/** * finish login step */ function loginFinish() { // in case we get error_reason=user_denied&error=access_denied if (isset($_REQUEST['error']) && $_REQUEST['error'] == "access_denied") { throw new Exception("Authentification failed! The user denied your request.", 5); } if (!isset($_REQUEST['code']) || !isset($_REQUEST['state'])) { throw new Exception("Authentification failed! The user denied your request.", 5); } $code = $_REQUEST['code']; $state = $_REQUEST['state']; $user_id = 0; // try to get the UID of the connected user from fb, should be > 0 try { $user_id = $this->api->getUser($code, $state, $this->endpoint); } catch (Exception $e) { Hybrid_Logger::error("Authentification failed! Renren returned an invalide user id."); Hybrid_Logger::error("Exception:" . $e->getMessage(), $e); } if (!$user_id) { throw new Exception("Authentification failed! {$this->providerId} returned an invalide user id.", 5); } // set user as logged in $this->setUserConnected(); // store access token //$this->token( "access_token", $this->api->getAccessToken() ); }
/** * begin login step * * simply call Facebook::require_login(). */ function loginBegin() { $parameters = array("scope" => $this->scope, "redirect_uri" => $this->endpoint, "display" => "page"); $optionals = array("scope", "redirect_uri", "display", "auth_type"); foreach ($optionals as $parameter) { if (isset($this->config[$parameter]) && !empty($this->config[$parameter])) { $parameters[$parameter] = $this->config[$parameter]; //If the auth_type parameter is used, we need to generate a nonce and include it as a parameter if ($parameter == "auth_type") { $nonce = md5(uniqid(mt_rand(), true)); $parameters['auth_nonce'] = $nonce; Hybrid_Auth::storage()->set('fb_auth_nonce', $nonce); } } } if (isset($this->config['force']) && $this->config['force'] === true) { $parameters['auth_type'] = 'reauthenticate'; $parameters['auth_nonce'] = md5(uniqid(mt_rand(), true)); Hybrid_Auth::storage()->set('fb_auth_nonce', $parameters['auth_nonce']); } // get the login url $url = $this->api->getLoginUrl($parameters); if (!$url) { Hybrid_Logger::error("Hybrid_Providers_Facebook: url is empty!"); } // redirect to facebook Hybrid_Auth::redirect($url); }
/** * finish login step */ function loginFinish() { // in case we get error_reason=user_denied&error=access_denied if (isset($_REQUEST['error']) && $_REQUEST['error'] == "access_denied") { Hybrid_Logger::debug("QQ access_denied"); throw new Exception("Authentification failed! The user denied your request.", 5); } if (!isset($_REQUEST['code']) || !isset($_REQUEST['state'])) { Hybrid_Logger::debug("QQ no code or state"); throw new Exception("Authentification failed! The user denied your request.", 5); } $code = $_REQUEST['code']; $state = $_REQUEST['state']; // try to get the UID of the connected user from fb, should be > 0 try { $access_token = $this->api->qq_callback(); $openid = $this->api->get_openid(); Hybrid_Logger::debug("Get QQ openid: {$openid}"); } catch (Exception $e) { Hybrid_Logger::error("Authentification failed for {$this->providerId} "); Hybrid_Logger::error("Exception:" . $e->getMessage(), $e); } if (!$access_token || !$openid) { throw new Exception("Authentification failed! {$this->providerId} returned invalide access token or openid", 5); } // set user as logged in $this->setUserConnected(); // store access token //$this->token( "access_token", $this->api->getAccessToken() ); }
function xuite_request($url, $params = false, $type = "GET", $include_header = 0) { Hybrid_Logger::info("Enter OAuth2Client::xuite_request( {$url} )"); Hybrid_Logger::debug("OAuth2Client::xuite_request(). dump request url ", $url); Hybrid_Logger::debug("OAuth2Client::xuite_request(). dump request params: ", print_r($params, true)); if ($type == "GET") { $url = $url . (strpos($url, '?') ? '&' : '?') . http_build_query($params, '', '&'); } $this->http_info = array(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // happyman if ($include_header == 1) { curl_setopt($ch, CURLOPT_HEADER, 1); } curl_setopt($ch, CURLOPT_TIMEOUT, $this->curl_time_out); curl_setopt($ch, CURLOPT_USERAGENT, $this->curl_useragent); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->curl_ssl_verifypeer); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $this->curl_ssl_verifyhost); curl_setopt($ch, CURLOPT_HTTPHEADER, $this->curl_header); if ($this->curl_proxy) { curl_setopt($ch, CURLOPT_PROXY, $this->curl_proxy); } if ($type == "POST") { curl_setopt($ch, CURLOPT_POST, 1); if ($params) { curl_setopt($ch, CURLOPT_POSTFIELDS, $params); } } $response = curl_exec($ch); if ($response === FALSE) { Hybrid_Logger::error("OAuth2Client::request(). curl_exec error: ", curl_error($ch)); } Hybrid_Logger::debug("OAuth2Client::request(). dump request info: ", serialize(curl_getinfo($ch))); //happyman Hybrid_Logger::debug("OAuth2Client::request(). dump request result: ", print_r($response, true)); $this->http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $this->http_info = array_merge($this->http_info, curl_getinfo($ch)); curl_close($ch); return $response; }
/** * Make http request */ function request($url, $method, $postfields = NULL, $auth_header = NULL, $content_type = NULL) { Hybrid_Logger::info("Enter OAuth1Client::request( {$method}, {$url} )"); Hybrid_Logger::debug("OAuth1Client::request(). dump post fields: ", serialize($postfields)); $this->http_info = array(); $ci = curl_init(); /* Curl settings */ curl_setopt($ci, CURLOPT_USERAGENT, $this->curl_useragent); curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out); curl_setopt($ci, CURLOPT_TIMEOUT, $this->curl_time_out); curl_setopt($ci, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ci, CURLOPT_HTTPHEADER, array('Expect:')); curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, $this->curl_ssl_verifypeer); curl_setopt($ci, CURLOPT_HEADERFUNCTION, array($this, 'getHeader')); curl_setopt($ci, CURLOPT_HEADER, FALSE); if ($content_type) { curl_setopt($ci, CURLOPT_HTTPHEADER, array('Expect:', "Content-Type: {$content_type}")); } if ($this->curl_proxy) { curl_setopt($ci, CURLOPT_PROXY, $this->curl_proxy); } switch ($method) { case 'POST': curl_setopt($ci, CURLOPT_POST, TRUE); if (!empty($postfields)) { curl_setopt($ci, CURLOPT_POSTFIELDS, $postfields); } if (!empty($auth_header) && $this->curl_auth_header) { curl_setopt($ci, CURLOPT_HTTPHEADER, array('Content-Type: application/atom+xml', $auth_header)); } break; case 'DELETE': curl_setopt($ci, CURLOPT_CUSTOMREQUEST, 'DELETE'); if (!empty($postfields)) { $url = "{$url}?{$postfields}"; } } curl_setopt($ci, CURLOPT_URL, $url); $response = curl_exec($ci); if ($response === FALSE) { Hybrid_Logger::error("OAuth1Client::request(). curl_exec error: ", curl_error($ci)); } Hybrid_Logger::debug("OAuth1Client::request(). dump request info: ", serialize(curl_getinfo($ci))); Hybrid_Logger::debug("OAuth1Client::request(). dump request result: ", serialize($response)); $this->http_code = curl_getinfo($ci, CURLINFO_HTTP_CODE); $this->http_info = array_merge($this->http_info, curl_getinfo($ci)); curl_close($ci); return $response; }
/** * Makes an HTTP request. * This method can be overridden by subclasses if * developers want to do fancier things or use something other than curl to * make the request. * * @param string $url * The URL to make the request to * @param array $params * The parameters to use for the POST body * @param CurlHandler $ch * Initialized curl handle * * @return string The response text */ protected function makeRequest($url, $params, $ch = null) { if (!$ch) { $ch = curl_init(); } $opts = self::$CURL_OPTS; if ($this->getFileUploadSupport()) { $opts[CURLOPT_POSTFIELDS] = $params; } else { $opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&'); } $opts[CURLOPT_URL] = $url; // disable the 'Expect: 100-continue' behaviour. This causes CURL to wait // for 2 seconds if the server does not support this header. if (isset($opts[CURLOPT_HTTPHEADER])) { $existing_headers = $opts[CURLOPT_HTTPHEADER]; $existing_headers[] = 'Expect:'; $opts[CURLOPT_HTTPHEADER] = $existing_headers; } else { $opts[CURLOPT_HTTPHEADER] = array('Expect:'); } curl_setopt_array($ch, $opts); $result = curl_exec($ch); if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT self::errorLog('Invalid or no certificate authority found, ' . 