wsl_process_login_get_selected_provider();
// authentication mode
$auth_mode = wsl_process_login_get_auth_mode();
$is_new_user = false;
// is it a new or returning user
$user_id = '';
// wp user id
$adapter = '';
// hybriauth adapter for the selected provider
$hybridauth_user_profile = '';
// hybriauth user profile
$requested_user_login = '';
// username typed by users in Profile Completion
$requested_user_email = '';
// email typed by users in Profile Completion
// provider is enabled?
if (!get_option('wsl_settings_' . $provider . '_enabled')) {
return wsl_process_login_render_notice_page(_wsl__("Unknown or disabled provider.", 'wordpress-social-login'));
}
if ('test' == $auth_mode) {
$redirect_to = admin_url('options-general.php?page=wordpress-social-login&wslp=auth-paly&provider=' . $provider);
return wp_safe_redirect($redirect_to);
}
if ('link' == $auth_mode) {
// a social account cant be associated with more than one wordpress account.
$hybridauth_user_profile = wsl_process_login_request_user_social_profile($provider);
$adapter = wsl_process_login_get_provider_adapter($provider);
$user_id = (int) wsl_get_stored_hybridauth_user_id_by_provider_and_provider_uid($provider, $hybridauth_user_profile->identifier);
if ($user_id && $user_id != get_current_user_id()) {
return wsl_process_login_render_notice_page(sprintf(_wsl__("Your <b>%s ID</b> is already linked to another account on this website.", 'wordpress-social-login'), $provider));
}
$user_id = get_current_user_id();
// doesn't hurt to double check
if (!$user_id) {
return wsl_process_login_render_notice_page(_wsl__("Sorry, we couldn't link your account.", 'wordpress-social-login'));
}
} elseif ('login' != $auth_mode) {
return wsl_process_login_render_notice_page(_wsl__('Bouncer says no.', 'wordpress-social-login'));
}
if ('login' == $auth_mode) {
// returns user data after he authenticate via hybridauth
list($user_id, $adapter, $hybridauth_user_profile, $requested_user_login, $requested_user_email, $wordpress_user_id) = wsl_process_login_get_user_data($provider, $redirect_to);
// if no associated user were found in wslusersprofiles, create new WordPress user
if (!$wordpress_user_id) {
$user_id = wsl_process_login_create_wp_user($provider, $hybridauth_user_profile, $requested_user_login, $requested_user_email);
$is_new_user = true;
} else {
$user_id = $wordpress_user_id;
$is_new_user = false;
}
}
// if user is found in wslusersprofiles but the associated WP user account no longer exist
// > this should never happen! but just in case: we delete the user wslusersprofiles/wsluserscontacts entries and we reset the process
$wp_user = get_userdata($user_id);
if (!$wp_user) {
wsl_delete_stored_hybridauth_user_data($user_id);
return wsl_process_login_render_notice_page(sprintf(_wsl__("Sorry, we couldn't connect you. <a href=\"%s\">Please try again</a>.", 'wordpress-social-login'), site_url('wp-login.php', 'login_post')));
}
// store user hybridauth profile (wslusersprofiles), contacts (wsluserscontacts) and buddypress mapping
wsl_process_login_update_wsl_user_data($is_new_user, $user_id, $provider, $adapter, $hybridauth_user_profile, $wp_user);
// finally create a wordpress session for the user
wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile, $wp_user);
}
function wsl_process_login_hybridauth_authenticate($provider, $redirect_to)
{
try {
# Hybrid_Auth already used?
if (class_exists('Hybrid_Auth', false)) {
return wsl_render_notices_pages(_wsl__("Error: Another plugin seems to be using HybridAuth Library and made WordPress Social Login unusable. We recommand to find this plugin and to kill it with fire!", 'wordpress-social-login'));
}
// load hybridauth
require_once WORDPRESS_SOCIAL_LOGIN_ABS_PATH . "/hybridauth/Hybrid/Auth.php";
// build required configuratoin for this provider
if (!get_option('wsl_settings_' . $provider . '_enabled')) {
throw new Exception('Unknown or disabled provider');
}
$config = array();
$config["providers"] = array();
$config["providers"][$provider] = array();
$config["providers"][$provider]["enabled"] = true;
// provider application id ?
if (get_option('wsl_settings_' . $provider . '_app_id')) {
$config["providers"][$provider]["keys"]["id"] = get_option('wsl_settings_' . $provider . '_app_id');
}
// provider application key ?
