public function testDeletesOpauthIdentityOnDelete()
{
$member = new Member(array('Email' => '*****@*****.**'));
$member->write();
$identity = new OpauthIdentity();
$identity->write();
$member->OpauthIdentities()->add($identity);
$member->delete();
$this->assertEquals(0, $member->OpauthIdentities()->Count());
}
/**
* factory
* Returns or creates a fresh OpauthIdentity.
* @param array $oaResponse The response object from Opauth.
* @return OpauthIdentity instance based on $oaResponse.
*/
public static function factory(array $oaResponse)
{
if (empty($oaResponse['auth'])) {
throw new InvalidArgumentException('The auth key is required to continue.');
}
if (empty($oaResponse['auth']['provider'])) {
throw new InvalidArgumentException('Unable to determine provider.');
}
$auth = $oaResponse['auth'];
$do = OpauthIdentity::get()->filter(array('Provider' => $auth['provider'], 'UID' => $auth['uid']))->first();
if (!$do || !$do->exists()) {
$do = new OpauthIdentity();
$do->Provider = $auth['provider'];
$do->UID = $auth['uid'];
}
$do->setAuthSource($auth);
return $do;
}
public function testForgotPasswordVeto()
{
Config::inst()->update('OpauthMemberLoginFormExtension', 'allow_password_reset', false);
$memberWithoutPassword = new Member(array('Email' => '*****@*****.**'));
$memberWithoutPassword->write();
$memberWithPassword = new Member(array('Email' => '*****@*****.**', 'Password' => 'test'));
$memberWithPassword->write();
$memberWithIdentity = new Member(array('Email' => '*****@*****.**'));
$memberWithIdentity->write();
$identity = new OpauthIdentity(array('MemberID' => $memberWithIdentity->ID, 'Provider' => 'Google'));
$identity->write();
$form = new Form(new Controller(), 'Form', new FieldList(), new FieldList());
$ext = new OpauthMemberLoginFormExtension();
$ext->setOwner($form);
$this->assertNull($ext->forgotPassword($memberWithoutPassword));
$this->assertNull(Session::get("FormInfo.Form_Form.formError.message"));
$this->assertNull($ext->forgotPassword($memberWithPassword));
$this->assertNull(Session::get("FormInfo.Form_Form.formError.message"));
$this->assertFalse($ext->forgotPassword($memberWithIdentity));
$this->assertContains('Google', Session::get("FormInfo.Form_Form.formError.message"));
}
public function testFindOrCreateMemberOverwriteExistingFields()
{
$member = new Member(array('Email' => '*****@*****.**', 'FirstName' => 'Existing', 'Surname' => 'Existing'));
$member->write();
$identity = OpauthIdentity::factory(array('auth' => array('provider' => 'Facebook', 'uid' => 999, 'info' => array('email' => '*****@*****.**', 'first_name' => 'New', 'last_name' => 'New'))));
$member = $identity->findOrCreateMember(array('overwriteExistingFields' => false));
$this->assertEquals('Existing', $member->FirstName, 'Does not overwrite unless requested');
$identity = OpauthIdentity::factory(array('auth' => array('provider' => 'Facebook', 'uid' => 999, 'info' => array('email' => '*****@*****.**', 'first_name' => 'New', 'last_name' => 'New'))));
$member = $identity->findOrCreateMember(array('overwriteExistingFields' => array('FirstName')));
$this->assertEquals('New', $member->FirstName, 'Overwrites existing fields if requested');
$this->assertEquals('Existing', $member->Surname, 'Does not overwrite fields if not present in whitelist');
}
/**
* Deny password resets
*
* @param Member $member
* @return boolean
*/
public function forgotPassword($member)
{
if (Config::inst()->get('OpauthMemberLoginFormExtension', 'allow_password_reset')) {
return null;
}
$identity = OpauthIdentity::get()->find('MemberID', $member->ID);
if (!$member->Password && $identity) {
$this->owner->sessionMessage(_t('OpauthMemberLoginFormExtension.NoResetPassword', 'Can\'t reset password for accounts registered through {provider}', array('provider' => $identity->Provider)), 'bad');
return false;
} else {
return null;
}
}
/**
* Equivalent to "callback.php" in the Opauth package.
* If there is a problem with the response, we throw an HTTP error.
* When done validating, we return back to the Authenticator continue auth.
* @throws SS_HTTPResponse_Exception if any validation errors
*/
public function finished(SS_HTTPRequest $request)
{
$opauth = OpauthAuthenticator::opauth(false);
$response = $this->getOpauthResponse();
if (!$response) {
$response = array();
}
// Clear the response as it is only to be read once (if Session)
Session::clear('opauth');
// Handle all Opauth validation in this handy function
try {
$this->validateOpauthResponse($opauth, $response);
} catch (OpauthValidationException $e) {
return $this->handleOpauthException($e);
}
$identity = OpauthIdentity::factory($response);
$member = $identity->findOrCreateMember();
// If the member exists, associate it with the identity and log in
if ($member->isInDB() && $member->validate()->valid()) {
if (!$identity->exists()) {
$identity->write();
$flag = self::AUTH_FLAG_LINK;
} else {
$flag = self::AUTH_FLAG_LOGIN;
}
Session::set('OpauthIdentityID', $identity->ID);
} else {
$flag = self::AUTH_FLAG_REGISTER;
// Write the identity
$identity->write();
// Keep a note of the identity ID
Session::set('OpauthIdentityID', $identity->ID);
// Even if written, check validation - we might not have full fields
$validationResult = $member->validate();
if (!$validationResult->valid()) {
// Set up the register form before it's output
$regForm = $this->RegisterForm();
$regForm->loadDataFrom($member);
$regForm->setSessionData($member);
$regForm->validate();
return $this->redirect($this->Link('profilecompletion'));
} else {
$member->extend('onBeforeOpauthRegister');
$member->write();
$identity->MemberID = $member->ID;
$identity->write();
}
}
return $this->loginAndRedirect($member, $identity, $flag);
}
