public function authControl() { $config = Config::getInstance(); Loader::definePathConstants(); $this->setViewTemplate(THINKUP_WEBAPP_PATH . 'plugins/twitter/view/twitter.account.index.tpl'); $this->view_mgr->addHelp('twitter', 'userguide/settings/plugins/twitter/index'); $instance_dao = DAOFactory::getDAO('InstanceDAO'); // get plugin option values if defined... $plugin_options = $this->getPluginOptions(); $oauth_consumer_key = $this->getPluginOption('oauth_consumer_key'); $oauth_consumer_secret = $this->getPluginOption('oauth_consumer_secret'); $archive_limit = $this->getPluginOption('archive_limit'); $num_twitter_errors = $this->getPluginOption('num_twitter_errors'); $this->addToView('twitter_app_name', "ThinkUp " . $_SERVER['SERVER_NAME']); $this->addToView('thinkup_site_url', Utils::getApplicationURL(true)); $plugin = new TwitterPlugin(); if ($plugin->isConfigured()) { $this->addToView('is_configured', true); $owner_instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'twitter'); $this->addToView('owner_instances', $owner_instances); if (isset($this->owner) && $this->owner->isMemberAtAnyLevel()) { if ($this->owner->isMemberLevel()) { if (sizeof($owner_instances) > 0) { $this->do_show_add_button = false; $this->addInfoMessage("To connect another Twitter account to ThinkUp, upgrade your membership.", 'membership_cap'); } } } if (isset($_GET['oauth_token']) || $this->do_show_add_button) { $twitter_oauth = new TwitterOAuth($oauth_consumer_key, $oauth_consumer_secret); /* Request tokens from twitter */ $token_array = $twitter_oauth->getRequestToken(Utils::getApplicationURL(true) . "account/?p=twitter"); if (isset($token_array['oauth_token']) || isset($_SESSION["MODE"]) && $_SESSION["MODE"] == "TESTS" || getenv("MODE") == "TESTS") { //testing $token = $token_array['oauth_token']; SessionCache::put('oauth_request_token_secret', $token_array['oauth_token_secret']); if (isset($_GET['oauth_token'])) { self::addAuthorizedUser($oauth_consumer_key, $oauth_consumer_secret, $num_twitter_errors); } if ($this->do_show_add_button) { /* Build the authorization URL */ $oauthorize_link = $twitter_oauth->getAuthorizeURL($token); $this->addToView('oauthorize_link', $oauthorize_link); } } else { //set error message here $this->addErrorMessage("Unable to obtain OAuth tokens from Twitter. Please double-check the consumer key and secret " . "are correct.", "setup"); $oauthorize_link = ''; $this->addToView('is_configured', false); } } } else { $this->addInfoMessage('Please complete plugin setup to start using it.', 'setup'); $this->addToView('is_configured', false); } // add plugin options from $this->addOptionForm(); return $this->generateView(); }
/** * Complete login action * @param Owner $owner */ public static function completeLogin($owner) { SessionCache::put('user', $owner->email); SessionCache::put('user_is_admin', $owner->is_admin); // set a CSRF token SessionCache::put('csrf_token', uniqid(mt_rand(), true)); if (isset($_SESSION["MODE"]) && $_SESSION["MODE"] == 'TESTS') { SessionCache::put('csrf_token', 'TEST_CSRF_TOKEN'); } }
public function insertLoginInfo() { $user_id = SessionCache::get('user_id'); $cookie = SessionCache::get('cookie'); $curTime = date('H:i:s'); SessionCache::put('login_time', $curTime); //$ip_address = $_SERVER['REMOTE_ADDR']; $ip_address = '127.0.0.1'; //echo $ip_address; $q = "INSERT INTO #prefix#user_logon_info SET user_id=:user_id, cookie=:cookie, login=NOW(), ip_address=:ip_address"; $vars = array(':user_id' => $user_id, ':cookie' => $cookie, ':ip_address' => $ip_address); // /var_dump($vars); $ps = $this->execute($q, $vars); }
/** * Override the parent's go method because there is no view manager here--we're outputting the image directly. */ public function go() { $config = Config::getInstance(); $random_num = rand(1000, 99999); SessionCache::put('ckey', md5($random_num)); $img = rand(1, 4); Utils::defineConstants(); $captcha_bg_image_path = THINKUP_WEBAPP_PATH . "assets/img/captcha/bg" . $img . ".PNG"; $img_handle = imageCreateFromPNG($captcha_bg_image_path); if ($img_handle === false) { echo 'CAPTCHA image could not be created from ' . $captcha_bg_image_path; } else { $this->setContentType('image/png'); $color = ImageColorAllocate($img_handle, 0, 0, 0); ImageString($img_handle, 5, 20, 13, $random_num, $color); ImagePng($img_handle); ImageDestroy($img_handle); } }