'using bundled information'); curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/fb_ca_chain_bundle.crt'); $result = curl_exec($ch); } // With dual stacked DNS responses, it's possible for a server to // have IPv6 enabled but not have IPv6 connectivity. If this is // the case, curl will try IPv4 first and if that fails, then it wills // fall back to IPv6 and the error EHOSTUNREACH is returned by the // operating system. if ($result === false && empty($opts[CURLOPT_IPRESOLVE])) { $matches = array(); $regex = '/Failed to connect to ([^:].*): Network is unreachable/'; if (preg_match($regex, curl_error($ch), $matches)) { if (strlen(@inet_pton($matches[1])) === 16) { self::errorLog('Invalid IPv6 configuration on server, ' . 'Please disable or get native IPv6 on your server.'); self::$CURL_OPTS[CURLOPT_IPRESOLVE] = CURL_IPRESOLVE_V4; curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); $result = curl_exec($ch); } } } if (class_exists('Hybrid_Logger')) { Hybrid_Logger::info('FB:Request:Response' . print_r(array($url, $result), true)); } if ($result[0] == '{') { $resultOb = json_decode($result); if (key_exists('error', $resultOb)) { if (class_exists('Hybrid_Logger')) { Hybrid_Logger::error('FB:Error' . print_r($resultOb, true)); } } } if ($result === false) { $e = new FacebookApiException(array('error_code' => curl_errno($ch), 'error' => array('message' => curl_error($ch), 'type' => 'CurlException'))); curl_close($ch); throw $e; } curl_close($ch); return $result; }
/** * General data send/request method. * * @param str $method * The data communication method. * @param str $url * The Linkedin API endpoint to connect with. * @param str $data * [OPTIONAL] The data to send to LinkedIn. * @param arr $parameters * [OPTIONAL] Addition OAuth parameters to send to LinkedIn. * * @return arr * Array containing: * * array( * 'info' => Connection information, * 'linkedin' => LinkedIn response, * 'oauth' => The OAuth request string that was sent to LinkedIn * ) */ protected function fetch($method, $url, $data = NULL, $parameters = array()) { // check for cURL if (!extension_loaded('curl')) { // cURL not present throw new LinkedInException('LinkedIn->fetch(): PHP cURL extension does not appear to be loaded/present.'); } try { // generate OAuth values $oauth_consumer = new OAuthConsumer($this->getApplicationKey(), $this->getApplicationSecret(), $this->getCallbackUrl()); $oauth_token = $this->getToken(); $oauth_token = !is_null($oauth_token) ? new OAuthToken($oauth_token['oauth_token'], $oauth_token['oauth_token_secret']) : NULL; $defaults = array('oauth_version' => self::_API_OAUTH_VERSION); $parameters = array_merge($defaults, $parameters); // generate OAuth request $oauth_req = OAuthRequest::from_consumer_and_token($oauth_consumer, $oauth_token, $method, $url, $parameters); $oauth_req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $oauth_consumer, $oauth_token); // start cURL, checking for a successful initiation if (!($handle = curl_init())) { // cURL failed to start throw new LinkedInException('LinkedIn->fetch(): cURL did not initialize properly.'); } // set cURL options, based on parameters passed curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $method); curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($handle, CURLOPT_URL, $url); curl_setopt($handle, CURLOPT_VERBOSE, FALSE); if (isset(Hybrid_Auth::$config["proxy"])) { curl_setopt($handle, CURLOPT_PROXY, Hybrid_Auth::$config["proxy"]); } // configure the header we are sending to LinkedIn - http://developer.linkedin.com/docs/DOC-1203 $header = array($oauth_req->to_header(self::_API_OAUTH_REALM)); if (is_null($data)) { // not sending data, identify the content type $header[] = 'Content-Type: text/plain; charset=UTF-8'; switch ($this->getResponseFormat()) { case self::_RESPONSE_JSON: $header[] = 'x-li-format: json'; break; case self::_RESPONSE_JSONP: $header[] = 'x-li-format: jsonp'; break; } } else { $header[] = 'Content-Type: text/xml; charset=UTF-8'; curl_setopt($handle, CURLOPT_POSTFIELDS, $data); } curl_setopt($handle, CURLOPT_HTTPHEADER, $header); // set the last url, headers $this->last_request_url = $url; $this->last_request_headers = $header; // gather the response $return_data['linkedin'] = curl_exec($handle); if ($return_data['linkedin'] === FALSE) { Hybrid_Logger::error("LinkedIn::fetch(). curl_exec error: ", curl_error($ch)); } $return_data['info'] = curl_getinfo($handle); $return_data['oauth']['header'] = $oauth_req->to_header(self::_API_OAUTH_REALM); $return_data['oauth']['string'] = $oauth_req->base_string; // check for throttling if (self::isThrottled($return_data['linkedin'])) { throw new LinkedInException('LinkedIn->fetch(): throttling limit for this user/application has been reached for LinkedIn resource - ' . $url); } //TODO - add check for NO response (http_code = 0) from cURL // close cURL connection curl_close($handle); // no exceptions thrown, return the data return $return_data; } catch (OAuthException $e) { // oauth exception raised throw new LinkedInException('OAuth exception caught: ' . $e->getMessage()); } }
