/**
 * Log in a user referred from Twitter's OAuth API
 *
 * If the user has already linked their account with Twitter, it is a seamless
 * login. If this is a first time login (or a user from deprecated twitter login
 * plugin), we create a new account (update the account).
 *
 * If a plugin wants to be notified when someone logs in with twitter or a new
 * twitter user signs up, register for the standard login or create user events
 * and check for 'twitter_api' context.
 *
 * The user has to be redirected from Twitter for this to work. It depends on
 * the Twitter OAuth data.
 */
function twitter_api_login()
{
    // sanity check
    if (!twitter_api_allow_sign_on_with_twitter()) {
        forward();
    }
    $session = elgg_get_session();
    $token = twitter_api_get_access_token(get_input('oauth_verifier'));
    $persistent = false;
    $forward = '';
    // fetch login metadata from session
    $login_metadata = $session->get('twitter_api_login_metadata');
    $session->remove('twitter_api_login_metadata');
    if (!empty($login_metadata['persistent'])) {
        $persistent = true;
    }
    if (!empty($login_metadata['forward'])) {
        $forward = $login_metadata['forward'];
    }
    if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
        register_error(elgg_echo('twitter_api:login:error'));
        forward();
    }
    // attempt to find user and log them in.
    // else, create a new user.
    $options = array('type' => 'user', 'plugin_id' => 'twitter_api', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if ($users) {
        if (count($users) == 1 && login($users[0], $persistent)) {
            system_message(elgg_echo('twitter_api:login:success'));
            forward($forward);
        } else {
            register_error(elgg_echo('twitter_api:login:error'));
            forward();
        }
    } else {
        $api = twitter_api_get_api_object($token['oauth_token'], $token['oauth_token_secret']);
        $twitter = $api->get('account/verify_credentials');
        // backward compatibility for deprecated Twitter Login plugin
        $user = FALSE;
        if ($twitter_user = get_user_by_username($token['screen_name'])) {
            if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) {
                // convert existing account
                $user = $twitter_user;
                $forward = '';
            }
        }
        // create new user
        if (!$user) {
            $user = twitter_api_create_user($twitter);
            $site_name = elgg_get_site_entity()->name;
            system_message(elgg_echo('twitter_api:login:email', array($site_name)));
            $forward = "twitter_api/interstitial";
        }
        // set twitter services tokens
        elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid, 'twitter_api');
        elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid, 'twitter_api');
        elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid, 'twitter_api');
        // pull in Twitter icon
        twitter_api_update_user_avatar($user, $twitter->profile_image_url);
        // login new user
        if (login($user)) {
            system_message(elgg_echo('twitter_api:login:success'));
        } else {
            system_message(elgg_echo('twitter_api:login:error'));
        }
        forward($forward, 'twitter_api');
    }
    // register login error
    register_error(elgg_echo('twitter_api:login:error'));
    forward();
}
Example #2
0
/**
 * Log in a user with twitter.
 */
function twitter_api_login()
{
    // sanity check
    if (!twitter_api_allow_sign_on_with_twitter()) {
        forward();
    }
    $token = twitter_api_get_access_token(get_input('oauth_verifier'));
    if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
        register_error(elgg_echo('twitter_api:login:error'));
        forward();
    }
    // attempt to find user and log them in.
    // else, create a new user.
    $options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
    $users = elgg_get_entities_from_plugin_user_settings($options);
    if ($users) {
        if (count($users) == 1 && login($users[0])) {
            system_message(elgg_echo('twitter_api:login:success'));
            // trigger login hook
            elgg_trigger_plugin_hook('login', 'twitter_api', array('user' => $users[0]));
        } else {
            system_message(elgg_echo('twitter_api:login:error'));
        }
        forward();
    } else {
        // need Twitter account credentials
        elgg_load_library('twitter_oauth');
        $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
        $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
        $api = new TwitterOAuth($consumer_key, $consumer_secret, $token['oauth_token'], $token['oauth_token_secret']);
        $twitter = $api->get('account/verify_credentials');
        // backward compatibility for stalled-development Twitter Login plugin
        $user = FALSE;
        if ($twitter_user = get_user_by_username($token['screen_name'])) {
            if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) {
                // convert existing account
                $user = $twitter_user;
                $forward = '';
            }
        }
        // create new user
        if (!$user) {
            // check new registration allowed
            if (!twitter_api_allow_new_users_with_twitter()) {
                register_error(elgg_echo('registerdisabled'));
                forward();
            }
            // trigger a hook for plugin authors to intercept
            if (!elgg_trigger_plugin_hook('new_twitter_user', 'twitter_service', array('account' => $twitter), TRUE)) {
                // halt execution
                register_error(elgg_echo('twitter_api:login:error'));
                forward();
            }
            // Elgg-ify Twitter credentials
            $username = $twitter->screen_name;
            while (get_user_by_username($username)) {
                $username = $twitter->screen_name . '_' . rand(1000, 9999);
            }
            $password = generate_random_cleartext_password();
            $name = $twitter->name;
            $user = new ElggUser();
            $user->username = $username;
            $user->name = $name;
            $user->access_id = ACCESS_PUBLIC;
            $user->salt = generate_random_cleartext_password();
            $user->password = generate_user_password($user, $password);
            $user->owner_guid = 0;
            $user->container_guid = 0;
            if (!$user->save()) {
                register_error(elgg_echo('registerbad'));
                forward();
            }
            // @todo require email address?
            $site_name = elgg_get_site_entity()->name;
            system_message(elgg_echo('twitter_api:login:email', array($site_name)));
            $forward = "settings/user/{$user->username}";
        }
        // set twitter services tokens
        elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid);
        elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid);
        elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid);
        // pull in Twitter icon
        twitter_api_update_user_avatar($user, $twitter->profile_image_url);
        // login new user
        if (login($user)) {
            system_message(elgg_echo('twitter_api:login:success'));
            // trigger login hook for new user
            elgg_trigger_plugin_hook('first_login', 'twitter_api', array('user' => $user));
        } else {
            system_message(elgg_echo('twitter_api:login:error'));
        }
        forward($forward, 'twitter_api');
    }
    // register login error
    register_error(elgg_echo('twitter_api:login:error'));
    forward();
}