public static function getCampaign() { // use static one if we're on an entry page if (!is_null(self::$campaign)) { return self::$campaign; } $storage = new MrClay_CookieStorage(array('secret' => UserConfig::$SESSION_SECRET, 'mode' => MrClay_CookieStorage::MODE_ENCRYPT, 'path' => UserConfig::$SITEROOTURL, 'httponly' => true)); return unserialize($storage->fetch(UserConfig::$entry_cmp_key)); }
protected function startOAuthFlow() { // generate new user id since we're logging in and have no idea who the user is $oauth_user_id = $this->getNewOAuthUserID(); $storage = new MrClay_CookieStorage(array('secret' => UserConfig::$SESSION_SECRET, 'mode' => MrClay_CookieStorage::MODE_ENCRYPT, 'path' => UserConfig::$SITEROOTURL, 'httponly' => true)); if (!$storage->store(UserConfig::$oauth_user_id_key, $oauth_user_id)) { throw new Exception(implode('; ', $storage->errors)); } try { $callback = UserConfig::$USERSROOTFULLURL . '/oauth_callback.php?module=' . $this->getID(); // TODO add a way to skip this step if server was initialized $this->initOAuthServer(); $params = array('scope' => $this->oAuthScope, 'oauth_callback' => $callback); if (!is_null(UserConfig::$OAuthAppName)) { $params['xoauth_displayname'] = UserConfig::$OAuthAppName; } // STEP 1: get a request token $tokenResultParams = OAuthRequester::requestRequestToken($this->oAuthConsumerKey, $oauth_user_id, $params); // redirect to the authorization page, they will redirect back header("Location: " . $this->oAuthAuthorizeURL . "?oauth_token=" . $tokenResultParams['token']); exit; } catch (OAuthException2 $e) { error_log(var_export($e, true)); return null; } }
public static function clearSession() { $storage = new MrClay_CookieStorage(array('secret' => UserConfig::$SESSION_SECRET, 'mode' => MrClay_CookieStorage::MODE_ENCRYPT, 'path' => UserConfig::$SITEROOTURL)); $storage->delete(UserConfig::$session_userid_key); }
<?php require_once dirname(__FILE__) . '/config.php'; require_once dirname(__FILE__) . '/User.php'; $current_user = User::get(); $oauth_user_id = null; try { if (!array_key_exists('module', $_GET)) { throw new Exception('module not specified'); } if (!array_key_exists('oauth_token', $_GET) || !array_key_exists('oauth_verifier', $_GET)) { throw new Exception('oauth_token & oauth_varifier required'); } $module = AuthenticationModule::get($_GET['module']); $storage = new MrClay_CookieStorage(array('secret' => UserConfig::$SESSION_SECRET, 'mode' => MrClay_CookieStorage::MODE_ENCRYPT, 'path' => UserConfig::$SITEROOTURL, 'httponly' => true)); $oauth_user_id = $storage->fetch(UserConfig::$oauth_user_id_key); $storage->delete(UserConfig::$oauth_user_id_key); if (is_null($oauth_user_id)) { throw new Exception("can't determine OAuth User ID"); } try { $module->getAccessToken($oauth_user_id); } catch (OAuthException2 $e) { throw new Exception('problem getting access token: ' . $e->getMessage()); } try { $identity = $module->getIdentity($oauth_user_id); } catch (OAuthException2 $e) { throw new Exception('problem getting user identity: ' . $e->getMessage()); } if (is_null($identity)) {