protected function request_curl($url, $method = 'GET', $params = array(), $update_claimed_id) { $params = http_build_query($params, '', '&'); $curl = curl_init($url . ($method == 'GET' && $params ? '?' . $params : '')); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Accept: application/xrds+xml, */*')); if (!empty($this->proxy)) { curl_setopt($curl, CURLOPT_PROXY, $this->proxy['host']); if (!empty($this->proxy['port'])) { curl_setopt($curl, CURLOPT_PROXYPORT, $this->proxy['port']); } if (!empty($this->proxy['user'])) { curl_setopt($curl, CURLOPT_PROXYUSERPWD, $this->proxy['user'] . ':' . $this->proxy['pass']); } } if ($this->verify_peer !== null) { curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verify_peer); if ($this->capath) { curl_setopt($curl, CURLOPT_CAPATH, $this->capath); } if ($this->cainfo) { curl_setopt($curl, CURLOPT_CAINFO, $this->cainfo); } } if ($method == 'POST') { curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $params); } elseif ($method == 'HEAD') { curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_NOBODY, true); } else { curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_HTTPGET, true); } $response = curl_exec($curl); if ($response === false) { Hybrid_Logger::error("LightOpenID::request_curl(). curl_exec error: ", curl_error($curl)); } if ($method == 'HEAD' && curl_getinfo($curl, CURLINFO_HTTP_CODE) == 405) { curl_setopt($curl, CURLOPT_HTTPGET, true); $response = curl_exec($curl); $response = substr($response, 0, strpos($response, "\r\n\r\n")); } if ($method == 'HEAD' || $method == 'GET') { $header_response = $response; # If it's a GET request, we want to only parse the header part. if ($method == 'GET') { $header_response = substr($response, 0, strpos($response, "\r\n\r\n")); } $headers = array(); foreach (explode("\n", $header_response) as $header) { $pos = strpos($header, ':'); if ($pos !== false) { $name = strtolower(trim(substr($header, 0, $pos))); $headers[$name] = trim(substr($header, $pos + 1)); } } if ($update_claimed_id) { # Updating claimed_id in case of redirections. $effective_url = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL); if ($effective_url != $url) { $this->identity = $this->claimed_id = $effective_url; } } if ($method == 'HEAD') { return $headers; } else { $this->headers = $headers; } } if (curl_errno($curl)) { throw new ErrorException(curl_error($curl), curl_errno($curl)); } return $response; }
/** * Naive getter of the current connected IDp API client */ function api() { if (!$this->adapter->isUserConnected()) { Hybrid_Logger::error("User not connected to the provider."); throw new Exception("User not connected to the provider.", 7); } return $this->adapter->api; }
// with /index.php?hauth.done={provider}?{args}... if (strrpos($_SERVER["QUERY_STRING"], '?')) { $_SERVER["QUERY_STRING"] = str_replace("?", "&", $_SERVER["QUERY_STRING"]); parse_str($_SERVER["QUERY_STRING"], $_REQUEST); } $provider_id = trim(strip_tags($_REQUEST["hauth_done"])); $hauth = Hybrid_Auth::setup($provider_id); if (!$hauth) { Hybrid_Logger::error("Endpoint: Invalide parameter on hauth_done!"); $hauth->adapter->setUserUnconnected(); header("HTTP/1.0 404 Not Found"); die("Invalide parameter! Please return to the login page and try again."); } try { Hybrid_Logger::info("Endpoint: call adapter [{$provider_id}] loginFinish() "); $hauth->adapter->loginFinish(); } catch (Exception $e) { Hybrid_Logger::error("Exception:" . $e->getMessage(), $e); Hybrid_Error::setError($e->getMessage(), $e->getCode(), $e->getTraceAsString(), $e); $hauth->adapter->setUserUnconnected(); } Hybrid_Logger::info("Endpoint: job done. retrun to callback url."); $hauth->returnToCallbackUrl(); die; } } else { # Else, # We advertise our XRDS document, something supposed to be done from the Realm URL page echo str_replace("{X_XRDS_LOCATION}", Hybrid_Auth::getCurrentUrl(false) . "?get=openid_xrds&v=" . Hybrid_Auth::$version, file_get_contents(dirname(__FILE__) . "/Hybrid/resources/openid_realm.html")); die; }