public function testPutGetIsset() { $config = Config::getInstance(); //nothing is set $this->assertNull(SessionCache::get('my_key')); $this->assertFalse(SessionCache::isKeySet('my_key')); //set a key SessionCache::put('my_key', 'my_value'); $this->assertTrue(isset($_SESSION[$config->getValue('source_root_path')])); $this->assertEqual($_SESSION[$config->getValue('source_root_path')]['my_key'], 'my_value'); $this->assertEqual(SessionCache::get('my_key'), 'my_value'); //overwrite existing key SessionCache::put('my_key', 'my_value2'); $this->assertTrue($_SESSION[$config->getValue('source_root_path')]['my_key'] != 'my_value'); $this->assertEqual($_SESSION[$config->getValue('source_root_path')]['my_key'], 'my_value2'); //set another key SessionCache::put('my_key2', 'my_other_value'); $this->assertEqual($_SESSION[$config->getValue('source_root_path')]['my_key2'], 'my_other_value'); //unset first key SessionCache::unsetKey('my_key'); $this->assertNull(SessionCache::get('my_key')); $this->assertFalse(SessionCache::isKeySet('my_key')); }
/** * Populate view manager with Facebook interaction UI, like the Facebook Add User button and page dropdown. * @param array $options 'facebook_app_id' and 'facebook_api_secret' */ protected function setUpFacebookInteractions($options) { // Create our Facebook Application instance $facebook = new Facebook(array('appId' => $options['facebook_app_id']->option_value, 'secret' => $options['facebook_api_secret']->option_value)); $fb_user = $facebook->getUser(); if ($fb_user) { try { $fb_user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); $fb_user = null; $fb_user_profile = null; } } // Plant unique token for CSRF protection during auth per https://developers.facebook.com/docs/authentication/ if (SessionCache::get('facebook_auth_csrf') == null) { SessionCache::put('facebook_auth_csrf', md5(uniqid(rand(), true))); } if (isset($this->owner) && $this->owner->isMemberAtAnyLevel()) { if ($this->owner->isMemberLevel()) { $instance_dao = DAOFactory::getDAO('InstanceDAO'); $owner_instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook'); if (sizeof($owner_instances) > 0) { $this->do_show_add_button = false; $this->addInfoMessage("To connect another Facebook account to ThinkUp, upgrade your membership.", 'membership_cap'); } } } if ($this->do_show_add_button) { $params = array('scope' => 'read_stream,user_likes,user_location,user_website,' . 'read_friendlists,friends_location,manage_pages,read_insights,manage_pages', 'state' => SessionCache::get('facebook_auth_csrf'), 'redirect_uri' => Utils::getApplicationURL() . 'account/?p=facebook'); $fbconnect_link = $facebook->getLoginUrl($params); $this->addToView('fbconnect_link', $fbconnect_link); } self::processPageActions($options, $facebook); $logger = Logger::getInstance(); $user_pages = array(); $user_admin_pages = array(); $instance_dao = DAOFactory::getDAO('InstanceDAO'); $instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook'); if ($this->do_show_add_button) { $owner_instance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); foreach ($instances as $instance) { // TODO: figure out if the scope has changed since this instance last got its tokens, // and we need to get re-request permission with the new scope $tokens = $owner_instance_dao->getOAuthTokens($instance->id); $access_token = $tokens['oauth_access_token']; if ($instance->network == 'facebook') { //not a page $pages = FacebookGraphAPIAccessor::apiRequest('/' . $instance->network_user_id . '/likes', $access_token); if (@$pages->data) { $user_pages[$instance->network_user_id] = $pages->data; } $sub_accounts = FacebookGraphAPIAccessor::apiRequest('/' . $instance->network_user_id . '/accounts', $access_token); if (!empty($sub_accounts->data)) { $user_admin_pages[$instance->network_user_id] = array(); foreach ($sub_accounts->data as $act) { if (self::isAccountPage($act->id, $access_token)) { $user_admin_pages[$instance->network_user_id][] = $act; } } } } if (isset($tokens['auth_error']) && $tokens['auth_error'] != '') { $instance->auth_error = $tokens['auth_error']; } } $this->addToView('user_pages', $user_pages); $this->addToView('user_admin_pages', $user_admin_pages); } $owner_instance_pages = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook page'); if (count($owner_instance_pages) > 0) { $this->addToView('owner_instance_pages', $owner_instance_pages); } $this->addToView('instances', $instances); }
