public function getValidAccessToken($params)
{
$CLIENT_ID = isset($params[self::CLIENT_ID]) ? $params[self::CLIENT_ID] : null;
$CLIENT_SECRET = isset($params[self::CLIENT_SECRET]) ? $params[self::CLIENT_SECRET] : null;
$USER_ID = isset($params[self::USER_ID]) ? $params[self::USER_ID] : null;
$MEDIA_ID = isset($params[self::MEDIA_ID]) ? $params[self::MEDIA_ID] : null;
$ACCESS_TOKEN = isset($params[self::AUTH_TOKEN]) ? $params[self::AUTH_TOKEN] : null;
$REFRESH_TOKEN = isset($params[self::AUTH_REFRESH_TOKEN]) ? $params[self::AUTH_REFRESH_TOKEN] : null;
if (!isset($CLIENT_ID) || !isset($CLIENT_SECRET)) {
$oMediaClients = new \Av\ClientCredentialsModel();
$params_credentials = array(\Av\ClientCredentialsModel::MEDIA_ID => $MEDIA_ID);
$credential = $oMediaClients->GetCredentials($params_credentials);
if ($credential === false) {
throw new \Google_Exception('You must fill out the CLIENT credentials');
}
$CLIENT_ID = isset($credential[\Av\ClientCredentialsModel::CLIENT_ID]) ? $credential[\Av\ClientCredentialsModel::CLIENT_ID] : null;
$CLIENT_SECRET = isset($credential[\Av\ClientCredentialsModel::CLIENT_SECRET]) ? $credential[\Av\ClientCredentialsModel::CLIENT_SECRET] : null;
}
// 2. Find authorization credentials for given user/media
$oMediaUserMapper = new \Av\MediaUserModel();
if (empty($ACCESS_TOKEN)) {
// 3. if access token is not set - this call is made by server, without user contenst
if (empty($USER_ID) || empty($MEDIA_ID)) {
throw new \Google_Exception('You must passt the USER ID and MEDIA ID parameter to get access and refresh tokens from DB');
}
$params_user_credentials = array(\Av\MediaUserModel::MEDIA_ID => $MEDIA_ID, \Av\MediaUserModel::USER_ID => $USER_ID);
$arrUserCredentials = $oMediaUserMapper->GetCredentials($params_user_credentials);
if (empty($arrUserCredentials[\Av\MediaUserModel::REFRESH_TOKEN])) {
throw new \Google_Exception("Refresh token is not set for user id {$USER_ID} ");
}
if (empty($arrUserCredentials[\Av\MediaUserModel::ACCESS_TOKEN])) {
throw new \Google_Exception("Access token is not set for user id {$USER_ID} ");
}
// 3. Extract access token
$ACCESS_TOKEN = $arrUserCredentials[\Av\MediaUserModel::ACCESS_TOKEN];
$REFRESH_TOKEN = $arrUserCredentials[\Av\MediaUserModel::REFRESH_TOKEN];
}
// 4. check if the access token valid
$client = new \Google_Client();
$client->setClientId($CLIENT_ID);
$client->setClientSecret($CLIENT_SECRET);
$client->setAccessToken($ACCESS_TOKEN);
if ($client->isAccessTokenExpired()) {
// 4.1 Old access token is not valid - get new access token
if (isset($REFRESH_TOKEN)) {
$client->refreshToken($REFRESH_TOKEN);
} else {
throw new \Google_Exception("Invalid refresh token.");
}
// 4.2 save new access token in DB
$ACCESS_TOKEN = $client->getAccessToken();
if (isset($ACCESS_TOKEN)) {
if (empty($USER_ID) || empty($MEDIA_ID)) {
throw new \Google_Exception('You must passt the USER ID and MEDIA ID parameter to get access and refresh tokens from DB');
}
$params_new_credentials = array(\Av\MediaUserModel::ACCESS_TOKEN => $ACCESS_TOKEN, \Av\MediaUserModel::MEDIA_ID => $MEDIA_ID, \Av\MediaUserModel::USER_ID => $USER_ID);
$oMediaUserMapper->SaveCredentials($params_new_credentials);
} else {
throw new \Google_Exception("Could not refresh access token.");
}
}
return $ACCESS_TOKEN;
}