public static function authInit() { if (!Hybrid_Endpoint::$initDone) { Hybrid_Endpoint::$initDone = TRUE; # Init Hybrid_Auth try { if (!class_exists("Hybrid_Storage")) { require_once realpath(dirname(__FILE__)) . "/Storage.php"; } $storage = new Hybrid_Storage(); // Check if Hybrid_Auth session already exist if (!$storage->config("CONFIG")) { throw new Hybrid_Exception("You cannot access this page directly."); } Hybrid_Auth::initialize($storage->config("CONFIG")); } catch (Exception $e) { Hybrid_Logger::error("Endpoint: Error while trying to init Hybrid_Auth: " . $e->getMessage()); throw new Hybrid_Exception("Oophs. Error!"); } } }
/** * Try to initialize Hybrid_Auth with given $config hash or file */ public static function initialize($config) { if (!session_id()) { throw new Exception("Hybriauth require the use of 'session_start()' at the start of your script.", 1); } if (!is_array($config) && !file_exists($config)) { throw new Exception("Hybriauth config does not exist on the given path.", 1); } if (!is_array($config)) { $config = (include $config); } // build some need'd paths $config["path_base"] = realpath(dirname(__FILE__)) . "/"; $config["path_libraries"] = $config["path_base"] . "thirdparty/"; $config["path_resources"] = $config["path_base"] . "resources/"; $config["path_providers"] = $config["path_base"] . "Providers/"; // reset debug mode if (!isset($config["debug_mode"])) { $config["debug_mode"] = false; $config["debug_file"] = null; } # load hybridauth required files, a autoload is on the way... require_once $config["path_base"] . "Error.php"; require_once $config["path_base"] . "Logger.php"; require_once $config["path_base"] . "Storage.php"; require_once $config["path_base"] . "Provider_Adapter.php"; require_once $config["path_base"] . "Provider_Model.php"; require_once $config["path_base"] . "Provider_Model_OpenID.php"; require_once $config["path_base"] . "Provider_Model_OAuth1.php"; require_once $config["path_base"] . "Provider_Model_OAuth2.php"; require_once $config["path_base"] . "User.php"; require_once $config["path_base"] . "User_Profile.php"; require_once $config["path_base"] . "User_Contact.php"; require_once $config["path_base"] . "User_Activity.php"; // hash given config Hybrid_Auth::$config = $config; // start session storage mng Hybrid_Auth::$store = new Hybrid_Storage(); // instace of errors mng Hybrid_Auth::$error = new Hybrid_Error(); // instace of log mng Hybrid_Auth::$logger = new Hybrid_Logger(); // store php session and version.. $_SESSION["HA::PHP_SESSION_ID"] = session_id(); $_SESSION["HA::VERSION"] = Hybrid_Auth::$version; // almost done, check for errors then move on Hybrid_Logger::info("Enter Hybrid_Auth::initialize()"); Hybrid_Logger::info("Hybrid_Auth::initialize(). Hybrid_Auth used version: " . Hybrid_Auth::$version); Hybrid_Logger::info("Hybrid_Auth::initialize(). Hybrid_Auth called from: " . Hybrid_Auth::getCurrentUrl()); Hybrid_Logger::debug("Hybrid_Auth initialize. dump used config: ", serialize($config)); Hybrid_Logger::debug("Hybrid_Auth initialize. dump current session: ", serialize($_SESSION)); Hybrid_Logger::info("Hybrid_Auth initialize: check if any error is stored on the endpoint..."); if (Hybrid_Error::hasError()) { $m = Hybrid_Error::getErrorMessage(); $c = Hybrid_Error::getErrorCode(); $p = Hybrid_Error::getErrorPrevious(); Hybrid_Logger::error("Hybrid_Auth initialize: A stored Error found, Throw an new Exception and delete it from the store: Error#{$c}, '{$m}'"); Hybrid_Error::clearError(); if (!$p instanceof Exception) { $p = null; } //TODO: Is this check realy needed? throw new Exception($m, $c, $p); } Hybrid_Logger::info("Hybrid_Auth initialize: no error found. initialization succeed."); // Endof initialize }