/** * Set the instance variable based on request and logged-in status * Add the list of avaiable instances to the view you can switch to in the dropdown based on logged-in status */ private function setInstance() { $instance_dao = DAOFactory::getDAO('InstanceDAO'); $config = Config::getInstance(); $instance_id_to_display = $config->getValue('default_instance'); $instance_id_to_display = intval($instance_id_to_display); if ($instance_id_to_display != 0) { $this->instance = $instance_dao->get($instance_id_to_display); } if (!isset($this->instance) || !$this->instance->is_public) { $this->instance = $instance_dao->getInstanceFreshestPublicOne(); } if ($this->isLoggedIn()) { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $owner = $owner_dao->getByEmail($this->getLoggedInUser()); if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork($_GET["u"], $_GET['n']); $owner_instance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); if ($owner_instance_dao->doesOwnerHaveAccess($owner, $instance)) { $this->instance = $instance; } else { $this->instance = null; $this->addErrorMessage("Insufficient privileges"); } } else { $this->instance = $instance_dao->getFreshestByOwnerId($owner->id); } $this->addToView('instances', $instance_dao->getByOwner($owner)); } else { if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork($_GET["u"], $_GET['n']); if ($instance->is_public) { $this->instance = $instance; } else { $this->addErrorMessage("Insufficient privileges"); } } $this->addToView('instances', $instance_dao->getPublicInstances()); } if (isset($this->instance)) { //user $user_dao = DAOFactory::getDAO('UserDAO'); $user = $user_dao->getDetails($this->instance->network_user_id, $this->instance->network); $this->addToView('user_details', $user); SessionCache::put('selected_instance_network', $this->instance->network); SessionCache::put('selected_instance_username', $this->instance->network_username); $this->addToView('instance', $this->instance); } }
/** * Wrapper for logging in a ThinkUp user in a test * @param str $email * @param bool $is_admin Default to false * @param bool $use_csrf_token Whether or not to put down valid CSRF token, default to false */ protected function simulateLogin($email, $is_admin = false, $use_csrf_token = false) { SessionCache::put('user', $email); if ($is_admin) { SessionCache::put('user_is_admin', true); } if ($use_csrf_token) { SessionCache::put('csrf_token', self::CSRF_TOKEN); } }
public function testSession() { $optiondao = new OptionMySQLDAO(); $config = Config::getInstance(); $app_path = $config->getValue('source_root_path'); // set session data $optiondao->setSessionData('bla', array('name' => 'value')); $key = 'options_data:bla'; $this->assertIdentical(array('name' => 'value'), SessionCache::get($key)); // clear session data $optiondao->clearSessionData('bla'); $this->assertFalse(SessionCache::isKeySet($key)); // get session data $this->assertFalse($optiondao->getSessionData('bla')); // no data // with data SessionCache::put($key, array('name' => 'value')); $this->assertIdentical(array('name' => 'value'), $optiondao->getSessionData('bla')); // test updates $data1 = array('namespace' => 'test', 'option_name' => 'testname', 'option_value' => 'test_value'); $builder1 = FixtureBuilder::build(self::TEST_TABLE, $data1); $options = $optiondao->getOptions('test'); $this->assertNotNull($options); # update by name $optiondao->updateOptionByName('test', 'testname', 'test_value123'); $options = $optiondao->getOptions('test'); $this->assertEqual($options['testname']->option_value, 'test_value123'); # update by id $optiondao->updateOption($options['testname']->option_id, 'test_value1234'); $options = $optiondao->getOptions('test'); $this->assertEqual($options['testname']->option_value, 'test_value1234'); # delete by name $optiondao->deleteOptionByName('test', 'testname'); $options = $optiondao->getOptions('test'); $this->assertNull($options); # delete by id $builder1 = null; $builder1 = FixtureBuilder::build(self::TEST_TABLE, $data1); $optiondao->deleteOption($builder1->columns['last_insert_id']); $options = $optiondao->getOptions('test'); $this->assertNull($options); }
public function testConnectAccountThatAlreadyExists() { self::buildInstanceData(); $owner_instance_dao = new OwnerInstanceMySQLDAO(); $instance_dao = new InstanceMySQLDAO(); $owner_dao = new OwnerMySQLDAO(); $config = Config::getInstance(); $config->setValue('site_root_path', '/'); $_SERVER['SERVER_NAME'] = "srvr"; SessionCache::put('facebook_auth_csrf', '123'); $_GET['p'] = 'facebook'; $_GET['code'] = '456'; $_GET['state'] = '123'; $options_arry = $this->buildPluginOptions(); $this->simulateLogin('*****@*****.**', true); $owner = $owner_dao->getByEmail(Session::getLoggedInUser()); $controller = new FacebookPluginConfigurationController($owner, 'facebook'); $output = $controller->go(); $v_mgr = $controller->getViewManager(); $msgs = $v_mgr->getTemplateDataItem('success_msgs'); $this->assertEqual($msgs['user_add'], "Success! You've reconnected your Facebook account. To connect " . "a different account, log out of Facebook in a different browser tab and try again."); $this->debug(Utils::varDumpToString($msgs)); $instance = $instance_dao->getByUserIdOnNetwork('606837591', 'facebook'); $this->assertNotNull($instance); $owner_instance = $owner_instance_dao->get($owner->id, $instance->id); $this->assertNotNull($owner_instance); $this->assertEqual($owner_instance->oauth_access_token, 'newfauxaccesstoken11234567890'); }
