public function retrieveUserProfileImage()
{
$uri = idx($this->userData, 'avatar_url');
if ($uri) {
return HTTPSFuture::loadContent($uri);
}
return null;
}
public function retrieveUserProfileImage()
{
$uri = $this->userData['image'];
return HTTPSFuture::loadContent($uri);
}
private function refreshProfileImage(PhabricatorUserOAuthInfo $oauth_info)
{
$user = $this->getRequest()->getUser();
$provider = $this->provider;
$error = false;
$userinfo_uri = new PhutilURI($provider->getUserInfoURI());
$token = $oauth_info->getToken();
try {
$userinfo_uri->setQueryParam('access_token', $token);
$user_data = HTTPSFuture::loadContent($userinfo_uri);
$provider->setUserData($user_data);
$provider->setAccessToken($token);
$image = $provider->retrieveUserProfileImage();
if ($image) {
$file = PhabricatorFile::newFromFileData($image, array('name' => $provider->getProviderKey() . '-profile.jpg', 'authorPHID' => $user->getPHID()));
$xformer = new PhabricatorImageTransformer();
// Resize OAuth image to a reasonable size
$small_xformed = $xformer->executeProfileTransform($file, $width = 50, $min_height = 50, $max_height = 50);
$user->setProfileImagePHID($small_xformed->getPHID());
$user->save();
} else {
$error = 'Unable to retrieve image.';
}
} catch (Exception $e) {
if ($e instanceof PhabricatorOAuthProviderException) {
$error = sprintf('Unable to retrieve image from %s', $provider->getProviderName());
} else {
$error = 'Unable to save image.';
}
}
$notice = new AphrontErrorView();
if ($error) {
$notice->setTitle('Error Refreshing Profile Picture')->setErrors(array($error));
} else {
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE)->setTitle('Successfully Refreshed Profile Picture');
}
return $notice;
}
public function processRequest()
{
$provider = $this->provider;
$auth_enabled = $provider->isProviderEnabled();
$client_id = $provider->getClientID();
$client_secret = $provider->getClientSecret();
$key = $provider->getProviderKey();
$name = phutil_escape_html($provider->getProviderName());
$res_ok = '<strong style="color: #00aa00;">OK</strong>';
$res_no = '<strong style="color: #aa0000;">NO</strong>';
$res_na = '<strong style="color: #999999;">N/A</strong>';
$results = array();
$auth_key = $key . '.auth-enabled';
if (!$auth_enabled) {
$results[$auth_key] = array($res_no, 'false', $name . ' authentication is disabled in the configuration. Edit the ' . 'Phabricator configuration to enable "' . $auth_key . '".');
} else {
$results[$auth_key] = array($res_ok, 'true', $name . ' authentication is enabled.');
}
$client_id_key = $key . '.application-id';
if (!$client_id) {
$results[$client_id_key] = array($res_no, null, 'No ' . $name . ' Application ID is configured. Edit the Phabricator ' . 'configuration to specify an application ID in ' . '"' . $client_id_key . '". ' . $provider->renderGetClientIDHelp());
} else {
$results[$client_id_key] = array($res_ok, $client_id, 'Application ID is set.');
}
$client_secret_key = $key . '.application-secret';
if (!$client_secret) {
$results[$client_secret_key] = array($res_no, null, 'No ' . $name . ' Application secret is configured. Edit the ' . 'Phabricator configuration to specify an Application Secret, in ' . '"' . $client_secret_key . '". ' . $provider->renderGetClientSecretHelp());
} else {
$results[$client_secret_key] = array($res_ok, "It's a secret!", 'Application secret is set.');
}
$timeout = 5;
$internet = HTTPSFuture::loadContent("http://google.com/", $timeout);
if ($internet === false) {
$results['internet'] = array($res_no, null, 'Unable to make an HTTP request to Google. Check your outbound ' . 'internet connection and firewall/filtering settings.');
} else {
$results['internet'] = array($res_ok, null, 'Internet seems OK.');
}
$test_uris = $provider->getTestURIs();
foreach ($test_uris as $uri) {
$success = HTTPSFuture::loadContent($uri, $timeout);
if ($success === false) {
$results[$uri] = array($res_no, null, "Unable to make an HTTP request to {$uri}. {$name} may be " . 'down or inaccessible.');
} else {
$results[$uri] = array($res_ok, null, 'Made a request to ' . $uri . '.');
}
}
if ($provider->shouldDiagnoseAppLogin()) {
$test_uri = new PhutilURI($provider->getTokenURI());
$test_uri->setQueryParams(array('client_id' => $client_id, 'client_secret' => $client_secret, 'grant_type' => 'client_credentials'));
$future = new HTTPSFuture($test_uri);
$future->setTimeout($timeout);
try {
list($body) = $future->resolvex();
$results['App Login'] = array($res_ok, '(A Valid Token)', "Raw application login to {$name} works.");
} catch (Exception $ex) {
if ($ex instanceof HTTPFutureResponseStatusCURL) {
