/**
* Returns user data after he authenticate via hybridauth
*
* Steps:
* 1. Grab the user profile from hybridauth
* 2. Run Bouncer::Filters if enabled (domains, emails, profiles urls)
* 3. Check if user exist in database by looking for the couple (Provider name, Provider user ID) or verified email
* 4. Deletegate detection of user id to custom functions / hooks
* 5. If Bouncer::Profile Completion is enabled and user didn't exist, we require the user to complete the registration (user name & email)
*/
function wsl_process_login_get_user_data($provider, $redirect_to)
{
// HOOKABLE:
do_action("wsl_process_login_get_user_data_start", $provider, $redirect_to);
$user_id = null;
$config = null;
$hybridauth = null;
$adapter = null;
$hybridauth_user_profile = null;
$requested_user_login = '';
$requested_user_email = '';
/* 1. Grab the user profile from social network */
if (!(isset($_SESSION['wsl::userprofile']) && $_SESSION['wsl::userprofile'] && ($hybridauth_user_profile = json_decode($_SESSION['wsl::userprofile'])))) {
$hybridauth_user_profile = wsl_process_login_request_user_social_profile($provider);
$_SESSION['wsl::userprofile'] = json_encode($hybridauth_user_profile);
}
$adapter = wsl_process_login_get_provider_adapter($provider);
$hybridauth_user_email = sanitize_email($hybridauth_user_profile->email);
/* 2. Run Bouncer::Filters if enabled (domains, emails, profiles urls) */
// Bouncer::Filters by emails domains name
if (get_option('wsl_settings_bouncer_new_users_restrict_domain_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_process_login_render_notice_page(_wsl__(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'), 'wordpress-social-login'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_domain_list');
$list = preg_split('/$\\R?^/m', $list);
$current = strstr($hybridauth_user_email, '@');
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower("@{$item}")) == strtolower($current)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_process_login_render_notice_page(_wsl__(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'), 'wordpress-social-login'));
}
}
// Bouncer::Filters by e-mails addresses
if (get_option('wsl_settings_bouncer_new_users_restrict_email_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_process_login_render_notice_page(_wsl__(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'), 'wordpress-social-login'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_email_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_email)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_process_login_render_notice_page(_wsl__(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'), 'wordpress-social-login'));
}
}
// Bouncer::Filters by profile urls
if (get_option('wsl_settings_bouncer_new_users_restrict_profile_enabled') == 1) {
$list = get_option('wsl_settings_bouncer_new_users_restrict_profile_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_profile->profileURL)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_process_login_render_notice_page(_wsl__(get_option('wsl_settings_bouncer_new_users_restrict_profile_text_bounce'), 'wordpress-social-login'));
}
}
/* 3. Check if user exist in database by looking for the couple (Provider name, Provider user ID) or verified email */
// check if user already exist in wslusersprofiles
$user_id = (int) wsl_get_stored_hybridauth_user_id_by_provider_and_provider_uid($provider, $hybridauth_user_profile->identifier);
// if not found in wslusersprofiles, then check his verified email
if (!$user_id && !empty($hybridauth_user_profile->emailVerified)) {
// check if the verified email exist in wp_users
$user_id = (int) wsl_wp_email_exists($hybridauth_user_profile->emailVerified);
// check if the verified email exist in wslusersprofiles
if (!$user_id) {
$user_id = (int) wsl_get_stored_hybridauth_user_id_by_email_verified($hybridauth_user_profile->emailVerified);
}
}
/* 4 Deletegate detection of user id to custom filters hooks */
// HOOKABLE:
$user_id = apply_filters('wsl_hook_process_login_alter_user_id', $user_id, $provider, $hybridauth_user_profile);
/* 5. If Bouncer::Profile Completion is enabled and user didn't exist, we require the user to complete the registration (user name & email) */
if (!$user_id) {
// Bouncer :: Accept new registrations?
if (get_option('wsl_settings_bouncer_registration_enabled') == 2) {
return wsl_process_login_render_notice_page(_wsl__("Registration is now closed.", 'wordpress-social-login'));
}
// Bouncer::Accounts linking/mapping
// > > not implemented yet! Planned for WSL 2.3
if (get_option('wsl_settings_bouncer_accounts_linking_enabled') == 1) {
do {
list($shall_pass, $user_id, $requested_user_login, $requested_user_email) = wsl_process_login_new_users_gateway($provider, $redirect_to, $hybridauth_user_profile);
} while (!$shall_pass);
} elseif (get_option('wsl_settings_bouncer_profile_completion_require_email') == 1 && empty($hybridauth_user_email) || get_option('wsl_settings_bouncer_profile_completion_change_username') == 1) {
do {
list($shall_pass, $requested_user_login, $requested_user_email) = wsl_process_login_complete_registration($provider, $redirect_to, $hybridauth_user_profile);
} while (!$shall_pass);
}
}
/* 6. returns user data */
return array($user_id, $adapter, $hybridauth_user_profile, $requested_user_login, $requested_user_email);
}
function wsl_process_login_hybridauth_authenticate($provider, $redirect_to)
{
try {
# Hybrid_Auth already used?
if (class_exists('Hybrid_Auth', false)) {
return wsl_render_notices_pages(_wsl__("Error: Another plugin seems to be using HybridAuth Library and made WordPress Social Login unusable. We recommand to find this plugin and to kill it with fire!", 'wordpress-social-login'));
}
// load hybridauth
require_once WORDPRESS_SOCIAL_LOGIN_ABS_PATH . "/hybridauth/Hybrid/Auth.php";
// build required configuratoin for this provider
if (!get_option('wsl_settings_' . $provider . '_enabled')) {
throw new Exception('Unknown or disabled provider');
}
$config = array();
$config["providers"] = array();
$config["providers"][$provider] = array();
$config["providers"][$provider]["enabled"] = true;
// provider application id ?
