/** * Login * * @param \Zend\Http\Request $request * @param \Zend\Http\Response $response * @return null|array|\Zend\Http\Response */ public function login(array $options, HttpRequest $request, HttpResponse $response = null) { if (null === $response) { $response = new PhpResponse(); } $session = $this->getSessionContainer(); $code = $request->getQuery('code'); if (empty($options['redirect_uri'])) { $options['redirect_uri'] = $request->getUri()->getScheme() . '://' . $this->getSiteInfo()->getFulldomain() . $request->getRequestUri(); } if (empty($code)) { $session['state'] = String::generateRandom(32); $session['redirect_uri'] = $options['redirect_uri']; $response->setContent('')->setStatusCode(302)->getHeaders()->clearHeaders()->addHeaderLine('Location', static::DIALOG_URI . '?' . http_build_query(array('client_id' => $options['client_id'], 'redirect_uri' => $options['redirect_uri'], 'state' => $session['state'], 'scope' => 'email'))); if ($response instanceof PhpResponse) { $response->send(); exit; } else { return $response; } } $state = $request->getQuery('state'); if (empty($session['state']) || $state !== $session['state']) { return null; } $client = $this->getHttpClient(); $params = null; @parse_str($client->setMethod('GET')->setUri(static::ACCESS_URI)->setParameterGet(array('client_id' => $options['client_id'], 'redirect_uri' => $session['redirect_uri'], 'client_secret' => $options['client_secret'], 'code' => $code))->send()->getBody(), $params); unset($session['state']); unset($session['redirect_uri']); if (empty($params['access_token'])) { return null; } return @json_decode($client->setMethod('GET')->setUri(static::API_URI)->setParameterGet(array('access_token' => $params['access_token']))->send()->getBody(), true); }
/** * Request an auto-login token * * @param string $email * @return string token */ public function create($email) { $store = $this->getCacheStorage(); do { $token = String::generateRandom(self::TOKEN_LENGTH, null, true); } while ($store->hasItem($token)); $store->setItem($token, $email); return $token; }
/** * Request a password-change * * @param string $email * @return string hash */ public function create($email) { $store = $this->getCacheStorage(); do { $hash = String::generateRandom(self::HASH_LENGTH, null, true); } while ($store->hasItem($hash)); $store->setItem($hash, $email); return $hash; }
/** * Add file to uploads * * @param string $file * @param string $dest evaulates in sprintf, adds a random & * an extension part to the destination * @return string */ protected function addFile($file, $dest) { $file = $this->validateFile($file); if (empty($file)) { return null; } $public = realpath('./public'); if (is_file($public . $file)) { if (preg_match('#^/uploads/#', $file)) { return $file; } if (preg_match('#^/tmp/#', $file)) { $length = 8; $ext = pathinfo($public . $file, PATHINFO_EXTENSION); $dest = sprintf($dest, String::generateRandom($length), $ext); $schema = $this->getSiteInfo()->getSchema(); $path = '/uploads/' . $schema . '/' . $dest; while (is_file($public . $path)) { if ($length > 24) { @unlink($public . $file); return null; } $dest = sprintf($dest, String::generateRandom(++$length), $ext); $path = '/uploads/' . $schema . '/' . $dest; } $moveFr = $public . $file; $moveTo = $public . $path; $movDir = dirname($moveTo); if (!is_dir($movDir)) { @mkdir($movDir, 0777, true); } if (@rename($moveFr, $moveTo)) { return $path; } } } return null; }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface * If authentication cannot be performed */ public function authenticate() { $registered = false; $model = $this->getModel(); $mode = $this->openid_mode; $openId = $this->openid_identity; $consumer = new Consumer\FederatedConsumer(); $ax = new Extension\Ax(array('email' => true, 'firstname' => false, 'lastname' => false, 'language' => false)); $consumer->setHttpClient($this->getServiceLocator()->get('Zend\\Http\\Client')); $success = $mode == 'id_res' ? $consumer->verify((array) $this->getOptions(), $openId, $ax) : $consumer->login($openId, null, null, $ax, $this->getServiceLocator()->get('Response')); if (!$success) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, array((string) $consumer->getError())); } $data = $ax->getProperties(); if (empty($data['email'])) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, null); } $email = $data['email']; $user = $model->findByEmail($email); if (empty($user)) { if (!$this->isRegistrationEnabled()) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null); } $displayName = null; if (!empty($data['firstname']) && !empty($data['lastname'])) { $displayName = $data['firstname'] . ' ' . $data['lastname']; } else { if (!empty($data['firstname'])) { $displayName = $data['firstname']; } else { if (!empty($data['lastname'])) { $displayName = $data['lastname']; } else { $displayName = preg_replace('/@.*$/', '', $email); } } } $i = 1; $displayName = UserStructure::trimDisplayName($displayName); $originalName = $displayName; while (!