/** * Populate view manager with Facebook interaction UI, like the Facebook Add User button and page dropdown. * @param array $options 'facebook_app_id' and 'facebook_api_secret' */ protected function setUpFacebookInteractions($options) { $facebook_app_id = $options['facebook_app_id']->option_value; // Plant unique token for CSRF protection during auth per https://developers.facebook.com/docs/authentication/ if (SessionCache::get('facebook_auth_csrf') == null) { SessionCache::put('facebook_auth_csrf', md5(uniqid(rand(), true))); } if (isset($this->owner) && $this->owner->isMemberAtAnyLevel()) { if ($this->owner->isMemberLevel()) { $instance_dao = DAOFactory::getDAO('InstanceDAO'); $owner_instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook'); if (sizeof($owner_instances) > 0) { $this->do_show_add_button = false; $this->addInfoMessage("To connect another Facebook account to ThinkUp, upgrade your membership.", 'membership_cap'); } } } $scope = 'user_posts,email'; $state = SessionCache::get('facebook_auth_csrf'); $redirect_url = Utils::getApplicationURL() . 'account/?p=facebook'; $fbconnect_link = FacebookGraphAPIAccessor::getLoginURL($facebook_app_id, $scope, $state, $redirect_url); //For expired connections $this->addToView('fb_reconnect_link', $fbconnect_link); if ($this->do_show_add_button) { $this->addToView('fbconnect_link', $fbconnect_link); } self::processPageActions($options); $logger = Logger::getInstance(); $instance_dao = DAOFactory::getDAO('InstanceDAO'); $instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook'); $owner_instance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); foreach ($instances as $instance) { $tokens = $owner_instance_dao->getOAuthTokens($instance->id); $access_token = $tokens['oauth_access_token']; if (isset($tokens['auth_error']) && $tokens['auth_error'] != '') { $instance->auth_error = $tokens['auth_error']; } } $this->addToView('instances', $instances); }
/** * Wrapper for logging in a ThinkUp user in a test * @param str $email * @param bool $is_admin Default to false */ protected function simulateLogin($email, $is_admin = false) { SessionCache::put('user', $email); if ($is_admin) { SessionCache::put('user_is_admin', true); } }
/** * Complete login action * @param Owner $owner */ public static function completeLogin($owner) { SessionCache::put('user', $owner->email); SessionCache::put('user_is_admin', $owner->is_admin); }
public function testLoggedInAllParamsServiceUserExists() { $this->simulateLogin('*****@*****.**'); $_GET['oauth_token'] = 'XXX'; SessionCache::put('oauth_request_token_secret', 'XXX'); $builders[] = FixtureBuilder::build('owners', array('id' => '10', 'email' => '*****@*****.**')); $namespace = OptionDAO::PLUGIN_OPTIONS . '-1'; $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_key', 'option_value' => 'XXX')); $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_secret', 'option_value' => 'YYY')); $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'num_twitter_errors', 'option_value' => '5')); $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'max_api_calls_per_crawl', 'option_value' => '350')); $builders[] = FixtureBuilder::build('instances', array('network_user_id' => '1401881', 'network_username' => 'dougw', 'network' => 'twitter')); $builders[] = FixtureBuilder::build('instances_twitter', array('last_page_fetched_replies' => 1)); $builders[] = FixtureBuilder::build('owner_instances', array('instance_id' => 1, 'owner_id' => 10)); $controller = new TwitterAuthController(true); $results = $controller->go(); $v_mgr = $controller->getViewManager(); $this->debug($results); $this->assertEqual('dougw on Twitter is already set up in ThinkUp! To add a different Twitter account, log ' . 'out of Twitter.com in your browser and authorize ThinkUp again.', $v_mgr->getTemplateDataItem('success_msg')); }