$results['App Login'] = array($res_no, null, "Unable to perform an application login with your Application ID " . "and Application Secret. You may have mistyped or misconfigured " . "them; {$name} may have revoked your authorization; or {$name} " . "may be having technical problems.");
} else {
$data = json_decode($token_value, true);
if (!is_array($data)) {
$results['App Login'] = array($res_no, $token_value, "Application Login failed but the provider did not respond " . "with valid JSON error information. {$name} may be experiencing " . "technical problems.");
} else {
$results['App Login'] = array($res_no, null, "Application Login failed with error: " . $token_value);
}
}
}
}
return $this->renderResults($results);
}
public function retrieveUserProfileImage()
{
$uri = 'https://graph.facebook.com/me/picture?access_token=';
return HTTPSFuture::loadContent($uri . $this->getAccessToken());
}
public static function newFromFileDownload($uri, $name)
{
$uri = new PhutilURI($uri);
$protocol = $uri->getProtocol();
switch ($protocol) {
case 'http':
case 'https':
break;
default:
// Make sure we are not accessing any file:// URIs or similar.
return null;
}
$timeout = 5;
$file_data = HTTPSFuture::loadContent($uri, $timeout);
if ($file_data === false) {
return null;
}
return self::newFromFileData($file_data, array('name' => $name));
}
public function processRequest()
{
$current_user = $this->getRequest()->getUser();
$provider = $this->provider;
if (!$provider->isProviderEnabled()) {
return new Aphront400Response();
}
$provider_name = $provider->getProviderName();
$provider_key = $provider->getProviderKey();
$request = $this->getRequest();
if ($request->getStr('error')) {
$error_view = id(new PhabricatorOAuthFailureView())->setRequest($request);
return $this->buildErrorResponse($error_view);
}
$error_response = $this->retrieveAccessToken($provider);
if ($error_response) {
return $error_response;
}
$userinfo_uri = new PhutilURI($provider->getUserInfoURI());
$userinfo_uri->setQueryParam('access_token', $this->accessToken);
$userinfo_uri = (string) $userinfo_uri;
try {
$user_data = HTTPSFuture::loadContent($userinfo_uri);
if ($user_data === false) {
throw new PhabricatorOAuthProviderException("Request to '{$userinfo_uri}' failed!");
}
$provider->setUserData($user_data);
} catch (PhabricatorOAuthProviderException $e) {
return $this->buildErrorResponse(new PhabricatorOAuthFailureView(), $e);
}
$provider->setAccessToken($this->accessToken);
$user_id = $provider->retrieveUserID();
$provider_key = $provider->getProviderKey();
$oauth_info = $this->retrieveOAuthInfo($provider);
if ($current_user->getPHID()) {
if ($oauth_info->getID()) {
if ($oauth_info->getUserID() != $current_user->getID()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to Another Account');
$dialog->appendChild(hsprintf('<p>The %s account you just authorized is already linked to ' . 'another Phabricator account. Before you can associate your %s ' . 'account with this Phabriactor account, you must unlink it from ' . 'the Phabricator account it is currently linked to.</p>', $provider_name, $provider_name));
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
} else {
$this->saveOAuthInfo($oauth_info);
// Refresh token.
return id(new AphrontRedirectResponse())->setURI('/settings/page/' . $provider_key . '/');
}
}
$existing_oauth = id(new PhabricatorUserOAuthInfo())->loadOneWhere('userID = %d AND oauthProvider = %s', $current_user->getID(), $provider_key);
if ($existing_oauth) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to an Account From This Provider');
$dialog->appendChild(hsprintf('<p>The account you are logged in with is already linked to a %s ' . 'account. Before you can link it to a different %s account, you ' . 'must unlink the old account.</p>', $provider_name, $provider_name));
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Link ' . $provider_name . ' Account');
$dialog->appendChild(hsprintf('<p>Link your %s account to your Phabricator account?</p>', $provider_name));
$dialog->addHiddenInput('confirm_token', $provider->getAccessToken());
$dialog->addHiddenInput('expires', $oauth_info->getTokenExpires());
$dialog->addHiddenInput('state', $this->oauthState);
$dialog->addHiddenInput('scope', $oauth_info->getTokenScope());
$dialog->addSubmitButton('Link Accounts');
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$oauth_info->setUserID($current_user->getID());
$this->saveOAuthInfo($oauth_info);
return id(new AphrontRedirectResponse())->setURI('/settings/page/' . $provider_key . '/');
}
// Login with known auth.