if (get_option('wsl_settings_' . $provider . '_app_id')) {
$config["providers"][$provider]["keys"]["id"] = get_option('wsl_settings_' . $provider . '_app_id');
}
// provider application key ?
if (get_option('wsl_settings_' . $provider . '_app_key')) {
$config["providers"][$provider]["keys"]["key"] = get_option('wsl_settings_' . $provider . '_app_key');
}
// provider application secret ?
if (get_option('wsl_settings_' . $provider . '_app_secret')) {
$config["providers"][$provider]["keys"]["secret"] = get_option('wsl_settings_' . $provider . '_app_secret');
}
// create an instance for Hybridauth
$hybridauth = new Hybrid_Auth($config);
// try to authenticate the selected $provider
if ($hybridauth->isConnectedWith($provider)) {
$adapter = $hybridauth->getAdapter($provider);
$hybridauth_user_profile = $adapter->getUserProfile();
// check hybridauth user email
$hybridauth_user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
$hybridauth_user_email = sanitize_email($hybridauth_user_profile->email);
$hybridauth_user_login = sanitize_user($hybridauth_user_profile->displayName);
$request_user_login = "";
$request_user_email = "";
# {{{ linking new accounts
// Bouncer :: Accounts Linking is enabled
if (get_option('wsl_settings_bouncer_linking_accounts_enabled') == 1) {
// if user is linking account
// . we DO import contacts
// . we DO store the user profile
//
// . we DONT create another entry on user table
// . we DONT create nor update his data on usermeata table
if ($_REQUEST['action'] == "wordpress_social_link") {
global $current_user;
get_currentuserinfo();
$user_id = $current_user->ID;
return wsl_process_login_authenticate_wp_user_linked_account($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
// check if connected user is linked account
$linked_account = wsl_get_user_linked_account_by_provider_and_identifier($provider, $hybridauth_user_profile->identifier);
// if linked account found, we connect the actual user
if ($linked_account) {
if (count($linked_account) > 1) {
return wsl_render_notices_pages(_wsl__("This {$provider} is linked to many accounts!", 'wordpress-social-login'));
}
$user_id = $linked_account[0]->user_id;
if (!$user_id) {
return wsl_render_notices_pages(_wsl__("Something wrong!", 'wordpress-social-login'));
}
return wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile);
}
}
# }}} linking new accounts
# {{{ module Bouncer
// Bouncer :: Filters by emails domains name
if (get_option('wsl_settings_bouncer_new_users_restrict_domain_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_domain_list');
$list = preg_split('/$\\R?^/m', $list);
$current = strstr($hybridauth_user_email, '@');
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower("@{$item}")) == strtolower($current)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce'));
}
}
// Bouncer :: Filters by e-mails addresses
if (get_option('wsl_settings_bouncer_new_users_restrict_email_enabled') == 1) {
if (empty($hybridauth_user_email)) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
$list = get_option('wsl_settings_bouncer_new_users_restrict_email_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_email)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce'));
}
}
// Bouncer :: Filters by profile urls
if (get_option('wsl_settings_bouncer_new_users_restrict_profile_enabled') == 1) {
$list = get_option('wsl_settings_bouncer_new_users_restrict_profile_list');
$list = preg_split('/$\\R?^/m', $list);
$shall_pass = false;
foreach ($list as $item) {
if (trim(strtolower($item)) == strtolower($hybridauth_user_profile->profileURL)) {
$shall_pass = true;
}
}
if (!$shall_pass) {
return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_profile_text_bounce'));
}
}
// if user do not exist
if (!$hybridauth_user_id) {
// Bouncer :: Accept new registrations
if (get_option('wsl_settings_bouncer_registration_enabled') == 2) {
return wsl_render_notices_pages(_wsl__("registration is now closed!", 'wordpress-social-login'));
}
// Bouncer :: Profile Completion
if (get_option('wsl_settings_bouncer_profile_completion_require_email') == 1 && empty($hybridauth_user_email) || get_option('wsl_settings_bouncer_profile_completion_change_username') == 1) {
do {
list($shall_pass, $request_user_login, $request_user_email) = wsl_process_login_complete_registration($provider, $redirect_to, $hybridauth_user_email, $hybridauth_user_login);
} while (!$shall_pass);
}
}
# }}} module Bouncer
} else {
throw new Exception('User not connected with ' . $provider . '!');
}
} catch (Exception $e) {
return wsl_render_notices_pages(sprintf(_wsl__("Unspecified error. #%d", 'wordpress-social-login'), $e->getCode()));
}
$user_id = null;
// if the user email is verified, then try to map to legacy account if exist
// > Currently only Facebook, Google, Yahaoo and Foursquare do provide the verified user email.
if (!empty($hybridauth_user_profile->emailVerified)) {
$user_id = (int) email_exists($hybridauth_user_profile->emailVerified);
}
// try to get user by meta if not
if (!$user_id) {
$user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier);
}
return array($user_id, $adapter, $hybridauth_user_profile, $hybridauth_user_id, $hybridauth_user_email, $request_user_login, $request_user_email);
}