/** * Sets/deletes in the session to let us know we needed to run the Snowflake migration. * @param bool $delete Delete the session if true * @param mixed $value Session value, defaults to false * @return mixed Boolean true if successful, else contents of session key */ public function setSnowflakeSession($value = false, $delete = false) { $key = 'runnig_snowflake_uprade'; if ($delete) { if (SessionCache::isKeySet($key)) { SessionCache::unsetKey($key); return true; } } else { if ($value) { SessionCache::put($key, $value); return true; } else { if (SessionCache::isKeySet($key)) { return SessionCache::get($key); } else { return false; } } } return false; }
protected function setUpFacebookInteractions($options) { // Create our Facebook Application instance $facebook = new Facebook(array('appId' => $options['facebook_app_id']->option_value, 'secret' => $options['facebook_api_secret']->option_value)); $fb_user = $facebook->getUser(); if ($fb_user) { try { $fb_user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); $fb_user = null; $fb_user_profile = null; } } //Plant unique token for CSRF protection during auth per https://developers.facebook.com/docs/authentication/ if (SessionCache::get('facebook_auth_csrf') == null) { SessionCache::put('facebook_auth_csrf', md5(uniqid(rand(), true))); } $params = array('scope' => 'offline_access,read_stream,user_likes,user_location,user_website,read_friendlists,friends_location', 'state' => SessionCache::get('facebook_auth_csrf')); $fbconnect_link = $facebook->getLoginUrl($params); $this->addToView('fbconnect_link', $fbconnect_link); $status = self::processPageActions($options, $facebook); $this->addInfoMessage($status["info"]); $this->addErrorMessage($status["error"]); $this->addSuccessMessage($status["success"]); $logger = Logger::getInstance(); $user_pages = array(); $instance_dao = DAOFactory::getDAO('InstanceDAO'); $owner_instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook'); $ownerinstance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); foreach ($owner_instances as $instance) { $tokens = $ownerinstance_dao->getOAuthTokens($instance->id); $access_token = $tokens['oauth_access_token']; if ($instance->network == 'facebook') { //not a page $pages = FacebookGraphAPIAccessor::apiRequest('/' . $instance->network_user_id . '/likes', $access_token); if (@$pages->data) { $user_pages[$instance->network_user_id] = $pages->data; } } } $this->addToView('user_pages', $user_pages); $owner_instance_pages = $instance_dao->getByOwnerAndNetwork($this->owner, 'facebook page'); if (count($owner_instance_pages) > 0) { $this->addToView('owner_instance_pages', $owner_instance_pages); } $this->addToView('owner_instances', $owner_instances); if (isset($options['facebook_api_key'])) { $this->addToView('fb_api_key', $options['facebook_api_key']->option_value); } }
public function authControl() { $config = Config::getInstance(); Utils::defineConstants(); $this->setViewTemplate(THINKUP_WEBAPP_PATH . 'plugins/twitter/view/twitter.account.index.tpl'); $id = DAOFactory::getDAO('InstanceDAO'); $od = DAOFactory::getDAO('OwnerDAO'); // get plugin option values if defined... $plugin_options = $this->getPluginOptions(); $oauth_consumer_key = $this->getPluginOption('oauth_consumer_key'); $oauth_consumer_secret = $this->getPluginOption('oauth_consumer_secret'); $archive_limit = $this->getPluginOption('archive_limit'); $num_twitter_errors = $this->getPluginOption('num_twitter_errors'); $max_api_calls_per_crawl = $this->getPluginOption('max_api_calls_per_crawl'); //Add public user instance if (isset($_GET['twitter_username'])) { // if form was submitted $logger = Logger::getInstance(); $api = new TwitterAPIAccessorOAuth('NOAUTH', 'NOAUTH', $oauth_consumer_key, $oauth_consumer_secret, $num_twitter_errors, $max_api_calls_per_crawl); $api_call = str_replace("[id]", $_GET['twitter_username'], $api->cURL_source['show_user']); list($cURL_status, $data) = $api->apiRequestFromWebapp($api_call); if ($cURL_status == 200) { $thisFeed = array(); try { $xml = $api->createParserFromString(utf8_encode($data)); $user = array('user_id' => $xml->id, 'user_name' => $xml->screen_name, 'is_protected' => $xml->protected); } catch (Exception $e) { $this->addErrorMessage($e->getMessage()); } if (isset($user) && $user["is_protected"] == 'false') { // if so, add to instances table and owners table $i = $id->getByUsernameOnNetwork($_GET['twitter_username'], 'twitter'); $oid = DAOFactory::getDAO('OwnerInstanceDAO'); $msg = ''; if (isset($i)) { //Instance exists $oi = $oid->get($this->owner->id, $i->id); if ($oi == null) { //Owner_instance doesn't exist $oid->insert($this->owner->id, $i->id, '', ''); } } else { //Instance does not exist $id->insert($user["user_id"], $user["user_name"]); $i = $id->getByUsernameOnNetwork($user["user_name"], 'twitter'); $oid->insert($this->owner->id, $i->id, '', ''); } $this->addSuccessMessage($_GET['twitter_username'] . " has been added to ThinkUp."); $this->addSuccessMessage("Added " . $_GET['twitter_username'] . " to ThinkUp."); } else { // if not, return error $this->addErrorMessage($_GET['twitter_username'] . " is a private Twitter account; ThinkUp cannot track it without authorization."); } } else { $this->addErrorMessage($_GET['twitter_username'] . " is not a valid Twitter username."); } } if (isset($oauth_consumer_key) && isset($oauth_consumer_secret)) { $to = new TwitterOAuth($oauth_consumer_key, $oauth_consumer_secret); /* Request tokens from twitter */ $tok = $to->getRequestToken(); if (isset($tok['oauth_token'])) { $token = $tok['oauth_token']; SessionCache::put('oauth_request_token_secret', $tok['oauth_token_secret']); /* Build the authorization URL */ $oauthorize_link = $to->getAuthorizeURL($token); } else { //set error message here $this->addErrorMessage("Unable to obtain OAuth token. Check your Twitter consumer key and secret configuration."); $oauthorize_link = ''; } } else { $this->addErrorMessage("Missing required settings! Please configure the Twitter plugin below."); $oauthorize_link = ''; } $owner_instances = $id->getByOwnerAndNetwork($this->owner, 'twitter'); $this->addToView('owner_instances', $owner_instances); $this->addToView('oauthorize_link', $oauthorize_link); // add plugin options from $this->addOptionForm(); return $this->generateView(); }
/** * Sets option data in the session using namespace as a key * @param $namespace * @param array Hash of option data * @retrun $array Hash of option data */ public function setSessionData($namespace, $data) { $key = 'options_data:' . $namespace; SessionCache::put($key, $data); }
public function testVerifyDBness() { $config = Config::getInstance(); $config->setValue('use_db_sessions', true); session_id(md5(time())); SessionCache::init(); SessionCache::put('my_key', 'my_value2'); $dao = DAOFactory::getDAO('SessionDAO'); $data = $dao->read(session_id()); $this->assertEqual('', $data); session_write_close(); $data = $dao->read(session_id()); $this->assertPattern('/my_key/', $data); $this->assertPattern('/my_value2/', $data); $this->assertNotEqual('', $data); // Retrieve it manually just to make sure $sql = "SELECT * FROM tu_sessions"; $stmt = SessionMySQLDAO::$PDO->query($sql); $row = $stmt->fetch(PDO::FETCH_ASSOC); $this->assertPattern('/my_key/', $row['data']); $this->assertPattern('/my_value2/', $row['data']); }
/** * Complete login action * @param Owner $owner * @return void */ public static function completeLogin($owner) { SessionCache::put('user', $owner->email); SessionCache::put('user_is_admin', $owner->is_admin); // set a CSRF token SessionCache::put('csrf_token', uniqid(mt_rand(), true)); if (Utils::isTest()) { SessionCache::put('csrf_token', 'TEST_CSRF_TOKEN'); } // check for and validate an existing long-term cookie before creating one $cookie_dao = DAOFactory::getDAO('CookieDAO'); $set_long_term = true; if (!empty($_COOKIE[self::COOKIE_NAME])) { $email = $cookie_dao->getEmailByCookie($_COOKIE[self::COOKIE_NAME]); $set_long_term = $email != $owner->email; } if ($set_long_term) { $cookie = $cookie_dao->generateForEmail($owner->email); if (!headers_sent()) { setcookie(self::COOKIE_NAME, $cookie, time() + 60 * 60 * 24 * 365 * 10, '/', self::getCookieDomain()); } } }
public function testLoggedInAuthorizeExistingUserAllParams() { $this->simulateLogin('*****@*****.**'); $_GET['oauth_token'] = 'XXX'; $_GET['oauth_verifier'] = 'YYY'; SessionCache::put('oauth_request_token_secret', 'XXX'); $namespace = OptionDAO::PLUGIN_OPTIONS . '-1'; $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_key', 'option_value' => 'XXX')); $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_secret', 'option_value' => 'YYY')); $builders[] = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'num_twitter_errors', 'option_value' => '5')); $builders[] = FixtureBuilder::build('instances_twitter', array('last_reply_id' => '1')); $builders[] = FixtureBuilder::build('instances', array('id' => 2, 'network_user_id' => '930061', 'network_username' => 'ginatrapani', 'is_public' => 1)); //Add instance_owner $builders[] = FixtureBuilder::build('owner_instances', array('owner_id' => 1, 'instance_id' => 2)); $owner = new Owner(array('id' => 1, 'email' => '*****@*****.**')); $controller = new TwitterPluginConfigurationController($owner, 'twitter'); $results = $controller->go(); $v_mgr = $controller->getViewManager(); $this->debug($results); $msgs = $v_mgr->getTemplateDataItem('success_msgs'); $this->assertEqual('ginatrapani on Twitter is already set up in ThinkUp! To add a different Twitter account, ' . 'log out of Twitter.com in your browser and authorize ThinkUp again.', $msgs['user_add']); $this->assertEqual('', $v_mgr->getTemplateDataItem('error_msg')); }
