public function outputSSOTag($userId = 0)
{
$result = "";
$settings = craft()->plugins->getPlugin('disqus')->getSettings();
$data = array();
$currentUser = craft()->userSession->user;
if ($currentUser) {
$data['id'] = $currentUser->id;
$data['username'] = $currentUser->username;
$data['email'] = $currentUser->email;
}
$message = base64_encode(json_encode($data));
$timestamp = time();
$hmac = dsq_hmacsha1($message . ' ' . $timestamp, $settings['disqusSecretKey']);
if ($settings['customLogin']) {
$disqusPublicKey = $settings['disqusPublicKey'];
$loginName = $settings['loginName'];
$loginButton = $settings['loginButton'];
$loginIcon = $settings['loginIcon'];
$loginUrl = $settings['loginUrl'];
$loginLogoutUrl = $settings['loginLogoutUrl'];
$loginWidth = $settings['loginWidth'];
$loginHeight = $settings['loginHeight'];
echo <<<ENDBLOCK
<script type="text/javascript">
var disqus_config = function() {
this.page.remote_auth_s3 = "{$message} {$hmac} {$timestamp}";
this.page.api_key = "{$disqusPublicKey}";
this.sso = {
name: "{$loginName}",
button: "{$loginButton}",
icon: "{$loginIcon}",
url: "{$loginUrl}",
logout: "{$loginLogoutUrl}",
width: "{$loginWidth}",
height: "{$loginHeight}"
};
};
</script>
ENDBLOCK;
} else {
$disqusPublicKey = $settings['disqusPublicKey'];
echo <<<ENDBLOCK
<script type="text/javascript">
var disqus_config = function() {
this.page.remote_auth_s3 = "{$message} {$hmac} {$timestamp}";
this.page.api_key = "{$disqusPublicKey}";
};
</script>
ENDBLOCK;
}
return $result;
}
function dsq_sso()
{
if ($key = get_option('disqus_partner_key')) {
// use old style SSO
$new = false;
} elseif (($key = get_option('disqus_secret_key')) && ($public = get_option('disqus_public_key'))) {
// use new style SSO
$new = true;
} else {
// sso is not configured
return array();
}
global $current_user, $dsq_api;
get_currentuserinfo();
if ($current_user->ID) {
$avatar_tag = get_avatar($current_user->ID);
$avatar_data = array();
preg_match('/(src)=((\'|")[^(\'|")]*(\'|"))/i', $avatar_tag, $avatar_data);
$avatar = str_replace(array('"', "'"), '', $avatar_data[2]);
$user_data = array('username' => $current_user->display_name, 'id' => $current_user->ID, 'avatar' => $avatar, 'email' => $current_user->user_email, 'url' => $current_user->user_url);
} else {
$user_data = array();
}
$user_data = base64_encode(cf_json_encode($user_data));
$time = time();
$hmac = dsq_hmacsha1($user_data . ' ' . $time, $key);
$payload = $user_data . ' ' . $hmac . ' ' . $time;
if ($new) {
return array('remote_auth_s3' => $payload, 'api_key' => $public);
} else {
return array('remote_auth_s2' => $payload);
}
}
function dsq_sso()
{
if (!($partner_key = get_option('disqus_partner_key'))) {
return;
}
global $current_user, $dsq_api;
get_currentuserinfo();
if ($current_user->ID) {
$avatar_tag = get_avatar($current_user->ID);
$avatar_data = array();
preg_match('/(src)=((\'|")[^(\'|")]*(\'|"))/i', $avatar_tag, $avatar_data);
$avatar = str_replace(array('"', "'"), '', $avatar_data[2]);
$user_data = array('username' => $current_user->display_name, 'id' => $current_user->ID, 'avatar' => $avatar, 'email' => $current_user->user_email);
} else {
$user_data = array();
}
$user_data = base64_encode(cf_json_encode($user_data));
$time = time();
$hmac = dsq_hmacsha1($user_data . ' ' . $time, $partner_key);
$payload = $user_data . ' ' . $hmac . ' ' . $time;
echo '<script type="text/javascript" src="http://' . $dsq_api->short_name . '.disqus.com/remote_auth.js?remote_auth_s2=' . urlencode($payload) . '"></script>';
}
function dsq_hmacsha1($data, $key)
{
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H*', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x0));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack('H*', $hashfunc(($key ^ $opad) . pack('H*', $hashfunc(($key ^ $ipad) . $data))));
return bin2hex($hmac);
}
$message = base64_encode(json_encode($data));
$timestamp = time();
$hmac = dsq_hmacsha1($message . ' ' . $timestamp, Config::get('site.DISQUS_SECRET_KEY'));
?>
<script type="text/javascript">
var disqus_config = function() {
this.page.remote_auth_s3 = "<?php
echo "{$message} {$hmac} {$timestamp}";
?>
";
this.page.api_key = "<?php
echo Config::get('site.DISQUS_PUBLIC_KEY');
?>
";
// This adds the custom login/logout functionality
this.sso = {
define('DISQUS_PUBLIC_KEY', 'abcdef');
$data = array("id" => $user["id"], "username" => $user["username"], "email" => $user["email"]);
function dsq_hmacsha1($data, $key)
{
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H*', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x0));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack('H*', $hashfunc(($key ^ $opad) . pack('H*', $hashfunc(($key ^ $ipad) . $data))));
return bin2hex($hmac);
}
$message = base64_encode(json_encode($data));
$timestamp = time();
$hmac = dsq_hmacsha1($message . ' ' . $timestamp, DISQUS_SECRET_KEY);
?>
<script type="text/javascript">
var disqus_config = function() {
this.page.remote_auth_s3 = "<?php
echo "{$message} {$hmac} {$timestamp}";
?>
";
this.page.api_key = "<?php
echo DISQUS_PUBLIC_KEY;
?>
";
}
</script>
function mt_dsq_get_sso($user, $key)
{
if ($user) {
$user_data = array('username' => $user["author_nickname"], 'id' => $user["author_id"], 'email' => $user["author_email"], 'url' => $user["author_url"], 'avatar' => mt_dsq_get_avatar_url($user));
} else {
$user_data = array();
}
$user_data = base64_encode(cf_json_encode($user_data));
$time = time();
$hmac = dsq_hmacsha1($user_data . ' ' . $time, $key);
$payload = "{$user_data} {$hmac} {$time}";
return $payload;
}