private function request($url, $params = false, $type = "GET") { $params = http_build_query($params, '', '&'); Hybrid_Logger::info("Enter OAuth2Client::request( {$url} )"); Hybrid_Logger::debug("OAuth2Client::request(). dump request params: ", $params); if ($type == "GET") { $url = $url . (strpos($url, '?') ? '&' : '?') . $params; } $this->http_info = array(); $ch = curl_init(); $headers = $this->curl_header; if ($type == "POST") { //$headers[] = 'Content-Type: application/x-www-form-urlencoded'; } curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, $this->curl_time_out); curl_setopt($ch, CURLOPT_USERAGENT, $this->curl_useragent); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->curl_ssl_verifypeer); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $this->curl_ssl_verifyhost); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_USERPWD, $this->client_id . ':' . $this->client_secret); // logging if ($this->curl_log !== null) { $fp = fopen($this->curl_log, 'a'); curl_setopt($ch, CURLOPT_STDERR, $fp); curl_setopt($ch, CURLOPT_VERBOSE, 1); } if ($this->curl_proxy) { curl_setopt($ch, CURLOPT_PROXY, $this->curl_proxy); } if ($type == "POST") { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); } $response = curl_exec($ch); if ($this->curl_log !== null) { fclose($fp); } if ($response === FALSE) { Hybrid_Logger::error("OAuth2Client::request(). curl_exec error: ", curl_error($ch)); } Hybrid_Logger::debug("OAuth2Client::request(). dump request info: ", serialize(curl_getinfo($ch))); Hybrid_Logger::debug("OAuth2Client::request(). dump request result: ", serialize($response)); $this->http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $this->http_info = array_merge($this->http_info, curl_getinfo($ch)); curl_close($ch); return $response; }
/** * define:endpoint step 3.1 and 3.2 */ protected function processAuthDone() { $provider_id = trim($this->getProperty('hauth_done')); $hauth = Hybrid_Auth::setup($provider_id); if (!$hauth) { Hybrid_Logger::error("Endpoint: Invalid parameter on hauth_done!"); $hauth->adapter->setUserUnconnected(); header("HTTP/1.0 404 Not Found"); return "Invalid parameter! Please return to the login page and try again."; } try { Hybrid_Logger::info("Endpoint: call adapter [{$provider_id}] loginFinish() "); $hauth->adapter->loginFinish(); } catch (Exception $e) { Hybrid_Logger::error("Exception:" . $e->getMessage(), $e); Hybrid_Error::setError($e->getMessage(), $e->getCode(), $e->getTraceAsString(), $e); $hauth->adapter->setUserUnconnected(); } Hybrid_Logger::info("Endpoint: job done. retrun to callback url."); // Save profile data in session $profile = $hauth->adapter->getUserProfile(); // else $_SESSION['social_profile'] = array('provider' => $provider_id, 'profile' => $this->modx->error->toArray($profile)); //$q->prepare(); //$this->modx->log(1, $q->toSQL()); // else $hauth->returnToCallbackUrl(); return ''; }
private function request($url, $params = false, $type = "GET") { Hybrid_Logger::info("Enter OAuth2Client::request( {$url} )"); Hybrid_Logger::debug("OAuth2Client::request(). dump request params: ", serialize($params)); if ($type == "GET") { $url = $url . (strpos($url, '?') ? '&' : '?') . http_build_query($params, '', '&'); } $this->http_info = array(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, $this->curl_time_out); curl_setopt($ch, CURLOPT_USERAGENT, $this->curl_useragent); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->curl_ssl_verifypeer); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $this->curl_ssl_verifyhost); curl_setopt($ch, CURLOPT_HTTPHEADER, $this->curl_header); if ($this->curl_compressed) { curl_setopt($ch, CURLOPT_ENCODING, "gzip,deflate"); } if ($this->curl_proxy) { curl_setopt($ch, CURLOPT_PROXY, $this->curl_proxy); } if ($type == "POST") { curl_setopt($ch, CURLOPT_POST, 1); if ($params) { curl_setopt($ch, CURLOPT_POSTFIELDS, $params); } } if ($type == "DELETE") { curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE"); } if ($type == "PATCH") { curl_setopt($ch, CURLOPT_POST, 1); if ($params) { curl_setopt($ch, CURLOPT_POSTFIELDS, $params); } curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PATCH"); } $response = curl_exec($ch); if ($response === false) { Hybrid_Logger::error("OAuth2Client::request(). curl_exec error: ", curl_error($ch)); } Hybrid_Logger::debug("OAuth2Client::request(). dump request info: ", serialize(curl_getinfo($ch))); Hybrid_Logger::debug("OAuth2Client::request(). dump request result: ", serialize($response)); $this->http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $this->http_info = array_merge($this->http_info, curl_getinfo($ch)); curl_close($ch); return $response; }