public function SaveUser($params)
{
$MEDIA_ID = isset($params[\Av\MediaUserModel::MEDIA_ID]) ? $params[\Av\MediaUserModel::MEDIA_ID] : null;
$USER_ID = isset($params[\Av\MediaUserModel::USER_ID]) ? $params[\Av\MediaUserModel::USER_ID] : null;
$SOCIAL_USER_ID = isset($params[\Av\MediaUserModel::SOCIAL_USER_ID]) ? $params[\Av\MediaUserModel::SOCIAL_USER_ID] : null;
$STATUS = isset($params[\Av\MediaUserModel::STATUS]) ? $params[\Av\MediaUserModel::STATUS] : \Av\MediaUserModel::STATUS_ACTIVE;
$ACCESS_TOKEN = isset($params[\Av\MediaUserModel::ACCESS_TOKEN]) ? $params[\Av\MediaUserModel::ACCESS_TOKEN] : null;
$REFRESH_TOKEN = isset($params[\Av\MediaUserModel::REFRESH_TOKEN]) ? $params[\Av\MediaUserModel::REFRESH_TOKEN] : null;
$ROLE_ID = isset($params[\Av\UserModel::ROLE_ID]) ? $params[\Av\UserModel::ROLE_ID] : null;
$EMAIL = isset($params[\Av\UserModel::USER_EMAIL]) ? $params[\Av\UserModel::USER_EMAIL] : null;
$DISPLAY_NAME = isset($params[\Av\UserModel::DISPLAY_NAME]) ? $params[\Av\UserModel::DISPLAY_NAME] : null;
$oUserMapper = new \Av\UserModel();
$oMediaUserMapper = new \Av\MediaUserModel();
// 1. If USER_ID is not set - it is initial login or signup
if (empty($USER_ID)) {
//1.1 Check by EMAIL if user exists in "user" table
if (empty($EMAIL)) {
return false;
}
// $this->AddDebug(__METHOD__ . " #" . __LINE__ . " email:" . print_r($EMAIL, true));
$params_user = array(\Av\UserModel::USER_EMAIL => $EMAIL);
$user_info = $oUserMapper->GetUserInfo($params_user);
// $this->AddDebug(__METHOD__ . " #" . __LINE__ . " user_info:" . print_r($user_info, true));
if ($user_info === false) {
//1.2 User does not exist. Create new.
$params_user[\Av\UserModel::DISPLAY_NAME] = $DISPLAY_NAME;
$params_user[\Av\UserModel::ROLE_ID] = $ROLE_ID;
$params_user[\Av\UserModel::USER_STATUS] = $STATUS;
$USER_ID = $oUserMapper->SaveUserInfo($params_user);
// $this->AddDebug(__METHOD__ . " #" . __LINE__ . " saved user_id {} params:" . print_r($params_user, true));
if (empty($USER_ID) || $USER_ID === false) {
return false;
}
} else {
$ROLE_ID = isset($user_info[\Av\UserModel::ROLE_ID]) ? $user_info[\Av\UserModel::ROLE_ID] : null;
$USER_ID = isset($user_info[\Av\UserModel::USER_ID]) ? $user_info[\Av\UserModel::USER_ID] : null;
$DISPLAY_NAME = isset($user_info[\Av\UserModel::DISPLAY_NAME]) ? $user_info[\Av\UserModel::DISPLAY_NAME] : null;
}
}
$params_media_user = array(\Av\MediaUserModel::MEDIA_ID => (int) $MEDIA_ID, \Av\MediaUserModel::USER_ID => (int) $USER_ID, \Av\MediaUserModel::ACCESS_TOKEN => $ACCESS_TOKEN, \Av\MediaUserModel::SOCIAL_USER_ID => isset($SOCIAL_USER_ID) ? $SOCIAL_USER_ID : 'n/a', \Av\MediaUserModel::STATUS => $STATUS, \Av\MediaUserModel::REFRESH_TOKEN => isset($REFRESH_TOKEN) ? $REFRESH_TOKEN : null);
// 2. Save new social media user credentials
$bSaved = $oMediaUserMapper->SaveCredentials($params_media_user);
$this->AddDebug(__METHOD__ . " #" . __LINE__ . " is user saved with success {$bSaved}");
// 3. return authenticated user credentials
if ($bSaved !== false) {
// 3. Save to auth object and ssession
$params_login = array(\Av\AuthController::USER_ID => (int) $USER_ID, \Av\AuthController::USER_NAME => $DISPLAY_NAME, \Av\AuthController::USER_ROLE_ID => (int) $ROLE_ID);
\Av\AuthController::LogIn($params_login);
} else {
return false;
}
}