$model->isDisplayNameAvailable($displayName)) { $displayName = $originalName . ' ' . ++$i; } $user = $model->create(array('confirmed' => true, 'status' => 'active', 'displayName' => $displayName, 'email' => $email, 'locale' => !empty($data['language']) ? $data['language'] : (string) $this->getServiceLocator()->get('Locale'), 'password' => String::generateRandom(10))); if ($user->save()) { $registered = true; $user = $model->findByEmail($email); } else { return new Result(Result::FAILURE_UNCATEGORIZED, null); } } if (empty($user) || empty($user->id) || $user->isBanned()) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, null); } else { if ($user->isInactive()) { $user->makeActive(); if (!$user->save()) { return new Result(Result::FAILURE_UNCATEGORIZED, null); } } } $model->associateIdentity($user->id, $openId); return new Result(Result::SUCCESS, $user, array('loginWith' => 'openid', 'registered' => $registered)); }
/** * Upload index */ public function indexAction() { $auth = $this->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService'); if (!$auth->hasIdentity()) { return array('success' => false); } $request = $this->getRequest(); $types = strip_tags($request->getPost('types', $request->getQuery('types'))); $pattern = strip_tags($request->getPost('pattern', $request->getQuery('pattern'))); $form = $this->getForm($types, $pattern); if ($request->isPost()) { $form->setData(ArrayUtils::merge($request->getPost()->toArray(), $request->getFiles()->toArray())); if ($form->isValid()) { $data = $form->getData(); $file = $data['file']; $ext = pathinfo($file['name'], PATHINFO_EXTENSION); if (!is_dir(self::TEMP_PATH)) { @mkdir(self::TEMP_PATH, static::UPLOAD_MOD, true); } if ('php' === strtolower($ext)) { $ext = 'phps'; } do { $newName = sprintf($pattern, String::generateRandom(null, null, true), $ext); $moveTo = self::TEMP_PATH . DIRECTORY_SEPARATOR . $newName; } while (is_file($moveTo)); if (@move_uploaded_file($file['tmp_name'], $moveTo)) { @chmod($moveTo, static::UPLOAD_MOD); return array('success' => true, 'file' => self::TEMP_URL . '/' . $newName); } else { return array('success' => false, 'messages' => array('File move failed' . PHP_EOL . $file['tmp_name'] . PHP_EOL . $moveTo)); } } else { return array('success' => false, 'messages' => $form->getMessages()); } } return array('form' => $form); }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface * If authentication cannot be performed */ public function authenticate() { $registered = false; $model = $this->getModel(); $settings = $this->getServiceLocator()->get('Grid\\Facebook\\Model\\ApplicationSettings\\AdapterFactory')->factory(array('application' => 'login')); $appId = $settings->getSetting('appId'); $appSecret = $settings->getSetting('appSecret'); if (empty($appId) || empty($appSecret)) { return new Result(Result::FAILURE_UNCATEGORIZED, null, array('appId and/or appSecret not set')); } $service = $this->getServiceLocator(); $client = new OAuth\Client($service->get('Zend\\Http\\Client'), $this->getSessionManager(), $service->get('Zork\\Db\\SiteInfo')); $data = $client->login(array('client_id' => $appId, 'client_secret' => $appSecret), $service->get('Request'), $service->get('Response')); if (empty($data) || empty($data['email'])) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, array('Cannot parse graph response or email not sent')); } $email = $data['email']; $user = $model->findByEmail($email); if (empty($user)) { if (!$this->isRegistrationEnabled()) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null); } $displayName = empty($data['name']) ? preg_replace('/@.*$/', '', $email) : $data['name']; $i = 1; $displayName = UserStructure::trimDisplayName($displayName); $originalName = $displayName; while (!$model->isDisplayNameAvailable($displayName)) { $displayName = $originalName . ' ' . ++$i; } $user = $model->create(array('confirmed' => true, 'status' => 'active', 'displayName' => $displayName, 'email' => $email, 'locale' => !empty($data['language']) ? $data['language'] : (string) $this->getServiceLocator()->get('Locale'), 'password' => String::generateRandom(10))); if ($user->save()) { $registered = true; $user = $model->findByEmail($email); } else { return new Result(Result::FAILURE_UNCATEGORIZED, null); } } if (empty($user) || empty($user->id) || $user->isBanned()) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, null); } else { if ($user->isInactive()) { $user->makeActive(); if (!$user->save()) { return new Result(Result::FAILURE_UNCATEGORIZED, null); } } } $model->associateIdentity($user->id, empty($data['link']) ? 'urn:facebook:' . (empty($data['id']) ? $email : $data['id']) : $data['link']); return new Result(Result::SUCCESS, $user, array('loginWith' => 'facebook', 'registered' => $registered)); }
/** * Test generate random */ public function testGenerateRandom() { $this->assertNotEquals(String::generateRandom(), String::generateRandom()); }
/** * Get RowSet's ID * * @return string */ public function getId() { if (empty($this->id)) { if ($this->getColumnsUseTranslation()) { $id = trim($this->getColumnTranslatePrefix() . '.' . $this->getColumnTranslatePostfix(), '.'); if (!empty($id)) { return str_replace('.', '_', $id); } } $this->id = String::generateRandom(); } return $this->id; }