}
$session_owner_guid = get_input('session_owner_guid');
$session_owner = get_entity($session_owner_guid);
$session_name = get_input('session_name');
$session_handle = get_input('session_handle');
$user = $session_owner ?: elgg_get_logged_in_user_entity();
$ha_session = new Elgg\HybridAuth\Session($user, $session_name, $session_handle);
$provider_name = get_input('provider');
$provider = $ha_session->getProvider($provider_name);
if (!$provider) {
forward(REFERRER, '400');
// bad request
}
$scope = get_input('scope');
if ($scope) {
$uid = (int) $ha_session->isAuthenticated($provider);
if (empty($_SESSION["HA:{$provider_name}:last_scope:{$uid}"])) {
$_SESSION["HA:{$provider_name}:last_scope:{$uid}"] = 'default';
}
if ($_SESSION["HA:{$provider_name}:last_scope:{$uid}"] != $scope) {
// Check if scope has been explicitly required
// Logout the user, and reauthenticate with the requested scope
$config = $ha_session->getConfig();
if (!empty($config['providers'][$provider_name])) {
$config['providers'][$provider_name]['scope'] = urldecode($scope);
}
$ha_session->setConfig($config);
$ha_session->getAdapter($provider)->logout();
$ha_session->save();
$_SESSION["HA:{$provider_name}:last_scope:{$uid}"] = $scope;
} else {
<?php
elgg_load_css('hybridauth.css');
$user = elgg_get_page_owner_entity();
$ha_session = new \Elgg\HybridAuth\Session($user);
$providers = $ha_session->getProviders();
foreach ($providers as $ha_provider) {
if (!$ha_provider->isEnabled()) {
continue;
}
$provider = $ha_provider->getName();
$openid = $ha_provider->getOpenId();
$icon_classes = array(strtolower("auth-{$provider}"));
if ($openid) {
$icon_classes[] = "auth-openid";
}
$title = elgg_view_image_block(elgg_view_icon(implode(' ', $icon_classes)), $provider);
if ($ha_session->isAuthenticated($ha_provider)) {
$deauth_url = elgg_http_add_url_query_elements("action/hybridauth/deauthorize", array('provider' => $provider, 'guid' => $user->guid));
$mod = '<p class="hybridauth-diagnostics-success">' . elgg_echo('hybridauth:provider:user:authenticated') . '</p>';
$mod .= elgg_view('output/url', array('href' => $deauth_url, 'is_action' => true, 'text' => elgg_echo('hybridauth:provider:user:deauthorize'), 'class' => 'elgg-button elgg-button-action'));
$mod .= elgg_view("hybridauth/accounts/{$provider}");
} else {
$auth_url = elgg_http_add_url_query_elements('hybridauth/authenticate', array('provider' => $provider, 'elgg_forward_url' => urlencode(elgg_normalize_url("hybridauth/accounts/{$user->username}"))));
$mod = elgg_view('output/url', array('href' => $auth_url, 'text' => elgg_echo('hybridauth:provider:user:authenticate'), 'class' => 'elgg-button elgg-button-action'));
}
echo elgg_view_module('info', $title, $mod);
}
/**
* Authenticate all providers the user has previously authenticated with
* This callback is not currently in use. It's added here for illustration purposes
*
* @param string $event "login"
* @param string $type "user"
* @param ElggUser $user User entity
* @return boolean
*/
function elgg_hybridauth_authenticate_all_providers($event, $type, $user)
{
$ha_session = new \Elgg\HybridAuth\Session($user);
$providers = $ha_session->getProviders();
foreach ($providers as $provider) {
if (!$provider->isEnabled()) {
continue;
}
if (!$ha_session->isAuthenticated($provider) || $ha_session->isConnected($provider)) {
continue;
}
if (!$ha_session->authenticate($provider, false)) {
register_error(elgg_echo('hybridauth:unlink:provider', array($provider)));
$ha_session->removeAuthRecord($provider);
}
}
return true;
}