*/ if (!array_key_exists('signature_version', $credentials) || $credentials['signature_version'] != 1) { // invalid/missing signature_version throw new LinkedInException('Invalid/missing signature_version in passed credentials - ' . print_r($credentials, TRUE)); } if (!array_key_exists('signature_order', $credentials) || !is_array($credentials['signature_order'])) { // invalid/missing signature_order throw new LinkedInException('Invalid/missing signature_order in passed credentials - ' . print_r($credentials, TRUE)); } // calculate base signature $sig_order = $credentials['signature_order']; $sig_base = ''; foreach ($sig_order as $sig_element) { $sig_base .= $credentials[$sig_element]; } // calculate encrypted signature $sig_encrypted = base64_encode(hash_hmac('sha1', $sig_base, $API_CONFIG['appSecret'], TRUE)); // finally, check token validity if (!array_key_exists('signature', $credentials) || $sig_encrypted != $credentials['signature']) { // invalid/missing signature throw new LinkedInException('Invalid/missing signature in credentials - ' . print_r($credentials, TRUE)); } // swap tokens $OBJ_linkedin = new LinkedIn($API_CONFIG); $response = $OBJ_linkedin->exchangeToken($credentials['access_token']); // echo out response echo '<pre>' . print_r($response['linkedin'], TRUE) . '</pre>'; } catch (LinkedInException $e) { // exception raised echo $e->getMessage(); }
function linkedin() { $cookie_name = "linkedin_oauth_" . SETTING::linkedInAPI; //Check if Cookie exists && Login is enabled if ($this->repository->get_data("linkedinLogin") && isset($_COOKIE[$cookie_name]) && $_COOKIE[$cookie_name]) { $credentials_json = $_COOKIE[$cookie_name]; // where PHP stories cookies $credentials = json_decode($credentials_json); // validate signature if ($credentials->signature_version == 1) { if ($credentials->signature_order && is_array($credentials->signature_order)) { $base_string = ''; // build base string from values ordered by signature_order foreach ($credentials->signature_order as $key) { if (isset($credentials->{$key})) { $base_string .= $credentials->{$key}; } else { print "missing signature parameter: {$key}"; } } // hex encode an HMAC-SHA1 string $signature = base64_encode(hash_hmac('sha1', $base_string, SETTING::linkedInSecret, true)); // check if our signature matches the cookie's if ($signature == $credentials->signature) { //Signature is authentic, use the stuff require_once 'linkedin_3.3.0.class.php'; $linkedin = new LinkedIn(array('appKey' => SETTING::linkedInAPI, 'appSecret' => SETTING::linkedInSecret, 'callbackUrl' => NULL)); $tokens = $linkedin->exchangeToken($credentials->access_token); //Find member_id $sql = "SELECT id, nonce FROM Users WHERE linkedin_id = '" . $credentials->member_id . "'"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_assoc($result); $userId = $row["id"]; $this->setSession($row["id"], $row["nonce"]); //UPDATE LinkedinToken $sql = "UPDATE Users SET linkedin_token = '" . $tokens["linkedin"]["oauth_token"] . "', linkedin_token_secret = '" . $tokens["linkedin"]["oauth_token_secret"] . "' WHERE " . $this->USER_ID . " = " . $userId; $query = mysql_query($sql); } //No member found, check if user already exists based upon usernam = email if (mysql_num_rows($result) == 0) { //print_r($tokens); $linkedin->setTokenAccess($tokens["linkedin"]); $result = $linkedin->profile("~:(email-address)?format=json"); $result = json_decode($result["linkedin"], true); $sql = "SELECT id, nonce FROM Users WHERE " . $this->USER_NAME . " = '" . $result["emailAddress"] . "'"; $query = mysql_query($sql); if (mysql_num_rows($query) == 1) { //Combination is known $row = mysql_fetch_assoc($query); //print_r($row); $userId = $row["id"]; $this->setSession($row["id"], $row["nonce"]); //UPDATE LinkedinToken $sql = "UPDATE Users SET linkedin_token = '" . $tokens["linkedin"]["oauth_token"] . "', linkedin_token_secret = '" . $tokens["linkedin"]["oauth_token_secret"] . "', linkedin_id = '" . $credentials->member_id . "' WHERE " . $this->USER_ID . " = " . $userId; $query = mysql_query($sql); //Perform import of LinkedIn data require_once "user.class.php"; $user = new user($userId, $this->errorClass, $this->notificationClass); $user->getLinkedInData(); } else { //Combination is not known, create new profile if stated if ($this->repository->get_data("linkedinRegister") == 1) { $email = $result["emailAddress"]; $nonce = $this->create_nonce(); $user_ip = $this->repository->get_data('userIPv4'); $email_hash = $this->hash_password($email, $nonce); //Define the reference number for the user $sql = "SELECT MAX(`reference_number`) as maximum FROM Users WHERE created_on >= '" . date("Y") . "-01-01' AND created_on <= '" . date("Y") . "-12-31'"; $result = mysql_fetch_assoc(mysql_query($sql)); $reference_number = $result["maximum"] + 1; //Create public profile hash $profile_hash = $this->hash_password($reference_number, $nonce); //INSERT NEW USER TO DB $query = sprintf("INSERT INTO " . $this->USER_TABLE . " (" . $this->USER_NAME . ", " . $this->USER_IP_REGISTER . ", " . $this->USER_CREATION . ", confirm_hash, nonce, account_status, reference_number, profile_hash) VALUES ('%s','%s', NOW(), '%s','%s', 0,'%s','%s')", $email, $user_ip, $email_hash, $nonce, $reference_number, $profile_hash); $result = mysql_query($query); if (!$result) { $this->errorClass->add_error(202); } else { //INSERT Clientnr to DB $sql = "SELECT * FROM Users WHERE id = " . mysql_insert_id(); $result = mysql_query($sql); $user = mysql_fetch_assoc($result); $date = strtotime($user["created_on"]); $sql = "UPDATE Users SET client_number = \"K" . date('ym', $date) . "" . sprintf('%04d', $user["reference_number"]) . "\" WHERE id = " . $user["id"]; $result = mysql_query($sql); $this->setSession($user["id"], $nonce); //UPDATE LinkedinToken $sql = "UPDATE Users SET linkedin_token = '" . $tokens["linkedin"]["oauth_token"] . "', linkedin_token_secret = '" . $tokens["linkedin"]["oauth_token_secret"] . "', linkedin_id = '" . $credentials->member_id . "' WHERE " . $this->USER_ID . " = " . $user["id"]; $query = mysql_query($sql); //Perform import of LinkedIn data require_once "user.class.php"; $user = new user($user["id"], $this->errorClass, $this->notificationClass); $user->getLinkedInData(); header("Location:" . Setting::baseUrl . "/users/complete_account.php"); exit; } } else { $this->notificationClass->add_note("Het emailadres die je gebruikt bij LinkedIn is niet bij ons bekend. Log in met je emailadres en wachtwoord en koppel je profiel met LinkedIn in je accountinstellingen of <a href=\"index.php?linkedinLogin=1&linkedinRegister=1\">registreer</a> met je LinkedIn account"); } } } //print "signature validation succeeded"; } else { print "signature validation failed"; } } else { print "signature order missing"; } } else { print "unknown cookie version"; } } }