public function authControl() { $config = Config::getInstance(); Loader::definePathConstants(); $this->setViewTemplate(THINKUP_WEBAPP_PATH . 'plugins/twitter/view/twitter.account.index.tpl'); $this->view_mgr->addHelp('twitter', 'userguide/settings/plugins/twitter'); $id = DAOFactory::getDAO('InstanceDAO'); $od = DAOFactory::getDAO('OwnerDAO'); // get plugin option values if defined... $plugin_options = $this->getPluginOptions(); $oauth_consumer_key = $this->getPluginOption('oauth_consumer_key'); $oauth_consumer_secret = $this->getPluginOption('oauth_consumer_secret'); $archive_limit = $this->getPluginOption('archive_limit'); $num_twitter_errors = $this->getPluginOption('num_twitter_errors'); $max_api_calls_per_crawl = $this->getPluginOption('max_api_calls_per_crawl'); //Add public user instance if (isset($_GET['twitter_username'])) { // if form was submitted $logger = Logger::getInstance(); $api = new TwitterAPIAccessorOAuth('NOAUTH', 'NOAUTH', $oauth_consumer_key, $oauth_consumer_secret, $num_twitter_errors, $max_api_calls_per_crawl); $api_call = str_replace("[id]", $_GET['twitter_username'], $api->cURL_source['show_user']); list($cURL_status, $data) = $api->apiRequestFromWebapp($api_call); if ($cURL_status == 200) { $thisFeed = array(); try { $xml = $api->createParserFromString(utf8_encode($data)); $user = array('user_id' => $xml->id, 'user_name' => $xml->screen_name, 'is_protected' => $xml->protected); } catch (Exception $e) { $this->addErrorMessage($e->getMessage()); } if (isset($user) && $user["is_protected"] == 'false') { // if so, add to instances table and owners table $i = $id->getByUsernameOnNetwork($_GET['twitter_username'], 'twitter'); $oid = DAOFactory::getDAO('OwnerInstanceDAO'); $msg = ''; if (isset($i)) { //Instance exists $oi = $oid->get($this->owner->id, $i->id); if ($oi == null) { //Owner_instance doesn't exist $oid->insert($this->owner->id, $i->id, '', ''); } } else { //Instance does not exist $id->insert($user["user_id"], $user["user_name"]); $i = $id->getByUsernameOnNetwork($user["user_name"], 'twitter'); $oid->insert($this->owner->id, $i->id, '', ''); } $this->addSuccessMessage($_GET['twitter_username'] . " has been added to ThinkUp."); $this->addSuccessMessage("Added " . $_GET['twitter_username'] . " to ThinkUp."); } else { // if not, return error $this->addErrorMessage($_GET['twitter_username'] . " is a private Twitter account; ThinkUp cannot track it without authorization."); } } else { $this->addErrorMessage($_GET['twitter_username'] . " is not a valid Twitter username."); } } $this->addToView('twitter_app_name', "ThinkUp " . $_SERVER['SERVER_NAME']); $this->addToView('thinkup_site_url', Utils::getApplicationURL(true)); $plugin = new TwitterPlugin(); if ($plugin->isConfigured()) { $to = new TwitterOAuth($oauth_consumer_key, $oauth_consumer_secret); /* Request tokens from twitter */ $tok = $to->getRequestToken(Utils::getApplicationURL(true) . "plugins/twitter/auth.php"); if (isset($tok['oauth_token']) || isset($_SESSION["MODE"]) && $_SESSION["MODE"] == "TESTS" || getenv("MODE") == "TESTS") { //testing $token = $tok['oauth_token']; SessionCache::put('oauth_request_token_secret', $tok['oauth_token_secret']); /* Build the authorization URL */ $oauthorize_link = $to->getAuthorizeURL($token); $owner_instances = $id->getByOwnerAndNetwork($this->owner, 'twitter'); $this->addToView('owner_instances', $owner_instances); $this->addToView('oauthorize_link', $oauthorize_link); $this->addToView('is_configured', true); } else { //set error message here $this->addErrorMessage("Unable to obtain OAuth tokens from Twitter. Please double-check the consumer key and secret " . "are correct.", "setup"); $oauthorize_link = ''; $this->addToView('is_configured', false); } } else { $this->addInfoMessage('Please complete plugin setup to start using it.', 'setup'); $this->addToView('is_configured', false); } // Secret config file value enables public Twitter name search $this->addToView('enable_twitter_search', $config->getValue('enable_twitter_search')); // add plugin options from $this->addOptionForm(); return $this->generateView(); }