public static function authInit() { if (!Hybrid_Endpoint::$initDone) { Hybrid_Endpoint::$initDone = TRUE; # Init Hybrid_Auth try { require_once realpath(dirname(__FILE__)) . "/Storage.php"; $storage = new Hybrid_Storage(); // Check if Hybrid_Auth session already exist if (!$storage->config("CONFIG")) { header("HTTP/1.0 404 Not Found"); die("You cannot access this page directly."); } Hybrid_Auth::initialize($storage->config("CONFIG")); } catch (Exception $e) { Hybrid_Logger::error("Endpoint: Error while trying to init Hybrid_Auth"); header("HTTP/1.0 404 Not Found"); die("Oophs. Error!"); } } }
/** * return the user activity stream */ function setUserStatus($status) { Hybrid_Logger::error("HybridAuth do not provide user's activity stream for {$this->providerId} yet."); throw new Exception("Provider does not support this feature.", 8); }
/** * define:endpoint step 3.1 and 3.2 */ protected function processAuthDone() { $provider_id = trim($this->getProperty('hauth_done')); $hauth = Hybrid_Auth::setup($provider_id); if (!$hauth) { Hybrid_Logger::error("Endpoint: Invalid parameter on hauth_done!"); $hauth->adapter->setUserUnconnected(); header("HTTP/1.0 404 Not Found"); return "Invalid parameter! Please return to the login page and try again."; } try { Hybrid_Logger::info("Endpoint: call adapter [{$provider_id}] loginFinish() "); $hauth->adapter->loginFinish(); } catch (Exception $e) { Hybrid_Logger::error("Exception:" . $e->getMessage(), $e); Hybrid_Error::setError($e->getMessage(), $e->getCode(), $e->getTraceAsString(), $e); $hauth->adapter->setUserUnconnected(); } Hybrid_Logger::info("Endpoint: job done. retrun to callback url."); // Save profile data in session $profile = $hauth->adapter->getUserProfile(); // Try to get user by social profile /*$q = $this->modx->newQuery('modUser'); $q->innerJoin('modUserProfile', 'Profile'); $q->innerJoin('modHybridAuthUserProfile', 'SocialProfile'); $q->innerJoin('modHybridAuthProvider', 'Provider', "Provider.id=SocialProfile.provider"); $q->where(array( "SocialProfile.identifier" => $profile->identifier, "Provider.name" => $provider, "modUser.active" => 1, "Profile.blocked" => 0, )); $q->limit(1); if($user = $this->modx->getObject('modUser', $q)){ $user->addSessionContext($this->modx->context->key); $redirectTo = $this->modx->getOption('site_url'); $this->modx->sendRedirect($redirectTo); return; }*/ // else $_SESSION['social_profile'] = array('provider' => $provider_id, 'profile' => $this->modx->error->toArray($profile)); //$q->prepare(); //$this->modx->log(1, $q->toSQL()); // else $hauth->returnToCallbackUrl(); return ''; }
public static function authInit() { if (!Hybrid_Endpoint::$initDone) { Hybrid_Endpoint::$initDone = TRUE; // Start a new session if (!session_id()) { session_start(); } # Init Hybrid_Auth try { // Check if Hybrid_Auth session already exist if (!isset($_SESSION["HA::CONFIG"])) { header("HTTP/1.0 404 Not Found"); die("You cannot access this page directly."); } Hybrid_Auth::initialize(unserialize($_SESSION["HA::CONFIG"])); } catch (Exception $e) { Hybrid_Logger::error("Endpoint: Error while trying to init Hybrid_Auth"); header("HTTP/1.0 404 Not Found"); die("Oophs. Error!"); } } }
/** * Initializes authentication * @throws Hybrid_Exception */ protected function authInit() { if (!$this->initDone) { $this->initDone = true; // Init Hybrid_Auth try { if (!class_exists("Hybrid_Storage", false)) { require_once realpath(dirname(__FILE__)) . "/Storage.php"; } if (!class_exists("Hybrid_Exception", false)) { require_once realpath(dirname(__FILE__)) . "/Exception.php"; } if (!class_exists("Hybrid_Logger", false)) { require_once realpath(dirname(__FILE__)) . "/Logger.php"; } $storage = new Hybrid_Storage(); // Check if Hybrid_Auth session already exist if (!$storage->config("CONFIG")) { throw new Hybrid_Exception("You cannot access this page directly."); } Hybrid_Auth::initialize($storage->config("CONFIG")); } catch (Exception $e) { Hybrid_Logger::error("Endpoint: Error while trying to init Hybrid_Auth: " . $e->getMessage()); throw new Hybrid_Exception("Endpoint: Error while trying to init Hybrid_Auth: " . $e->getMessage(), $e->getCode(), $e); } } }