if (get_option('wsl_settings_' . $provider . '_app_key')) {
$config["providers"][$provider]["keys"]["key"] = get_option('wsl_settings_' . $provider . '_app_key');
}
// provider application secret ?
if (get_option('wsl_settings_' . $provider . '_app_secret')) {
$config["providers"][$provider]["keys"]["secret"] = get_option('wsl_settings_' . $provider . '_app_secret');
}
// create an instance for Hybridauth
$hybridauth = new Hybrid_Auth($config);
// try to authenticate the selected $provider
if ($hybridauth->isConnectedWith($provider)) {
$adapter = $hybridauth->getAdapter($provider);
$hybridauth_user_profile = $adapter->getUserProfile();
// check hybridauth user email
$hybridauth_user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
$hybridauth_user_email = sanitize_email($hybridauth_user_profile->email);
$hybridauth_user_login = sanitize_user($hybridauth_user_profile->displayName);
$request_user_login = "";
$request_user_email = "";
# {{{ linking new accounts
// Bouncer :: Accounts Linking is enabled
if (get_option('wsl_settings_bouncer_linking_accounts_enabled') == 1) {
// if user is linking account
// . we DO import contacts
// . we DO store the user profile
//
// . we DONT create another entry on user table
// . we DONT create nor update his data on usermeata table
if ($_REQUEST['action'] == "wordpress_social_link") {
global $current_user;
get_currentuserinfo();
$user_id = $current_user->ID;
return wsl_process_login_authenticate_wp_user_linked_account($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
// check if connected user is linked account
$linked_account = wsl_get_user_linked_account_by_provider_and_identifier($provider, $hybridauth_user_profile->identifier);
// if linked account found, we connect the actual user
if ($linked_account) {
if (count($linked_account) > 1) {
return wsl_render_notices_pages(_wsl__("This {$provider} is linked to many accounts!", 'wordpress-social-login'));
}
$user_id = $linked_account[0]->user_id;
if (!$user_id) {
return wsl_render_notices_pages(_wsl__("Something wrong!", 'wordpress-social-login'));
}
return wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
}
# }}} linking new accounts
# {{{ module Bouncer
// Bouncer :: Filters by emails domains name
if (get_option('wsl_settings_bouncer_new_users_restrict_domain_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_domain_list');
$list = preg_split('/$\\R?^/m', $list);
$current = strstr($hybridauth_user_email, '@');
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower("@{$item}")) == strtolower($current)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
}
// Bouncer :: Filters by e-mails addresses
if (get_option('wsl_settings_bouncer_new_users_restrict_email_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_email_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_email)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
}
// Bouncer :: Filters by profile urls
if (get_option('wsl_settings_bouncer_new_users_restrict_profile_enabled') == 1) {
$list = get_option('wsl_settings_bouncer_new_users_restrict_profile_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_profile->profileURL)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_profile_text_bounce'));
}
}
// if user do not exist
if (!$hybridauth_user_id) {
// Bouncer :: Accept new registrations
if (get_option('wsl_settings_bouncer_registration_enabled') == 2) {
return wsl_render_notices_pages(_wsl__("registration is now closed!", 'wordpress-social-login'));
}
// Bouncer :: Profile Completion
if (get_option('wsl_settings_bouncer_profile_completion_require_email') == 1 && empty($hybridauth_user_email) || get_option('wsl_settings_bouncer_profile_completion_change_username') == 1) {
do {
list($shall_pass, $request_user_login, $request_user_email) = wsl_process_login_complete_registration($provider, $redirect_to, $hybridauth_user_email, $hybridauth_user_login);
} while (!$shall_pass);
}
}
# }}} module Bouncer
} else {
throw new Exception('User not connected with ' . $provider . '!');
}
} catch (Exception $e) {
return wsl_render_notices_pages(sprintf(_wsl__("Unspecified error. #%d", 'wordpress-social-login'), $e->getCode()));
}
$user_id = null;
// if the user email is verified, then try to map to legacy account if exist
// > Currently only Facebook, Google, Yahaoo and Foursquare do provide the verified user email.
if (!empty($hybridauth_user_profile->emailVerified)) {
$user_id = (int) email_exists($hybridauth_user_profile->emailVerified);
}
// try to get user by meta if not
if (!$user_id) {
$user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
}
return array($user_id, $adapter, $hybridauth_user_profile, $hybridauth_user_id, $hybridauth_user_email, $request_user_login, $request_user_email);
}