/** * Set the instance variable based on request and logged-in status * Add the list of avaiable instances to the view you can switch to in the dropdown based on logged-in status */ private function setInstance() { $instance_dao = DAOFactory::getDAO('InstanceDAO'); $config = Config::getInstance(); if ($this->isLoggedIn()) { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $owner = $owner_dao->getByEmail($this->getLoggedInUser()); if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork(stripslashes($_GET["u"]), $_GET['n']); if (isset($instance)) { $owner_instance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); if ($owner_instance_dao->doesOwnerHaveAccessToInstance($owner, $instance)) { $this->instance = $instance; } else { $this->instance = null; $this->addErrorMessage("Insufficient privileges"); } } else { $this->addErrorMessage(stripslashes($_GET["u"]) . " on " . ucfirst($_GET['n']) . " is not in ThinkUp."); } } else { $this->instance = $instance_dao->getFreshestByOwnerId($owner->id); } $this->addToView('instances', $instance_dao->getByOwner($owner)); } else { if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork(stripslashes($_GET["u"]), $_GET['n']); if (isset($instance)) { if ($instance->is_public) { $this->instance = $instance; } else { $this->addErrorMessage("Insufficient privileges"); } } else { $this->addErrorMessage(stripslashes($_GET["u"]) . " on " . ucfirst($_GET['n']) . " is not in ThinkUp."); } } $this->addToView('instances', $instance_dao->getPublicInstances()); } if (!isset($this->instance)) { // A specific instance wasn't passed in the URL (or isn't accessible), get a default one $instance_id_to_display = $config->getValue('default_instance'); $instance_id_to_display = intval($instance_id_to_display); if ($instance_id_to_display != 0) { $this->instance = $instance_dao->get($instance_id_to_display); } if (!isset($this->instance) || !$this->instance->is_public) { $this->instance = $instance_dao->getInstanceFreshestPublicOne(); } } if (isset($this->instance)) { //user $user_dao = DAOFactory::getDAO('UserDAO'); $user = $user_dao->getDetails($this->instance->network_user_id, $this->instance->network); $this->addToView('user_details', $user); if (Session::isLoggedIn() && !isset($user)) { $this->addInfoMessage("Oops! There's no information about " . $this->instance->network_username . " on " . ucfirst($this->instance->network) . " to display."); $this->addToView('show_update_now_button', true); } SessionCache::put('selected_instance_network', $this->instance->network); SessionCache::put('selected_instance_username', $this->instance->network_username); //check Realtime last update and overwrite instance->last_update $stream_proc_dao = DAOFactory::getDAO('StreamProcDAO'); $process = $stream_proc_dao->getProcessInfoForInstance($this->instance->id); if (isset($process)) { //$this->instance->crawler_last_run = $process['last_report']; $this->instance->crawler_last_run = 'realtime'; } $this->addToView('instance', $this->instance); } else { SessionCache::put('selected_instance_network', null); SessionCache::put('selected_instance_username', null); } $this->addToView('developer_log', $config->getValue('is_log_verbose')); }
public function testLoggedInAllParams() { $this->simulateLogin('*****@*****.**'); $_GET['oauth_token'] = 'XXX'; SessionCache::put('oauth_request_token_secret', 'XXX'); $owner_builder = FixtureBuilder::build('owners', array('id' => '10', 'email' => '*****@*****.**')); $namespace = OptionDAO::PLUGIN_OPTIONS . '-1'; $plugn_opt_builder1 = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_key', 'option_value' => 'XXX')); $plugn_opt_builder2 = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'oauth_consumer_secret', 'option_value' => 'YYY')); $plugn_opt_builder3 = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'num_twitter_errors', 'option_value' => '5')); $plugn_opt_builder4 = FixtureBuilder::build('options', array('namespace' => $namespace, 'option_name' => 'max_api_calls_per_crawl', 'option_value' => '350')); $controller = new TwitterAuthController(true); $results = $controller->go(); $v_mgr = $controller->getViewManager(); $results = $v_mgr->getTemplateDataItem('infomsg'); $this->assertTrue(strpos($results, 'Twitter authentication successful!') > 0); $this->assertTrue(strpos($results, 'Instance does not exist.') > 0); $this->assertTrue(strpos($results, 'Created instance.') > 0); }