if ($oauth_info->getID()) {
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$known_user = id(new PhabricatorUser())->load($oauth_info->getUserID());
$request->getApplicationConfiguration()->willAuthenticateUserWithOAuth($known_user, $oauth_info, $provider);
$session_key = $known_user->establishSession('web');
$this->saveOAuthInfo($oauth_info);
$request->setCookie('phusr', $known_user->getUsername());
$request->setCookie('phsid', $session_key);
$uri = new PhutilURI('/login/validate/');
$uri->setQueryParams(array('phusr' => $known_user->getUsername()));
return id(new AphrontRedirectResponse())->setURI((string) $uri);
}
$oauth_email = $provider->retrieveUserEmail();
if ($oauth_email) {
$known_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $oauth_email);
if ($known_email) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to Another Account');
$dialog->appendChild(hsprintf('<p>The %s account you just authorized has an email address which ' . 'is already in use by another Phabricator account. To link the ' . 'accounts, log in to your Phabricator account and then go to ' . 'Settings.</p>', $provider_name));
$user = id(new PhabricatorUser())->loadOneWhere('phid = %s', $known_email->getUserPHID());
$oauth_infos = id(new PhabricatorUserOAuthInfo())->loadAllWhere('userID = %d', $user->getID());
if ($oauth_infos) {
$providers = array();
foreach ($oauth_infos as $info) {
$provider = $info->getOAuthProvider();
$providers[] = PhabricatorOAuthProvider::newProvider($provider)->getProviderName();
}
$dialog->appendChild(hsprintf('<p>The account is associated with: %s.</p>', implode(', ', $providers)));
}
$dialog->addCancelButton('/login/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
}
if (!$provider->isProviderRegistrationEnabled()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('No Account Registration With ' . $provider_name);
$dialog->appendChild(hsprintf('<p>You can not register a new account using %s; you can only use ' . 'your %s account to log into an existing Phabricator account which ' . 'you have registered through other means.</p>', $provider_name, $provider_name));
$dialog->addCancelButton('/login/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$controller = PhabricatorEnv::newObjectFromConfig('controller.oauth-registration', array($this->getRequest()));
$controller->setOAuthProvider($provider);
$controller->setOAuthInfo($oauth_info);
$controller->setOAuthState($this->oauthState);
return $this->delegateToController($controller);
}
public function rasterize($macro, $size, $aspect)
{
$image = HTTPSFuture::loadContent($macro['uri']);
if (!$image) {
return false;
}
$img = @imagecreatefromstring($image);
if (!$img) {
return false;
}
$sx = imagesx($img);
$sy = imagesy($img);
if ($sx > $size || $sy > $size) {
$scale = max($sx, $sy) / $size;
$dx = floor($sx / $scale);
$dy = floor($sy / $scale);
} else {
$dx = $sx;
$dy = $sy;
}
$dy = floor($dy * $aspect);
$dst = imagecreatetruecolor($dx, $dy);
if (!$dst) {
return false;
}
imagealphablending($dst, false);
$ok = imagecopyresampled($dst, $img, 0, 0, 0, 0, $dx, $dy, $sx, $sy);
if (!$ok) {
return false;
}
$map = array(' ', '.', ',', ':', ';', '!', '|', '*', '=', '@', '$', '#');
$lines = array();
for ($ii = 0; $ii < $dy; $ii++) {
$buf = '';
for ($jj = 0; $jj < $dx; $jj++) {
$c = imagecolorat($dst, $jj, $ii);
$a = $c >> 24 & 0xff;
$r = $c >> 16 & 0xff;
$g = $c >> 8 & 0xff;
$b = $c & 0xff;
$luma = (255 - (0.3 * $r + 0.59 * $g + 0.11 * $b)) / 256;
$luma *= (127 - $a) / 127;
$char = $map[max(0, floor($luma * count($map)))];
$buf .= $char;
}
$lines[] = $buf;
}
return $lines;
}
public function retrieveUserProfileImage()
{
$avatar = idx($this->userData, 'avatar');
if ($avatar) {
$uri = idx($avatar, 'permalink');
if ($uri) {
return HTTPSFuture::loadContent($uri);
}
}
return null;
}