/** * Try to initialize Hybrid_Auth with given $config hash or file */ public static function initialize($config) { if (!is_array($config) && !file_exists($config)) { throw new Exception("Hybriauth config does not exist on the given path.", 1); } if (!is_array($config)) { $config = (include $config); } // build some need'd paths $config["path_base"] = realpath(dirname(__FILE__)) . "/"; $config["path_libraries"] = $config["path_base"] . "thirdparty/"; $config["path_resources"] = $config["path_base"] . "resources/"; $config["path_providers"] = $config["path_base"] . "Providers/"; // reset debug mode if (!isset($config["debug_mode"])) { $config["debug_mode"] = false; $config["debug_file"] = null; } # load hybridauth required files, a autoload is on the way... require_once $config["path_base"] . "Error.php"; require_once $config["path_base"] . "Logger.php"; require_once $config["path_base"] . "Storage.php"; require_once $config["path_base"] . "Provider_Adapter.php"; require_once $config["path_base"] . "Provider_Model.php"; require_once $config["path_base"] . "Provider_Model_OpenID.php"; require_once $config["path_base"] . "Provider_Model_OAuth1.php"; require_once $config["path_base"] . "Provider_Model_OAuth2.php"; require_once $config["path_base"] . "User.php"; require_once $config["path_base"] . "User_Profile.php"; require_once $config["path_base"] . "User_Contact.php"; require_once $config["path_base"] . "User_Activity.php"; // hash given config Hybrid_Auth::$config = $config; // instace of log mng Hybrid_Auth::$logger = new Hybrid_Logger(); // instace of errors mng Hybrid_Auth::$error = new Hybrid_Error(); // start session storage mng Hybrid_Auth::$store = new Hybrid_Storage(); Hybrid_Logger::info("Enter Hybrid_Auth::initialize()"); Hybrid_Logger::info("Hybrid_Auth::initialize(). PHP version: " . PHP_VERSION); Hybrid_Logger::info("Hybrid_Auth::initialize(). Hybrid_Auth version: " . Hybrid_Auth::$version); Hybrid_Logger::info("Hybrid_Auth::initialize(). Hybrid_Auth called from: " . Hybrid_Auth::getCurrentUrl()); // PHP Curl extension [http://www.php.net/manual/en/intro.curl.php] if (!function_exists('curl_init')) { Hybrid_Logger::error('Hybridauth Library needs the CURL PHP extension.'); throw new Exception('Hybridauth Library needs the CURL PHP extension.'); } // PHP JSON extension [http://php.net/manual/en/book.json.php] if (!function_exists('json_decode')) { Hybrid_Logger::error('Hybridauth Library needs the JSON PHP extension.'); throw new Exception('Hybridauth Library needs the JSON PHP extension.'); } // session.name if (session_name() != "PHPSESSID") { Hybrid_Logger::info('PHP session.name diff from default PHPSESSID. http://php.net/manual/en/session.configuration.php#ini.session.name.'); } // safe_mode is on if (ini_get('safe_mode')) { Hybrid_Logger::info('PHP safe_mode is on. http://php.net/safe-mode.'); } // open basedir is on if (ini_get('open_basedir')) { Hybrid_Logger::info('PHP open_basedir is on. http://php.net/open-basedir.'); } Hybrid_Logger::debug("Hybrid_Auth initialize. dump used config: ", serialize($config)); Hybrid_Logger::debug("Hybrid_Auth initialize. dump current session: ", Hybrid_Auth::storage()->getSessionData()); Hybrid_Logger::info("Hybrid_Auth initialize: check if any error is stored on the endpoint..."); if (Hybrid_Error::hasError()) { $m = Hybrid_Error::getErrorMessage(); $c = Hybrid_Error::getErrorCode(); $p = Hybrid_Error::getErrorPrevious(); Hybrid_Logger::error("Hybrid_Auth initialize: A stored Error found, Throw an new Exception and delete it from the store: Error#{$c}, '{$m}'"); Hybrid_Error::clearError(); // try to provide the previous if any // Exception::getPrevious (PHP 5 >= 5.3.0) http://php.net/manual/en/exception.getprevious.php if (version_compare(PHP_VERSION, '5.3.0', '>=') && $p instanceof Exception) { throw new Exception($m, $c, $p); } else { throw new Exception($m, $c); } } Hybrid_Logger::info("Hybrid_Auth initialize: no error found. initialization succeed."); // Endof initialize }
/** * Return the user status * @return mixed Provider response * @throws Exception */ public function getUserStatus($statusid) { Hybrid_Logger::error("HybridAuth do not provide user's status for {$this->providerId} yet."); throw new Exception("Provider does not support this feature.", 8); }